Security Affairs

APRIL 21, 2020

The security researcher Pedro Ribeiro, Director of Research at Agile Information Security, has published details about four zero-day vulnerabilities affecting the IBM Data Risk Manager (IDRM) after the company refused to address the issues. The latest version Agile InfoSec has access to is 2.0.3, and that one is certainly vulnerable.”

Risk 103

Risk Authentication InfoSec Advertising 103

ForAllSecure

MARCH 8, 2023

Booth babes and rampant sexism were more of a problem in infosec in the past. I shouldn't say I launched I along with a number of InfoSec women leaders launched the nonprofit and we have about 85 cyber and high tech leaders in the group and it is a networking and support group for senior women in cyber and technology. And it should.

InfoSec 40

InfoSec Engineering CSO Technology 40

SecureWorld News

FEBRUARY 26, 2024

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. A : When I was with Bright Horizons, many top-tier clients demanded InfoSec competence. A : Moving the reporting line to risk (GC/CLO); using AI. I learned from them. A : Phil Venables.

Cybersecurity 89

Cybersecurity CISO InfoSec Data privacy 89

SecureWorld News

SEPTEMBER 12, 2023

These skills also happen to apply to information security (infosec) and cyber threat intelligence and research. And you'll leave your first infosec conference with an armful of them. But infosec is the rare industry with clearcut heroes and villains. My Infosec Era has only just begun. I didn't do it alone.

Cybersecurity 93

Cybersecurity InfoSec Threat Detection Accountability 93

The Security Ledger

FEBRUARY 26, 2021

We know that the shortage of infosec pros poses a cybersecurity risk. Episode 148: Joseph Menn on Cult of the Dead Cow also Veracode CEO Sam King on InfoSec’s Leaky Talent Pipeline. Do infosec’s racial and gender imbalances create their own kind of security risks? But what about the lack of diversity?

Cyber Risk 52

Cyber Risk Risk InfoSec Information Security 52

SC Magazine

APRIL 19, 2021

Insurance claims from cyber/ransomware events have consumed up to 40% of the claims of some insurers’ cyber books. The NY DFS Cyber Insurance Risk Framework outlines a 7-point program for insurers to manage their cyber insurance risk. Basic “blocking and tackling” can significantly decrease risk exposures.

Insurance 113

Insurance Cyber Insurance Ransomware InfoSec 113

SecureWorld News

OCTOBER 4, 2022

You really had to be there to soak in everything discussed between speakers, attendees, and our sponsors, but if you were unable to attend for some reason, we've got you covered with highlights from the event. The event kicked off with an opening keynote led by U.S. Manager of Third-Party Risk at Raytheon Technologies.

InfoSec 95

InfoSec Cybersecurity Cryptocurrency Technology 95

Security Boulevard

JULY 27, 2021

The post BSides Vancouver 2021 – Rose’s ‘The Overlooked Security Risk: 3rd Party Risk Management’ appeared first on Security Boulevard. Our thanks to BSides Vancouver for publishing their outstanding BSides Vancouver 2021 Conference videos on the groups' YouTube channel.

Risk 57

Risk Education InfoSec Information Security 57

Herjavec Group

APRIL 26, 2021

Third-party risk is a hot topic in the world of cybersecurity. The recent SolarWinds breach was a tough reminder that technological advancement will always carry inherent risks. former CEO of RSA Security) for a virtual fireside chat last week to chat about third-party risk. I joined Art Coviello, board member at SecZetta Inc.

Risk 52

Risk Government InfoSec Cybersecurity 52

CyberSecurity Insiders

FEBRUARY 3, 2022

SAN ANTONIO–( BUSINESS WIRE )–Security Awareness Training and Human Risk Management company AwareGO today announced company milestones achieved and overall performance for 2021, including record year-over-year online revenue growth of 219%, enterprise revenue growth of 156%, and total revenue growth of 116%. About AwareGO.

Security Awareness 52

Security Awareness Risk Marketing Cybersecurity 52

SecureWorld News

AUGUST 22, 2022

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. This started me down the InfoSec path and I found that I liked specializing in a challenging area. A : Require all NGOs with more than 50 employees to comply with a minimum InfoSec baseline.

Cybersecurity 82

Cybersecurity InfoSec Retail Manufacturing 82

Daniel Miessler

APRIL 16, 2020

Throughout the media you have people substituting their in-person events with virtual ones, and they all seem to be using Zoom. This got me thinking more about the implicit tradeoffs we make in life with regard to functionality vs. risk—tradeoffs that we’re really bad at capturing and articulating. It was extraordinary.

Internet 190

Internet Internet Risk InfoSec 190

Security Boulevard

JULY 19, 2021

The post BSides Vancouver 2021 – Vivek Ponnada’s ‘Is The Power Grid A Huge Cybersecurity Risk?’ Our thanks to BSides Vancouver for publishing their outstanding BSides Vancouver 2021 Conference videos on the groups' YouTube channel. ’ appeared first on Security Boulevard.

Risk 98

Risk Cybersecurity Education InfoSec 98

SecureWorld News

JUNE 13, 2023

It was fitting that the opening keynote panel for SecureWorld Chicago on June 8th was titled " Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec Landscape. Well, information security, cybersecurity happens to be a critical part of the business, being able to achieve strategic objectives.

Cybersecurity 83

Cybersecurity CISO InfoSec Risk 83

Hot for Security

FEBRUARY 16, 2021

Hackers could trigger ‘fake earthquakes,’ affecting emergency and economic responses to a seismic event, and generate mistrust in seismic technology among the population, the researchers say. Seismic monitoring equipment is vulnerable to common cybersecurity threats like those faced by IoT devices, a new research paper warns.

IoT 128

IoT InfoSec Data collection Encryption 128

SecureWorld News

NOVEMBER 28, 2022

Require the CISO to report, in a timely manner, to the board on material cybersecurity issues, including updates to a company's risk assessment or major cybersecurity events. Have Infosec certifications and passion for #cyber and #dataprivacy. It's a core responsibility of the board and management team.".

Financial Services 76

Financial Services Cybersecurity CISO InfoSec 76

CyberSecurity Insiders

DECEMBER 6, 2022

The risk-reward ratio of career CISOs has many re-thinking whether this is an ideal profession when facing legal action, shouldering undue blame from board members, or even jail-time after a security breach has gone poorly. The security world has always been tribal and secretive by default.

Cybersecurity 126

Cybersecurity CISO InfoSec Technology 126

Security Boulevard

JUNE 6, 2022

Today we’ve been honored with the “Next Generation in API Security” award in the 2022 Global InfoSec Awards from Cyber Defense Magazine (CDM). You will find Salt fully represented at all of these important security events. Topping off our activities at RSA will be a Tuesday event party on the SF MOMA rooftop. Attending RSA ?

Big data 52

Big data InfoSec Architecture Education 52

Daniel Miessler

MARCH 20, 2022

The ideas will cover multiple aspects of InfoSec, from organizational structure to technology. At the highest level, I think the big change to InfoSec will be a loss of magic compared to now. HT to Jeremiah Grossman to also being very early to seeing the role of insurance in InfoSec. Org Structure. Technology. Regulation.

InfoSec 180

InfoSec Insurance Engineering Technology 180

Herjavec Group

APRIL 29, 2022

Unfortunately, this constant coverage is making us numb to the need to assess what our overall risks may be. Do we truly believe that our industrial control systems are at risk of infection? Implement user training and phishing exercises to raise awareness about the risk of suspicious links and attachments.

Ransomware 98

Ransomware InfoSec Cybersecurity Risk 98

Herjavec Group

MAY 27, 2021

InfoSec professionals tend to describe the benefits of a strong cybersecurity program with technical jargon and acronyms. Having been on both sides of the equation as the infosec executive and the enterprise leader, I can confidently say the key is to speak the language of the executive team and board. Believe me – I’ve been there !

Cybersecurity 52

Cybersecurity InfoSec Cyber Risk Risk 52

Security Boulevard

APRIL 24, 2021

The post CPDP 2021 – Moderator: Moderator: Frederik Zuiderveen Borgesius ‘Artificial Intelligence And Discrimination Risks In The Health Sector’ appeared first on Security Boulevard.

Artificial Intelligence 65

Artificial Intelligence Risk Education InfoSec 65

SecureWorld News

JUNE 16, 2020

And the Cyber Essentials Toolkit is a set of modules concentrating vital advice for IT and InfoSec into bit-sized pieces for employees and leaders to implement. What is your level of risk appetite and risk tolerance? Use risk assessments to identify and prioritize allocation of resources and cyber investment.".

Cybersecurity 53

Cybersecurity InfoSec Risk Cyber Risk 53

Security Boulevard

OCTOBER 24, 2023

Detection : We will cover the Sysmon and Windows Security event IDs related to discovering the target technique. Additionally, in his blog , Olaf Hartong suggests monitoring the process access attempt in conjunction with Windows Security event ID 4703 — “A token right was adjusted.” PsExec.exe -s accepteula dc1.asgard.corp

Backups 67

Backups Passwords Authentication Accountability 67

Webroot

JULY 25, 2022

The first in-person event for RSA since the global pandemic had a slightly lower turnout than in years past (26,000 compared to 36,000 attendees). Here are some of the key trends which we observed at this year’s first marquee cybersecurity event post-pandemic: 1. Market landscape for XDR grows more crowded.

Cyber Insurance 123

Cyber Insurance Insurance Marketing Phishing 123

Security Boulevard

JULY 23, 2021

The post BSides Vancouver 2021 – Vivek Ponnada’s ‘Is The Power Grid A Huge Cybersecurity Risk?’ Our thanks to BSides Vancouver for publishing their outstanding BSides Vancouver 2021 Conference videos on the groups' YouTube channel. ’ appeared first on Security Boulevard.

Risk 48

Risk Cybersecurity Education InfoSec 48

eSecurity Planet

DECEMBER 20, 2023

Attack surface management aims to automate the process of discovering, assessing, and prioritizing vulnerabilities and third-party, digital supply chain, and cloud risks. It addresses both internal and external (EASM) risks. CAASM (cyber asset ASM) and DRPS (digital risk protection) are also related terms and elements of ASM.

Software 113

Software Risk Architecture Internet 113

The Security Ledger

AUGUST 6, 2018

» Related Stories Podcast: Infosec has a #MeToo Problem also TOR-ifying Wikipedia Exploits in Samsung Hub Put Smart Homes at Risk Expert says: Hack your Smart Home to Secure It. We’re joined by DigiCert Chief Technology Officer Dan Timpson to talk about the presentations that are worth seeing. Read the whole entry. »

Risk 40

Risk Technology InfoSec Hacking 40

CyberSecurity Insiders

FEBRUARY 3, 2022

Keeper is the leading provider of zero-trust and zero-knowledge security and encryption software covering enterprise password management, role-based access control, event tracking, dark web monitoring, secure file storage, secrets management and encrypted messaging. Keeper is SOC-2, FIPS 140-2 and ISO 27001 Certified.

Password Management 80

Password Management Passwords Encryption Data breaches 80

Herjavec Group

MAY 19, 2022

No matter how many firewalls or network controls you have in place, the risk of insider threat will always be present. I’ve been in infosec for over 30 years and have had the great privilege of evolving and learning as a cybersecurity executive in a space I love.

Penetration Testing 98

Penetration Testing Social Engineering Cybercrime InfoSec 98

CyberSecurity Insiders

SEPTEMBER 21, 2021

Every device you use, the app you download, the bit of information you share, or the message you open comes with a certain amount of risk. Enlist passionate people across all areas of the organization and not just the IT team to champion security, model best practices, support infosec events and campaigns, and continually raise awareness.

Threat Detection 91

Threat Detection Wireless InfoSec Firewall 91

Security Boulevard

AUGUST 19, 2021

We learned this week that T-Mobile was the victim of a data breach that exposed data from tens of millions of customers, and then we found out that there is a flaw in BlackBerry’s QNX operating system that puts hundreds of millions of devices at risk. These events don’t impact everyone, but there are still lessons to be learned. .

Mobile 62

Mobile Data breaches Risk InfoSec 62

CyberSecurity Insiders

JANUARY 26, 2022

Events over the past several months, from the SolarWinds attack, the Cybersecurity Executive Order to the Log4j vulnerability, have all highlighted the urgent need to quickly identify and mitigate software supply chain risks and improve resilience in today’s hyper connected world. The Jitsuin-Meterian integration solves this problem.

Software 52

Software Risk Technology Government 52

Notice Bored

NOVEMBER 26, 2021

Aside: how on Earth can today's politicians justify holding a climate change conference as a physical, in-person event, during COVID no less, rather than virtually, on-line? From the information risk and security perspective, virtual working is both a nightmare and, again, an opportunity. Are we even on the same planet?

Risk 66

Risk Artificial Intelligence Technology InfoSec 66

Malwarebytes

JANUARY 24, 2023

For some, it’s a way of keeping up with current events, some of which is fake news. Federal Communications Commissioner (FCC) Brendan Carr called for TikTok to be banned in America, months after deeming it an unacceptable security risk , and calling for Apple and Google to completely remove the app from their app stores.

Media 89

Media Advertising InfoSec Internet 89

SecureWorld News

MAY 8, 2023

The six-month course is designed to teach learners how to identify common risks, threats, and vulnerabilities, as well as the techniques to mitigate them. The certificate program will offer hands-on experience with industry standards and tools, including Python, Linux, and security information and event management (SIEM).

Cybersecurity 100

Cybersecurity CISO Risk Government 100

eSecurity Planet

JUNE 18, 2021

It then studies this information to determine how specific events are related and initiates a response if necessary. “AI can help understand where your infosec program has strengths and where it has gaps.” By extension, SOAR platforms also minimize the risk of human error. Cybersecurity AI gone wrong.

Artificial Intelligence 145

Artificial Intelligence Cybersecurity Engineering Risk 145