Government, Information Security and InfoSec

Assessing Third-Party InfoSec Risk Management

Security Boulevard

JUNE 14, 2023

Information security (InfoSec) risk management with third parties, including outsourcing, requires persistence and consistency due to the primary business risk it presents. Third-party managers need to have insights into a variety of areas of information security, including.

InfoSec

InfoSec Risk Information Security CISO

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

I think there are four main trends that will play out in the field of information security in the next 20 years. 2021-2030) A Surge in Demand for InfoSec people will result in many more professionals being trained and placed within companies, likely using more of a trade/certification model than a 4-year university model.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

Shortage of Information Security Professionals

Security Boulevard

FEBRUARY 16, 2022

As data breaches at corporations, educational institutions, and government agencies continue to grow, so does the need. The post Shortage of Information Security Professionals appeared first on Security Boulevard. In recent years, there has been an exponential increase in high-profile data breaches.

Information Security

Information Security Data breaches Education Government

Iterative scientific infosec

Notice Bored

MAY 25, 2022

So, this morning I've been thinking about the applications of those principles and mechanisms to information risk management, putting infosec under the microscope. Improving' or 'advancing' infosec is more involved than it seems. It requires thoughtful strategising, intelligent decision-making , appropriate governance.

InfoSec

InfoSec Risk Antivirus Government

InfoSec Reviews in Project Management Workflows

Security Boulevard

FEBRUARY 8, 2021

I have attended numerous security conferences over the past several years, and at each one, I repeatedly hear about the importance of information security being incorporated within the planning and requirement analysis phase of the software development life cycle (SDLC). I agree – this is very important.

InfoSec

InfoSec Information Security Software CISO

Professional services infosec policy template

Notice Bored

MAY 12, 2022

We have just completed and released a brand new information security policy template on professional services. Professional services engagements, and hence the associated information risks, are so diverse that it made no sense to specify particular infosec controls, except a few examples.

InfoSec

InfoSec Risk Accountability Government

NBlog Aug 8 - musing on ISO/IEC 27014 & infosec governance

Notice Bored

AUGUST 7, 2020

This morning I've been studying the final draft of the forthcoming second edition of ISO/IEC 27014 "Governance of information security" , partly to update ISO27001security.com but mostly out of my fascination with the topic. This will support the delivery of security education, training and awareness programs.

Government

Government InfoSec Information Security Accountability

Are our infosec controls sufficient?

Notice Bored

JUNE 25, 2021

begging questions about which infosec-related matters are particularly important, and how they stack up in relation to other business priorities, issues, pressures etc. begging questions about which infosec-related matters are particularly important, and how they stack up in relation to other business priorities, issues, pressures etc.

InfoSec

InfoSec Risk Information Security Government

WANTED: a set of infosec principles we can all agree on

Notice Bored

JUNE 20, 2022

The SecAware corporate information security policy template incorporates a set of generic principles for information risk and security such as " Our Information Security Management System conforms to generally accepted good security practices as described in the ISO/IEC 27000-series information security standards. "

InfoSec

InfoSec Information Security Risk Government

Resecurity Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021

CyberSecurity Insiders

MAY 27, 2021

SAN FRANCISCO–( BUSINESS WIRE )–Resecurity is proud to announce they have won the following award(s) from Cyber Defense Magazine (CDM), the industry’s leading electronic information security magazine: Cutting Edge in Digital Footprint Security. Join a webinar at [link] and realize that infosec knowledge is power.

InfoSec

InfoSec B2C B2B Media

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Herjavec Group

MAY 17, 2021

We accelerate the pillars of your Identity program in Governance & Administration, Privileged Access Management, and User Authentication. . Accelerate compliance efforts with unified top-down governance processes for all users. Accelerate your Identity Security with Herjavec Group . IDC Security Services Leader ?and?

InfoSec

InfoSec Marketing Technology B2C

Integrating SIEM Within Compliance Programs

Security Boulevard

JULY 19, 2021

At their core, information security and compliance seem like topics that should go hand in hand: InfoSec deals with the daily functions of identifying and responding to threats, while compliance includes responsibilities of implementing IT security controls and effective governance.….

InfoSec

InfoSec Government Information Security

Kingston Technology Wins Coveted Global InfoSec Awards During RSA Conference 2021

CyberSecurity Insiders

MAY 22, 2021

a world leader in memory products and technology solutions, is proud to announce it has won the following Global InfoSec Awards for its encrypted USB solutions family from Cyber Defense Magazine (CDM), the industry’s leading electronic information magazine: Data Loss Prevention Market Leader. About CDM InfoSec Awards.

InfoSec

InfoSec Technology Encryption B2C

Cyber Defense Magazine – November 2020 has arrived. Enjoy it!

Security Affairs

NOVEMBER 4, 2020

150 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. 9TH ANNUAL INFOSEC AWARDSNOW OPEN FOR NOMINATIONS WITH AN INCREDIBLE 5 STAR AWARDS DINNER HELD DURING RSA CONFERENCE 2021 IN SAN FRANCISCO, CA, USA.

InfoSec

InfoSec DNS Advertising Marketing

NBlog Sept 27 - 2021 infosec budget

Notice Bored

SEPTEMBER 26, 2020

Are you responsible for your organisation's information security or cybersecurity budget? A substantial part of information security expenditure is (whatever we may believe as professionals) discretionary. Budgeting is generally a dreaded, stressful management task.

InfoSec

InfoSec Information Security Manufacturing Risk

EDRi PrivacyCamp22 – Panel: ‘Regulation vs. Governance: Who Is Marginalised, Is “Privacy” The Right Focus, And Where Do Privacy Tools Clash With Platform Governance’

Security Boulevard

MARCH 4, 2022

The post EDRi PrivacyCamp22 – Panel: ‘Regulation vs. Governance: Who Is Marginalised, Is “Privacy” The Right Focus, And Where Do Privacy Tools Clash With Platform Governance’ appeared first on Security Boulevard.

Government

Government Education InfoSec Information Security

The Hacker Mind: Shattering InfoSec's Glass Ceiling

ForAllSecure

MARCH 8, 2023

Booth babes and rampant sexism were more of a problem in infosec in the past. What if you are a woman in information security? I’m Robert Vamosi, and in the episode I’m talking about diversity, equality, and inclusion in information security with one of the industries' most successful examples.

InfoSec

InfoSec Engineering CSO Technology

The US federal cybersecurity bureaucracy: A guide

CSO Magazine

MAY 16, 2022

The federal government has awakened to the urgency of cybersecurity and responded with new agencies, appointments, and appropriations. The National Security Agency is the grandaddy of cybersecurity organizations. It’s an unsurprising flowering of bureaucracy, but it can make for a big picture that is hard to see.

Cybersecurity

Cybersecurity InfoSec Government Information Security

Life360 Selling Location Data, NSO Group Spyware Hacks Government Employees, Homecoming Queen Contest Hacked

Security Boulevard

DECEMBER 12, 2021

The post Life360 Selling Location Data, NSO Group Spyware Hacks Government Employees, Homecoming Queen Contest Hacked appeared first on The Shared Security Show. The post Life360 Selling Location Data, NSO Group Spyware Hacks Government Employees, Homecoming Queen Contest Hacked appeared first on Security Boulevard.

Spyware

Spyware Hacking Government Technology

Cybersec’s Messy Messaging

Javvad Malik

NOVEMBER 23, 2021

Infosec types revolt against use of ancient abbreviation by Bitcoin and NFT devotees. You have governments trying to ban end to end encryption (refer to Alec Muffet for more nuanced discussions on E2E encryption ), no-one ever seems to have got PGP working, and what does cryptography has to do with privacy or secure banking?

InfoSec

InfoSec Encryption Cryptocurrency Banking

Stepping on the cracks

Notice Bored

MAY 24, 2021

Anyone seeking information security standards or guidance is spoilt for choice e.g. : ISO27k - produced by a large international committee of subject matter experts and national representatives NIST SP 800 series – well researched, well written, actively maintained. and loads more. and loads more. Studying these is hard work.

InfoSec

InfoSec Risk IoT Information Security

BSides Prishtina 2022 – Poliksena Berisha’s ‘Governance, Risk And Compliance (GRC) And Role Of IT Auditing’

Security Boulevard

MAY 25, 2022

Our sincere thanks to BSides Prishtina for publishing their Presenter’s BSides Prishtina 2022 Information Security Conference videos on the organization’s’ YouTube channel.

Government

Government Risk Information Security Education

Apple Mail Privacy Protection, Government Agencies Reveal Top Attack Vectors, Is Big Brother Watching You at Work?

Security Boulevard

MAY 22, 2022

What is Apple Mail Privacy Protection and how does it hide your IP address, so senders can’t link it to your online activity or determine your location, government authorities such as the FBI and NSA have released a list of top attack vectors used to gain initial access by attackers, and how more companies are […].

Government

Government Marketing Surveillance Data privacy

Spotlight on Cybersecurity Leaders: Chris Spohr

SecureWorld News

AUGUST 22, 2022

Chris Spohr is the Information Security Officer for Republic Finance, LLC, and adds value by serving as the Head of Information Security to protect the company's data, brand, and jobs. This started me down the InfoSec path and I found that I liked specializing in a challenging area. Louis Advisory Council.

Cybersecurity

Cybersecurity InfoSec Retail Manufacturing

DEFCON 29 IoT Village – Sessler and Hendricks’ ‘IoT Devices As Government Witnesses’

Security Boulevard

NOVEMBER 21, 2021

The post DEFCON 29 IoT Village – Sessler and Hendricks’ ‘IoT Devices As Government Witnesses’ appeared first on Security Boulevard. Our thanks to DEFCON for publishing their outstanding DEF CON 29 IoT Village videos on the Conferences’ YouTube channel.

IoT

IoT Government Education InfoSec

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. “Information sharing is easy to talk about, and hard to do in practice,” Daniel said.

Cybersecurity

Cybersecurity Cyber threats Government Phishing

Cyber Defense Magazine – May 2021 has arrived. Enjoy it!

Security Affairs

MAY 5, 2021

OVER 90+ PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. We hope you enjoy this month’s edition…packed with over 90 pages of excellent content. Cyber Defense Magazine May 2021. Pierluigi Paganini.

InfoSec

InfoSec Media Cybersecurity Government

Cyber Defense Magazine – February 2021 has arrived. Enjoy it!

Security Affairs

FEBRUARY 2, 2021

108 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. We hope you enjoy this month’s edition…packed with over 108 pages of excellent content. Always free, no strings attached.

InfoSec

InfoSec DNS Media Marketing

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Daniel Miessler

SEPTEMBER 29, 2020

Since 2007 the InfoSec industry has been talking about TheBigOne™—the event that would change cyber threats from annoyances to existential concerns. A ransomware attack against the New Orleans city government in early 2020 cost the city over $7 million dollars. City governments and businesses. Nowhere near fast enough.

Ransomware

Ransomware Government Social Engineering Small Business

CPDP 2021 – Moderator: Samson Esayas ‘Global AI Governance: Perspectives From Four Continents’

Security Boulevard

MAY 22, 2021

The post CPDP 2021 – Moderator: Samson Esayas ‘Global AI Governance: Perspectives From Four Continents’ appeared first on Security Boulevard. Our sincere thanks to CPDP 2021 - Computers, Privacy & Data Protection Conference for publishing their well-crafted videos on the organization's YouTube channel.

Government

Government Education InfoSec Information Security

Episode 205 – Google’s Camille Stewart: InfoSec’s Lack of Diversity is a Cyber Risk

The Security Ledger

FEBRUARY 26, 2021

Are Local Governments Ready To Turn Back Election Hacks? Here’s the deal with the information security industry in the United States: our country doesn’t have nearly the number of information security professionals that it needs. Camille Stewart is the Head of Security Policy for Google Play and Android at Google.

Cyber Risk

Cyber Risk Risk InfoSec Information Security

Remember GDPR? Expect another set of cyber regulations around vulnerabilities

SC Magazine

APRIL 14, 2021

We were asked to contribute comments and expertise on how governments and private companies can handle cybersecurity vulnerabilities. There’s no way to eliminate security vulnerabilities completely, so it’s our shared responsibility as a global information security industry to implement approaches to hunt and fix them swiftly.

Government

Government Risk Information Security InfoSec

South Carolina looks to align cyber ecosystem, economic growth

SC Magazine

FEBRUARY 12, 2021

The South Carolina initiative, however, is a coordinated effort across state government, multiple state universities, local industry, and critical infrastructure. South Carolina is anticipating a growth in defense and government contracting after the recent move of the Army’s Cyber Command to nearby Augusta, Georgia.

Education

Education InfoSec Government Cybersecurity

Thinking About the Future of InfoSec (v2022)

Daniel Miessler

MARCH 20, 2022

I’m starting a new series with this 2022 edition where I think about what Information Security could or should look like in the distant future—say in 2050. The ideas will cover multiple aspects of InfoSec, from organizational structure to technology. Org Structure. Technology. Regulation. Automation / AI.

InfoSec

InfoSec Insurance Engineering Technology

CPDP 2021 – Moderator: Théodore Christakis ‘Government Access To Data After Schrems Ii, Brexit And The Cloud Act’

Security Boulevard

APRIL 25, 2021

The post CPDP 2021 – Moderator: Théodore Christakis ‘Government Access To Data After Schrems Ii, Brexit And The Cloud Act’ appeared first on Security Boulevard.

Government

Government Education InfoSec Information Security

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

CyberSecurity Insiders

FEBRUARY 1, 2022

The virtual conference is free to attend and will span three days including multiple tracks: Frameworks, Security, & Risk, Transforming the C-Suite, and InfoSec 360. Conference Tracks: Frameworks, Security, & Risk. InfoSec 360. Abstracts for each of the themes can be found below.

Digital transformation

Digital transformation InfoSec CISO Education

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Security Boulevard

MAY 20, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. Dmitriy Sokolovskiy has been working in the cybersecurity space for over 14 years in dedicated security roles, in addition to 9 more years working in various IT areas.

CISO

CISO Technology InfoSec Information Security

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Brian Levine is senior director of product security at Axway, a global security engineering organization delivering training, tools, processes and DevSecOps practices for secure applications and cloud services to the enterprise market. She also served as the deputy chief information officer of the White House.

Computers and Electronics

Computers and Electronics Technology Education Information Security

Information risk and security management reporting

Notice Bored

MARCH 14, 2022

How does one write an information security report? It also occurs to me that, aside from structuring the reports according to the information security controls and incidents , you could use the information risks in a similar way. What should be reported?" Using appropriate metrics makes sense, of course.

Risk

Risk InfoSec Information Security Government

CPDP 2021 – Moderator: Samson Esayas ‘Global Ai Governance: Perspectives From Four Continents’

Security Boulevard

MAY 22, 2021

The post CPDP 2021 – Moderator: Samson Esayas ‘Global Ai Governance: Perspectives From Four Continents’ appeared first on Security Boulevard. Our sincere thanks to CPDP 2021 - Computers, Privacy & Data Protection Conference for publishing their well-crafted videos on the organization's YouTube channel.

Government

Government Education InfoSec Information Security

Cyber Defense Magazine – March 2021 has arrived. Enjoy it!

Security Affairs

MARCH 3, 2021

110 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. We hope you enjoy this month’s edition…packed with over 110 pages of excellent content. Always free, no strings attached.

InfoSec

InfoSec DNS Media Marketing

World's First Hybrid War in Ukraine Holds Important Cyber Lessons

SecureWorld News

OCTOBER 26, 2022

He details the war aims of Russia, including destroying the Ukrainian government, society, population, and the country as a whole. Kathleen Moriarty, CTO, Center for Internet Security, talking about "Transforming Information Security for Businesses of All Sizes".

CISO

CISO CSO InfoSec Government

US Federal systems must be covered by vulnerability-disclosure policies by March 2021

Security Affairs

SEPTEMBER 7, 2020

The main purpose of vulnerability-disclosure policies is to ensure that required information, other than confidential business information, is disclosed to the public and shared with relevant parties in a timely, accurate, complete, understandable, convenient and affordable manner. Learn more: [link].

InfoSec

InfoSec Advertising Government Cybersecurity

Hi-5 With A CISO Andrea Szeiler, Transcom

Security Boulevard

MAY 4, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. She held Audit and Security leadership roles in leading European companies. In 2014 she founded WITSEC, a professional group of women working in IT and Information Security […].

CISO

CISO InfoSec Information Security Cybersecurity

Assessing Third-Party InfoSec Risk Management

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Trending Sources

Shortage of Information Security Professionals

Iterative scientific infosec

InfoSec Reviews in Project Management Workflows

Professional services infosec policy template

NBlog Aug 8 - musing on ISO/IEC 27014 & infosec governance

Are our infosec controls sufficient?

WANTED: a set of infosec principles we can all agree on

Resecurity Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Integrating SIEM Within Compliance Programs

Kingston Technology Wins Coveted Global InfoSec Awards During RSA Conference 2021

Cyber Defense Magazine – November 2020 has arrived. Enjoy it!

NBlog Sept 27 - 2021 infosec budget

EDRi PrivacyCamp22 – Panel: ‘Regulation vs. Governance: Who Is Marginalised, Is “Privacy” The Right Focus, And Where Do Privacy Tools Clash With Platform Governance’

The Hacker Mind: Shattering InfoSec's Glass Ceiling

The US federal cybersecurity bureaucracy: A guide

Life360 Selling Location Data, NSO Group Spyware Hacks Government Employees, Homecoming Queen Contest Hacked

Cybersec’s Messy Messaging

Stepping on the cracks

BSides Prishtina 2022 – Poliksena Berisha’s ‘Governance, Risk And Compliance (GRC) And Role Of IT Auditing’

Apple Mail Privacy Protection, Government Agencies Reveal Top Attack Vectors, Is Big Brother Watching You at Work?

Spotlight on Cybersecurity Leaders: Chris Spohr

DEFCON 29 IoT Village – Sessler and Hendricks’ ‘IoT Devices As Government Witnesses’

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Cyber Defense Magazine – May 2021 has arrived. Enjoy it!

Cyber Defense Magazine – February 2021 has arrived. Enjoy it!

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

CPDP 2021 – Moderator: Samson Esayas ‘Global AI Governance: Perspectives From Four Continents’

Episode 205 – Google’s Camille Stewart: InfoSec’s Lack of Diversity is a Cyber Risk

Remember GDPR? Expect another set of cyber regulations around vulnerabilities

South Carolina looks to align cyber ecosystem, economic growth

Thinking About the Future of InfoSec (v2022)

CPDP 2021 – Moderator: Théodore Christakis ‘Government Access To Data After Schrems Ii, Brexit And The Cloud Act’

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Meet the 2021 SC Awards judges

Information risk and security management reporting

CPDP 2021 – Moderator: Samson Esayas ‘Global Ai Governance: Perspectives From Four Continents’

Cyber Defense Magazine – March 2021 has arrived. Enjoy it!

World's First Hybrid War in Ukraine Holds Important Cyber Lessons

US Federal systems must be covered by vulnerability-disclosure policies by March 2021

Hi-5 With A CISO Andrea Szeiler, Transcom

Stay Connected