InfoSec and Risk - Cyber Security Informer

Search:

DAY

WEEK

MONTH

YEAR

Apr 20 - Apr 26

Apr 13 - Apr 19

Apr 06 - Apr 12

Mar 30 - Apr 05

MORE

MORE

MORE

MORE

Select your country:
Sign up | Log in

as

InfoSec

Risk

article thumbnail

AI Revolutionizes Infosec

Daniel Miessler

APRIL 2, 2023

The AI Solution AI will redefine infosec by continuously consuming and parsing all logs, configurations, documentation, and communication. A New Security Landscape AI will significantly diminish the difficulty of infosec, shedding light on the dark corners of IT configurations and making it harder for hackers to hide.

InfoSec

InfoSec Software Information Security Risk

article thumbnail

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

2021-2030) A Surge in Demand for InfoSec people will result in many more professionals being trained and placed within companies, likely using more of a trade/certification model than a 4-year university model. I think there are four main trends that will play out in the field of information security in the next 20 years. A Surge in Demand.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

Join 29,000+

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Trending Sources

article thumbnail

Iterative scientific infosec

Notice Bored

MAY 25, 2022

There is a strong argument to facilitate much more sharing of information about information risk and security, incidents, controls etc. So, this morning I've been thinking about the applications of those principles and mechanisms to information risk management, putting infosec under the microscope.

InfoSec

InfoSec Risk Antivirus Government

article thumbnail

Ostrich Cyber-Risk Welcomes Risk Management Expert Jack Whitsitt as Director of Risk Quantification

Security Boulevard

JANUARY 4, 2023

Jack Whitsitt, former InfoSec Risk Quantification Program Architect at. Freddie Mac, joins Ostrich Cyber-Risk as the Director of Risk. The post Ostrich Cyber-Risk Welcomes Risk Management Expert Jack Whitsitt as Director of Risk Quantification appeared first on Security Boulevard. Services division.

Cyber Risk Risk InfoSec

article thumbnail

Professional services infosec policy template

Notice Bored

MAY 12, 2022

Professional services engagements, and hence the associated information risks, are so diverse that it made no sense to specify particular infosec controls, except a few examples. This is another shining example of the value of the 'information ownership' concept. and that once again emphasises that corporate policies form a mesh.

InfoSec

InfoSec Risk Accountability Government

article thumbnail

The Clock To Q-Day Is Ticking: InfoSec Global and Thales Provide Collaborative Path to Quantum Readiness

Thales Cloud Protection & Licensing

FEBRUARY 19, 2024

Vladimir Soukharev, InfoSec Global The advent of quantum computers poses a substantial threat to various industries due to their potential to compromise standard encryption methods that protect global data, communications, and transactions. This vulnerability could expose sensitive enterprise information to risk.

InfoSec

InfoSec Encryption Risk Marketing

article thumbnail

What IT leaders from United Airlines, Aflac, Zoom and more predict for the future of InfoSec

CSO Magazine

MARCH 1, 2022

That’s why CSO’s Future of InfoSec Summit is a must-attend event. Taking place virtually March 8 and 9, the event will take a 360-degree look at managing information risk. She will address assessing the threat landscape – including threats from nation states – defining risk appetite, and the leadership necessary to meet the challenge.

InfoSec

InfoSec Risk Government Ransomware

article thumbnail

Are our infosec controls sufficient?

Notice Bored

JUNE 25, 2021

begging questions about which infosec-related matters are particularly important, and how they stack up in relation to other business priorities, issues, pressures etc. begging questions about which infosec-related matters are particularly important, and how they stack up in relation to other business priorities, issues, pressures etc.

InfoSec

InfoSec Risk Information Security Government

article thumbnail

Infosec principles (Hinson tips)

Notice Bored

JUNE 21, 2022

Thinking about the principles underpinning information risk and security, here's a tidy little stack of "Hinson tips" - one-liners to set the old brain cells working this chilly mid-Winter morning: Address information confidentiality, integrity and availability, broadly Address internal and external threats, both deliberate and accidental/natural Celebrate (..)

InfoSec

InfoSec Risk Engineering Accountability

article thumbnail

Risks to Your Network from Insecure Code Signing Processes

Security Boulevard

JULY 7, 2022

Risks to Your Network from Insecure Code Signing Processes. However, this practice puts these critical resources at risk for being misused or compromised. Many InfoSec teams don’t have the visibility into what their software development teams are doing. In years past, InfoSec may have been the central keeper of code signing.

Risk

Risk InfoSec Software Digital transformation

article thumbnail

WANTED: a set of infosec principles we can all agree on

Notice Bored

JUNE 20, 2022

The SecAware corporate information security policy template incorporates a set of generic principles for information risk and security such as " Our Information Security Management System conforms to generally accepted good security practices as described in the ISO/IEC 27000-series information security standards. "

InfoSec

InfoSec Information Security Risk Government

article thumbnail

Managing Cybersecurity Risk in M&A

Cisco Security

SEPTEMBER 26, 2022

As Technology Audit Director at Cisco, Jacob Bolotin focuses on assessing Cisco’s technology, business, and strategic risk. Risk Management and Formula One. Meanwhile, InfoSec is the designer and implementor of risk management capabilities (for instance, ensuring the latest technology is deployed and within expected specifications).

Risk

Risk Cybersecurity Technology InfoSec

article thumbnail

InfoSec Leaders Share in Podcast Interview at SecureWorld Philadelphia

SecureWorld News

APRIL 28, 2023

Glanden is a specialized security systems consultant focused on risk management for breakthroughs and vulnerabilities, a senior security architect for Sayers, and the founder of BarCode Security. The 40-minute episode is packed with insights on the latest and greatest in cybersecurity.

InfoSec

InfoSec CISO Ransomware Information Security

article thumbnail

Infosec control attributes paper completed

Notice Bored

APRIL 4, 2022

Control attributes are a powerful and flexible tool for information security management purposes, a novel way to design, manage and improve an organisation’s approach to mitigating unacceptable information risks, supplementing more traditional or conventional methods.

InfoSec

InfoSec Information Security Risk

article thumbnail

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

Mandiant said the attackers will continue to change their tactics and malware, “especially as network defenders continue to take action against this adversary and their activity is further exposed by the infosec community.”

Risk

Risk VPN Internet Internet

article thumbnail

Hacking It as a CISO: Advice for Security Leadership

Dark Reading

AUGUST 10, 2020

A security leader shares tips for adopting a CISO mindset, creating risk management strategies, and "selling infosec" to IT and executives.

CISO

CISO InfoSec Hacking Risk

article thumbnail

Information risk and security management reporting

Notice Bored

MARCH 14, 2022

It also occurs to me that, aside from structuring the reports according to the information security controls and incidents , you could use the information risks in a similar way. How does one write an information security report? What should be reported?"

Risk

Risk InfoSec Information Security Government

article thumbnail

Infosec policy development

Notice Bored

APRIL 10, 2021

We're currently preparing some new information risk and security policies for SecAware.com. This policy will outline the associated information risks, mitigating controls and other relevant approaches. It's hard to find gaps in the suite of 81 policy templates already on sale (!)

InfoSec

InfoSec Penetration Testing Information Security Risk

article thumbnail

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

The Security Ledger

APRIL 2, 2021

The post Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges appeared first on The. Fixing InfoSec Demands Scale, Diversity. Read the whole entry. » The information security industry is simultaneously robust and beset by problems and challenges.

InfoSec

InfoSec CISO Information Security Cyber Risk

article thumbnail

Burnout: The Hidden Cost of Working in Cybersecurity & Other High Risk Fields

Jane Frankland

JUNE 20, 2023

In this blog, and ahead of my talk at Infosec this week , I’m delving into this, and giving you tips for recognising its signs and preventing it as a leader. And these changes increase the risk of developing anxiety, depression, and other mental health issues. The stakes are simply too high to neglect this.

Cybersecurity Risk InfoSec CISO

article thumbnail

Resecurity Named Winner of the Coveted Global InfoSec Awards During RSA Conference 2021

CyberSecurity Insiders

MAY 27, 2021

Next-Gen in Third-Party Risk Management (TPRM). We knew the competition would be tough and with top judges who are leading infosec experts from around the globe, we couldn’t be more pleased,” said Gene Yoo, CEO of Resecurity. Join a webinar at [link] and realize that infosec knowledge is power. About Resecurity, Inc.

InfoSec

InfoSec B2C B2B Media

article thumbnail

Why Is Shadow IT a Growing Cybersecurity Risk?

SecureWorld News

AUGUST 13, 2023

Whatever the reason, shadow IT can pose a serious security risk to organizations. This means that they are more vulnerable to attack, and any data stored on them is at risk. This means that they are more vulnerable to attack, and any data stored on them is at risk. What can organizations do mitigate the risks of shadow IT?

Risk

Risk Cybersecurity Education Technology

article thumbnail

Seeds of Destruction: Cyber Risk Is Growing in Agriculture

The Security Ledger

MAY 4, 2021

In this episode of the podcast (#213): Molly Jahn of DARPA and University of Wisconsin joins us to talk about the growing cyber risk to the Food and Agriculture sector, as industry consolidation and precision agriculture combine to increase the chances of cyber disruption of food production. Read the whole entry. »

Cyber Risk Risk Digital transformation InfoSec

article thumbnail

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Herjavec Group

MAY 17, 2021

Quickly detect risks and amend access entitlement issues associated with privileged users. CDM’s Global Awards are reviewed by an unbiased panel of certified security professionals (CISSP, FMDHS, CEH) who vote based on their independent review of the submission package, corporate website, company product literature, and thought leadership.

InfoSec

InfoSec Marketing Technology B2C

article thumbnail

The Hacker Mind: Shattering InfoSec's Glass Ceiling

ForAllSecure

MARCH 8, 2023

Booth babes and rampant sexism were more of a problem in infosec in the past. That is, until Chenxi Wang spoke up. Today she runs a 100% woman owned VC. I wrote two books, one on IoT Security and another with Kevin Mitnick, then jumped around a couple of different jobs. Now I’m hosting a podcast called The Hacker Mind.

InfoSec

InfoSec Engineering CSO Technology

article thumbnail

How Aflac maximizes security ROI

CSO Magazine

JUNE 8, 2022

With rapidly evolving threats and increased business risk, security leaders are constantly pressed by the question: Do we have the right technology, people, and processes in place to protect the organization? For more of Goldsworthy’s insights, watch the full video of the event session embedded below.

InfoSec

InfoSec Technology Risk

article thumbnail

Instant Risk Reduction Recommendations to Align Priorities with IT

NopSec

MARCH 19, 2019

This instant feedback loop enabled me align priorities across teams, and this holds true in Vulnerability Management with InfoSec and IT. Competing priorities between InfoSec and IT InfoSec teams have their own priorities often guided by overarching VM goals. This results in: Instant partnership with IT to reduce risk.

Risk

Risk InfoSec Marketing

article thumbnail

Expert discloses 4 zero-days in IBM Data Risk Manager

Security Affairs

APRIL 21, 2020

The security researcher Pedro Ribeiro, Director of Research at Agile Information Security, has published details about four zero-day vulnerabilities affecting the IBM Data Risk Manager (IDRM) after the company refused to address the issues. The latest version Agile InfoSec has access to is 2.0.3, ” the expert wrote on GitHub.

Risk

Risk Authentication InfoSec Advertising

article thumbnail

Introducing Securepairs.org: Fighting Infosec FUD for the Right to Repair

The Security Ledger

APRIL 29, 2019

Cybersecurity luminaries including Bruce Schneier, Gary McGraw, Joe Grand, Chris Wysopal and Katie Moussouris are backing securepairs.org, countering industry efforts to paint proposed right to repair laws in 20 states as a cyber security risk. Read the whole entry. »

InfoSec

InfoSec Digital transformation Internet Internet

article thumbnail

NBlog July 23 - infosec roles & responsibilities

Notice Bored

JULY 23, 2020

For the next phase of SecAware ISMS , I'm documenting the management process for determining and allocating information risk and security responsibilities. It turns out there may be several corporate functions, teams and individuals, each performing numerous activities relating to information risk and security.

InfoSec

InfoSec Risk Accountability Banking

article thumbnail

Phishing Benchmark Report Delivers Data, Tools to Mitigate End-User Risk

SecureWorld News

FEBRUARY 25, 2022

It also delivers robust benchmarking and insights to help you manage and mitigate user-driven phishing risks more effectively. A commissioned survey of 600 InfoSec and IT professionals across those same seven countries. Volumes and impacts organizations dealt with related to socially engineered attacks in 2021.

Phishing Risk Security Awareness Social Engineering

article thumbnail

NBlog Sept 27 - 2021 infosec budget

Notice Bored

SEPTEMBER 26, 2020

The decision to go for ISO/IEC 27001 certification, for instance, flows largely from management's appreciation of the business value of investing in information risk and security management good practices. A substantial part of information security expenditure is (whatever we may believe as professionals) discretionary.

InfoSec

InfoSec Information Security Manufacturing Risk

article thumbnail

Business Must Change: InfoSec in 2019

The Falcon's View

JANUARY 3, 2019

Consider, if you will, that fundamentally we in infosec want people to make better decisions. That's right, it's infosec. From a functional perspective, this means a few very specific things for infosec: 1) We must continue to work in a collaborative and consultative manner with everyone else in the organization.

InfoSec

InfoSec Engineering Digital transformation CISO

article thumbnail

MY TAKE: Peerlyst shares infosec intel; recognizes Last Watchdog as a top cybersecurity influencer

The Last Watchdog

OCTOBER 3, 2019

Started by infosec professionals, Peerlyst takes the characteristics of B2B communications we’ve become accustomed to on Twitter and LinkedIn and directs it toward cybersecurity. Sharing intelligence for the greater good is an essential component of making Internet-centric commerce as safe and as private as it needs to be. Talk more soon.

InfoSec

InfoSec B2B Cybersecurity Cyber Risk

article thumbnail

How to Overcome Common SSH Machine Identity Risks with Automation

Security Boulevard

JUNE 9, 2022

How to Overcome Common SSH Machine Identity Risks with Automation. Collecting Risk Intelligence. Prevent breaches by automating the collection of risk intelligence required to quickly identify and respond to SSH machine identity risks, weaknesses or security events. Better visibility for InfoSec teams. UTM Medium.

Risk

Risk Digital transformation InfoSec System Administration

article thumbnail

As SolarWinds spooks tech firms into rechecking code, some won’t like what they find

SC Magazine

JANUARY 29, 2021

If or when more attacks are uncovered, end-user organizations will need to apply the lessons learned from SolarWinds and prepare to take swift and decisive action, infosec experts agreed in a series of interviews with SC Media. Hard reality check. Of course, there can also be unexpected repercussions from performing these threat assessments.

InfoSec

InfoSec CISO Media Software

article thumbnail

Top VAPT Testing Companies

Security Boulevard

JANUARY 6, 2023

Introduction By reducing information risks and vulnerabilities, a process called information security, also referred to as infosec, protects electronic data. InfoSec […]. Data collection, organization, processing, and deletion are all included in the definition of data management.

Computers and Electronics

Computers and Electronics InfoSec Data collection Mobile

article thumbnail

Episode 205 – Google’s Camille Stewart: InfoSec’s Lack of Diversity is a Cyber Risk

The Security Ledger

FEBRUARY 26, 2021

We know that the shortage of infosec pros poses a cybersecurity risk. Episode 148: Joseph Menn on Cult of the Dead Cow also Veracode CEO Sam King on InfoSec’s Leaky Talent Pipeline. Do infosec’s racial and gender imbalances create their own kind of security risks? But what about the lack of diversity?

Cyber Risk Risk InfoSec Information Security

article thumbnail

Inside the Massive Alleged AT&T Data Breach

Troy Hunt

MARCH 18, 2024

The linked article talks about the author verifying the data with various people he knows, as well as other well-known infosec identities verifying its accuracy. That's just an unacceptable risk for which the old adage of "you cannot lose what you do not have" provides the best possible fix.

Data breaches Encryption Identity Theft InfoSec

article thumbnail

BSides Knoxville 2023 – Rob Fry – Security As A Video Game

Security Boulevard

JULY 8, 2023

Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel. Permalink The post BSides Knoxville 2023 – Rob Fry – Security As A Video Game appeared first on Security Boulevard.

CISO

CISO Education Risk InfoSec

article thumbnail

Stepping on the cracks

Notice Bored

MAY 24, 2021

T he recently-published ISO/IEC TS 27570 " Privacy guidelines for smart cities" neatly illustrates the creativity required to tackle new information risks arising from innovation in the realm of IoT, AI and short range data communications between the proliferating portable, wearable and mobile IT devices now roaming our city streets.

InfoSec

InfoSec Risk IoT Information Security

article thumbnail

"TootRoot" Mastodon vulnerabilities fixed: Admins, patch now!

Malwarebytes

JULY 10, 2023

could be at risk. There is a possibility that any security issue on such a platform could lead to specific forms of targeted harassment of at-risk communities. Unfortunately for the good folks of Infosec Exchange, the vulnerability happened to affect the Glitch fork being used by…you’ve guessed it…Infosec Exchange.

InfoSec

InfoSec Penetration Testing Media Risk

article thumbnail

Top 3 Information Security Hiring Trends for 2023

SecureWorld News

DECEMBER 16, 2022

Here are three key takeaways to keep in mind when researching for a new role in InfoSec in 2023. With 94 percent of bigger organizations looking to maximize their multi-cloud approach in the new year, there is a growing need for cloud experts to help companies adapt securely or risk being a prime target for attackers.

Information Security

Information Security InfoSec Marketing Cybersecurity

article thumbnail

Threat actors targeted Slack and Discord as the pandemic raged on

SC Magazine

APRIL 7, 2021

As defenders, we need to decide which chat applications are allowed and why, while clearly communicating to management the risks associated with each,” the researchers wrote. It leads to lower awareness of risks in sharing across communication tools. Collaborative tools proved an easy target for hackers during the pandemic.

InfoSec

InfoSec Risk Technology Malware