InfoSec, Risk, Security Awareness and Technology

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Security Boulevard

MAY 20, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. Dmitriy Sokolovskiy has been working in the cybersecurity space for over 14 years in dedicated security roles, in addition to 9 more years working in various IT areas.

CISO

CISO Technology InfoSec Information Security

Security in software development

Notice Bored

JULY 21, 2022

The customer is apparently seeking guidance on integrating infosec into the development process, which begs the question "Which development process?". Reducing the problem to its fundamentals, there is a desire to end up with software/systems that are 'adequately secure', meaning no unacceptable information risks remain.

Software

Software Risk InfoSec Security Awareness

Inflation Is Making Cybersecurity Even More Challenging for Leaders

SecureWorld News

OCTOBER 19, 2023

Increased risk of cyberattacks The rising cost of living can lead to an increase in cybercrime, as people become more desperate to make money. Too many folks focus on the technology as opposed to the people or process. Investing in security awareness training has a bottom line impact.

Cybersecurity

Cybersecurity CISO Education Phishing

The discomfort zone

Notice Bored

JULY 4, 2022

I feel more confident about the underlying generic principles of risk, compliance, conformity, obligations, accountabilities, assurance and controls though, and have the breadth of work and life experience to appreciate the next point. The mind map is a brief glimpse of the landscape, as I see it. All requirements?! Documented! Maintained!

Risk

Risk Accountability InfoSec CISO

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

With a career spanning two decades as a technology provider to businesses and government agencies, Levine brings a strategic and pragmatic approach to building secure software and cloud services without disrupting product velocity. Since founding Cedric Leighton Associates, he has become an internationally known strategic risk expert.

Computers and Electronics

Computers and Electronics Technology Education Information Security

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

Herjavec Group

MAY 19, 2022

No matter how many firewalls or network controls you have in place, the risk of insider threat will always be present. So it should go without saying that enterprise security programs should be built with this in mind ! Implement the right tools, processes, and technology – based on the needs of your organization.

Penetration Testing

Penetration Testing Social Engineering Cybercrime InfoSec

The Quest for Optimal Security

The Falcon's View

AUGUST 6, 2018

There's no shortage of guidance available today about how to structure, build, and run a security program. Most guidance comes from a standpoint of inherent bias, whether it be to promote a product class, specific framework/standard, or to best align with specific technologies (legacy/traditional infrastructure, cloud, etc.).

InfoSec

InfoSec Risk Architecture Security Awareness

NIST hints at upgrades to its system for scoring a phish’s deceptiveness

SC Magazine

FEBRUARY 18, 2021

Officials from the National Institute of Standards and Technology (NIST) this week teased future improvements to the agency’s recently introduced “Phish Scale” measurement system, which helps companies determine whether phishing emails are hard or easy for their employees to detect. their organization faces.”.

Phishing

Phishing Mobile Security Awareness Media

Zero-Trust Network Access: Why so Many Teams Get it Wrong

Security Boulevard

MARCH 18, 2024

Zero-trust encompasses a variety of technologies, from strong identity systems to microsegmentation. The post Zero-Trust Network Access: Why so Many Teams Get it Wrong appeared first on Security Boulevard. Why are so many organizations getting it wrong?

Technology

Technology Data privacy Security Awareness InfoSec

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

SecureWorld News

MAY 16, 2023

The city has a more established IT setup, including a full-time IT director, which many of the smaller towns lack, according to this Government Technology article. We use this type of model for our 'Whole of State' approach to security in North Dakota," says Michael Gregg, CISO for the State of North Dakota. This is a great approach.

Cybersecurity

Cybersecurity Insurance Cyber Risk CISO

Story of the year: the impact of AI on cybersecurity

SecureList

DECEMBER 11, 2023

In the whirlwind of technological advancements and societal transformations, the term “AI” has undoubtedly etched itself into the forefront of global discourse. As the fast-growing technology evolves, it has become a matter of policy making and regulation.

Cybersecurity

Cybersecurity Artificial Intelligence Technology Risk

NBlog Aug 23 - ISMS comms plan

Notice Bored

AUGUST 23, 2020

on security awareness which is already in the plan anyway: maybe we should mention A.7.2.2 Ben Woelk, program manager for the Information Security Office at Rochester Institute of Technology, has published a detailed ISO comms plan - 16 pages laying out all the things they planned to communicate as part of their ISMS.

Information Security

Information Security Security Awareness Security Performance Risk

Introducing Behavioral Information Security

The Falcon's View

AUGUST 29, 2017

For those unfamiliar with Fogg's work, he started out doing research on Persuasive Technology back in the 90s, which has become the basis for most modern uses of technology to influence people (for example, use of Facebook user data to influence the 2016 US Presidential Election). Well, low-and-behold, it already exists!

Information Security

Information Security InfoSec Social Engineering Security Awareness

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

SC Magazine

MARCH 2, 2021

House Oversight and Homeland Security committees last week, SolarWinds’s former and current CEOs blamed an intern for creating a weak FTP server password and leaking it on GitHub – an act which may or may not have contributed to a supply chain hack that impacted users of the tech firm’s Orion IT performance monitoring platform.

Passwords

Passwords Password Management CISO InfoSec

Cyber Security Informer

Hi-5 With A CISO Dmitriy Sokolovskiy, Avid Technology

Security in software development

Trending Sources

Inflation Is Making Cybersecurity Even More Challenging for Leaders

The discomfort zone

Meet the 2021 SC Awards judges

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

The Quest for Optimal Security

NIST hints at upgrades to its system for scoring a phish’s deceptiveness

Zero-Trust Network Access: Why so Many Teams Get it Wrong

Seven Massachusetts Cities Join Forces to Bolster Cybersecurity Posture

Story of the year: the impact of AI on cybersecurity

NBlog Aug 23 - ISMS comms plan

Introducing Behavioral Information Security

SolarWinds blaming intern for leaked password is symptom of ‘security failures’

Stay Connected