2002, Information Security and Technology

Should the CISO Report to the CIO?

Cisco Security

JULY 1, 2021

The Chief Information Security Officer (CISO) is the organization’s senior executive in charge of the cybersecurity and the information technology risk management posture of the enterprise. Viewed another way, having the CISO report to the CIO relegates cybersecurity to an IT security, or technology, function.

CISO

CISO Technology Risk Government

International Criminal Court hit with a cyber attack

Security Affairs

SEPTEMBER 20, 2023

It was established by the Rome Statute, which entered into force on July 1, 2002. “At the end of last week, the International Criminal Court’s services detected anomalous activity affecting its information systems. The Court will not be providing further information in relation to this incident at present.”

Cyber Attacks

Cyber Attacks Hacking Technology Cybersecurity

CSO's ultimate guide to security and privacy laws, regulations, and compliance

CSO Magazine

JANUARY 28, 2021

Federal Information Security Management Act (FISMA). The Health Information Technology for Economic and Clinical Health Act (HITECH). Purpose: Enacted in 2002, the Sarbanes-Oxley Act is designed to protect investors and the public by increasing the accuracy and reliability of corporate disclosures. NERC) standards.

CSO

CSO Financial Services Consumer Protection Data privacy

Grandson of FISMA: Why We Desperately Need New Cybsersecurity Legislation from the 117th Congress

Cisco Security

AUGUST 12, 2021

The 47-page report provided significant detail to support the conclusion that “According to agency inspectors general, the average grade of the agencies’ overall information security maturity is C-.”. The two roles don’t overlap cleanly and must be separate in order to govern cybersecurity effectively.

CISO

CISO Information Security Risk Government

Episode 229: BugCrowd’s Casey Ellis On What’s Hot In Bug Hunting

The Security Ledger

NOVEMBER 3, 2021

Programs like iDefense Labs Vulnerability Contributor Program (VCP) (launched in 2002) and TippingPoint’s Zero Day Initiative (2005) were accused -at the time- of incentivizing the work of criminals and bad actors. . For those firms, bug bounty platforms have been a critical bridge to the global community of “white hat” security pros.

Software

Software Manufacturing IoT Cyber Attacks

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Each of these regulations addresses different aspects of cybersecurity and data protection, making it essential for businesses and organizations to stay informed and proactive. Recent updates to HIPAA regulations may address new technologies and evolving threats in the healthcare industry.

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

Citrix Workspace flaw can allow remote hack of devices running vulnerable app

Security Affairs

JULY 22, 2020

This vulnerability affects the following supported versions of Citrix Workspace app for Windows: Citrix Workspace app for Windows 1912 LTSR Citrix Workspace app for Windows 2002. .” Pen Test Partners also shared video proof of concept for this vulnerability. Citric has released versions 1912 LTSR CU1 and 2006.1

Hacking

Hacking Advertising Accountability Technology

MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’

The Last Watchdog

MAY 3, 2024

Org overhaul As Todd reports, not only is Microsoft basing a portion of senior executive compensation on progress toward security goals, it also will install deputy chief information security officers (CISOs) in each product group,and bring together teams from its major platforms and product teams in “engineering waves” to overhaul security.

Software

Software Engineering Internet Internet

How to Comply with the U.S. Federal Trade Commission’s (FTC) revised Safeguards Rule

CyberSecurity Insiders

MARCH 28, 2023

Understanding the FTC Safeguards Rule The FTC Safeguards Rule is a set of regulations that require covered financial institutions to develop, implement, and maintain an information security program designed to protect customer information. What is the FTC Safeguards Rule? Implementation of multi-factor authentication.

Data breaches

Data breaches Authentication Risk Phishing

A people counter that didn’t add up and the dangers of the COVID IoT boom

SC Magazine

FEBRUARY 4, 2021

But the rush to purchase these devices, and fly-by-night operators to bring them to market, means security can fall to the wayside. According to its website, the London-headquartered firm has been operating since 2002 and counts a wide range of users, from L’Occitane to Levis, casinos to libraries.

IoT

IoT Media Marketing Retail

FISMA vs. FedRAMP in Government Cybersecurity

Centraleyes

MAY 2, 2024

Doing business with Uncle Sam involves navigating the complex landscape of government compliance, including FISMA (Federal Information Security Management Act) and FedRAMP (Federal Risk and Authorization Management Program). Enacted in 2002, FISMA represented a shift in how the U.S. government approached information security.

Government

Government Cybersecurity Information Security Risk

Identity-based Cryptography

Thales Cloud Protection & Licensing

SEPTEMBER 26, 2019

For more information, please visit our Horizons research website. Horizons explores and prototypes new data security technologies and techniques, particularly in distributed cloud environments. Findings are shared publicly, whenever possible, to further the advancement of the information security community.

Encryption

Encryption Government Authentication Technology

How the FTC’s Amendments to the Safeguards Rule Affects Auto Dealerships

Duo's Security Blog

JUNE 28, 2022

Most importantly, it means they must be in compliance with several new rules to protect consumer information by December 2022. And one of the few security technologies that is specifically called out by the FTC is multi-factor authentication (MFA). How does MFA fit into an information security program?

Authentication

Authentication Financial Services Technology Information Security

As market for cyber insurance booms, watchdog calls for better data

SC Magazine

MAY 24, 2021

In a report released May 20, the Government Accountability Office looked at how the private cybersecurity insurance market has developed over the past five yearsRich Baich is global chief information security officer for insurance giant AIG. Photo by Spencer Platt/Getty Images).

Cyber Insurance

Cyber Insurance Insurance Marketing Cyber Risk

Jeff Moss on the Evolution of Hacking at SecTor 2021

ForAllSecure

NOVEMBER 3, 2021

In the dot.com era, 1994-2002, this was the time of the commercial internet, the rise of search engines, and internet browsers. Moss noted that security people he'd known for years were started getting salaried jobs … and started using their legal names. He said security work is that like that. It will have social impact.

Hacking

Hacking InfoSec Internet Internet

AI Regulation in Finance: Steering the Future with Consumer Protection at the Helm

Centraleyes

MAY 8, 2024

The financial industry is experiencing a gold rush of sorts with the integration of Artificial Intelligence (AI) technologies. Data Privacy Data privacy concerns arise when sensitive financial information is collected, processed, or shared without proper consent or protection measures.

Consumer Protection

Consumer Protection Banking Financial Services Government

FISMA Compliance: A Complete Guide to Navigating Low, Moderate, and High Levels

Centraleyes

APRIL 22, 2024

The Federal Information Security Modernization Act (FISMA) establishes a comprehensive strategy for enhancing the cybersecurity posture of federal agencies. Department of Commerce responsible for developing and promoting standards and guidelines to enhance the security and interoperability of information systems.

Risk

Risk Information Security Encryption Authentication

ChatGPT: Cybersecurity friend or foe?

Malwarebytes

MAY 21, 2023

” But the security community and other technology leaders have started raising the alarm, worried about the program’s potential to write malware and spread mis- and disinformation. Security pros of ChatGPT AI can be a powerful tool for cybersecurity and information technology professionals.

Cybersecurity

Cybersecurity Artificial Intelligence Social Engineering Engineering

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

VAMOSI: Here’s former US Attorney General John Ashcroft in 2002. the whole system and some of the FBI in general, you know, like, I think that the way that they treat people just in the information security community is a little I don't know, it's entitled. And so that's kind of my angst against that.

Hacking

Hacking Media InfoSec Internet

The Hacker Mind Podcast: What Star Wars Can Teach Us About Threat Modeling

ForAllSecure

JANUARY 22, 2023

Having a common framework around vulnerabilities, around threats , helps us understand the information security landscape better. Literally, how the rebellion fighting the Empire has echoes in how we approach and mitigate information security threats. In a moment, we’ll find out. SHOSTACK: So I'm Adam Shostack.

Engineering

Engineering Technology Information Security Authentication

Cyber Security Informer

Should the CISO Report to the CIO?

International Criminal Court hit with a cyber attack

Trending Sources

CSO's ultimate guide to security and privacy laws, regulations, and compliance

Grandson of FISMA: Why We Desperately Need New Cybsersecurity Legislation from the 117th Congress

Episode 229: BugCrowd’s Casey Ellis On What’s Hot In Bug Hunting

2024 Cybersecurity Laws & Regulations

Citrix Workspace flaw can allow remote hack of devices running vulnerable app

MY TAKE: Is Satya Nadella’s ‘Secure Future Initiative’ a deja vu of ‘Trustworthy Computing?’

How to Comply with the U.S. Federal Trade Commission’s (FTC) revised Safeguards Rule

A people counter that didn’t add up and the dangers of the COVID IoT boom

FISMA vs. FedRAMP in Government Cybersecurity

Identity-based Cryptography

How the FTC’s Amendments to the Safeguards Rule Affects Auto Dealerships

As market for cyber insurance booms, watchdog calls for better data

Jeff Moss on the Evolution of Hacking at SecTor 2021

AI Regulation in Finance: Steering the Future with Consumer Protection at the Helm

FISMA Compliance: A Complete Guide to Navigating Low, Moderate, and High Levels

ChatGPT: Cybersecurity friend or foe?

The Hacker Mind Podcast: Hacking Real World Criminals Online

The Hacker Mind Podcast: What Star Wars Can Teach Us About Threat Modeling

Stay Connected