Accountability, Cyber Risk and InfoSec - Cyber Security Informer

MY TAKE: Peerlyst shares infosec intel; recognizes Last Watchdog as a top cybersecurity influencer

The Last Watchdog

OCTOBER 3, 2019

Started by infosec professionals, Peerlyst takes the characteristics of B2B communications we’ve become accustomed to on Twitter and LinkedIn and directs it toward cybersecurity. You can do so by submitting an email address or log in with your LinkedIn account. I’m honored to be included. It’s easy to participate on Peerlyst.

InfoSec

InfoSec B2B Cybersecurity Cyber Risk

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

Security Boulevard

DECEMBER 30, 2024

In partnership with senior executives, they need to pay close attention to the risks their companies face and the strategies those companies put in place to comply. As the rules were authorized in late 2023, we shared what we see as the implications for infosec leaders. View cyber risk as business risk.

Cybersecurity

Cybersecurity Cyber Risk CISO Risk

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. Management is required to connect the dots of cybersecurity impacts on the business.

CISO

CISO InfoSec Risk Cybersecurity

How security pros, the insurance industry, and regulators can combat ransomware

SC Magazine

APRIL 19, 2021

By some accounts, ransomware attacks increased nearly 150% in the past year, and insurance claims and costs of payments skyrocketed after having already jumped approximately 230% between 2018-19. Have insurers and infosec professionals coordinate closely on security risk metrics.

Insurance

Insurance Cyber Insurance Ransomware InfoSec

New York Financial Services Firms to Face More Cybersecurity Oversight

SecureWorld News

NOVEMBER 28, 2022

Cybersecurity programs shall limit user access privileges to information systems, limit the number of privileged accounts, at a minimum annually review all user access privileges, disable or securely configure all protocols that permit remote control of devices, and promptly terminate access following departures.

Financial Services

Financial Services Cybersecurity CISO InfoSec

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering

Social Engineering Engineering Accountability Backups

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

SecureWorld News

DECEMBER 11, 2023

The SEC announced its new cyber incident disclosure rules on July 26, 2023, when it appeared the rules were effective immediately. We covered the new rules on July 31, with some thoughts from InfoSec leaders. Immediately or not, Dec. 15 is now here, and the new rules will be in effect.

CISO

CISO Risk Government Cybersecurity

Remember GDPR? Expect another set of cyber regulations around vulnerabilities

SC Magazine

APRIL 14, 2021

Every organization should have a responsible and accountable program for reducing risk through vulnerability management. A seemingly arcane topic, every organization should have vulnerability management as top-of-mind when it comes to managing cyber risk. Why should organizations pay attention?

Government

Government Risk Information Security InfoSec

Why CISOs Are Joining 'The Great Resignation'

SecureWorld News

DECEMBER 8, 2022

The CEO of BlackFog is quoted in the post as saying, "Adapting to a fast-changing landscape is key, however, and organizations need to ensure that their security teams are given the time and resources to devote to keeping pace with the latest thinking, frameworks and innovations designed to lower their cyber risk.".

CISO

CISO Cyber Risk Cybersecurity Accountability

Global Cybersecurity Skills Gap Still Widening Despite Growing Workforce

SecureWorld News

NOVEMBER 7, 2023

With technological innovations like cloud computing, AI/ML, the Internet of Things, and more making cyber risks even more complex, qualified talent is hugely in demand. Many organizations will not have the IT budget to invest in them all, so they must be selective and critical to maximize risk reduction.

Cybersecurity

Cybersecurity Artificial Intelligence Government Risk

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

SC Magazine

FEBRUARY 8, 2021

Ultimately, he believes “this is good for businesses as, through the insurance process, they will gain better visibility into their cyber risks and measures they can deploy to keep digital operations secure and compliant to data privacy regulations.”. billion in premium. But much will rely on regulation.

Insurance

Insurance Cybersecurity Cyber Insurance Government

Spotlight Podcast: Breaking Bad Password Habits to Fight Advanced Threats

The Security Ledger

SEPTEMBER 26, 2019

In this Spotlight edition of the Security Ledger podcast, Rachel Stockton of LastPass * joins us to discuss the myriad of challenges facing companies trying to secure users' online activities, and simple solutions for busting insecure user behaviors to address threats like phishing, account takeover and more.

Passwords

Passwords Authentication InfoSec Accountability

KISS or optimise your ISO27k ISMS?

Notice Bored

APRIL 22, 2021

Third parties who take an interest in the scope and other details of the ISMS may doubt the organization's commitment to information risk management, information security, governance, compliance etc., increasing their risks of relying on the certificate.

Risk

Risk Government Accountability Cyber Risk

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

The attacker gained initial access to two employee accounts by carrying out social engineering attacks on the organization’s help desk twice. Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers.

Social Engineering

Social Engineering Engineering Accountability Backups

Cyber CEO: A Look Back at Cybersecurity in 2021

Herjavec Group

DECEMBER 15, 2021

When it comes to cyber risks, the most up-to-date cybersecurity technology or regimented program doesn’t make an organization immune to an attack. Operating with a team of individuals who are cybersecurity savvy is one of the best tools for cyber risk management. Use Best Password Practices.

Cybersecurity

Cybersecurity Digital transformation Ransomware Cyber Risk

The 11 Best GRC Tools for 2024

Centraleyes

APRIL 1, 2024

Regulators are placing greater emphasis on the extended enterprise, holding organizations accountable for the actions of their suppliers and vendors. Integrating VRM into GRC practices is essential for ensuring regulatory compliance and mitigating risks in today’s interconnected business environment.

Risk

Risk Government Artificial Intelligence Software

This Is How Twitter Reacted to a log4j Weekend

SecureWorld News

DECEMBER 13, 2021

Minecraft warned users to secure Java versions of the game: Amazon Web Services posted about the new cyber risk on its blog: "This vulnerability is severe and due to the widespread adoption of Apache Log4j, its impact is large.". Thankfully, the cyber tweets were not all doom and gloom. December 10, 2021.

InfoSec

InfoSec Cyber Risk Cybersecurity Risk

Policy development process: phase 1

Notice Bored

APRIL 12, 2021

For instance: An IT/cloud service company would probably emphasise the need to maintain adequate IT capacity and performance for its clients and for its own business operations, elaborating on the associated IT/cyber risks. COVID is a very topical illustration.

Risk

Risk Small Business Cyber Risk Healthcare

Cyber Security Informer

MY TAKE: Peerlyst shares infosec intel; recognizes Last Watchdog as a top cybersecurity influencer

Navigating the SEC’s Cybersecurity Disclosure Rules: One Year On

Trending Sources

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

How security pros, the insurance industry, and regulators can combat ransomware

New York Financial Services Firms to Face More Cybersecurity Oversight

Scattered Spider x RansomHub: A New Partnership

December 15 Marks Deadline for SEC's New Cyber Disclosure Rules

Remember GDPR? Expect another set of cyber regulations around vulnerabilities

Why CISOs Are Joining 'The Great Resignation'

Global Cybersecurity Skills Gap Still Widening Despite Growing Workforce

Safety first: Will insurance companies stall or accelerate cybersecurity progress?

Spotlight Podcast: Breaking Bad Password Habits to Fight Advanced Threats

KISS or optimise your ISO27k ISMS?

Scattered Spider x RansomHub: A New Partnership

Cyber CEO: A Look Back at Cybersecurity in 2021

The 11 Best GRC Tools for 2024

This Is How Twitter Reacted to a log4j Weekend

Policy development process: phase 1

Stay Connected