Cybersecurity and Risk - Cyber Security Informer

National Security Risks of Late-Stage Capitalism

Schneier on Security

MARCH 1, 2021

The company outsourced much of its software engineering to cheaper programmers overseas, even though that typically increases the risk of security vulnerabilities. A cybersecurity adviser for the company said that he quit after his recommendations to strengthen security were ignored.

Risk

Risk Government Marketing Software

NIST Cybersecurity Framework 2.0

Schneier on Security

MARCH 1, 2024

of the Cybersecurity Framework: The CSF 2.0, which supports implementation of the National Cybersecurity Strategy , has an expanded scope that goes beyond protecting critical infrastructure, such as hospitals and power plants, to all organizations in any sector. NIST has released version 2.0 ’s newly added Govern function.

Cybersecurity

Cybersecurity Small Business Government Risk

Security Risks of AI

Schneier on Security

APRIL 27, 2023

Stanford and Georgetown have a new report on the security risks of AI—particularly adversarial machine learning—based on a workshop they held on the topic. Many AI products are deployed without institutions fully understanding the security risks they pose.

Risk

Risk Cybersecurity Government Engineering

Roger Grimes on Prioritizing Cybersecurity Advice

Schneier on Security

OCTOBER 31, 2024

This is a good point : Part of the problem is that we are constantly handed lists…list of required controls…list of things we are being asked to fix or improve…lists of new projects…lists of threats, and so on, that are not ranked for risks. For example, we are often given a cybersecurity guideline (e.g.,

Cybersecurity

Cybersecurity Risk Authentication

IT Leadership Agrees AI is Here, but Now What?

As AI evolves, enhanced cybersecurity and hiring challenges grow. This whitepaper offers real strategies to manage risks and position your organization for success. IT leaders are experiencing rapid evolution in AI amid sustained investment uncertainty.

Cybersecurity

Billion Dollar CyberSecurity Annual Budgets Have Arrived

Joseph Steinberg

JUNE 15, 2021

Major American banks and various other parties serving them are each spending $1 Billion per year on cybersecurity, according to Bank of America’s CEO, Brian Moynihan. The post Billion Dollar CyberSecurity Annual Budgets Have Arrived appeared first on Joseph Steinberg: CyberSecurity, Privacy, & Artificial Intelligence (AI) Advisor.

Cybersecurity

Cybersecurity Artificial Intelligence Banking Insurance

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Joseph Steinberg

JULY 8, 2021

Ironically, while many larger enterprises purchase insurance to protect themselves against catastrophic levels of hacker-inflicted damages, smaller businesses – whose cyber-risks are far greater than those of their larger counterparts – rarely have adequate (or even any) coverage.

Insurance

Insurance Cyber Insurance Cybersecurity Small Business

Newsweek Op-Ed: Oversight of the Management of Cybersecurity Risks: The Skill Corporate Boards Need, But, So Often, Do Not Have

Joseph Steinberg

MAY 23, 2024

To read the piece, please see Oversight of the Management of Cybersecurity Risks: The Skill Most Corporate Boards Need, But Don’t Have on Newsweek.com. To read the piece, please see Oversight of the Management of Cybersecurity Risks: The Skill Most Corporate Boards Need, But Don’t Have on Newsweek.com.

Risk

Risk Cyber Risk Cybersecurity Artificial Intelligence

Sepio Systems: Cybersecurity Expert Joseph Steinberg Joins Advisory Board

Joseph Steinberg

NOVEMBER 17, 2021

Rockville, MD – November 17, 2021 – Sepio Systems , the leader in Zero Trust Hardware Access (ZTHA), announced today that cybersecurity expert Joseph Steinberg has joined its advisory board. Steinberg has led organizations within the cybersecurity industry for nearly 25 years and is a top industry influencer worldwide.

Cybersecurity

Cybersecurity Artificial Intelligence Government Information Security

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

In this webinar, Ronald Eddings, Cybersecurity Expert and Podcaster, will outline the interconnected relationship between SaaS apps and IT & security teams, along with several actionable solutions to overcome the new difficulties facing your organization.

Risk

New York Increases Cybersecurity Rules for Financial Companies

Schneier on Security

NOVEMBER 3, 2023

Another example of a large and influential state doing things the federal government won’t: Boards of directors, or other senior committees, are charged with overseeing cybersecurity risk management, and must retain an appropriate level of expertise to understand cyber issues, the rules say.

Cybersecurity

Cybersecurity Government Risk Banking

Risks of Evidentiary Software

Schneier on Security

JUNE 29, 2021

Over at Lawfare, Susan Landau has an excellent essay on the risks posed by software used to collect evidence (a Breathalyzer is probably the most obvious example). Bugs and vulnerabilities can lead to inaccurate evidence, but the proprietary nature of software makes it hard for defendants to examine it.

Software

Software Risk Government Engineering

ChatGPT: Hopes, Dreams, Cheating and Cybersecurity

Lohrman on Security

JANUARY 29, 2023

So what are the opportunities and risks with using this technology across different domains? ChatGPT is an AI-powered chatbot created by OpenAI.

Cybersecurity

Cybersecurity Technology Risk

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Last week, I attended an excellent briefing given by Tom Gillis, Senior Vice President and General Manager of VMware’s Networking and Advanced Security Business Group, in which he discussed various important cybersecurity-related trends that he and his team have observed. Sampling No Longer Works.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

The Importance of User Roles and Permissions in Cybersecurity Software

By only giving users access to what they need for their job, you reduce the risk of data breaches and unauthorized modifications. You should restrict access to sensitive information and systems the same way you restrict access to your house. This is known as role-based access control or RBAC. Read the eBook to learn more!

Cybersecurity

NIST Is Updating Its Cybersecurity Framework

Schneier on Security

JANUARY 30, 2023

NIST is planning a significant update of its Cybersecurity Framework. Do the proposed changes reflect the current cybersecurity landscape (standards, risks, and technologies)? The NIST Cybersecurity Framework has turned out to be an excellent resource. Are the proposed changes sufficient and appropriate?

Cybersecurity

Cybersecurity Technology Risk

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

The Last Watchdog

OCTOBER 10, 2024

It powers rapid analysis of identity exposures across organizations, VIPs and supply chains, pattern of life analysis, threat actor attribution, insider risk analysis, financial crimes research, and more. To learn more and see insights on your company’s exposed data, users can visit spycloud.com.

Risk

Risk Cybercrime Identity Theft Phishing

Securing Success: The Crucial Role of a Cybersecurity Specialist in a Growing Business

Joseph Steinberg

JANUARY 18, 2024

Securing Success: The Crucial Role of a Cybersecurity Specialist in a Growing Business Human society is increasingly dependent on computer systems and the data housed and utilized within IT (information technology) infrastructure. There is simply too much to know, too much to do, and too many developments with which to keep up.

Cybersecurity

Cybersecurity Computers and Electronics Cyber Risk Risk

How Outsourcing Cybersecurity Crashed the World’s IT: A Webinar With Columbia University Faculty

Joseph Steinberg

JULY 23, 2024

CyberSecurity Expert Witness and Board Member , Joseph Steinberg, will, tomorrow, Wednesday, July 24th, 2024, speak with the public as part of a panel of experts from Columbia University, discussing both the recent CrowdStrike-Microsoft cybersecurity incident, and the incident’s ongoing global impact.

Artificial Intelligence

Artificial Intelligence Cybersecurity Government Technology

Artificial Intelligence in Cybersecurity: Boon or Bane? – A Free Webinar With Joseph Steinberg, Author of Cybersecurity For Dummies

Joseph Steinberg

MARCH 13, 2023

While the introduction of artificial intelligence (AI) is certainly delivering many benefits to mankind, including in the realm of cybersecurity, it has also created all sorts of new risks as evildoers seek to harness AI for their illicit and harmful purposes. The post Artificial Intelligence in Cybersecurity: Boon or Bane?

Artificial Intelligence

Artificial Intelligence Cybersecurity Cyber threats Cybercrime

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

Here’s what you should know about the risks, what aviation is doing to address those risks, and how to overcome them. It is difficult to deny that cyberthreats are a risk to planes. Risks delineated Still, there have been many other incidents since. Fortunately, there are ways to address the risks.

Software

Software Risk Artificial Intelligence Engineering

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

Joseph Steinberg

JULY 20, 2022

Another important reason why we must address quantum-supremacy risks well in advance has to do with the nature of data. NIST has already begun to narrow down its list of recommended ways to address quantum’s risks to encryption – and products have already hit the market already that enable businesses to begin such transitions.

Risk

Risk Encryption Government Artificial Intelligence

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

The Last Watchdog

FEBRUARY 5, 2024

One critical issue faced by organizations that rely on Exchange Server is the risk of a corrupt Exchange Server database cropping up. Navigating new risks Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm. Here are a few ‘dos:’ •Rigorous vulnerability management.

Risk

Risk Backups Software Education

GUEST ESSAY: NIST’s Cybersecurity Framework update extends best practices to supply chain, AI

The Last Watchdog

MARCH 25, 2024

The National Institute of Standards and Technology (NIST) has updated their widely used Cybersecurity Framework (CSF) — a free respected landmark guidance document for reducing cybersecurity risk. It seeks to establish and monitor your company’s cybersecurity risk management strategy, expectations, and policy.

Cybersecurity

Cybersecurity Artificial Intelligence Risk Government

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

The Last Watchdog

APRIL 1, 2024

The technology and best practices for treating cybersecurity as a business enabler, instead of an onerous cost-center, have long been readily available. Now comes a Forrester Research report that vividly highlights why attaining and sustaining a robust cybersecurity posture translates into a competitive edge.

Cybersecurity

Cybersecurity CISO B2B Risk

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Last Watchdog

FEBRUARY 11, 2024

Related: The case for augmented reality training Because of this, cybersecurity investments and regulatory oversight are increasing at an astounding rate , especially for those in the financial services industry, bringing an overwhelming feeling to chief compliance officers without dedicated security teams. Open are slim to none.

Cyber Risk

Cyber Risk Risk Financial Services Cyber threats

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

Joseph Steinberg

DECEMBER 21, 2024

To read the piece that appeared today in The Independent , please see: Australias social media ban wont protect kids itll put them more at risk on The Independent ‘s web site.

Media

Media Artificial Intelligence Risk Government

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

In today’s digital landscape, organizations face numerous challenges when it comes to mitigating cyber risks. Here are some of the key challenges that organizations encounter in their efforts to mitigate cyber risks in the current environment. Improve overall security posture and reduce cyber risks.

Cyber Risk

Cyber Risk Risk Education Security Awareness

Are Cyber Attacks at Risk of Becoming 'Uninsurable'?

Lohrman on Security

JANUARY 8, 2023

Where will the insurance market go from here on cybersecurity coverage? There are dark clouds on the horizon as well as conflicting forecasts regarding cyber insurance in 2023 and beyond.

Cyber Insurance

Cyber Insurance Cyber Attacks Insurance Risk

Human Risk Management: The “Weakest Link” Emerges as Key to Cybersecurity

Security Boulevard

DECEMBER 19, 2024

With technology front and center in virtually all business processes, it may seem counterintuitive to suggest that todays greatest cybersecurity risks dont stem from technology, but from people.Its widely recognized that people pose the greatest risk to data and security.

Risk

Risk Cybersecurity Technology Security Awareness

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

The Last Watchdog

OCTOBER 4, 2023

The Omdia analysts called out a a handful of key proactive methodologies: Risk-Based Vulnerability Management (RBVM), Attack Surface Management (ASM), and Incident Simulation and Testing (IST). RBVM solutions don’t merely identify vulnerabilities, it quantifies and prioritizes them, making risk management more strategic.

Risk

Risk Marketing Software Network Security

From Risk Assessment to Action: Improving Your DLP Response

Security Affairs

OCTOBER 25, 2024

DLP is key in cybersecurity; a risk assessment identifies data risks, helping turn findings into real-world security improvements. Data loss prevention (DLP) is a cornerstone of any effective cybersecurity strategy. Protecting sensitive data is what cybersecurity is all about. What is a DLP Risk Assessment?

Risk

Risk Cybersecurity Data breaches Cyber threats

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

The Last Watchdog

FEBRUARY 20, 2024

While AI chatbots have cybersecurity vulnerabilities, adopting proactive measures like secure development practices and regular assessments can effectively mitigate risks. About the essayist: Zac Amos writes about cybersecurity and the tech industry, and he is the Features Editor at ReHack.

Cybersecurity

Cybersecurity Penetration Testing Authentication Social Engineering

News alert: SquareX shows how Google’s MV3 standard falls short, putting millions at risk

The Last Watchdog

OCTOBER 3, 2024

Ramachandran Vivek Ramachandran , Founder & CEO of SquareX , warned about the mounting risks: “Browser extensions are a blind spot for EDR/XDR and SWGs have no way to infer their presence. Singapore, Oct. SquareX’s research team publicly demonstrated rogue extensions built on MV3.

Risk

Risk Password Management Malware Media

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

Joseph Steinberg

DECEMBER 11, 2023

Veteran cybersecurity expert witness executive will help strengthen law enforcement capabilities to prevent, investigate, and prosecute information-age crimes. Analysts have calculated that he is among the top three cybersecurity influencers worldwide. patent filings.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Technology

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

The Last Watchdog

DECEMBER 14, 2023

Here’s the final installment of leading technologists sharing their observations about cybersecurity developments in the year that’s coming to a close — and the year to come. Last Watchdog posed two questions: •What should be my biggest takeaway from 2023, with respect to mitigating cyber risks at my organization?

Cybersecurity

Cybersecurity Marketing Encryption CISO

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

The Last Watchdog

DECEMBER 18, 2024

This shift is expected to place significant pressure on organizations that haven’t yet developed trusted data to manage risk effectively. To mitigate risks, businesses will invest in modern, privacy-enhancing technologies (PETs), such as trusted execution environments (TEEs) and fully homomorphic encryption (FHE).

Cybersecurity

Cybersecurity CISO Risk Government

Low Media Literacy: A Risk to Australia’s Cybersecurity Landscape

Tech Republic Security

AUGUST 22, 2024

Explore how low media literacy can have lingering repercussions for the tech industry in Australia.

Media

Media Risk Cybersecurity Artificial Intelligence

Newsweek Op-Ed: Banning Tik Tok And Other Chinese Apps Is Distracting Us From The Bigger Danger China Poses To American CyberSecurity

Joseph Steinberg

APRIL 25, 2023

It is hardly a secret that, for nearly 30 years, I have been warning about the danger posed to US national security by the simultaneous combination of our growing reliance on Chinese technology, and our general indifference to China’s huge technological “leaps forward” in the realm of cybersecurity.

Cybersecurity

Cybersecurity Artificial Intelligence Software Manufacturing

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

The Last Watchdog

SEPTEMBER 25, 2023

If you’re a small business looking for the secret sauce to cybersecurity, the secret is out: start with a cybersecurity policy and make the commitment to security a business-wide priority. The average cost of a cybersecurity breach was $4.45 The average cost of a cybersecurity breach was $4.45 Stay proactive.

Small Business

Small Business Cybersecurity Technology Accountability

Obligatory ChatGPT Post

Schneier on Security

DECEMBER 13, 2022

So I did, too… Write an essay in the style of Bruce Schneier on how ChatGPT will affect cybersecurity. As with any new technology, the development and deployment of ChatGPT is likely to have a significant impact on the field of cybersecurity. Seems like absolutely everyone everywhere is playing with Chat GPT.

Cyber threats

Cyber threats Technology Risk Cybersecurity

Tenable: 26,500 Cyber Vulnerabilities Risk SE Asia’s Banks

Tech Republic Security

SEPTEMBER 6, 2024

Tenable's research reveals 26,500 cyber vulnerabilities in Southeast Asia's banking and insurance sectors, exposing critical security risks.

Banking

Banking Risk Insurance Financial Services

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

The Last Watchdog

DECEMBER 12, 2023

A look back at the cybersecurity landscape in 2023 rings all-too familiar: cyber threats rapidly evolved and scaled up , just as they have, year-to-year, for the past 20 years. Eyal Benishti , CEO, IRONSCALES Benishti Generative AI (GenAI) reshaped cybersecurity in 2023. What should I be most concerned about – and focus on – in 2024?

Cybersecurity

Cybersecurity Social Engineering Cyber threats Software

CISA Order Highlights Persistent Risk at Network Edge

Krebs on Security

JUNE 15, 2023

government agency in charge of improving the nation’s cybersecurity posture is ordering all federal agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Risk

Risk VPN Internet Internet

National Security Risks of Late-Stage Capitalism

NIST Cybersecurity Framework 2.0

Trending Sources

Security Risks of AI

Roger Grimes on Prioritizing Cybersecurity Advice

IT Leadership Agrees AI is Here, but Now What?

Billion Dollar CyberSecurity Annual Budgets Have Arrived

CyberSecurity Is Not Enough: Businesses Must Insure Against Cyber Losses

Newsweek Op-Ed: Oversight of the Management of Cybersecurity Risks: The Skill Corporate Boards Need, But, So Often, Do Not Have

Sepio Systems: Cybersecurity Expert Joseph Steinberg Joins Advisory Board

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

New York Increases Cybersecurity Rules for Financial Companies

Risks of Evidentiary Software

ChatGPT: Hopes, Dreams, Cheating and Cybersecurity

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

The Importance of User Roles and Permissions in Cybersecurity Software

NIST Is Updating Its Cybersecurity Framework

News alert: SpyCloud accelerates supply chain risk analysis with new ‘IDLink’ correlation capability

Securing Success: The Crucial Role of a Cybersecurity Specialist in a Growing Business

How Outsourcing Cybersecurity Crashed the World’s IT: A Webinar With Columbia University Faculty

Artificial Intelligence in Cybersecurity: Boon or Bane? – A Free Webinar With Joseph Steinberg, Author of Cybersecurity For Dummies

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

Why Businesses Must Address Risks of Quantum Computing NOW Rather Than Wait Until Problems Arrive

GUEST ESSAY: Best practices to shrink the ever-present risk of Exchange Server getting corrupted

GUEST ESSAY: NIST’s Cybersecurity Framework update extends best practices to supply chain, AI

Best Practices Q&A: The importance of articulating how cybersecurity can be a business enabler

GUEST ESSAY: Why internal IT teams are ill-equipped to adequately address cyber risks

The Independent Op-Ed: Australia’s social media ban won’t protect kids – it’ll put them more at risk

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

Are Cyber Attacks at Risk of Becoming 'Uninsurable'?

Human Risk Management: The “Weakest Link” Emerges as Key to Cybersecurity

STEPS FORWARD Q&A: Will ‘proactive security’ engender a shift to risk-based network protection?

From Risk Assessment to Action: Improving Your DLP Response

GUEST ESSAY: Everything you should know about the cybersecurity vulnerabilities of AI chatbots

News alert: SquareX shows how Google’s MV3 standard falls short, putting millions at risk

International Association of Chiefs of Police (IACP) Appoints CyberSecurity Expert Witness Joseph Steinberg To Computer Crime & Digital Evidence Committee

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 3)

LW ROUNDTABLE: Compliance pressures intensify as new cybersecurity standards take hold

Low Media Literacy: A Risk to Australia’s Cybersecurity Landscape

Newsweek Op-Ed: Banning Tik Tok And Other Chinese Apps Is Distracting Us From The Bigger Danger China Poses To American CyberSecurity

GUEST ESSAY: A roadmap for the finance teams at small businesses to improve cybersecurity

Obligatory ChatGPT Post

Tenable: 26,500 Cyber Vulnerabilities Risk SE Asia’s Banks

LW ROUNDTABLE: Cybersecurity takeaways of 2023 — and what’s ahead in 2024 ( part 1)

CISA Order Highlights Persistent Risk at Network Edge

Stay Connected