Education, InfoSec and Risk - Cyber Security Informer

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

SecureWorld News

FEBRUARY 5, 2025

The State of Cybersecurity in Canada 2025 report, published by the Canadian Cybersecurity Network (CCN) and the Security Architecture Podcast , delivers an in-depth analysis of the evolving threat landscape, emerging risks, and strategic recommendations for Canadian organizations. Key findings: the cyber threat landscape in 2025 1.

InfoSec

InfoSec Energy and Utilities Cybersecurity Education

BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty

Security Boulevard

JULY 13, 2023

Permalink The post BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty appeared first on Security Boulevard. Our thanks to BSides Knoxville for publishing their presenter’s outstanding BSides Knoxville 2023 content on the organizations’ YouTube channel.

Education

Education Risk Architecture CISO

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. The Other: This ruling won't move the needle for some organizations who believe that cyberattacks won't happen to them.

CISO

CISO InfoSec Risk Cybersecurity

Purdue University’s CERIAS 2022 Security Seminars – Bob Gourley’s ‘The Metaverse: Infinite Attack Surface And Boundless Risk’

Security Boulevard

APRIL 10, 2022

Our thanks to Purdue University’s The Center for Education and Research in Information Assurance and Security (CERIAS) for publishing their outstanding security seminars, symposiums, talks, and presentations on the Schools’ YouTube channel.

Risk

Risk Education InfoSec Cybersecurity

Why Is Shadow IT a Growing Cybersecurity Risk?

SecureWorld News

AUGUST 13, 2023

Whatever the reason, shadow IT can pose a serious security risk to organizations. This means that they are more vulnerable to attack, and any data stored on them is at risk. This means that they are more vulnerable to attack, and any data stored on them is at risk. What can organizations do mitigate the risks of shadow IT?

Risk

Risk Cybersecurity Education Technology

Orca Security Launches Industry’s First Cloud Risk Encyclopedia to Provide Ongoing Education for Cloud Security Best Practices

CyberSecurity Insiders

FEBRUARY 2, 2022

.–( BUSINESS WIRE )–Orca Security, the cloud security innovation leader, today launched the Orca Cloud Risk Encyclopedia to serve as a global resource for practitioners and researchers throughout the InfoSec community. Cloud Security and Transparency in Cybersecurity Resources: About the Orca Cloud Risk Encyclopedia.

Education

Education Risk InfoSec Cybersecurity

BSides Berlin 2021 – Vasant Chinnipilli’s ‘Rooting Out Security Risks Lurking In Your CI-CD Pipelines’

Security Boulevard

JANUARY 9, 2022

The post BSides Berlin 2021 – Vasant Chinnipilli’s ‘Rooting Out Security Risks Lurking In Your CI-CD Pipelines’ appeared first on Security Boulevard. Our thanks to BSides Berlin for publishing their tremendous videos from the BSides Berlin 2021 Conference on the organization’s’ YouTube channel.

Risk

Risk Education InfoSec Information Security

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

The Security Ledger

APRIL 2, 2021

The post Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges appeared first on The. Fixing InfoSec Demands Scale, Diversity. We also talk about her latest project: a children’s book to educate kids about basic cyber security concepts. . Read the whole entry. »

InfoSec

InfoSec CISO Information Security Cyber Risk

3 Essential Measures to Mitigate the Risk from Follina — A New Windows Zero-Day Actively Exploited in the Wild

CyberSecurity Insiders

JUNE 18, 2022

Last week the infosec community was hit with news about a new Windows 0-day vulnerability, Follina. Therefore, mitigating the risk from this vulnerability requires a comprehensive approach. Educate your users about sophisticated phishing emails. Mike Walters, President and Co-founder of Action1.

Risk

Risk Phishing InfoSec Antivirus

News Alert: INE Security lays out strategies for optimizing security teams to mitigate AI risks

The Last Watchdog

JUNE 21, 2024

INE Security , a leading global cybersecurity training and cybersecurity certification provider, predicts large language model (LLM) applications like chatbots and AI-drive virtual assistants will be at particular risk. Optimization strategies Incorporate structured team training programs.

Risk

Risk Technology Cyber threats Cybersecurity

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Hot for Security

FEBRUARY 16, 2021

Because modern seismic stations are now implemented as an Internet-of-Things (IoT) station – and just as insecure as any other IoT device – Samios and his colleagues were able to identify threats to the equipment that infosec pros typically find in common IoT gear, from smart doorbells to security cams.

IoT

IoT InfoSec Data collection Encryption

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

CyberSecurity Insiders

FEBRUARY 1, 2022

BOSTON–( BUSINESS WIRE )– CyberSaint , the developer of the leading platform delivering cyber risk automation, today announced that the company is seeking speaker submissions for its virtual STRONGER conference, set to occur September 13th-15th 2022. Conference Tracks: Frameworks, Security, & Risk. InfoSec 360.

Digital transformation

Digital transformation InfoSec CISO Education

Purdue University’s CERIAS 2021 Security Symposium – Gideon Rasmussen’s ‘Adaptive Cybersecurity Risk Assessments’

Security Boulevard

MARCH 24, 2022

Our thanks to Purdue University’s The Center for Education and Research in Information Assurance and Security (CERIAS) for publishing their illuminating security symposiums, seminars, talks, and presentations on the Schools’ YouTube channel.

Risk

Risk Cybersecurity Education InfoSec

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Below is our esteemed panel of SC Awards judges, contributing from health care, engineering, finance, education, manufacturing, nonprofit and consulting, among others. Cedric Leighton is founder and president of Cedric Leighton Associates, a strategic risk and leadership management consultancy. He retired as a colonel in 2010.

Computers and Electronics

Computers and Electronics Technology Information Security Education

BSides Vancouver 2021 – Vivek Ponnada’s ‘Is The Power Grid A Huge Cybersecurity Risk?’

Security Boulevard

JULY 19, 2021

The post BSides Vancouver 2021 – Vivek Ponnada’s ‘Is The Power Grid A Huge Cybersecurity Risk?’ Our thanks to BSides Vancouver for publishing their outstanding BSides Vancouver 2021 Conference videos on the groups' YouTube channel. ’ appeared first on Security Boulevard.

Risk

Risk Cybersecurity Education InfoSec

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

The Security Ledger

MAY 16, 2024

In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. Read the whole entry. »

CSO

CSO Risk Energy and Utilities Social Engineering

(ISC)2 Study: Cybersecurity Industry Facing 3.4 Million Shortfall in Workers

SecureWorld News

OCTOBER 20, 2022

Nearly 70% of the InfoSec workforce say their organizations' cybersecurity teams are understaffed. The shortage is particularly severe in aerospace, government, education, insurance and transportation," the study cites. "A And that risk increases substantially when organizations have a significant staffing shortage.".

Cybersecurity

Cybersecurity InfoSec Financial Services Insurance

New York Financial Services Firms to Face More Cybersecurity Oversight

SecureWorld News

NOVEMBER 28, 2022

Require the CISO to report, in a timely manner, to the board on material cybersecurity issues, including updates to a company's risk assessment or major cybersecurity events. Have Infosec certifications and passion for #cyber and #dataprivacy. It's a core responsibility of the board and management team.".

Financial Services

Financial Services Cybersecurity CISO InfoSec

Business Must Change: InfoSec in 2019

The Falcon's View

JANUARY 3, 2019

Consider, if you will, that fundamentally we in infosec want people to make better decisions. That's right, it's infosec. From a functional perspective, this means a few very specific things for infosec: 1) We must continue to work in a collaborative and consultative manner with everyone else in the organization.

InfoSec

InfoSec Engineering Digital transformation CISO

Hi-5 With A CISO Mário Fernandes, Banco BPI

Security Boulevard

MAY 30, 2021

CybeReady’s Hi-5 brings together InfoSec leaders for peer-to-peer sharing via five short questions and insights. Mário João Fernandes, born and raised in Mozambique, has been working in the banking sector for 29 years and has been fulfilling dedicated security roles in the cybersecurity space for over 11 years.

CISO

CISO InfoSec Banking Cybersecurity

BSides Perth 2021 -Cairo Malet & ‘Risk OT for the BiscOT’

Security Boulevard

FEBRUARY 8, 2022

The post BSides Perth 2021 -Cairo Malet & ‘Risk OT for the BiscOT’ appeared first on Security Boulevard. Many thanks to BSides Perth for publishing their tremendous videos from the BSides Perth 2021 Conference on the organization’s YouTube channel.

Risk

Risk Education InfoSec Information Security

NBlog Aug 8 - musing on ISO/IEC 27014 & infosec governance

Notice Bored

AUGUST 7, 2020

This will support the delivery of security education, training and awareness programs. Aside from those that are literally unworkable and unenforceable, an unenforced policy can be a liability, a risk at least. One way to address this issue is to separate out and bolster the compliance, oversight and assurance activities.

Government

Government InfoSec Information Security Accountability

BSides Vancouver 2021 – Rose’s ‘The Overlooked Security Risk: 3rd Party Risk Management’

Security Boulevard

JULY 27, 2021

The post BSides Vancouver 2021 – Rose’s ‘The Overlooked Security Risk: 3rd Party Risk Management’ appeared first on Security Boulevard. Our thanks to BSides Vancouver for publishing their outstanding BSides Vancouver 2021 Conference videos on the groups' YouTube channel.

Risk

Risk Education InfoSec Information Security

Inflation Is Making Cybersecurity Even More Challenging for Leaders

SecureWorld News

OCTOBER 19, 2023

Increased risk of cyberattacks The rising cost of living can lead to an increase in cybercrime, as people become more desperate to make money. Economic effects, including inflationary pressures, have had a broad impact across the InfoSec landscape," Smeaton said. Investing in security awareness training has a bottom line impact.

Cybersecurity

Cybersecurity CISO Education Phishing

Purdue University’s CERIAS 2021 Security Symposium – Randall Brooks’ ‘Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

Security Boulevard

APRIL 3, 2022

Our thanks to Purdue University’s The Center for Education and Research in Information Assurance and Security (CERIAS) for publishing their illuminating security symposiums, seminars, talks, and presentations on the Schools’ YouTube channel.

Technology

Technology Risk Education InfoSec

BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’

Security Boulevard

JUNE 24, 2021

Enjoy the Education! The post BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’ appeared first on Security Boulevard.

CISO

CISO Risk Education InfoSec

Thrive today with not just being smart but being cyber smart

CyberSecurity Insiders

SEPTEMBER 21, 2021

Every device you use, the app you download, the bit of information you share, or the message you open comes with a certain amount of risk. Enlist passionate people across all areas of the organization and not just the IT team to champion security, model best practices, support infosec events and campaigns, and continually raise awareness.

Threat Detection

Threat Detection InfoSec Wireless Firewall

As SolarWinds spooks tech firms into rechecking code, some won’t like what they find

SC Magazine

JANUARY 29, 2021

If or when more attacks are uncovered, end-user organizations will need to apply the lessons learned from SolarWinds and prepare to take swift and decisive action, infosec experts agreed in a series of interviews with SC Media. Department of Education. “No No one wants to be patient zero.”. Hard reality check.

InfoSec

InfoSec CISO Media Software

EDRi PrivacyCamp22 – ‘Drawing A (Red) Line In The Sand: On Bans, Risks And The EU AI Act’

Security Boulevard

MARCH 2, 2022

The post EDRi PrivacyCamp22 – ‘Drawing A (Red) Line In The Sand: On Bans, Risks And The EU AI Act’ appeared first on Security Boulevard. Sincere thanks to EDRi (European Digital Rights) for publishing their phenomenal videos from the EDRi PrivacyCamp22 Conference on the organization’s YouTube channel.

Risk

Risk Education InfoSec Information Security

Minorities and the Cybersecurity Skills Gap: A 2024 Update

SecureWorld News

JUNE 2, 2024

Factors such as limited access to education and training, lack of mentorship and role models, and systemic racism were identified as key contributors to this disparity. Systemic racism continues to create barriers for individuals from marginalized communities, limiting their access to educational opportunities and career advancement.

Cybersecurity

Cybersecurity Education Artificial Intelligence Social Engineering

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

Herjavec Group

MAY 19, 2022

No matter how many firewalls or network controls you have in place, the risk of insider threat will always be present. Build security awareness training modules to educate your employees on how to spot phishing emails or business-related scams.

Penetration Testing

Penetration Testing Social Engineering Cybercrime InfoSec

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) called buffer overflow vulnerabilities unforgivable defects that put national and economic security at risk. Enhance efforts to educate individuals and organizations about online safety, cyber best practices and cyber incident reporting.

Banking

Banking Cybercrime Cybersecurity Ransomware

CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

Security Boulevard

APRIL 5, 2021

Enjoy and Be Educated Simultaneously! The post CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’ appeared first on Security Boulevard.

Technology

Technology Risk Education InfoSec

Security Awareness Training and Human Risk Management Company AwareGO Achieves Year of Outstanding Growth

CyberSecurity Insiders

FEBRUARY 3, 2022

SAN ANTONIO–( BUSINESS WIRE )–Security Awareness Training and Human Risk Management company AwareGO today announced company milestones achieved and overall performance for 2021, including record year-over-year online revenue growth of 219%, enterprise revenue growth of 156%, and total revenue growth of 116%. About AwareGO.

Security Awareness

Security Awareness Risk Marketing InfoSec

Quantum Computing: A Looming Threat to Organizations and Nation States

SecureWorld News

SEPTEMBER 7, 2023

The panel will tackle topics and questions, including: The potential risks quantum computing poses to current cryptographic methods. When will these risks come to fruition, and who are the main threat actors? Director of Information Security, State of Colorado Governor's Office of Information Technology; and Toby Zimmerer, Sr.

Encryption

Encryption Technology Risk Architecture

USENIX Security ’22 -Ren Pang, Zhaohan Xi, Shouling Ji, Xiapu Luo, Ting Wang – ‘On the Security Risks of AutoML’

Security Boulevard

APRIL 5, 2023

Permalink The post USENIX Security ’22 -Ren Pang, Zhaohan Xi, Shouling Ji, Xiapu Luo, Ting Wang – ‘On the Security Risks of AutoML’ appeared first on Security Boulevard. Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Security ’22 Conference content on the organization’s’ YouTube channel.

Risk

Risk Education InfoSec Cybersecurity

Cyber CEO: 3 Tips For Developing a Culture of Security-Driven Business

Herjavec Group

JUNE 24, 2021

I’ve said it before and I’ll say it again – your business must take an integrated, full team approach to infosec. The simple fact is, lack of awareness – for any number of reasons like lack of training, burnout, or multi-tasking – creates security risk. . But it shouldn’t just stop there! To Your Success , .

InfoSec

InfoSec Cybersecurity Education Cybercrime

CPDP 2021 – Moderator: Moderator: Frederik Zuiderveen Borgesius ‘Artificial Intelligence And Discrimination Risks In The Health Sector’

Security Boulevard

APRIL 24, 2021

The post CPDP 2021 – Moderator: Moderator: Frederik Zuiderveen Borgesius ‘Artificial Intelligence And Discrimination Risks In The Health Sector’ appeared first on Security Boulevard.

Artificial Intelligence

Artificial Intelligence Risk Education InfoSec

NIST hints at upgrades to its system for scoring a phish’s deceptiveness

SC Magazine

FEBRUARY 18, 2021

Understanding the detection difficulty helps phishing awareness training implementers in two primary ways,” said Jody Jacobs, infosec specialist at NIST, in a session held last Tuesday at the Messaging, Malware and Mobile Anti-Abuse Working Group (M3AAWG)’s 51’s General Meeting. their organization faces.”.

Phishing

Phishing Mobile Security Awareness Media

Security BSides London 2021 – Ciara Campbell’s ‘Think Zero Days Are Your Your Biggest Risk – Think Again’

Security Boulevard

JANUARY 14, 2022

The post Security BSides London 2021 – Ciara Campbell’s ‘Think Zero Days Are Your Your Biggest Risk – Think Again’ appeared first on Security Boulevard.

Risk

Risk Education InfoSec Information Security

Security Awareness Success: Three Things to Consider

SecureWorld News

MARCH 4, 2021

What is the longest amount of time users can go without security education without it impacting their knowledge and skills? Four months, according to a German study of phishing awareness and education over time. Users' Response to Consequence Model based on a seven-country survey of 600 InfoSec professionals.

Security Awareness

Security Awareness Phishing Education InfoSec

7 Best Attack Surface Management Software for 2024

eSecurity Planet

DECEMBER 20, 2023

Attack surface management aims to automate the process of discovering, assessing, and prioritizing vulnerabilities and third-party, digital supply chain, and cloud risks. It addresses both internal and external (EASM) risks. CAASM (cyber asset ASM) and DRPS (digital risk protection) are also related terms and elements of ASM.

Software

Software Risk Architecture Internet

Personal Cybersecurity Concerns for 2023

Security Through Education

JANUARY 18, 2023

We can benefit from these the most if we are aware of the possible risks and take measures to use them wisely. Stay educated, implement security recommendations, stay safe. At Social-Engineer LLC, our purpose is to bring education and awareness to all users of technology. Impersonation Scams. Rosa Rowles.

Cybersecurity

Cybersecurity Social Engineering Scams IoT

Introducing Behavioral Information Security

The Falcon's View

AUGUST 29, 2017

There is already a well-established sub-field within information security (infosec) known as " Behavioral Information Security." Going forward, I believe that organizations and standards should stop listing "security awareness" as a single line item requirement, and instead pivot to the expanding domain of "behavioral infosec."

Information Security

Information Security InfoSec Social Engineering Security Awareness

State of Cybersecurity in Canada 2025: Key Insights for InfoSec Leaders

BSides Knoxville 2023 – Sara Anstey – Educating Your Guesses: How To Quantify Risk and Uncertainty

Trending Sources

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Purdue University’s CERIAS 2022 Security Seminars – Bob Gourley’s ‘The Metaverse: Infinite Attack Surface And Boundless Risk’

Why Is Shadow IT a Growing Cybersecurity Risk?

Orca Security Launches Industry’s First Cloud Risk Encyclopedia to Provide Ongoing Education for Cloud Security Best Practices

BSides Berlin 2021 – Vasant Chinnipilli’s ‘Rooting Out Security Risks Lurking In Your CI-CD Pipelines’

Episode 209: Fortinet’s Renee Tarun on Scaling InfoSec To Meet Tomorrow’s Challenges

3 Essential Measures to Mitigate the Risk from Follina — A New Windows Zero-Day Actively Exploited in the Wild

News Alert: INE Security lays out strategies for optimizing security teams to mitigate AI risks

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

CyberSaint STRONGER 2022 Conference Call for Speakers is Open!

Purdue University’s CERIAS 2021 Security Symposium – Gideon Rasmussen’s ‘Adaptive Cybersecurity Risk Assessments’

Meet the 2021 SC Awards judges

BSides Vancouver 2021 – Vivek Ponnada’s ‘Is The Power Grid A Huge Cybersecurity Risk?’

Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk

(ISC)2 Study: Cybersecurity Industry Facing 3.4 Million Shortfall in Workers

New York Financial Services Firms to Face More Cybersecurity Oversight

Business Must Change: InfoSec in 2019

Hi-5 With A CISO Mário Fernandes, Banco BPI

BSides Perth 2021 -Cairo Malet & ‘Risk OT for the BiscOT’

NBlog Aug 8 - musing on ISO/IEC 27014 & infosec governance

BSides Vancouver 2021 – Rose’s ‘The Overlooked Security Risk: 3rd Party Risk Management’

Inflation Is Making Cybersecurity Even More Challenging for Leaders

Purdue University’s CERIAS 2021 Security Symposium – Randall Brooks’ ‘Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

BSides Tampa 2021 -Michael Melore’s, Hussein Syed’s, Charles Gagnon’s And Timothy Swope’s ‘CISO Panel, Managing Organizational Risk During A World Pandemic’

Thrive today with not just being smart but being cyber smart

As SolarWinds spooks tech firms into rechecking code, some won’t like what they find

EDRi PrivacyCamp22 – ‘Drawing A (Red) Line In The Sand: On Bans, Risks And The EU AI Act’

Minorities and the Cybersecurity Skills Gap: A 2024 Update

Cyber CEO – Cyber Hygiene is More Critical for Your Business Now Than Ever Before – Here’s Why

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

CERIAS – Randall Brooks’ Cyber Supply Chain Risk Management (SCRM) And Its Impact On Information And Operational Technology’

Security Awareness Training and Human Risk Management Company AwareGO Achieves Year of Outstanding Growth

Quantum Computing: A Looming Threat to Organizations and Nation States

USENIX Security ’22 -Ren Pang, Zhaohan Xi, Shouling Ji, Xiapu Luo, Ting Wang – ‘On the Security Risks of AutoML’

Cyber CEO: 3 Tips For Developing a Culture of Security-Driven Business

CPDP 2021 – Moderator: Moderator: Frederik Zuiderveen Borgesius ‘Artificial Intelligence And Discrimination Risks In The Health Sector’

NIST hints at upgrades to its system for scoring a phish’s deceptiveness

Security BSides London 2021 – Ciara Campbell’s ‘Think Zero Days Are Your Your Biggest Risk – Think Again’

Security Awareness Success: Three Things to Consider

7 Best Attack Surface Management Software for 2024

Personal Cybersecurity Concerns for 2023

Introducing Behavioral Information Security

Stay Connected