Event, Information Security and InfoSec

Thinking About the Future of InfoSec (v2022)

Daniel Miessler

MARCH 20, 2022

I’m starting a new series with this 2022 edition where I think about what Information Security could or should look like in the distant future—say in 2050. The ideas will cover multiple aspects of InfoSec, from organizational structure to technology. Org Structure. Technology. Regulation. Automation / AI.

InfoSec

InfoSec Insurance Technology Engineering

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Joseph Steinberg

JUNE 10, 2022

Last week, I attended an excellent briefing given by Tom Gillis, Senior Vice President and General Manager of VMware’s Networking and Advanced Security Business Group, in which he discussed various important cybersecurity-related trends that he and his team have observed.

Cybersecurity

Cybersecurity Artificial Intelligence CISO Wireless

CTO of Center for Internet Security Expounds on Transforming InfoSec

SecureWorld News

NOVEMBER 9, 2022

Don't miss Kathleen Moriarty's complete presentation, as well as those of other cybersecurity leaders, at our upcoming digital events. Attendance is free and can earn 5 CPE credits. See more and register at the links below: Texas virtual conference on Thursday, Nov. West Coast virtual conference on Thursday, Dec.

InfoSec

InfoSec Internet Internet Encryption

Alyssa Miller: Charting the Course Through InfoSec and Aviation

Security Boulevard

MARCH 24, 2024

They discuss the challenges within the cybersecurity industry, including the transition to cloud computing and the neglect […] The post Alyssa Miller: Charting the Course Through InfoSec and Aviation appeared first on Shared Security Podcast.

InfoSec

InfoSec Social Engineering Engineering Cybersecurity

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. For sanity, manage to a written information security policy.

CISO

CISO InfoSec Risk Cybersecurity

Topic-specific policy 6/11: information security incident management

Notice Bored

OCTOBER 18, 2021

I'm intrigued by the title of this topic-specific policy from the [draft] 3rd edition of ISO/IEC 27002 , being the only one of eleven example titles in the standard that explicitly states "information security". Organisations deal with events and incidents all the time. I ask myself why? Here's one I prepared earlier.

Information Security

Information Security InfoSec

Why would a lawyer ever need an Information Security Professional?

CyberSecurity Insiders

APRIL 12, 2021

As an information security professional, have you often found yourself frustrated by the growing collection of cyber-based rules, guidance, regulations, and contemplations that our lawmakers can conjure up? It is also clear that information security professionals see things differently than most non-security people.

Information Security

Information Security Computers and Electronics InfoSec Unstructured Data

Are our infosec controls sufficient?

Notice Bored

JUNE 25, 2021

begging questions about which infosec-related matters are particularly important, and how they stack up in relation to other business priorities, issues, pressures etc. begging questions about which infosec-related matters are particularly important, and how they stack up in relation to other business priorities, issues, pressures etc.

InfoSec

InfoSec Risk Information Security Government

Social responsibility in infosec with Chloé Messdaghi

Security Boulevard

JANUARY 19, 2022

Discussing environmental and social issues in infosec with ESG researcher Chloé Messdaghi. Today, I sit down with Chloé to discuss the biggest issues facing the infosec industry, such as diversity and sustainability, and how we can start tackling them together. What are the biggest social challenges facing our industry?

InfoSec

InfoSec Technology Government Cybersecurity

I Actually Like Remote and Pre-recorded Presentations

Daniel Miessler

OCTOBER 28, 2020

I see this sentiment a lot from a lot of people in infosec, and I think I’ve figured it out. I think a massive amount of the infosec conference scene is people in Live Music Mode. But I enjoy that most in LobbyCon, and the dinners, and the events we do together away from the conference—not so much in the talk itself.

InfoSec

InfoSec Education Information Security

BSides Huntsville 2021 – David Hunt’s ‘Hack In Your Sleep’

Security Boulevard

MARCH 14, 2021

Many thanks to BSides Huntsville 2021 for publishing their tremendous conference videos on the organization's YouTube channel; one of the best BSides for this year, don't miss this 10-video infosec event. The post BSides Huntsville 2021 – David Hunt’s ‘Hack In Your Sleep’ appeared first on Security Boulevard.

Hacking

Hacking InfoSec Education Information Security

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Hacking Cyber threats Mobile

Cyber Defense Magazine – November 2021 has arrived. Enjoy it!

Security Affairs

NOVEMBER 3, 2021

This is the biggest INFOSEC show on earth and we will be there! It’s our 10th anniversary in business and at @RSAConference #RSAC: Where the world talks #security There is No better INFOSEC event on Earth. Thank you all and to our readers! OSINT ROCKS! link] We have a growing team working for YOU at no-charge.

InfoSec

InfoSec Cybersecurity Media Hacking

Learning from Near Misses

Adam Shostack

JANUARY 2, 2025

First, in the nearly ten years since Andrew Stewart and I wrote The New School of Information Security, and called for more learning from breaches, we've seen a dramatic shift in how people talk about breaches. Second, last year marked 25 years of calls for an "NTSB for infosec."

InfoSec

InfoSec Data collection Engineering Cyber Attacks

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Hot for Security

FEBRUARY 16, 2021

Hackers could trigger ‘fake earthquakes,’ affecting emergency and economic responses to a seismic event, and generate mistrust in seismic technology among the population, the researchers say. Seismic monitoring equipment is vulnerable to common cybersecurity threats like those faced by IoT devices, a new research paper warns.

IoT

IoT InfoSec Data collection Encryption

Spotlight on Cybersecurity Leaders: Chris Spohr

SecureWorld News

AUGUST 22, 2022

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. Chris Spohr is the Information Security Officer for Republic Finance, LLC, and adds value by serving as the Head of Information Security to protect the company's data, brand, and jobs.

Cybersecurity

Cybersecurity InfoSec Retail Manufacturing

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Daniel Miessler

SEPTEMBER 29, 2020

Since 2007 the InfoSec industry has been talking about TheBigOne™—the event that would change cyber threats from annoyances to existential concerns. They called it Cyber Pearl Harbor. This doesn’t mean it can’t still happen.

Ransomware

Ransomware Government Social Engineering Small Business

Why Taylor Swift Fans Should Work in Cybersecurity

SecureWorld News

SEPTEMBER 12, 2023

These skills also happen to apply to information security (infosec) and cyber threat intelligence and research. And you'll leave your first infosec conference with an armful of them. But infosec is the rare industry with clearcut heroes and villains. My Infosec Era has only just begun. I didn't do it alone.

Cybersecurity

Cybersecurity InfoSec Threat Detection Accountability

BSides Huntsville 2021 – Melissa Benua’s ‘Fuzz Testing For Fun And Profit’

Security Boulevard

MARCH 16, 2021

Many thanks to BSides Huntsville 2021 for publishing their tremendous conference videos on the organization's YouTube channel; a great BSides, don't miss this 10-video infosec event. The post BSides Huntsville 2021 – Melissa Benua’s ‘Fuzz Testing For Fun And Profit’ appeared first on Security Boulevard.

InfoSec

InfoSec Education Information Security

BSides Huntsville 2021 – Joanna Burkey’s ‘Keynote – Cybersecurity As An Ecosystem’

Security Boulevard

MARCH 13, 2021

Many thanks to BSides Huntsville 2021 for publishing their tremendous conference videos on the organization's YouTube channel; one of the best BSides for this year, don't miss this 10-video infosec event.

InfoSec

InfoSec Cybersecurity Education Information Security

Expert discloses 4 zero-days in IBM Data Risk Manager

Security Affairs

APRIL 21, 2020

A security researcher disclosed details of four zero-day flaws impacting an IBM security product after the IT giant refused to address them. IDRM handles very sensitive information, for this reason the exploitation of any issue affecting the product could have important consequences. and that one is certainly vulnerable.”

Risk

Risk Authentication Advertising InfoSec

Everything is Insecure: What Matters is What You’re Getting vs. Giving Up

Daniel Miessler

APRIL 16, 2020

Throughout the media you have people substituting their in-person events with virtual ones, and they all seem to be using Zoom. The most important thing we can do as security professionals is to keep our risk evaluations in context with what we’re protecting. It was extraordinary.

Internet

Internet Internet Risk InfoSec

Five 2023 Cybersecurity Predictions by Doug Dooley

CyberSecurity Insiders

DECEMBER 6, 2022

The net result will be less employment opportunities and eventually less job-hoping in 2023 despite the talent shortfall in IT security. Chief Information Security Officers (CISOs) have a rare combination of business acumen, operational knowledge, technical insights, and legal/compliance experience. CISO shortage. CISO exodus.

Cybersecurity

Cybersecurity CISO InfoSec Technology

BSides Huntsville 2021 – Steven Kirby’s ‘Requiem For The Password’

Security Boulevard

MARCH 17, 2021

Many thanks to BSides Huntsville 2021 for publishing their tremendous conference videos on the organization's YouTube channel; a great BSides, don't miss this 10-video infosec event. The post BSides Huntsville 2021 – Steven Kirby’s ‘Requiem For The Password’ appeared first on Security Boulevard.

Passwords

Passwords InfoSec Education Information Security

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

For example, outcomes like adapting to external events, creating a security culture, and cost-effective programs, all improve when organizations make progress towards zero trust security (based on survey responses from 4,751 active information security and privacy professionals from 26 countries).

Authentication

Authentication Risk Social Engineering InfoSec

Charlotte Conference Kicks Off Season with Thought Leaders' Expertise

SecureWorld News

MARCH 8, 2023

The 2023 event saw a 33 percent increase in Conference Pass attendees over the 2022 event. The next opportunity to catch a SecureWorld event is SecureWorld Boston , taking place at the Hynes Convention Center on March 22-23. And two vendor panels: There's a Bad Moon On the Rise – Are You Ready?

Cybersecurity

Cybersecurity Risk InfoSec Data privacy

Careers in Cybersecurity: Myths and Realities with Kathleen Smith

Security Boulevard

FEBRUARY 9, 2025

Kathleen shares her extensive experience in the field, recounting her tenure in various cybersecurity events and her contributions to job market research and recruiting. In this episode we welcome Kathleen Smith, CMO of ClearedJobs.net, to discuss the current state of the cybersecurity job market.

Cybersecurity

Cybersecurity Marketing Data privacy Cyber threats

BSides Huntsville 2021 – Chris Cochran’s ‘Keynote: Performing Like A Cybersecurity Champion’

Security Boulevard

MARCH 15, 2021

Many thanks to BSides Huntsville 2021 for publishing their tremendous conference videos on the organization's YouTube channel; a great BSides, don't miss this 10-video infosec event.

InfoSec

InfoSec Cybersecurity Education Information Security

BSides Huntsville 2021 – Luke Gleba’s ‘Using Sip Traffic To Influence The Communications And Geopolitical Landscape Of Germany’

Security Boulevard

MARCH 17, 2021

Many thanks to BSides Huntsville 2021 for publishing their tremendous conference videos on the organization's YouTube channel; a great BSides, don't miss this 10-video infosec event.

InfoSec

InfoSec Education Information Security

BSides Huntsville 2021 – Fernando Tomilson’s ‘The Invisible War: A Look At The Ransomware Battle’

Security Boulevard

MARCH 13, 2021

Many thanks to BSides Huntsville 2021 for publishing their tremendous conference videos on the organization's YouTube channel; one of the best BSides for this year, don't miss this 10-video infosec event.

InfoSec

InfoSec Ransomware Education Information Security

Careers in cybersecurity: Malwarebytes talks to teachers and students

Malwarebytes

MARCH 16, 2021

The theme is often breaking into infosec. I get to dust off some oldies and give a snapshot of security research circa [insert year of choice here]. Schools and universities really get a lot from these events. Every year, I take part in talks for universities and schools. It’s a win-win for everybody. Closing thoughts.

Cybersecurity

Cybersecurity InfoSec Education Technology

Spotlight on Cybersecurity Leaders: Bill Bowman

SecureWorld News

FEBRUARY 26, 2024

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. Bill Bowman, CISSP, CIPM, is the Chief Information Security Officer & Data Privacy Officer at financial software company Emburse. I learned from them.

Cybersecurity

Cybersecurity CISO InfoSec Data privacy

Spotlight on Cybersecurity Leaders: Bryan Bechard

SecureWorld News

MARCH 21, 2023

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. He has been working in cybersecurity for the last 20 years and teaching the next generation of InfoSec pros. Bryan Bechard is CISO for Flagship Credit Acceptance.

Cybersecurity

Cybersecurity InfoSec CISO Cybercrime

World's First Hybrid War in Ukraine Holds Important Cyber Lessons

SecureWorld News

OCTOBER 26, 2022

Leighton has some real admiration for the Ukraine government and the host of supporters across the world—including 200,000 InfoSec practitioners aiding in Ukraine's cyber efforts—for not just battling Russia, but winning in many instances. To watch the full presentation, check out the event's agenda and register today.

CISO

CISO CSO InfoSec Government

Unleashing the Power of a Security Data Lake

SecureWorld News

APRIL 3, 2023

The concept of a Security Data Lake, a type of Data Lake explicitly designed for information security, has not received much attention yet. It can potentially bring a company's security to the next level. However, this is not your ordinary data storage solution. The same thing happens when connecting to a Wi-Fi router.

Unstructured Data

Unstructured Data Data collection Information Security Backups

Spotlight on Cybersecurity Leaders: Randy Raw

SecureWorld News

MARCH 31, 2022

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. He is the Chief Information Security Officer at Veterans United Home Loans in Columbia, Missouri. Randy is a CISSP and is active in the Central Missouri InfoSec community.

Cybersecurity

Cybersecurity InfoSec Authentication DDOS

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

SecureWorld News

JUNE 13, 2023

It was fitting that the opening keynote panel for SecureWorld Chicago on June 8th was titled " Making the Cybersecurity Music: Navigating Challenges and Opportunities in Today's InfoSec Landscape. Well, information security, cybersecurity happens to be a critical part of the business, being able to achieve strategic objectives. "You

Cybersecurity

Cybersecurity CISO InfoSec Risk

Analysis of the 2020 Verizon Data Breach Report

Daniel Miessler

MAY 19, 2020

Verizon’s Breach Report is one of the best infosec reports out there, and I’m always excited when I hear it’s been released. A security event that compromises the integrity, confidentiality or availability of an information asset. Errors were causal events in 22% of breaches. Top tactics utilized.

Data breaches

Data breaches Phishing Malware Hacking

Security pros rely on peer groups and open communication for help with stress

SC Magazine

MAY 25, 2021

This nonstop barrage of security crises has made certain infosec leaders and practitioners more aware than ever of the job’s impact on mental healthy, and the importance to protect against stress, exhaustion and burnout. But how have they been managing? Florence Mottay, Ahold Delhaize.

InfoSec

InfoSec CISO Media Cybersecurity

Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App

Security Boulevard

JANUARY 7, 2024

The iPhone exploit, known as Operation Triangulation, has complex chains of events that lead to compromised iPhone security. Meanwhile, the lawsuit against Google claims […] The post Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App appeared first on Shared Security Podcast.

Data privacy

Data privacy Mobile InfoSec Technology

A Big Week at RSA – Hot Company in API Security, API Defenders on the Show Floor

Security Boulevard

APRIL 24, 2023

Today we announced that Salt has won “Hot Company” in the API security category in the Cyber Defense Magazine (CDM) 2023 Global InfoSec Awards. The CDM Global InfoSec Awards honor information security innovators who provide unique and compelling products and services.

InfoSec

InfoSec Threat Detection Architecture Engineering

Achieving PCI DSS Compliant Firewalls within a Small Business

Security Boulevard

MAY 6, 2021

Firewalls monitor and report suspicious attacks, with the support of a 'Security Information and Event Management' (SIEM) tool, the business is able to detect and quickly respond to cyber-attacks, which is covered by PCI DSS requirement 10. PCI DSS requirement 6.6 Monitoring and Responding to Malicious Activity.

Small Business

Small Business Firewall Wireless Internet

Payment Security: Understanding the Four Corner Model

Security Boulevard

JULY 28, 2021

This triggers the event or flow of payment authentication and processing with various entities involved in the process. Author Bio Narendra Sahoo (PCI QSA, PCI QPA, CISSP, CISA, and CRISC) is the Founder and Director of VISTA InfoSec , a global Information Security Consulting firm, based in the US, Singapore & India.

Banking

Banking InfoSec Accountability Information Security

Mental Health & Burnout in Cybersecurity: Tips, Stories and Insights

Cisco Security

OCTOBER 6, 2021

This is an industry still struggling with elevated anxiety levels following the events of the past eighteen months. Here are some more insights from people in the infosec community on what works for them: Advice on How Security Pros Can Promote Their Mental Health. Cybersecurity is a challenging and demanding industry.

Cybersecurity

Cybersecurity CISO InfoSec Media

Thinking About the Future of InfoSec (v2022)

Zero Trust and the Failure of Sampling: Two Important Cybersecurity Trends

Trending Sources

CTO of Center for Internet Security Expounds on Transforming InfoSec

Alyssa Miller: Charting the Course Through InfoSec and Aviation

InfoSec Leaders Weigh in on New SEC Rules Making CISO Hotseat Hotter

Topic-specific policy 6/11: information security incident management

Why would a lawyer ever need an Information Security Professional?

Are our infosec controls sufficient?

Social responsibility in infosec with Chloé Messdaghi

I Actually Like Remote and Pre-recorded Presentations

BSides Huntsville 2021 – David Hunt’s ‘Hack In Your Sleep’

New Leak Shows Business Side of China’s APT Menace

Cyber Defense Magazine – November 2021 has arrived. Enjoy it!

Learning from Near Misses

Hackers Could Cause ‘Fake Earthquakes’ by Exploiting Vulnerable Seismic Equipment, Researchers Warn

Spotlight on Cybersecurity Leaders: Chris Spohr

Cyber Pearl Harbor Is Happening Right Now — It’s Ransomware

Why Taylor Swift Fans Should Work in Cybersecurity

BSides Huntsville 2021 – Melissa Benua’s ‘Fuzz Testing For Fun And Profit’

BSides Huntsville 2021 – Joanna Burkey’s ‘Keynote – Cybersecurity As An Ecosystem’

Expert discloses 4 zero-days in IBM Data Risk Manager

Everything is Insecure: What Matters is What You’re Getting vs. Giving Up

Five 2023 Cybersecurity Predictions by Doug Dooley

BSides Huntsville 2021 – Steven Kirby’s ‘Requiem For The Password’

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Charlotte Conference Kicks Off Season with Thought Leaders' Expertise

Careers in Cybersecurity: Myths and Realities with Kathleen Smith

BSides Huntsville 2021 – Chris Cochran’s ‘Keynote: Performing Like A Cybersecurity Champion’

BSides Huntsville 2021 – Luke Gleba’s ‘Using Sip Traffic To Influence The Communications And Geopolitical Landscape Of Germany’

BSides Huntsville 2021 – Fernando Tomilson’s ‘The Invisible War: A Look At The Ransomware Battle’

Careers in cybersecurity: Malwarebytes talks to teachers and students

Spotlight on Cybersecurity Leaders: Bill Bowman

Spotlight on Cybersecurity Leaders: Bryan Bechard

World's First Hybrid War in Ukraine Holds Important Cyber Lessons

Unleashing the Power of a Security Data Lake

Spotlight on Cybersecurity Leaders: Randy Raw

Importance of Cybersecurity Profession Highlights SecureWorld Chicago

Analysis of the 2020 Verizon Data Breach Report

Security pros rely on peer groups and open communication for help with stress

Most Advanced iPhone Exploit Ever, Google’s $5 Billion Settlement, Apple’s Journal App

A Big Week at RSA – Hot Company in API Security, API Defenders on the Show Floor

Achieving PCI DSS Compliant Firewalls within a Small Business

Payment Security: Understanding the Four Corner Model

Mental Health & Burnout in Cybersecurity: Tips, Stories and Insights

Stay Connected