Government and Whitepaper - Cyber Security Informer

Whitepaper: The Intersection of Technical Debt and Cybersecurity

Approachable Cyber Threats

MAY 23, 2022

The term “technical debt” has come to encompass a number of issues in the industry: bugs, legacy code, missing documentation, “silver bullet” tooling, poor system visibility, old hardware assets, weak governance, and more.

Cybersecurity

Cybersecurity Risk Government

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

The Last Watchdog

JANUARY 11, 2022

Towards this end it has begun sharing videos, whitepapers and reports designed to rally decision makers from all quarters to a common cause. Fixing data governance. All too many providers still have not gotten around to embracing robust data governance practices, for instance.

Big data

Big data Healthcare Technology Government

Key takeaways from CSA’s SaaS Governance Best Practices guide

CSO Magazine

JUNE 30, 2022

SaaS governance and security is gaining attention among IT and security leaders. That’s why the Cloud Security Alliance (CSA) created the SaaS Governance Best Practices for Cloud Customers whitepaper, for which I was honored to serve as its co-lead. To read this article in full, please click here

Government

Government Software

Anton’s Security Blog Quarterly Q4 2021

Anton on Security

DECEMBER 20, 2021

“Achieving Autonomic Security Operations: Reducing toil” [GCP Blog] “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…” “2021 Threat Intelligence Use Cases” “Top 10 SIEM Log Sources in Real Life?” “A A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” “Today, You Really Want a SaaS SIEM!”

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

Anton’s Security Blog Quarterly Q3 2021

Anton on Security

SEPTEMBER 16, 2021

“Top 10 SIEM Log Sources in Real Life?” “A A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” “Today, You Really Want a SaaS SIEM!”

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

Analysts “strongly believe” the Russian state colludes with ransomware gangs

Malwarebytes

AUGUST 17, 2021

This ZeuS variant, which is a modified GameOver ZeuS (GOZ), was designed specifically for espionage, and it was aimed at governments and intelligence agencies connected with Ukraine, Turkey, and Georgia. ” DiMaggio concluded.

Ransomware

Ransomware Banking Government Malware

Anton’s Security Blog Quarterly Q1 2022

Anton on Security

MARCH 3, 2022

“A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” “Achieving Autonomic Security Operations: Reducing toil” [GCP Blog] “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…” “Top 10 SIEM Log Sources in Real Life?” Today, You Really Want a SaaS SIEM!”

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

Anton’s Security Blog Quarterly Q3 2022

Anton on Security

AUGUST 19, 2022

“A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” ”Top 10 SIEM Log Sources in Real Life?”

Threat Detection

Threat Detection Cloud Migration Encryption CISO

The Role of Culture in Compliance

CyberSecurity Insiders

JULY 22, 2021

In our latest blog, read about how the CISSP credential can equip you to promote a security culture to help your organization comply with the regulations that govern your industry. To discover more about CISSP read our whitepaper, 9 Traits You Need to Succeed as a Cybersecurity Leader. Read the Article. Want to Learn More About CISSP?

InfoSec

InfoSec Cybersecurity Government Education

Secure by Design: Google’s Perspective on Memory Safety

Google Security

MARCH 4, 2024

In this post, we share our perspective on memory safety in a comprehensive whitepaper. We'll also highlight our commitments towards implementing several of the solutions outlined in the whitepaper, most recently with a $1,000,000 grant to the Rust Foundation , thereby advancing the development of a robust memory-safe ecosystem.

Software

Software Engineering Technology Risk

News Alert: Utimaco finds regional disparities in consumers’ level of trust in digital security

The Last Watchdog

JULY 10, 2023

The 2023 edition of the ‘Circles of Trust’ is released in the same year that Utimaco is celebrating its 40th year pioneering trusted cybersecurity and compliance solutions and services to its enterprise and government customers across the globe.

Identity Theft

Identity Theft IoT Banking Internet

Anton’s Security Blog Quarterly Q2 2023

Anton on Security

MAY 15, 2023

“A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…” Data security: “How autonomic data security can help define cloud’s future” [GCP blog] “New whitepaper: Designing and deploying a data security strategy with Google Cloud” [GCP Blog] “The cloud trust (..)

Threat Detection

Threat Detection Cloud Migration Encryption CISO

Anton’s Security Blog Quarterly Q1 2021

Anton on Security

MARCH 29, 2021

“Revisiting the Visibility Triad for 2020” “New Paper: “Future of the SOC: Forces shaping modern security operations”” “Top 10 SIEM Log Sources in Real Life?”

Cloud Migration

Cloud Migration Encryption CISO Threat Detection

Anton’s Security Blog Quarterly Q2 2021

Security Boulevard

JUNE 21, 2021

Data security: “New whitepaper: Designing and deploying a data security strategy with Google Cloud” [GCP Blog]. Improving security, compliance, and governance with cloud-based DLP data discovery” [GCP Blog]. “A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next”. Today, You Really Want a SaaS SIEM!”.

Cloud Migration

Cloud Migration Threat Detection Encryption Government

Anton’s Security Blog Quarterly Q3 2023

Anton on Security

AUGUST 9, 2023

“A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…” “Debating SIEM in 2023, Part 1” “Debating SIEM in 2023, Part 2” “SIEM Content, False Positives and Engineering (Or Not) Security” Data security: “How autonomic data security can help define cloud’s (..)

Threat Detection

Threat Detection Cloud Migration Encryption CISO

Anton’s Security Blog Quarterly Q2 2021

Anton on Security

JUNE 21, 2021

“A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” “Today, You Really Want a SaaS SIEM!” “Top Top 10 SIEM Log Sources in Real Life?”

Cloud Migration

Cloud Migration Threat Detection Encryption Government

How can document readers help us fight COVID-19?

CyberSecurity Insiders

JUNE 6, 2021

Throughout the COVID-19 pandemic, hotels offering quarantine have been indispensable tools for governments across the world. Read our recent document readers whitepaper and follow @ ThalesDigiSec for more Thales content. Interested and looking to learn more? The post How can document readers help us fight COVID-19?

Risk

Risk Government Cybersecurity

Anton’s Security Blog Quarterly Q1 2022

Security Boulevard

MARCH 3, 2022

Data security: “New whitepaper: Designing and deploying a data security strategy with Google Cloud” [GCP Blog]. Improving security, compliance, and governance with cloud-based DLP data discovery” [GCP Blog]. “Achieving Autonomic Security Operations: Reducing toil” [GCP Blog]. Top 10 SIEM Log Sources in Real Life?”.

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

MITRE ATT&CK: The Magic of Segmentation

Cisco Security

JANUARY 22, 2021

They abused its update system to disguise and deliver malicious code, impacting thousands of customers including high-value US government agencies. Check out our detailed whitepaper that maps all of our solutions to ATT&CK Enterprise, posted to our Cyber Frameworks page. Not new, but easily overlooked. And the best part?

Accountability

Accountability Firewall Software Risk

Anton’s Security Blog Quarterly Q1 2023

Anton on Security

FEBRUARY 10, 2023

“A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next” ”Top 10 SIEM Log Sources in Real Life?”

Threat Detection

Threat Detection Cloud Migration Encryption CISO

Anton’s Security Blog Quarterly Q2 2022

Anton on Security

MAY 25, 2022

—?Part 3 of 3” “Achieving Autonomic Security Operations: Reducing toil” [GCP Blog] “Stop Trying to Take Humans Out of SOC … Except … Wait… Wait… Wait…” Data security: “New whitepaper: Designing and deploying a data security strategy with Google Cloud” [GCP Blog] “The cloud trust paradox: To trust cloud computing more, you need the ability to trust (..)

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

Anton’s Security Blog Quarterly Q1 2021

Security Boulevard

MARCH 29, 2021

Data security: “New whitepaper: Designing and deploying a data security strategy with Google Cloud” [GCP Blog]. Improving security, compliance, and governance with cloud-based DLP data discovery” [GCP Blog]. “Revisiting the Visibility Triad for 2020”. New Paper: “Future of the SOC: Forces shaping modern security operations””.

Cloud Migration

Cloud Migration Encryption CISO Threat Detection

Have I Been Pwned is Now Partnering With 1Password

Troy Hunt

MARCH 29, 2018

In that post, I give many examples of how HIBP is recommended by major online services, gets mentioned by law enforcement on a regular basis and, of course, there's the announcement from earlier this month about UK and Aussie governments using the service for free (there's more of those to follow, too).

Password Management

Password Management Passwords Data breaches Retail

MITRE introduces D3FEND framework

Malwarebytes

JUNE 23, 2021

It’s used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. The MITRE Corporation has also released a technical whitepaper (PDF) describing the basic principles and the design of this new framework.

Cyber threats

Cyber threats Cybersecurity Engineering Phishing

Introducing Our 8th Annual State of the Software Supply Chain Report

Security Boulevard

OCTOBER 18, 2022

The software supply chain has definitely been in all corners of the news this year, including finance , government , and technology. Although the focus is on security concerns, better supply chain management has benefits beyond preventing downtime and data breaches.

Software

Software Data breaches Government Technology

Middle Brothers

Javvad Malik

NOVEMBER 25, 2020

When we talk about privacy and surveillance, discussions usually involve talk of Governments keep the population under manners. But unlike the good old days of the eighteenth century, Governments aren’t the only ones with skin in the population monitoring, control, and profiteering business.

Surveillance

Surveillance Marketing Internet Internet

How Can Security Training Harden Your DevOps Process?

IT Security Guru

APRIL 6, 2021

Here’s how Ampcus Cyber describes this new paradigm in its whitepaper: DevSecOps is technology agnostic and organisations can use a combination of technologies, policies, and procedures to secure the DevOps pipeline. Organisations need to invest more in security if they are to make the most of their transition to DevOps.

Education

Education Technology Government Software

How can document readers help us fight COVID-19?

CyberSecurity Insiders

MAY 20, 2021

Throughout the COVID-19 pandemic, hotels offering quarantine have been indispensable tools for governments across the world. Read our recent document readers whitepaper and follow @ ThalesDigiSec for more Thales content. Interested and looking to learn more? The post How can document readers help us fight COVID-19?

Risk

Risk Government Cybersecurity

TIA CEO: Supply chain standard shows feds ‘they don’t have to be heavy handed’

SC Magazine

MARCH 17, 2021

The world recently came face-to-face with supply chain risk when nation-state hackers breached government and business alike through SolarWinds servers and other attack vectors. In the first quarter of 2020, we put out our first whitepaper on this subject saying a standard was needed. It was kind of a call to action for the industry.

Telecommunications

Telecommunications Wireless Government Risk

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

The Last Watchdog

JANUARY 30, 2019

The program grew over the years into what it is today, a collaborative consortium of professionals from the banking, investing, insurance, healthcare, retail and telecom industries as well as academics and GRC (government, risk-management and compliance) specialists. Advancing best practices.

Cyber Risk

Cyber Risk Risk Financial Services Banking

MITRE ATT&CK: The Magic of Application Mitigations

Cisco Security

MARCH 17, 2021

By some reports , tens of thousands of organizations and government agencies were affected. Check out our detailed whitepaper that maps all of our Cisco Secure solutions to MITRE ATT&CK Enterprise on our Cyber Frameworks page. When Microsoft later released critical security updates but, for many, the damage was already done.

Architecture

Architecture Software Digital transformation Risk

From a tech explosion to accidental cyberattacks, researchers offer a glimpse into 2030

SC Magazine

MAY 17, 2021

The researchers presented Monday afternoon at the RSA Conference, to tease a soon-to-be-released whitepaper of their work. “While we deliberately leave a question mark hanging over the precise date of quantum decryption, we highlight some of the key considerations for governments as that event,” said Baines.

Manufacturing

Manufacturing IoT Technology Artificial Intelligence

Know Your Guest: Why secure identity verification needs to be a top priority for hotels

CyberSecurity Insiders

JUNE 4, 2021

This is not only important for supporting contract tracing efforts governments have put in place, but also for protecting travellers from becoming a victim of crime or even terrorism. If you’re interested in finding out more on how to protect travellers and manage risk, download our whitepaper here.

Technology

Technology Identity Theft Risk Media

What is Digital Identity, and why is it important?

CyberSecurity Insiders

JUNE 18, 2021

Without trust in their customers and citizens, organisations and governments won’t be able to pursue the digital transformations that they need to level up the services they provide. We have also published a whitepaper on the topic which you can download for free here. Why is Digital Identity so important?

Mobile

Mobile IoT Digital transformation Banking

Securing tomorrow's software: the need for memory safety standards

Google Security

FEBRUARY 25, 2025

This framework will provide governments and businesses with the clarity to specify memory safety requirements, driving the procurement of more secure systems. Governments can effectively protect critical infrastructure and incentivize the adoption of secure-by-design practices. This commitment is also reflected in our internal efforts.

Software

Software Technology Government Architecture

API Security is Not a Problem You Can Solve at the Edge

Security Boulevard

DECEMBER 13, 2024

Salt Security offers a comprehensive approach encompassing API discovery, posture governance, and threat protection: 1. Posture Governance Beyond discovery, Salt Security's platform includes an API posture governance engine that enables organizations to create and enforce custom corporate standards.

Government

Government Healthcare Firewall Accountability

Cloud Security Alliance Announces CxO Trust Initiative to Elevate Cloud and Cybersecurity Knowledge Among Executives

CyberSecurity Insiders

MAY 18, 2021

The leaders will also work together to develop practical privacy and governance models, training and certificate programs, mentorship and hiring best practices, wider regulatory/legislative programs, and product and services development. A preliminary list of priorities has been developed and is available for download here.

Cybersecurity

Cybersecurity CISO Education Government

Know Your Guest: Why secure identity verification needs to be a top priority for hotels

CyberSecurity Insiders

JUNE 6, 2021

This is not only important for supporting contract tracing efforts governments have put in place, but also for protecting travellers from becoming a victim of crime or even terrorism. If you’re interested in finding out more on how to protect travellers and manage risk, download our whitepaper here.

Technology

Technology Identity Theft Risk Media

Cybersecurity Awareness Month Blog Series: Using Technology to Safeguard the Nation’s Critical Infrastructure

Thales Cloud Protection & Licensing

OCTOBER 25, 2018

The Thales eSecurity Vormetric Data Security Platform offers comprehensive solutions that help government agencies address these requirements as highlighted in the Thales eSecurity whitepaper Addressing Continuous Diagnostics and Mitigation Requirements.

Technology

Technology Cybersecurity Education Unstructured Data

Five Hot Security and Privacy Topics You Need To Understand in 2022

Thales Cloud Protection & Licensing

JANUARY 26, 2022

Multinational organizations face difficult and unique compliance challenges to successfully meet the ongoing waves of government regulations for data privacy and security. You can watch this insightful webinar on-demand and learn more with a wide range of whitepapers from Thales and Quantum Xchange.

Encryption

Encryption Marketing Data privacy Engineering

The importance of implementing security controls

NopSec

FEBRUARY 20, 2013

I am not going to speculate on the merit and on the veracity of the report claiming that a Chinese-government related group continuously hacked American and foreign corporations from a building in the outskirts of Shanghai. But this is not the scariest part.

Penetration Testing

Penetration Testing Social Engineering Government Hacking

LRQA Nettitude’s Approach to Artificial Intelligence

LRQA Nettitude Labs

JULY 5, 2023

Guidance : Guidance will be required on governance mechanisms including, potentially, activities in scope of appropriate risk management and governance processes (including reporting duties). Just recently, the UK government has been setting out its strategic vision to make the UK at the forefront of AI technology.

Artificial Intelligence

Artificial Intelligence Data privacy Social Engineering Risk

Anton’s Security Blog Quarterly Q3 2021

Security Boulevard

SEPTEMBER 16, 2021

Data security: “New whitepaper: Designing and deploying a data security strategy with Google Cloud” [GCP Blog]. Improving security, compliance, and governance with cloud-based DLP data discovery” [GCP Blog]. “Top 10 SIEM Log Sources in Real Life?”. “A A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next”.

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

Anton’s Security Blog Quarterly Q4 2021

Security Boulevard

DECEMBER 20, 2021

Data security: “New whitepaper: Designing and deploying a data security strategy with Google Cloud” [GCP Blog]. Improving security, compliance, and governance with cloud-based DLP data discovery” [GCP Blog]. “Top 10 SIEM Log Sources in Real Life?”. “A A SOC Tried To Detect Threats in the Cloud … You Won’t Believe What Happened Next”.

Threat Detection

Threat Detection Cloud Migration Encryption Engineering

Whitepaper: The Intersection of Technical Debt and Cybersecurity

MY TAKE: What if Big Data and AI could be intensively focused on health and wellbeing?

Trending Sources

Key takeaways from CSA’s SaaS Governance Best Practices guide

Anton’s Security Blog Quarterly Q4 2021

Anton’s Security Blog Quarterly Q3 2021

Analysts “strongly believe” the Russian state colludes with ransomware gangs

Anton’s Security Blog Quarterly Q1 2022

Anton’s Security Blog Quarterly Q3 2022

The Role of Culture in Compliance

Secure by Design: Google’s Perspective on Memory Safety

News Alert: Utimaco finds regional disparities in consumers’ level of trust in digital security

Anton’s Security Blog Quarterly Q2 2023

Anton’s Security Blog Quarterly Q1 2021

Anton’s Security Blog Quarterly Q2 2021

Anton’s Security Blog Quarterly Q3 2023

Anton’s Security Blog Quarterly Q2 2021

How can document readers help us fight COVID-19?

Anton’s Security Blog Quarterly Q1 2022

MITRE ATT&CK: The Magic of Segmentation

Anton’s Security Blog Quarterly Q1 2023

Anton’s Security Blog Quarterly Q2 2022

Anton’s Security Blog Quarterly Q1 2021

Have I Been Pwned is Now Partnering With 1Password

MITRE introduces D3FEND framework

Introducing Our 8th Annual State of the Software Supply Chain Report

Middle Brothers

How Can Security Training Harden Your DevOps Process?

How can document readers help us fight COVID-19?

TIA CEO: Supply chain standard shows feds ‘they don’t have to be heavy handed’

NEW TECH: This free tool can help gauge, manage third-party cyber risk; it’s called ‘VRMMM’

MITRE ATT&CK: The Magic of Application Mitigations

From a tech explosion to accidental cyberattacks, researchers offer a glimpse into 2030

Know Your Guest: Why secure identity verification needs to be a top priority for hotels

What is Digital Identity, and why is it important?

Securing tomorrow's software: the need for memory safety standards

API Security is Not a Problem You Can Solve at the Edge

Cloud Security Alliance Announces CxO Trust Initiative to Elevate Cloud and Cybersecurity Knowledge Among Executives

Know Your Guest: Why secure identity verification needs to be a top priority for hotels

Cybersecurity Awareness Month Blog Series: Using Technology to Safeguard the Nation’s Critical Infrastructure

Five Hot Security and Privacy Topics You Need To Understand in 2022

The importance of implementing security controls

LRQA Nettitude’s Approach to Artificial Intelligence

Anton’s Security Blog Quarterly Q3 2021

Anton’s Security Blog Quarterly Q4 2021

Stay Connected