Information Security, Risk and Workshop

Types of Risk Assessment Methodologies: Choosing the Right Approach for Your Needs

Centraleyes

MARCH 17, 2025

Every organization faces risks that threaten its objectives, assets, and operations. A risk assessment is the foundation for identifying, analyzing, and prioritizing these risks. Understanding the basics of risk assessment is the first step in building a resilient and proactive strategy to mitigate risks and vulnerabilities.

Risk

Risk Insurance Small Business Cybersecurity

CISO workshop slides

Notice Bored

AUGUST 5, 2022

A glossy, nicely-constructed and detailed PowerPoint slide deck by Microsoft Security caught my beady this morning. including security-relevant aspects ( e.g. being a trusted partner). Security Response : the example metrics suggest the classical (outdated!)

CISO

CISO Risk Artificial Intelligence Marketing

Valuing CyberSecurity Research Datasets

Adam Shostack

JANUARY 2, 2025

A paper at the Workshop on the Economics of Information Security titled Valuing CyberSecurity Research Datasets focuses on the value of the IMPACT data sharing platform at DHS, and how the availability of data shapes research. There was a really interesting paper at the Workshop on the Economics of Information Security.

Cybersecurity

Cybersecurity Information Security Technology Risk

News alert: AppDirect poll reveals company leaders losing sleep over cyber risks, compliance

The Last Watchdog

NOVEMBER 28, 2023

But that’s not enough to assuage their anxiety and instill confidence that they’re well protected against security threats. Their top areas of concern include cybersecurity risk (58%), information security risk (53%) and compliance risk (39%). Human error is among the top causes of security breaches.

Cyber Risk

Cyber Risk Risk B2B Education

Unlock Your Cybersecurity Potential: SecureWorld PLUS Training Courses

SecureWorld News

JANUARY 22, 2025

Lesson 3: AI Security Standards Gain insights into secure design, development, deployment, and maintenance of AI systems, with a focus on supply chain security and incident management. Meet the instructors Larry Wilson , CISSP, CISA, was formerly the Chief Information Security Officer for Sumitomo Pharma Americas, Inc.,

Cybersecurity

Cybersecurity Artificial Intelligence Cyber Risk Risk

Valuing CyberSecurity Research Datasets

Adam Shostack

JULY 26, 2019

There was a really interesting paper at the Workshop on the Economics of Information Security. It also enumerates a set of barriers to research, including legal and ethical risk, costs, value uncertainty, and incentives. The paper is “ Valuing CyberSecurity Research Datasets.”

Cybersecurity

Cybersecurity Information Security Technology Risk

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

Duo's Security Blog

OCTOBER 6, 2023

Threat actors have dramatically escalated their attacks – targeting security controls like multi-factor authentication (MFA), conducting wily social engineering attacks and extorting businesses large and small with ransomware. To achieve more resilience in this heightened risk environment, stepping up zero trust maturity is essential.

Authentication

Authentication Risk Social Engineering InfoSec

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

Centraleyes

MARCH 13, 2025

Enacted in 2017, this regulation is all about minimizing risk in the financial services sector, which, lets face it, is prime real estate for cybercriminals. The program should be tailored to your specific business risks. Insight: Many businesses make the mistake of copying templates without understanding their unique risks.

Cybersecurity

Cybersecurity Financial Services Risk Encryption

9 New NIST Cybersecurity & Privacy Goals

SecureWorld News

FEBRUARY 8, 2021

The NIST Cybersecurity Framework (CSF) helps thousands of organizations around the world to better understand and improve their information security posture. And the NIST Risk Management Framework (RMF) provides details for creating cyber policies through a risk base approach. Metrics and measurements.

Cybersecurity

Cybersecurity IoT Education Risk

It’s Official: (ISC)² Security Congress is Back for the 11th Year in a Row!

CyberSecurity Insiders

MAY 27, 2021

Registration for the 11th annual (ISC)² Security Congress is now open! The renowned global three-day conference, focused on continuing education for cybersecurity professionals and information security specialists, will be hosted as a hybrid event for the first time in 2021.

Education

Education IoT Cybersecurity Government

Top IT Areas You Need to Check to Strengthen Your Cybersecurity

CyberSecurity Insiders

SEPTEMBER 24, 2021

Even with high-level security measures, no one is safe from such threats. That is why most companies hire professional information security services to mitigate the risks arising from data breaches. Therefore, you need to invest in your employees by conducting cybersecurity workshops and training regularly.

Cybersecurity

Cybersecurity Data breaches Backups Firewall

Updates to the (ISC)² CAP Exam. What is Changing?

CyberSecurity Insiders

APRIL 13, 2021

government professionals using the Risk Management Framework (RMF) has now expanded to professionals working in the private sector and or organizations around the world. Professionals who hold the CAP certification are essential to any successful risk management program, not just those in the U.S. Scope of the Information System.

Risk

Risk Government Information Security Cybersecurity

Nurturing Our Cyber Talent

IT Security Guru

SEPTEMBER 25, 2023

Businesses and other organisations are being pushed both by customers and regulators to evidence how they are keeping their information secure. Consumers have increasing expectations of organisations that any information they provide will be kept safe and actively avoid organisations that have a history of breaches.

CISO

CISO Identity Theft Cybercrime Cybersecurity

The discomfort zone

Notice Bored

JULY 4, 2022

I feel more confident about the underlying generic principles of risk, compliance, conformity, obligations, accountabilities, assurance and controls though, and have the breadth of work and life experience to appreciate the next point. The mind map is a brief glimpse of the landscape, as I see it. We're definitely in the discomfort zone here.

Risk

Risk Accountability InfoSec CISO

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

This step reduces the risks of illegal access, data loss, and regulatory noncompliance, as well as protects the integrity and security of sensitive information within SaaS applications. Do you understand the potential risks connected with each provider’s integration points?

Risk

Risk Threat Detection Data breaches Encryption

Top Certifications in Cybersecurity and How they Can Advance Your Career

SecureWorld News

JULY 25, 2023

As organizations across industries grapple with escalating cyber risks, the demand for skilled information security professionals has skyrocketed. You can stay up to date with the latest trends, technologies, and best practices in the cybersecurity field through conferences, webinars, workshops, and other learning opportunities.

Cybersecurity

Cybersecurity Education Cyber threats Information Security

Hiring – Senior Cybersecurity Consultant

BH Consulting

OCTOBER 1, 2024

The role of Senior Cybersecurity Consultant has the following key responsibilities: Ensure that all BH Consulting clients receive a professional service in line with our company ethos and values Ensuring a first-class service to clients is delivered on time and within budget Planning and leading projects while effectively managing resources.

Cybersecurity

Cybersecurity Risk Government Architecture

BH Consulting prepares HR software company Our Tandem for successful ISO 27001 certification

BH Consulting

APRIL 21, 2021

Therefore, it believes it has a duty to protect its clients’ and employees’ data and its information assets using the principles of confidentiality, integrity, and availability. It decided to come to BH Consulting, as a trusted professional security provider, to guide it along the journey to ISO 27001 certification.

Software

Software Information Security Risk Technology

(ISC)² Chapter Creates Space for Entry-Level Members and Professional Connections

CyberSecurity Insiders

NOVEMBER 9, 2021

They are hosting a joint meeting soon with IAPP to bring privacy and cyber professionals together, formalizing a personalized mentorship program, starting a CCSP study group, providing a heavily discounted CISSP training class and a resume workshop. We caught up with Ken to discuss the impact and learn more about their upcoming events.

Data privacy

Data privacy Banking Cybersecurity Information Security

The secrets to start a cybersecurity career

Responsible Cyber

JULY 14, 2024

Professionals in this path are responsible for developing and implementing security policies, managing security teams, and ensuring compliance with regulatory requirements. They must be adept at handling security incidents, risk management, and strategic planning. ISO 27001), experience with risk management tools.

Cybersecurity

Cybersecurity Education Penetration Testing Engineering

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Last Watchdog

FEBRUARY 28, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Cyber threats

Cyber threats Computers and Electronics Adware Spyware

The Most Common Types of Malware in 2021

CyberSecurity Insiders

JANUARY 31, 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

Malware

Malware Computers and Electronics Adware Spyware

Dancho Danchev’s Testimony on “How Facebook Today’s Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”

Security Boulevard

JANUARY 16, 2025

A cybersecurity expert who has navigated the complex and often murky waters of the information security industry. Despite our increased reliance on technology, the information security industry often seems ill-equipped to protect us from the very threats it promises to defend against. This is akin to our online presence.

Education

Education Technology Cybersecurity Information Security

16 Reasons why International Women’s Day Isn’t Worth Celebrating in Cybersecurity

Jane Frankland

MARCH 1, 2023

Women still remain significantly underrepresented According to (ISC)² Global Information Security Workforce Study (2021), women made up just 24% of the global security workforce in 2019 and in 2021. They include asking women to become more like men, to speak up more, to be more assertive, self-confident, or to take more risks.

Cybersecurity

Cybersecurity CISO Education Media

How to Select a Qualified SOC 2 Auditor

Centraleyes

JULY 22, 2024

The team conducting the audit can include various professionals with expertise in information security and compliance, but the CPA firm ensures adherence to auditing standards and attests to the validity of the report. This may involve taking courses, attending workshops, and gaining on-the-job experience.

Accountability

Accountability Technology Education Risk

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

Herjavec Group

MAY 17, 2021

Herjavec Group’s award-winning Identity Service offering is focused on transforming an organization’s access requirements into an information advantage – both on-premise and in the cloud. Quickly detect risks and amend access entitlement issues associated with privileged users. Improve control over user data and access permissions.

InfoSec

InfoSec Technology Marketing B2C

CISSPs from Around the Globe: An Interview with Jason Lau

CyberSecurity Insiders

MAY 6, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

Cryptocurrency

Cryptocurrency Data privacy Computers and Electronics Cybersecurity

IoT Secure Development Guide

Pen Test Partners

OCTOBER 9, 2023

.< Threat modelling seeks to break down a product into constituent components and assets, identify potential attackers and their goals, develop attack paths, and then calculate and treat these risks. Mind maps can be a good way to collaboratively develop this phase within a threat modelling workshop. Back to Table of contents▲ 1.2.

IoT

IoT Firmware Mobile Manufacturing

The Hacker Mind Podcast: DEF CON Villages

ForAllSecure

AUGUST 2, 2022

Anyone who has anyone in the information security community is usually melting under the hot Nevada sun. And by de I'm an analyst at Javelin strategy and research where I do security risk and fraud for the financial services industry. Still very informal. DEF CON 18: I'm Robert Vamosi.

Hacking

Hacking Computers and Electronics InfoSec Software

Democratizing Threat Hunting: How to Make it Happen for Everyone

Cisco Security

FEBRUARY 16, 2021

In the report, we surveyed more than 4,800 IT, security and privacy professionals to find out what matters most in their security practice. Topics such as tech refresh, risk management, and incident response were examined from the perspective of a roadmap for success in an information security program for organizations of all sizes.

Risk

Risk InfoSec Technology CISO

Cyber Security Informer

Types of Risk Assessment Methodologies: Choosing the Right Approach for Your Needs

CISO workshop slides

Trending Sources

Valuing CyberSecurity Research Datasets

News alert: AppDirect poll reveals company leaders losing sleep over cyber risks, compliance

Unlock Your Cybersecurity Potential: SecureWorld PLUS Training Courses

Valuing CyberSecurity Research Datasets

Charting a Course to Zero Trust Maturity: 5 Steps to Securing User Access to Apps

NYDFS Cybersecurity Regulation: Dates, Facts and Requirements

9 New NIST Cybersecurity & Privacy Goals

It’s Official: (ISC)² Security Congress is Back for the 11th Year in a Row!

Top IT Areas You Need to Check to Strengthen Your Cybersecurity

Updates to the (ISC)² CAP Exam. What is Changing?

Nurturing Our Cyber Talent

The discomfort zone

What Is a SaaS Security Checklist? Tips & Free Template

Top Certifications in Cybersecurity and How they Can Advance Your Career

Hiring – Senior Cybersecurity Consultant

BH Consulting prepares HR software company Our Tandem for successful ISO 27001 certification

(ISC)² Chapter Creates Space for Entry-Level Members and Professional Connections

The secrets to start a cybersecurity career

GUEST ESSAY. Everyone should grasp these facts about cyber threats that plague digital commerce

The Most Common Types of Malware in 2021

Dancho Danchev’s Testimony on “How Facebook Today’s Meta Failed To Protect Its Users and React To The Koobface Botnet And What We Should Do About It?”

16 Reasons why International Women’s Day Isn’t Worth Celebrating in Cybersecurity

How to Select a Qualified SOC 2 Auditor

Herjavec Group Wins 4 Cyber Defense Magazine Global InfoSec Awards

CISSPs from Around the Globe: An Interview with Jason Lau

IoT Secure Development Guide

The Hacker Mind Podcast: DEF CON Villages

Democratizing Threat Hunting: How to Make it Happen for Everyone

Stay Connected