CSO Magazine

MARCH 1, 2022

That’s why CSO’s Future of InfoSec Summit is a must-attend event. Taking place virtually March 8 and 9, the event will take a 360-degree look at managing information risk. She will address assessing the threat landscape – including threats from nation states – defining risk appetite, and the leadership necessary to meet the challenge.

InfoSec 119

InfoSec Risk Government Ransomware 119

Security Boulevard

DECEMBER 29, 2022

The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Hyperproof. The post 2023 Will Be The Year of Risk: 8 InfoSec Predictions for the New Year appeared first on Security Boulevard.

InfoSec 72

InfoSec Risk Cyber Attacks CISO 72

Krebs on Security

JUNE 15, 2023

Mandiant said the attackers will continue to change their tactics and malware, “especially as network defenders continue to take action against this adversary and their activity is further exposed by the infosec community.”

Risk 243

Risk VPN Internet Internet 243

Security Boulevard

FEBRUARY 8, 2021

The post InfoSec Reviews in Project Management Workflows appeared first on Security Boulevard. I agree – this is very important. But there’s one topic that does not get.

InfoSec 95

InfoSec Information Security Software CISO 95

Notice Bored

MAY 25, 2022

There is a strong argument to facilitate much more sharing of information about information risk and security, incidents, controls etc. So, this morning I've been thinking about the applications of those principles and mechanisms to information risk management, putting infosec under the microscope.

InfoSec 74

InfoSec Risk Antivirus Government 74

Security Affairs

APRIL 21, 2020

The security researcher Pedro Ribeiro, Director of Research at Agile Information Security, has published details about four zero-day vulnerabilities affecting the IBM Data Risk Manager (IDRM) after the company refused to address the issues. The latest version Agile InfoSec has access to is 2.0.3, and that one is certainly vulnerable.”

Risk 139

Risk Authentication InfoSec Advertising 139

Notice Bored

MAY 28, 2022

Reinforcement learning : the system learns from its interactions with the environment, utilising these observations to take actions that either maximise the reward or minimise the risk.

InfoSec 107

InfoSec Information Security Risk Government 107

Security Affairs

SEPTEMBER 30, 2021

The US CISA has released a new tool that allows to assess the level of exposure of organizations to insider threats and devise their own defense plans against such risks. The tool elaborates the answers of the organizations to a survey about their implementations of a risk program management for insider threats. Pierluigi Paganini.

Risk 122

Risk InfoSec Ransomware Technology 122

Krebs on Security

JUNE 18, 2021

Under First American’s documented vulnerability remediation policies, the data leak was classified as a security weakness with a “level 3” severity, which placed it in the “medium risk” category and required remediation within 45 days. “The [employee] did not request a waiver or risk acceptance from the CISO.”

Insurance 320

Insurance Risk Financial Services CISO 320

CTOVision Cybersecurity

OCTOBER 27, 2020

Read Ben Hartwig explain how small and medium businesses can avoid account takeover risks on Infosec Magazine: Account takeover seeks to infiltrate an existing account and use them for the […].

Small Business 93

Small Business Accountability Risk InfoSec 93

Security Boulevard

JULY 7, 2022

Risks to Your Network from Insecure Code Signing Processes. However, this practice puts these critical resources at risk for being misused or compromised. Many InfoSec teams don’t have the visibility into what their software development teams are doing. In years past, InfoSec may have been the central keeper of code signing.

Risk 98

Risk InfoSec Software Digital transformation 98

Cisco Security

SEPTEMBER 26, 2022

As Technology Audit Director at Cisco, Jacob Bolotin focuses on assessing Cisco’s technology, business, and strategic risk. Risk Management and Formula One. Meanwhile, InfoSec is the designer and implementor of risk management capabilities (for instance, ensuring the latest technology is deployed and within expected specifications).

Risk 114

Risk Cybersecurity Technology InfoSec 114

Schneier on Security

JANUARY 9, 2018

I absolutely respect Bruce Schneier a lot for what he's contributed to InfoSec, which makes me that much more disappointed with this kind of position from him. InfoSec is full of those people, and it's beneath people like Bruce to add their voices to theirs. But obvious or not, all these things are still going to happen.

IoT 137

IoT InfoSec Risk Internet 137

CSO Magazine

JUNE 21, 2022

Cybersecurity researchers work hard to keep the digital world safe, but every once in a while their own physical security is at risk. Anyone who has been in this field long enough has stumbled upon stories of infosec professionals receiving threats or has experienced incidents themselves.

Cybersecurity 137

Cybersecurity InfoSec Cybercrime Risk 137

The Security Ledger

MAY 4, 2021

In this episode of the podcast (#213): Molly Jahn of DARPA and University of Wisconsin joins us to talk about the growing cyber risk to the Food and Agriculture sector, as industry consolidation and precision agriculture combine to increase the chances of cyber disruption of food production. Read the whole entry. »

Cyber Risk 98

Cyber Risk Risk Digital transformation InfoSec 98

SecureWorld News

APRIL 28, 2023

Glanden is a specialized security systems consultant focused on risk management for breakthroughs and vulnerabilities, a senior security architect for Sayers, and the founder of BarCode Security. The 40-minute episode is packed with insights on the latest and greatest in cybersecurity.

InfoSec 105

InfoSec CISO Ransomware Information Security 105

The Last Watchdog

DECEMBER 5, 2024

One Identity embodies three major features we judges look for with the potential to become winners: understanding tomorrows threats today, providing a cost-effective solution and innovating in unexpected ways that can help mitigate cyber risk and get one step ahead of the next breach, said Gary S. Ackerman Jr.

InfoSec 130

InfoSec Cyber Risk CISO Cybersecurity 130

Digital Guardian

JULY 9, 2021

Ransomware negotiators, cyber risks to the financial system, and why traditional passwords are here to stay - catch up on all of the week's infosec news with the Friday Five!

InfoSec 113

InfoSec Cyber Risk Passwords Ransomware 113

SecureWorld News

JULY 31, 2023

Cybersecurity professionals have various views on last week's news from the United States Securities and Exchange Commission (SEC) when it surprised the InfoSec community and the C-suites of corporate America. For sanity, manage to a written information security policy.

CISO 89

CISO InfoSec Risk Cybersecurity 89

Notice Bored

APRIL 4, 2022

Control attributes are a powerful and flexible tool for information security management purposes, a novel way to design, manage and improve an organisation’s approach to mitigating unacceptable information risks, supplementing more traditional or conventional methods.

InfoSec 72

InfoSec Information Security Risk 72

Thales Cloud Protection & Licensing

FEBRUARY 19, 2024

Vladimir Soukharev, InfoSec Global The advent of quantum computers poses a substantial threat to various industries due to their potential to compromise standard encryption methods that protect global data, communications, and transactions. This vulnerability could expose sensitive enterprise information to risk.

InfoSec 71

InfoSec Encryption Risk Marketing 71

Digital Guardian

SEPTEMBER 24, 2021

New iOS privacy settings, the Exchange autodiscover bug, and subsidiary risk - catch up on the week's infosec news with the Friday Five!

InfoSec 102

InfoSec Risk 102

Threatpost

SEPTEMBER 23, 2021

Casey Ellis, founder, CTO and chairman of Bugcrowd, discusses a roadmap for lowering risk from cyberattacks most effectively.

Risk 106

Risk Cybersecurity InfoSec Malware 106

Security Boulevard

JUNE 24, 2022

A new cheatsheet from four infosec agencies tells us how to use PowerShell for good, rather than let scrotes misuse it to “live off the land.”. The post NSA Wants To Help you Lock Down MS Windows in PowerShell appeared first on Security Boulevard.

InfoSec 131

InfoSec Security Awareness Risk Government 131

CSO Magazine

JUNE 8, 2022

With rapidly evolving threats and increased business risk, security leaders are constantly pressed by the question: Do we have the right technology, people, and processes in place to protect the organization? For more of Goldsworthy’s insights, watch the full video of the event session embedded below.

InfoSec 97

InfoSec Technology Risk 97

Daniel Miessler

APRIL 16, 2020

This got me thinking more about the implicit tradeoffs we make in life with regard to functionality vs. risk—tradeoffs that we’re really bad at capturing and articulating. We accept this risk because driving is a requirement for our society to function. And we care about using software that doesn’t put us at risk.

Internet 190

Internet Internet Risk InfoSec 190

Notice Bored

MARCH 14, 2022

It also occurs to me that, aside from structuring the reports according to the information security controls and incidents , you could use the information risks in a similar way. Using appropriate metrics makes sense, of course.

Risk 76

Risk InfoSec Information Security Government 76

Security Boulevard

JANUARY 9, 2022

The post BSides Berlin 2021 – Vasant Chinnipilli’s ‘Rooting Out Security Risks Lurking In Your CI-CD Pipelines’ appeared first on Security Boulevard. Our thanks to BSides Berlin for publishing their tremendous videos from the BSides Berlin 2021 Conference on the organization’s’ YouTube channel.

Risk 122

Risk Education InfoSec Information Security 122

Jane Frankland

JUNE 20, 2023

In this blog, and ahead of my talk at Infosec this week , I’m delving into this, and giving you tips for recognising its signs and preventing it as a leader. And these changes increase the risk of developing anxiety, depression, and other mental health issues. The stakes are simply too high to neglect this.

Cybersecurity 130

Cybersecurity Risk InfoSec CISO 130

Security Boulevard

JUNE 9, 2021

The post CISO Stories Podcast: No Insider Cybersecurity Risk? What happens when an employee decides to leave the organization and start their own business – but with your Intellectual property or customer lists? . Guess Again! appeared first on Security Boulevard.

CISO 99

CISO Risk Cybersecurity Security Awareness 99

Troy Hunt

OCTOBER 2, 2020

Another demonstration of how valuable Grindr data is came last year when the US gov deemed that Chinese ownership of the service constituted a national security risk. Here's how they responded when approached by infosec journo Zack Whittaker : We are grateful for the researcher who identified a vulnerability.

Accountability 363

Accountability Hacking Passwords InfoSec 363

SC Magazine

APRIL 19, 2021

The NY DFS Cyber Insurance Risk Framework outlines a 7-point program for insurers to manage their cyber insurance risk. Of course, appreciable erosion in the availability and breadth of cyber insurance coverage will have a negative impact on corporate profitability if meaningful risk transfer is no longer an option.

Insurance 113

Insurance Cyber Insurance Ransomware InfoSec 113

Notice Bored

MAY 24, 2021

T he recently-published ISO/IEC TS 27570 " Privacy guidelines for smart cities" neatly illustrates the creativity required to tackle new information risks arising from innovation in the realm of IoT, AI and short range data communications between the proliferating portable, wearable and mobile IT devices now roaming our city streets.

InfoSec 98

InfoSec Risk IoT Information Security 98

Troy Hunt

MARCH 18, 2024

The linked article talks about the author verifying the data with various people he knows, as well as other well-known infosec identities verifying its accuracy. That's just an unacceptable risk for which the old adage of "you cannot lose what you do not have" provides the best possible fix. For my part, I've got 4.8M

Data breaches 343

Data breaches Encryption Identity Theft InfoSec 343

Javvad Malik

OCTOBER 29, 2020

I was reminded of this by Phil Cracknell who posted on linkedin that in his opinion the Kevin Costner, Whitney Houston classic, Bodyguard was the best infosec movie. This is a reminder to all security pros that they need to continually keep their skills up to date or risk becoming a dinosaur. Don’t believe me? Well read on.

CISO 246

CISO InfoSec Banking Technology 246

SecureWorld News

FEBRUARY 25, 2022

It also delivers robust benchmarking and insights to help you manage and mitigate user-driven phishing risks more effectively. A commissioned survey of 600 InfoSec and IT professionals across those same seven countries. Volumes and impacts organizations dealt with related to socially engineered attacks in 2021.

Phishing 80

Phishing Risk Security Awareness Social Engineering 80

Security Boulevard

OCTOBER 30, 2022

Rafal Los, host of the popular Down the Security Rabbithole Podcast, joins us to discuss CISO liability risk and the ongoing discussion in the cybersecurity community about CISOs going to jail. The post CISO Liability Risk and Jail Time, (ISC)2 Bylaw Vote and the Value of Cybersecurity Certifications appeared first on Security Boulevard.

CISO 97

CISO Risk Cybersecurity Data privacy 97