Information Management Today

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

The Last Watchdog

JANUARY 2, 2024

In today’s digital landscape, organizations face numerous challenges when it comes to mitigating cyber risks. Related: How AI is transforming DevOps The constant evolution of technology, increased connectivity, and sophisticated cyber threats pose significant challenges to organizations of all sizes and industries.

Risk

Risk Security awareness Education Compliance

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

The Last Watchdog

OCTOBER 5, 2023

Acohido to share his ideas about the current cyber threat landscape, the biggest threats for businesses today, the role of AI and machine learning in cyberattacks and cyberdefence, and the most effective methods for companies to protect themselves. Byron is the founder and editor-in-chief of The Last Watchdog on Privacy & Security.

Cybersecurity

Cybersecurity Privacy Cloud IoT

Scanning for Flaws, Scoring for Security

Krebs on Security

DECEMBER 12, 2018

Is it fair to judge an organization’s information security posture simply by looking at its Internet-facing assets for weaknesses commonly sought after and exploited by attackers, such as outdated software or accidentally exposed data and devices? the security posture of vendor partners). How useful is such a score?

Security

Security Energy and Utilities Risk Data breaches

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

Every NHS Trust assessed for cyber resilience has failed on-site assessment

IT Governance

FEBRUARY 7, 2018

200 NHS Trusts assessed for cyber security vulnerabilities have failed to achieve the basic security recommendations, a Public Accounts Committee has heard. In every case, the Trusts failed to achieve a passing grade. In every case, the Trusts failed to achieve a passing grade.

Compliance

Compliance Ransomware Government Security

What are the best books on information security?

IT Governance

FEBRUARY 27, 2019

As the risk of suffering a data breach continues to increase, information security has become a critical issue for all organisations – especially as the GDPR prescribes large administrative fines for organisations that fail to appropriately secure the personal data they process. Originally published 29 November 2017.

Information Security

Information Security Security Risk Government

Data breaches and cyber attacks in 2021: 5.1 billion breached records

IT Governance

JANUARY 20, 2022

Welcome to our review of security incidents for 2021, in which we take a closer look at the information gathered in our monthly list of data breaches and cyber attacks. IT Governance discovered 1,243 security incidents in 2021, which accounted for 5,126,930,507 breached records. How security incidents occurred.

Data breaches

Data breaches Ransomware Phishing Government

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Data Matters

JUNE 24, 2021

The SEC is considering enhancing its disclosure rules concerning cybersecurity risk governance and has indicated a target release date of October 2021. 5 The Guidance underscores the SEC’s focus on cybersecurity disclosure obligations of public companies and their underlying disclosure controls, procedures, and certifications.

Cybersecurity

Cybersecurity Financial Services Risk Compliance

Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company

Security Affairs

SEPTEMBER 30, 2018

Estonian sues Gemalto for 152 million euros following the security flaws in the citizen ID cards issued by the company that caused their recall in 2017. Estonian authorities sue the security firm Gemalto for 152 million euros following the security flaws in the citizen ID cards issued by the company that caused their recall in 2017.

Manufacturing

Manufacturing Government Security Risk

A Guide to Key Management as a Service

Thales Cloud Protection & Licensing

JUNE 15, 2023

A Guide to Key Management as a Service madhav Thu, 06/15/2023 - 11:29 As companies adopt a cloud-first strategy and high-profile breaches hit the headlines, securing sensitive data has become a paramount business concern. The most effective way to ensure data security is through encryption and proper key management.

Encryption

Encryption Compliance Cloud Authentication

How to Extend Security Across Your Kubernetes Infrastructure

Security Affairs

JULY 15, 2020

How to enhance the security across a Kubernetes Infrastructure and mitigate the risk of cyber attacks. The security risks surrounding containers are well-known. Indeed, the problem is that the Kubernetes infrastructure itself presents its own security risks. By David Bisson.

Security

Security Risk Access Cloud

Enterprise Secrets Management Explained: Best Practices, Challenges, and Tool Selection

Thales Cloud Protection & Licensing

AUGUST 16, 2023

Enterprise Secrets Management Explained: Best Practices, Challenges, and Tool Selection madhav Thu, 08/17/2023 - 06:28 Whether hosted in the cloud or on-premises, modern applications and integrations have accelerated the need for digital secrets. This includes sensitive data such as passwords, encryption keys, APIs, tokens, and certificates.

Encryption

Encryption Cloud Data breaches Passwords

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

Although the AG’s view was that the SCCs are valid, he suggested that those using them would need to examine the national security laws of the data importer’s jurisdiction to determine whether they can in fact comply with the terms of the SCCs. He also raised serious doubts over the validity of the Privacy Shield. Conquer the world!

Privacy

Privacy GDPR Data breaches Risk

Part 1: OMG! Not another digital transformation article! Is it about understanding the business drivers?

ARMA International

SEPTEMBER 13, 2021

This 3-part series will discuss digital transformation (DT) from several perspectives. This includes defining the product scope of the DT journey and the digital products and services that will deliver transformative change for a new future. Part 3 will discuss how to manage the various DT risks.

Digital transformation

Digital transformation Blockchain IT Computer and Electronics

The Privacy Officers’ New Year’s Resolutions

Data Protection Report

JANUARY 6, 2020

Although the AG’s view was that the SCCs are valid, he suggested that those using them would need to examine the national security laws of the data importer’s jurisdiction to determine whether they can in fact comply with the terms of the SCCs. He also raised serious doubts over the validity of the Privacy Shield. Conquer the world!

Privacy

Privacy GDPR Data breaches Risk

Cybersecurity Risks of 5G – And How to Control Them

eSecurity Planet

SEPTEMBER 1, 2021

Consumers and organizations are enthused about the operational benefits of more robust mobile connectivity, but the shift to 5G networks doesn’t come without risks. Here we’ll discuss the most significant risks posed by 5G, how U.S. Table of Contents What Are the Cybersecurity Risks of 5G? How is 5G Different?

Risk

Risk Cybersecurity IoT Computer and Electronics

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

After breaches like SolarWinds, companies pledge to improve their digital hygiene. Mike notes how some basic rules of physical hygiene that can slow the spread of COVID-19 can also map into the digital world. Using older software within your own software always carries risk. Are we prepared for a digital pandemic as well?

IT

IT Manufacturing Government Paper

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

After breaches like SolarWinds, companies pledge to improve their digital hygiene. Mike notes how some basic rules of physical hygiene that can slow the spread of COVID-19 can also map into the digital world. Using older software within your own software always carries risk. Are we prepared for a digital pandemic as well?

IT

IT Manufacturing Government Paper

SHARED INTEL: Study shows mismanagement of ‘machine identities’ triggers $52 billion in losses

The Last Watchdog

APRIL 14, 2020

In one sense, digital transformation is all about machines. As a result, the way in which they connect and authorize communication makes them a primary security risk for organizations. And, cyber criminals, no surprise, are taking full advantage. Hudson: The world as we once knew it is becoming digitalized.

Digital transformation

Digital transformation Passwords Retail IoT

17 January Weekly podcast: US government websites, Liberia DDoS attacker and no-deal Brexit

IT Governance

JANUARY 17, 2019

This week, we discuss how the US government shutdown is affecting federal websites’ security, the sentencing of a man who knocked Liberia’s Internet offline with a botnet, and what a no-deal Brexit means for data protection. Far better to restrict users’ access than leave them open to the risk of man-in-the-middle attacks.

Government

Government GDPR Personal data Information Security

Weekly podcast: US Defense Department, MOD and NHS

IT Governance

OCTOBER 18, 2018

The department is continuing to assess the risk of harm and will ensure notifications are made to affected personnel,” he continued. Cyber security is a concern for all governments. No other details were made available and the vendor was not named. Still, this breach is at least relatively minor compared to previous incidents.

Data breaches

Data breaches Military Government Information Security

Keep your professional services firm’s papers under wraps for GDPR compliance

IT Governance

APRIL 18, 2018

Under the EU’s General Data Protection Regulation (GDPR), aggrieved data subjects can sue firms for failing to secure their personal data properly. When you consider the scale of the new fines, the recent surge in data security incidents affecting professional services firms is sobering.

GDPR

GDPR Compliance Paper Data breaches

The Hacker Mind Podcast: Going Passwordless

ForAllSecure

JANUARY 19, 2022

Is there something more secure? Simon Moffatt from CyberHut joins The Hacker Mind to discuss how identity and access management (IAM) is fundamental to everything we do online today, and why even multi-factor access, while an improvement, needs to yield to more effortless and more secure passwordless technology that’s coming soon.

Passwords

Passwords Authentication Access Data breaches

Black Hat insights: How to shift security-by-design to the right, instead of left, with SBOM, deep audits

The Last Watchdog

AUGUST 5, 2021

There is a well-established business practice referred to as bill of materials, or BOM, that is a big reason why we can trust that a can of soup isn’t toxic or that the jetliner we’re about to board won’t fail catastrophically. In short, cyber criminals are essentially exploiting weak SBOMs. Catching a runaway train.

Security

Security Manufacturing Libraries Digital transformation

Information Management Today

GUEST ESSAY: Leveraging DevSecOps to quell cyber risks in a teeming threat landscape

SHARED INTEL Q&A: My thoughts and opinions about cyber threats — as discussed with OneRep

Webinars

Trending Sources

Scanning for Flaws, Scoring for Security

Webinars

Every NHS Trust assessed for cyber resilience has failed on-site assessment

What are the best books on information security?

Data breaches and cyber attacks in 2021: 5.1 billion breached records

SEC Announces Settled Charges Against First American for Cybersecurity Disclosure Controls Failures – Lessons Learned

Estonia sues Gemalto for 152M euros over flaws in citizen ID cards issued by the company

A Guide to Key Management as a Service

How to Extend Security Across Your Kubernetes Infrastructure

Enterprise Secrets Management Explained: Best Practices, Challenges, and Tool Selection

The Privacy Officers’ New Year’s Resolutions

Part 1: OMG! Not another digital transformation article! Is it about understanding the business drivers?

The Privacy Officers’ New Year’s Resolutions

Cybersecurity Risks of 5G – And How to Control Them

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

SHARED INTEL: Study shows mismanagement of ‘machine identities’ triggers $52 billion in losses

17 January Weekly podcast: US government websites, Liberia DDoS attacker and no-deal Brexit

Weekly podcast: US Defense Department, MOD and NHS

Keep your professional services firm’s papers under wraps for GDPR compliance

The Hacker Mind Podcast: Going Passwordless

Black Hat insights: How to shift security-by-design to the right, instead of left, with SBOM, deep audits

Stay Connected