Hunton Privacy

AUGUST 9, 2017

On August 4, 2017, the FTC published the third blog post in its “Stick with Security” series. As we previously reported , the FTC will publish an entry every Friday for the next few months focusing on each of the 10 principles outlined in its Start with Security Guide for Businesses.

IT 40

IT Security Systems administration Passwords 40

Hunton Privacy

OCTOBER 3, 2017

On September 29, 2017, the Federal Trade Commission published the eleventh blog post in its “Stick with Security” series. As previously reported , the FTC will publish an entry every Friday for the next few months focusing on each of the 10 principles outlined in its Start with Security Guide for Businesses.

IT 40

IT Security Paper Encryption 40

Security Affairs

MAY 12, 2022

. “The CSA—created in response to reports of increased activity against MSPs and their customers—provides specific guidance for both MSPs and customers aimed at enabling transparent discussions on securing sensitive data.” Improve security of vulnerable devices. Develop and exercise incident response and recovery plans.

Authentication 82

Authentication Cybersecurity Phishing Passwords 82

IT Governance

DECEMBER 20, 2022

Although there have still been a few surprises, with the death of Queen Elizabeth II and blazing heatwaves across the UK to name but two, it was a familiar year in the cyber security landscape. Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security.

Security 132

Security Data breaches Ransomware Military 132

IT Governance

APRIL 15, 2020

The video conferencing platform Zoom has been heavily criticised in recent weeks , amid a series of allegations related to its inadequate cyber security and privacy measures. It’s worth emphasising, then, that for all of Zoom’s security faults, the blame for this incident lies with users rather than the platform. Cyber attacks.

Security 124

Security Passwords Risk Phishing 124

Data Matters

FEBRUARY 6, 2019

The stolen information allegedly included names and identifying information, hashed passwords, security questions and answers, family information, Social Security numbers, lab results, health insurance information, doctor’s names, and medical conditions, among other things.

Data breaches 83

Data breaches Computer and Electronics Security Insurance 83

Krebs on Security

NOVEMBER 28, 2022

The Army told Reuters it removed an app containing Pushwoosh in March, citing “security concerns.” Reuters said the CDC likewise recently removed Pushwoosh code from its app over security concerns, after reporters informed the agency Pushwoosh was not based in the Washington D.C. THE PINCER TROJAN CONNECTION.

Government 248

Government Risk IT Marketing 248

IT Governance

JUNE 22, 2023

This data breach is the latest in a series of security concerns regarding machine learning tools. Does ChatGPT pose a cyber security risk? Cyber security experts currently sit somewhere between those parties. Indeed, these issues mirror the industry’s general concern about the way people view cyber security technology.

Passwords 98

Passwords Data breaches Risk Government 98

IT Governance

APRIL 4, 2024

A Springboard to Career Success CISM® (Certified Information Security Manager) is a globally recognised qualification that provides a good understanding of IT security with a management flavour. How is CISM different from general information security certifications? It’s not just technical training – it’s management training.

Information Security 116

Information Security Cloud Government Security 116

IT Governance

SEPTEMBER 8, 2021

Although it comes with huge logistical and financial benefits – plus it makes employees happier – it also creates new risks that organisations must plan for. In this blog, we take a look at some of the problems you will encounter and provide tips to help you address them. But hybrid working complicates that. Looking for more advice?

Communications 126

Communications Risk Education Compliance 126

Data Matters

JUNE 11, 2020

Securities and Exchange Commission’s (the SEC) examination and enforcement programs. The SEC has long warned of the risks of receiving MNPI from companies in which an individual or entity invests in other contexts. The broader MNPI enforcement landscape.

Risk 76

Risk Compliance Access IT 76

IT Governance

APRIL 20, 2020

With the coronavirus pandemic keeping us stuck inside and struggling to find ways to remain productive, now might be the perfect time to take an online cyber security training course. Let’s take a look at five of the best online courses for cyber security. Certified Cyber Security Foundation Training Course.

Security 80

Security GDPR Phishing Data breaches 80

Data Protection Report

NOVEMBER 8, 2023

Noticeably, covered entities are now subject to new requirements imposing heightened responsibilities on Chief Information Security Officers (“CISOs”) and more specific and prescriptive requirements in relation to governance, risk assessments, and notifications to the NYDFS.

Financial Services 111

Financial Services Cybersecurity Compliance Government 111

IT Governance

SEPTEMBER 20, 2018

The situation might seem hopeless, with cyber criminals outnumbering overworked and underfunded information security personnel, but there are plenty of ways you can improve your defences, even on a tight budget. Videos, blogs and podcasts. Green papers. This green paper explains each requirement and how you can comply.

Data breaches 71

Data breaches GDPR Security awareness Paper 71

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. MFA was also expressly named by both Microsoft and Mandiant as one of the most important recommendations to mitigate risk. The post U.S.

Cybersecurity 157

Cybersecurity Financial Services Authentication Government 157

IT Governance

APRIL 1, 2020

That means ensuring that you remain productive and – just as important – safe, both in terms of your organisation’s security posture and your mental wellbeing. In this blog, we discuss the importance of remaining calm in these stressful circumstances. How your mental health affects your organisation’s security hygiene.

Security 83

Security Data breaches Risk Passwords 83

IBM Big Data Hub

FEBRUARY 16, 2024

Breach and Attack Simulation (BAS) is an automated and continuous software-based approach to offensive security. Similar to other forms of security validation such as red teaming and penetration testing , BAS complements more traditional security tools by simulating cyberattacks to test security controls and provide actionable insights.

Cybersecurity 74

Cybersecurity Cloud Security IoT 74

Thales Cloud Protection & Licensing

APRIL 24, 2019

Ensuring that systems behave only how a designer intends is a central aspect of security. A security-enforcing system will take the context of available information measured against policy to determine whether an operation should be permitted or denied. MBSE and security engineering. Model-Based Systems Engineering.

Security 61

Security Military Communications Risk 61

IBM Big Data Hub

AUGUST 16, 2023

A red team engagement gives your blue team a chance to more accurately assess your security program’s effectiveness and make improvements. Find out about the benefits of red teaming, the differences between red and blue teams and what a purple team is in my previous blog post, “ Red teaming 101: What is red teaming?

Cybersecurity 54

Cybersecurity Security Access Risk 54

Thales Cloud Protection & Licensing

JANUARY 28, 2020

An extension of the celebration for Data Protection Day in Europe, Data Privacy Day functions as the signature event of the National Cyber Security Centre’s ongoing education and awareness efforts surrounding online privacy. With the above in mind, it’s worth a discussion about specific security controls in greater detail…. Encryption.

Data Privacy 150

Data Privacy Privacy Encryption Unstructured data 150

IT Governance

JULY 13, 2023

Red team cyber security assessments are a crucial way of giving organisations a practical understanding of their defence capabilities. In these exercises, the red team faces off against their counterparts, the blue team, in a battle to control a particular asset. What is a red team?

Phishing 96

Phishing Passwords Communications Security 96

IBM Big Data Hub

OCTOBER 10, 2023

Cyber risk is preeminent in today’s threat landscape, and that includes attacks on the software supply chain. These are referred to as supply chain risks, and they include vulnerable code that may be included from open source or third parties.

Cloud 73

Cloud Financial Services Compliance Risk 73

The Last Watchdog

DECEMBER 20, 2022

According to Forrester, 47 percent of Californian online adults have exercised their CCPA right to ask companies to stop selling their data, while 30 percent have asked companies to delete their data. Her research focuses on compliance with data protection rules, privacy as a competitive differentiator, ethics, and risk management.

Privacy 145

Privacy Risk Government Compliance 145

eSecurity Planet

NOVEMBER 6, 2023

The past week has been a busy one for cybersecurity vulnerabilities, with 34 vulnerable Windows drivers and four Microsoft Exchange flaws heading a long list of security concerns. The Problem: Three flaws discovered by the Kubernetes security community carry CVSS severity scores of 7.6 CVE-2022-4886 (Path Sanitization Bypass): This 8.8-level

Ransomware 112

Ransomware Authentication Cybersecurity Education 112

Data Matters

APRIL 6, 2022

Securities and Exchange Commission (SEC) Division of Enforcement (EXAMS or Division) issued its annual examination priorities. On March 30, 2022, the U.S. RIA examinations will focus on revenue sharing arrangements, share class selection, and recommendations of wrap fee accounts and proprietary products.

Retail 88

Retail Compliance Sales Risk 88

CGI

JULY 23, 2019

As reflected in the CGI Client Global Insights , there is a strong link between digital transformation and protecting the organization, as greater use of digital technology in critical value chains opens up new cyber risks. As a result, weak practices persist in undermining security and exposing assets to significant risk.

Government 49

Government Cybersecurity Digital transformation Compliance 49

Data Matters

JULY 8, 2019

Ensuring that a company is properly prepared for and responds to privacy and cyber security threats is a key corporate governance responsibility for directors and senior officers. Carry out a gap assessment of existing cyber security policies and procedures against information security regulatory requirements in the EU, US and elsewhere.

GDPR 74

GDPR Privacy Data breaches Risk 74

Data Matters

DECEMBER 1, 2021

4 Although the Letter does not rescind these interpretative letters, it indicates that before exercising any of the authorities articulated in those letters, a Bank will need to obtain specific approval tied to the OCC’s assessment of the Bank’s ability to engage in the activity in a safe and sound manner. The post U.S.

Compliance 88

Compliance Risk Insurance Sales 88

Data Protection Report

JUNE 17, 2020

The opinion suggested that parties using the SCCs need to make an assessment of whether the national security, communication and surveillance laws of the country of the data importer are “essentially equivalent” to those in the EU, i.e. they respects privacy rights and freedoms, provide effective remedies, etc.

Personal data 119

Personal data Communications Access GDPR 119

IBM Big Data Hub

JANUARY 22, 2024

The only data processing activities exempt from the GDPR are national security or law enforcement activities and purely personal uses of data. Organizations with less than 250 employees must keep records if they process highly sensitive data, process data regularly or process data in a way that poses a significant risk to data subjects.

GDPR 80

GDPR Compliance Personal data Privacy 80

IT Governance

NOVEMBER 16, 2018

This week, we discuss a Bank of England cyber resilience exercise, the latest cyber security news from the US Office of Personnel Management, the highlights of this month’s Patch Tuesday, and a surprising admission by a Japanese cyber security minister. Here are this week’s stories.

Encryption 58

Encryption Risk Passwords Government 58

Security Affairs

APRIL 14, 2022

While the targeting of any operational environments using this toolset is unclear, the malware poses a critical risk to organizations leveraging the targeted equipment. Have a cyber incident response plan, and exercise it regularly with stakeholders in IT, cybersecurity, and operations. ” reads the analysis published by Mandiant.

Passwords 116

Passwords Communications Cybersecurity Access 116

CGI

FEBRUARY 14, 2017

10 measures for good IT security governance. Too often we see organizations implement technical security safeguards, but fail to implement proper security policies or procedures. As a result, weak practices persist that undermine security and expose assets to significant risk. harini.kottees….

Government 40

Government IT Security Digital transformation 40

AIIM

JANUARY 17, 2018

You might also be interested in: Mitigate Data Privacy and Security Risks with Machine Learning. The Privacy and Security Dichotomy. While there may be many dimensions to consider from a GDPR readiness perspective there are three steps that are particularly important in order to manage risk and ensure compliance.

GDPR 83

GDPR Compliance Data collection Privacy 83

IT Governance

NOVEMBER 21, 2019

UK organisations are overlooking the importance of cyber security staff awareness training, instead investing in expensive and unnecessary technologies, a VMware and Forbes Insight study has found. So, why are businesses trapped in this cycle of investing in cyber security solutions they don’t need? Same solutions, same results.

Security 73

Security Information Security Government Security awareness 73

Security Affairs

APRIL 15, 2022

Cybersecurity experts would have you believe that your organization’s employees have a crucial role in bolstering or damaging your company’s security initiatives. Now is the moment to train your personnel on security best practices, if you haven’t already. Customize Your Security Training.

Cybersecurity 74

Cybersecurity Data Privacy Data breaches Privacy 74

IT Governance

APRIL 2, 2019

Anyone with an interest in information security will have encountered ISO 27001 , the international standard that describes best practice for an ISMS (information security management system). It’s a supplementary standard that provides advice on how to implement the security controls listed in Annex A of ISO 27001.

Information Security 89

Information Security Compliance Risk Security 89