Communications, Education, Exercises and Security

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

With many employees now working remotely, securing company data isn’t as straightforward as it used to be. International workforces can be an excellent way to find top talent, but they can introduce unique security risks. Countries have different data security laws, and these can get in the way of one another. Unsecured Wi-Fi.

Communications

Communications Cybersecurity GDPR Risk

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

PingPull, was first spotted by Unit 42 in June 2022, the researchers defined the RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. Experts also found PingPull variants that use HTTPS and TCP for C2 communications instead of ICMP. org over port 8443 for C2.

Communications

Communications Military Government Libraries

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Hunton Privacy

JULY 5, 2022

The Cybersecurity Act amends certain provisions of the Homeland Security Act of 2002. Department of Homeland Security (“DHS”) and state, local, tribal and territorial governments, as well as corporations, associations and the general public. 2520) (the “Cybersecurity Act”) and the Federal Rotational Cyber Workforce Program Act (S.

Cybersecurity

Cybersecurity Government Education Communications

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

How to create a cyber incident response plan when you have a hybrid workforce

IT Governance

SEPTEMBER 8, 2021

That made planning for disruptions comparatively straightforward: you knew where everyone was located, you had complete visibility over your threat landscape and you could communicate with everyone directly. Protect your communication channels. Educate employees on their responsibilities. But hybrid working complicates that.

Communications

Communications Risk Education Compliance

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

Securities and Exchange Commission (SEC) strongly advised public companies to improve their cybersecurity. While the new security proposals have not yet become law, cybersecurity managers can begin to prepare metrics and audits that will not only help comply with those laws, but can also help create positive change now.

Cybersecurity

Cybersecurity Compliance Risk Communications

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

Among the organizations that have designated a DPO, the most represented sectors are, unsurprisingly, the public administration, education and health sectors. the detail of the CNIL online DPO designation form and information to be communicated to the CNIL in that respect. The Guide is composed of four main Parts : I.

GDPR

GDPR Compliance Personal data Communications

Spear Phishing Prevention: 10 Ways to Protect Your Organization

eSecurity Planet

AUGUST 23, 2023

Individuals and organizations should prioritize security awareness training, implement email security measures, and encourage vigilance when dealing with unusual or urgent requests. In order to send a message, they could be using spoof email addresses, making use of compromised accounts, or exploiting weak security measures.

Phishing

Phishing Authentication Security awareness Passwords

How to implement data governance

Collibra

NOVEMBER 20, 2020

Establish communications, and deliver education to consumers to find, utilize, and trust data. If you need a cost justification exercise, it should be done outside of the strategy so as not to delay the development of the strategy. Detailed process definition and technology education should be a roadmap step.

Government

Government Education Communications Metadata

Watch out for scams as Brexit confusion intensifies

IT Governance

OCTOBER 23, 2019

Brexit is clearly a pressing issue for many organisations, but we urge you to exercise caution whenever you receive communications out of the blue relating to the UK’s departure from the EU. See also: Government surveys further education providers before Brexit.

Phishing

Phishing Security awareness Education Personal data

Ways to Develop a Cybersecurity Training Program for Employees

Security Affairs

APRIL 15, 2022

Cybersecurity experts would have you believe that your organization’s employees have a crucial role in bolstering or damaging your company’s security initiatives. Now is the moment to train your personnel on security best practices, if you haven’t already. Customize Your Security Training.

Cybersecurity

Cybersecurity Data Privacy Data breaches Privacy

7 Best Email Security Software & Tools in 2023

eSecurity Planet

OCTOBER 6, 2023

That makes email security software a worthwhile investment for organizations of all sizes. We analyzed the market for email security tools and software to arrive at this list of 7 top email security solutions, including their standout features, limitations and ideal use cases, followed by issues prospective buyers should consider.

Security

Security Phishing Compliance Cybersecurity

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

KnowBe4

APRIL 4, 2023

But, according to security researchers at Abnormal Security, cybercriminals are becoming brazen and are taking their shots at very large prizes. According to Abnormal Security, nearly every aspect of the request looked legitimate. This attack begins with a case of VEC – where a domain is impersonated.

Phishing

Phishing Security awareness Cybersecurity Education

Spanish Senate signs-off new GDPR-compliant Data Protection Act

DLA Piper Privacy Matters

NOVEMBER 21, 2018

An additional right/duty “blocking right”, following the exercise of a rectification or erasure, is formally added to the ones already in the GDPR. Establishes specific criteria for applying data security measures and authorizes the Spanish Data Protection Commissioner to establish the security standards for personal data.

GDPR

GDPR Personal data Access Education

Hackers exploit coronavirus fears as cyber attacks soar

IT Governance

MARCH 17, 2020

Cyber security experts have found that the 2019 novel coronavirus (COVID-19) has led to a surge in phishing scams , with both individuals and organisations at risk. Although exercising caution is never a bad idea, it’s important to note that these are unprecedented times and there will be unusual but legitimate requests.

Phishing

Phishing Risk Communications Government

Top 12 Firewall Best Practices to Optimize Network Security

eSecurity Planet

DECEMBER 10, 2023

The consistent implementation of firewall best practices establish a strong defense against cyber attacks to secure sensitive data, protect the integrity and continuity of business activities, and ensure network security measures function optimally. Choose a centralized platform that is interoperable with several firewall suppliers.

Security

Security Education Access Risk

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

You must tell people when you’re collecting their personal information to give them the opportunity to exercise their data subject rights. This will typically cover public authorities such as government departments, schools and other educational institutions, hospitals and the police. Make sure people know they’re being recorded.

GDPR

GDPR Privacy Retail Personal data

Break Down Information Silos With Cloud Storage and File Sharing

OneHub

AUGUST 17, 2021

Educate them on the issues that information silos are causing within your organization, and lay out the steps you plan to take to heal these divisions by increasing communication and cooperation. Online storage platforms provide secure cloud servers that keep your data safe while making it more accessible to employees.

Cloud

Cloud File names Access Education

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

SaaS security checklists are frameworks for protecting data and applications in cloud-based environments. They serve as benchmarks for upholding strong security requirements, evaluating existing tools, and assessing potential solutions. We’ve designed a customizable template to help you develop your own SaaS security checklist.

Security

Security Compliance Cybersecurity Communications

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Network security architecture is a strategy that provides formal processes to design robust and secure networks. Effective implementation improves data throughput, system reliability, and overall security for any organization. Network Elements Networks connect physical and virtual assets and control the data flow between them.

Security

Security Cloud Cybersecurity Risk

If You’re a Cloud Provider or Consumer, Consider These Guidelines on How to Conduct Yourself in Europe: eDiscovery Best Practices

eDiscovery Daily

NOVEMBER 26, 2017

While we were preparing to eat turkey and stuff ourselves with various goodies last week, the Cloud Security Alliance (CSA) provided an important guideline for compliance with the European Union General Data Protection Regulation (GDPR).

Cloud

Cloud GDPR Personal data Compliance

5 things HR departments need to know about data protection

IT Governance

OCTOBER 7, 2019

This will typically cover public authorities such as government departments, schools and other educational institutions; hospitals; and the police. As with employee data, you must explain both your lawful basis for processing and how applicants can exercise their data subject rights. Get your team on the same page.

GDPR

GDPR Personal data Compliance Communications

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

Businesses cannot discriminate against a consumer for exercising their rights. Consumers must submit a VCR to exercise their rights and business must respond within 45 days. Chief Information Security Officer (CISO) to manage access to data and technical aspects of the program. Is the data secure? Right to equal service.

Data Privacy

Data Privacy Privacy Government Compliance

What’s It Like to Join a Startup’s Executive Team?

Lenny Zeltser

JUNE 7, 2017

I joined this young endpoint security company as VP of Products not too long ago (and I’m loving it). Engaging in this exercise forces you to ask tough questions about yourself. For more on this, see my Questions for Endpoint Security Startups post.). External Communication.

IT

IT Marketing Sales Communications

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

Alternatively, a business can comply by respecting consumers’ preferences communicated through a cross-platform global privacy control that meets technical specifications set forth in regulations. The CPRA creates a new category of information called “sensitive personal information.” Restrictions on the Use of Precise Geolocation Information.

Privacy

Privacy B2B Sales Data breaches

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

On November 14, 2013, the Minister of the Malaysian Communications and Multimedia Commission (the “Minister”) announced that Malaysia’s Personal Data Protection Act 2010 (the “Act”) would be going into effect as of November 15, marking the end of years of postponements.

Personal data

Personal data Marketing Communications Insurance

What Role Government?

John Battelle's Searchblog

NOVEMBER 4, 2011

I focus on the US for this exercise, as I am writing from my own experience. Delivery/Communication. Or when people actually believed that they could retire on the government-mandated benefits of Social Security? I’d be very interested in responses from those living in other countries). Healthcare.

Government

Government Education Military Communications

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

During the week of October 4, 2021, California Governor Gavin Newsom signed into law bills amending the California Privacy Rights Act of 2020 (“CPRA”), California’s data breach notification law and California’s data security law. Genetic Data: California Data Breach Notification and Data Security Law Amendment Bill.

Privacy

Privacy Insurance Security Data breaches

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

Data Matters

SEPTEMBER 24, 2019

Security : Appropriate technical and organizational measures must be taken against unauthorized or unlawful processing of personal data and against accidental loss, destruction of, or damage to personal data. Necessity : Personal data must be adequate, relevant and necessary in relation to the purposes for which they are processed.

Personal data

Personal data GDPR Data Privacy Privacy

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

DLA Piper Privacy Matters

APRIL 23, 2020

These are defined as “decisions that result in the provision or denial of financial and lending services, housing, insurance, education enrollment, criminal justice, employment opportunities, health care services, or access to basic necessities such as food and water, or that impact civil rights of individuals.”

Privacy

Privacy Government Insurance IT

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

In a few minutes I’m going to talk to a pentester who’s written a book that can help take your current skills as a sys admin and security engineer and turn them into skills needed to become a great digital pentester. You want to see if they can penetrate your security, and cause it to break in some way. I mean really?

Security

Security IT Education Communications

The Hacker Mind Podcast: So You Want To Be A Pentester

ForAllSecure

FEBRUARY 23, 2021

In a few minutes I’m going to talk to a pentester who’s written a book that can help take your current skills as a sys admin and security engineer and turn them into skills needed to become a great digital pentester. You want to see if they can penetrate your security, and cause it to break in some way. I mean really?

Security

Security IT Education Communications

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

It’s time to rethink your security stack and priorities. Security and privacy are more than just adding on to what you have historically done: It’s a constant re-evaluation of your approach, where nothing is sacred except for the data you are entrusted to protect. You almost certainly need a chief information security officer (CISO).

Encryption

Encryption Cloud Privacy GDPR

Intro to phishing: simulating attacks to build resiliency

Security Affairs

APRIL 21, 2023

Email security provider Proofpoint’s 2023 State of the Phish report reflects an ever-escalating financial loss attributed to phishing attacks but also highlights the importance of how appropriate end-user behavior greatly reduces organizational impacts arising from them.

Phishing

Phishing Security awareness Passwords Education

Cybersecurity Awareness Month: The value of cyber hygiene in protecting your business from potential ransomware

Thales Cloud Protection & Licensing

SEPTEMBER 30, 2021

The line between our online and offline lives is blurring and in a highly interconnected world, societal well-being, economic prosperity, and national security are impacted by the internet. Attackers are also targeting critical sectors like education and healthcare. BeCyberSmart.”. Can good cyber hygiene protect us from ransomware?

Ransomware

Ransomware Cybersecurity Encryption Education

Operationalizing responsible AI principles for defense

IBM Big Data Hub

FEBRUARY 22, 2024

Artificial intelligence (AI) is transforming society, including the very character of national security. AI literacy is a must-have for security It’s important that personnel know how to deploy AI to improve organizational efficiencies. These are table stakes for the DoD or any government agency.

Artificial Intelligence

Artificial Intelligence Metadata Military Government

What it Takes to Be Your Organisation’s DPO or Data Privacy Lead

IT Governance

DECEMBER 6, 2023

As privacy professionals, we see consumers exercising their rights to withdraw consent to their data being processed via ‘opt out’ or ‘unsubscribe’ buttons, for example. Having one or more of the following can significantly help with this: An ISO 27001 ISMS (information security management system). ‘GDPR’ has become a familiar term.

Data Privacy

Data Privacy Privacy GDPR IT

Craig Ball of Craig D. Ball, PC: eDiscovery Trends 2018

eDiscovery Daily

MARCH 25, 2018

A frequent court appointed special master in electronic evidence, Craig is a prolific contributor to continuing legal and professional education programs throughout the United States, having delivered over 2,000 presentations and papers. Mobile serves as their principal means to access online resources, business resources, and communicate.

e-Discovery

e-Discovery Computer and Electronics Blockchain IoT

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

KnowBe4

JULY 5, 2023

But I don't think an attack of such magnitude as the one identified by security researchers at Internet security monitoring vendor Bolster. This latest impersonation campaign makes the case for ensuring users are vigilant when interacting with the web – something accomplished through continual Security Awareness Training.

Phishing

Phishing Security awareness Passwords Computer and Electronics

The Hacker Mind Podcast: Tales From A Ransomware Negotiator

ForAllSecure

MAY 30, 2023

Mark Lance, the VP of DFIR and Threat intelligence for GuidePoint Security, provides The Hacker Mind with stories of ransomware cases he’s handled. ” Over the next few weeks, chats from encrypted Telegram, and other communications were leaked. Say you’re an organization that’s been hit with ransomware.

Ransomware

Ransomware Encryption Authentication Communications

The debate on the Data Protection Bill in the House of Lords

Data Protector

OCTOBER 11, 2017

Where the Information Commissioner gives notices to data controllers, she can now secure compliance, with the power to issue substantial administrative penalties of up to 4% of global turnover. How then will we secure adequacy without adhering to the charter? Where she finds criminality, she can prosecute.

GDPR

GDPR Personal data Government IT

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

DLA Piper Privacy Matters

MARCH 4, 2021

Security vulnerabilities including hacking, unauthorised access, malware, phishing and ransomware attacks totalled 462 breach notifications. The DPC recommends that organisations: undertake periodic reviews of their IT security measures; implement a comprehensive training plan for employees; and. Enforcement. Data Protection Officers.

GDPR

GDPR Compliance Data breaches Marketing

Working internationally

CILIP

NOVEMBER 7, 2020

Everywhere we went we stressed the crucial value of digital provision, access and communications. To reach remote communities and all generations, the British Council must help the delivery of digital information, learning and communications. This is a good example of how the British Council exercises ?soft soft power?

Libraries

Libraries e-Delivery Government Communications

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

NOVEMBER 28, 2018

Both were well-equipped to teach, test and train individuals ranging from teen-agers and non-technical adults, to working system administrators and even seasoned tech security pros. Veterans have an inclination to continually defend their country, and many have security clearances, he says. “We Human scale advances.

Cybersecurity

Cybersecurity Systems administration Military Manufacturing

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Data Matters

JANUARY 24, 2020

Securities and Exchange Commission’s (SEC) Office of Compliance Inspections and Examinations (OCIE) and the Financial Industry Regulatory Authority (FINRA) recently published their examination priorities (together, the Examination Priorities) for the 2020 calendar year. Information Security .

Cybersecurity

Cybersecurity Retail Compliance Marketing

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Webinars

Trending Sources

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Webinars

How to create a cyber incident response plan when you have a hybrid workforce

New SEC Cybersecurity Rules Could Affect Private Companies Too

France: The CNIL publishes a practical guide on Data Protection Officers

Spear Phishing Prevention: 10 Ways to Protect Your Organization

How to implement data governance

Watch out for scams as Brexit confusion intensifies

Ways to Develop a Cybersecurity Training Program for Employees

7 Best Email Security Software & Tools in 2023

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

Spanish Senate signs-off new GDPR-compliant Data Protection Act

Hackers exploit coronavirus fears as cyber attacks soar

Top 12 Firewall Best Practices to Optimize Network Security

Does your use of CCTV comply with the GDPR?

Break Down Information Silos With Cloud Storage and File Sharing

What Is a SaaS Security Checklist? Tips & Free Template

Network Security Architecture: Best Practices & Tools

If You’re a Cloud Provider or Consumer, Consider These Guidelines on How to Conduct Yourself in Europe: eDiscovery Best Practices

5 things HR departments need to know about data protection

5 learnings from the “Meeting the CCPA Challenge” webinar

What’s It Like to Join a Startup’s Executive Team?

California Privacy Law Overhaul – Proposition 24 Passes

Malaysian Data Protection Law Takes Effect

What Role Government?

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Assessing the Impact of the Barbados’ Proposed Data Protection Bill on the Barbadian Private Sector

US: In Washington State’s landmark facial recognition law, public sector practices come under scrutiny and regulation

The Hacker Mind Podcast: So You Want To Be A Pentester

The Hacker Mind Podcast: So You Want To Be A Pentester

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

Intro to phishing: simulating attacks to build resiliency

Cybersecurity Awareness Month: The value of cyber hygiene in protecting your business from potential ransomware

Operationalizing responsible AI principles for defense

What it Takes to Be Your Organisation’s DPO or Data Privacy Lead

Craig Ball of Craig D. Ball, PC: eDiscovery Trends 2018

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

The Hacker Mind Podcast: Tales From A Ransomware Negotiator

The debate on the Data Protection Bill in the House of Lords

Ireland: DPC Annual Report 2020: Enforcement & Transfers Dominate Agenda

Working internationally

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Stay Connected