Capitol Breach: Cybersecurity Lessons to Apply

Data Breach Today

Brian Honan: Security Professionals Can Take Action to Minimize Risks The physical breach of the U.S.

NEW TECH: Will ‘Secure Access Service Edge’ — SASE — Be the Answer to Secure Connectivity?

The Last Watchdog

Company networks have evolved rather spectacularly in just 20 years along a couple of distinct tracks: connectivity and security. And given a tangible network perimeter, cybersecurity evolved following the moat-and-wall principle. Related: The shared burden of securing the Internet of Things. Security, meanwhile, has morphed into a glut of point solutions that mostly serve to highlight the myriad gaps in an ever-expanding attack surface.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

SolarWinds Hires Chris Krebs to Reboot Its Cybersecurity

Data Breach Today

Hacked Firm Also Taps Former Facebook CSO as It Responds to Supply Chain Attack As security software firm SolarWinds investigates the supply chain attack involving its Orion software and looks to rebuild its security processes and reputation, it's hired former U.S.

State Department Plans to Create Cybersecurity Office

Data Breach Today

Department of State has announced plans to create a Bureau of Cyberspace Security and Emerging Technologies to enhance its security and help it deal with international cybersecurity issues. But Will the Move Be Carried Out Under Biden Administration? The U.S.

Mergers & Acquisitions: How to Handle Your Data feat. Oracle & Onna

Speaker: Lisa Ripley: Director of eDiscovery & Information Governance, Legal Operations at Oracle & Scott McVeigh: Senior Solutions Consultant, Onna

Lisa has a cybersecurity, investigative, legal, and technical background. Lisa holds the CISSP - Certified Information Systems Security Professional certification. Lisa frequently speaks on the topics of eDiscovery, Information Governance, and Cybersecurity.

Thinking of a Cybersecurity Career? Read This

Krebs on Security

Thousands of people graduate from colleges and universities each year with cybersecurity or computer science degrees only to find employers are less than thrilled about their hands-on, foundational skills.

Analysis: Permitting Cybersecurity Donations to Physicians

Data Breach Today

New regulatory provisions that allow healthcare systems to make donations of cybersecurity technology and services to physician practices could help greatly bolster security in the sector, says attorney Julie Kass of law firm Baker Donelson

Singapore Launches IoT Cybersecurity Labelling

Data Breach Today

Labels Will Indicate What Security Standards Products Meet Singapore has launched an IoT cybersecurity labelling program intended to improve the baseline security of internet-connected consumer products.

IoT 166

Cybersecurity Leaders Talk Tactics, Techniques, Challenges

Data Breach Today

The latest edition of the ISMG Security Report offers leadership lessons from Equifax CISO Jamil Farshchi and Mastercard's deputy CSO, Alissa "Dr. Also featured: An assessment of cybersecurity priorities for President-elect Joe Biden

Feds Issue Recommendations for Maritime Cybersecurity

Threatpost

Report outlines deep cybersecurity challenges for the public/private seagoing sector. Critical Infrastructure Government Vulnerabilities cybersecurity challenges federal recommendations maritime security seagoing sector white house report

Cybersecurity Firm McAfee Files for IPO

Data Breach Today

Separately, Ivanti Buys Security Firms MobileIron and Pulse Secure McAfee is set to become a public company once again, with the cybersecurity firm filing for an IPO with the U.S. Securities and Exchange Commission to trade under "MCFE" on the Nasdaq Stock Market.

A Cybersecurity Policy Agenda

Schneier on Security

The Aspen Institute’s Aspen Cybersecurity Group — I’m a member — has released its cybersecurity policy agenda for the next four years. Uncategorized cybersecurity national security policy reports risks

Cybersecurity Advice for the COVID-19 Era

Data Breach Today

CISA Adviser Joshua Corman Discusses Essential Steps Many healthcare organizations have under-resourced security teams, putting them at higher risk for cyber incidents during the COVID-19 pandemic that could result in patient harm, warns cybersecurity expert Joshua Corman

Vietnam's 'Cybersecurity' Law Says Little on Security

Data Breach Today

Law Focuses More on Fighting Anti-Government Speech On Wednesday, just days after a new "cybersecurity" law took effect, Vietnam alleged that Facebook has violated the law by allowing users to post anti-government comments on the platform. The so-called cybersecurity law actually speaks little about IT security measures

Survey: Cybersecurity Skills Shortage is ‘Bad,’ But There’s Hope

Threatpost

Automation, strategic process design and an investment in training are the keys to managing the cybersecurity skills gap, according to a recent survey from Trustwave.

AI and Cybersecurity

Schneier on Security

Ben Buchanan has written " A National Security Research Agenda for Cybersecurity and Artificial Intelligence." artificialintelligence attribution cybersecurity nationalsecuritypolicy reportsIt's really good -- well worth reading.

Cybersecurity Leadership: A Fresh Look at Fraud

Data Breach Today

CEOs and CISOs on Fraud Trends and Payment Security Threats COVID-19 accelerated everything else digital; why not fraud, too? In this latest CEO/CISO panel, cybersecurity leaders talk frankly about the pace and scale of new fraud schemes from business email compromise to card not present to insider risk

Cybersecurity's Automation Imperative

Data Breach Today

Censornet's Richard Walters on the Role of Autonomous Security With cybersecurity becoming ever more difficult to monitor and manage, and product and data overload triggering cyber fatigue among cybersecurity professionals, organizations must embrace more autonomous approaches, says Censornet's Richard Walters

Marriott Breach Takeaway: The M&A Cybersecurity Challenge

Data Breach Today

s GDPR privacy fine against hotel giant Marriott: During M&A, review an organization's cybersecurity posture before finalizing any acquisition. Because once a deal closes, you're fully responsible for data security - IT network warts and all

2021 Cybersecurity Trends: Bigger Budgets, Endpoint Emphasis and Cloud

Threatpost

Hacks IoT Malware Mobile Security Privacy Vulnerabilities Web Security 2021 Cybersecurity Trends 5G artificial intelligence Cloud Security Cloud Security Posture Management inbox attacks Insider threats machine learning mobile threats

Cloud 108

Cold Storage Firm Reports Cybersecurity Incident

Data Breach Today

Company Reportedly In Talks to Help With COVID-19 Vaccines A cold storage firm that was reportedly in talks to help in the effort to distribute COVID-19 vaccines filed a Securities and Exchange Commission document on Monday saying that it's dealing with a cybersecurity incident that affected its network.

Taking a Neighborhood Watch Approach to Retail Cybersecurity

Threatpost

Bugcrowd CTO Casey Ellis covers new cybersecurity challenges for online retailers.

Cybersecurity Plan for 2020 US Election Unveiled

Data Breach Today

CISA Describes Its Role as Security Facilitator The U.S. Cybersecurity Infrastructure and Security Agency has released its cybersecurity plan for the run-up to the 2020 presidential election, outlining the agency's role as a facilitator that will assist federal, state and local agencies in protecting critical election infrastructure

US House Passes IoT Cybersecurity Improvement Act

Security Affairs

House of Representatives passed the IoT Cybersecurity Improvement Act, a bill that aims at improving the security of IoT devices. House of Representatives last week passed the IoT Cybersecurity Improvement Act, a bill designed to improve the security of IoT devices.

IoT 104

Cybersecurity for the Midmarket

Data Breach Today

Global Cyber Alliance's Phil Reitinger Describes Efforts to Bolster SMB, Election Security In 2019, the Global Cyber Alliance debuted its toolkit to help small and midsized organizations bolster cybersecurity. How has the toolkit been received and refined? Phil Reitinger, who heads the alliance, discusses progress

Analysis: 2020 Cybersecurity Issues

Data Breach Today

The latest edition of the ISMG Security Report discusses 2020 cybersecurity trends, including fixing "fake everything," dealing with the issue of weaponized social media and securing the U.S. presidential election

BOOK REVIEW: ‘Security Yearbook’ preserves cybersecurity history — highlights tectonic shift

The Last Watchdog

Along with Richard Stiennon , I belong to a small circle of journalists and tech industry analysts who’ve been paying close attention to cybersecurity since Bill Gates curtailed commercial work on Windows to rivet Microsoft’s attention on defending its software code. Related: The role of PKI is securing digital transformation That was in 2002. Cybersecurity, which started with antivirus suites, spam filters and firewalls, has mushroomed into a $103 billion industry.

Analysis: Coronavirus Cybersecurity and Privacy Issues

Data Breach Today

The latest edition of the ISMG Security Report offers an analysis of cybersecurity and privacy issues raised by COVID-19 research efforts. Also featured: the latest ransomware trends and an investor's take on hot cybersecurity sectors

State Dept. to Create New Cybersecurity & Technology Agency

Dark Reading

Bureau of Cyberspace Security and Emerging Technologies (CSET) will serve as diplomatic arm for US cybersecurity interests

Biden to Appoint Cybersecurity Advisor to NSC – Report

Threatpost

Anne Neuberger will join the National Security Council, according to sources. Uncategorized Cybersecurity Federal government Joe biden NSA White House

Cybersecurity Firm Imperva Discloses Breach

Krebs on Security

based Imperva sells technology and services designed to detect and block various types of malicious Web traffic, from denial-of-service attacks to digital probes aimed at undermining the security of Web-based software applications. 20 about a security incident that exposed sensitive information for some users of Incapsula , the company’s cloud-based Web Application Firewall (WAF) product.

Building a Corporate Culture That Values Cybersecurity

Data Breach Today

Insights on Gauging an Organization's Security Maturity Level Corporate culture can have a big impact on an organization's ability to achieve cybersecurity objectives, says Jessica Barker, chair of ClubCISO, a private members forum for European information security leaders, who provides insights on gauging an organization's security maturity

Tom Kellermann: Post-Election Security Analysis

Data Breach Today

Cybersecurity Strategist Warns of Pre-Inauguration Nation-State Strikes The good news: U.S. election security measures seem to have worked. The bad news: Disinformation and misinformation campaigns continue.

Government Agencies Field More Cybersecurity Maturity Models

Data Breach Today

Pentagon and DOE Pitch Security Frameworks - But Should They Defer to NIST? The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls. But should they defer to the NIST Cybersecurity Framework instead

Virtual Summit Dives Into Healthcare Cybersecurity Issues

Data Breach Today

CISOs, Other Experts to Tackle Hot Topics, Including Challenges During COVID-19 Crisis How have the cybersecurity challenges facing healthcare organizations changed during the COVID-19 pandemic? Information Security Media Group's Healthcare Cybersecurity Virtual Summit, to be held on June 9 and replayed June 10 and 11, will provide insights

Congress Approves New DHS Cybersecurity Agency

Data Breach Today

Bill Creating Cybersecurity and Infrastructure Security Agency Awaits President's Signature The United States will soon officially have a single agency that takes the lead role for cybersecurity. The new Cybersecurity and Infrastructure Security Agency will have the same stature as other units within DHS

Bridging the Cybersecurity Skills Gap

Data Breach Today

The latest edition of the ISMG Security Report features Greg Touhill, the United States' first federal CISO, discussing how "reskilling" can help fill cybersecurity job vacancies. Plus, California considers tougher breach notification requirements; curtailing the use of vulnerable mobile networks

How Smaller Companies Can Set Cybersecurity Priorities

Data Breach Today

Consultant Nic Miller Highlights Critical Factors to Consider Small and midsize companies don't need to spend money on expensive security products, says cybersecurity consultant Nic Miller, but they must consider several critical factors as they devise their strategies

Cybersecurity Training Agency Breached After Phishing Attack

Adam Levin

The SANS Institute, a company that provides cybersecurity training and certification, announced that a data breach compromised the personally identifiable data of roughly 28,000 records. The post Cybersecurity Training Agency Breached After Phishing Attack appeared first on Adam Levin.

Cybersecurity During COVID-19

Schneier on Security

They are more vulnerable to attack simply because they are less secure. Employees working from home are going to save data on their own computers, where they aren't protected by the organization's security systems. Handing people VPN software to install and use with zero training is a recipe for security mistakes, but not using a VPN is even worse. During the past few weeks, NASA's Security Operations Center (SOC) mitigation tools have prevented success of these attempts.