Data Matters

MARCH 4, 2022

On February 9, 2022, the U.S. Securities and Exchange Commission (SEC) proposed comprehensive rules for registered advisers and funds. Among other things, these rules will require advisers and funds to implement written policies and procedures designed to address cybersecurity risks, report significant cybersecurity incidents to the SEC within 48 hours using a proposed form, and keep enumerated cybersecurity-related books and records.

Cybersecurity 158

Cybersecurity Risk Privacy Security 158

eSecurity Planet

MARCH 4, 2022

The U.S. National Security Agency (NSA) released comprehensive network security guidance on March 3, on the same day that the Cybersecurity and Infrastructure Security Agency (CISA) released its longest-ever list of exploited vulnerabilities. With organizations around the world on heightened alert in the wake of Russia’s unprovoked war against Ukraine, government agencies have stepped up efforts too.

Security 141

Security Authentication Cybersecurity Encryption 141

Schneier on Security

MARCH 4, 2022

Researchers have found a major encryption flaw in 100 million Samsung Galaxy phones. From the abstract: In this work, we expose the cryptographic design and implementation of Android’s Hardware-Backed Keystore in Samsung’s Galaxy S8, S9, S10, S20, and S21 flagship devices. We reversed-engineered and provide a detailed description of the cryptographic design and code structure, and we unveil severe design flaws.

Encryption 119

Encryption Security IT Paper 119

Dark Reading

MARCH 4, 2022

Nearly 65% of security operations center (SOC) analysts are likely to change jobs in the next year, survey shows.

Security 137

Security 137

Speaker: Maher Hanafi, VP of Engineering at Betterworks & Tony Karrer, CTO at Aggregage

Executive leaders and board members are pushing their teams to adopt Generative AI to gain a competitive edge, save money, and otherwise take advantage of the promise of this new era of artificial intelligence. There's no question that it is challenging to figure out where to focus and how to advance when it’s a new field that is evolving everyday. 💡 This new webinar featuring Maher Hanafi, VP of Engineering at Betterworks, will explore a practical framework to transform Generative AI pr

Artificial Intelligence

Data Protection Report

MARCH 4, 2022

On February 9, 2022, the U.S. Securities and Exchange Commission (“SEC”) released a proposal aimed at enhancing cybersecurity risk management programs, including cybersecurity preparedness and response, for registered investment advisers (“advisers”), investment companies and business development companies (“funds”). Overall, the proposal addresses the following rule amendments and additions: Cybersecurity Policies and Procedures.

Cybersecurity 105

Cybersecurity Risk Compliance Access 105

Security Affairs

MARCH 4, 2022

Russian government released a list containing IP addresses and domains behind DDoS attacks that hit Russian infrastructure after the invasion. While the conflict on the battlefield continues, hacktivists continue to target Russian infrastructure exposed online. The Russian National Coordinating Center for Computer Incidents (NCCC) released a massive list containing 17,576 IP addresses and 166 domains that were involved in a series of DDoS attacks that targeted its infrastructure.

Data breaches 88

Data breaches Phishing Passwords Government 88

Dark Reading

MARCH 4, 2022

The new EU regulation is a response to the rise of ransomware attacks and other new cyberthreats that have proliferated in the wake of the global pandemic.

Ransomware 88

Ransomware 88

Security Affairs

MARCH 4, 2022

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added 95 vulnerabilities to its Known Exploited Vulnerabilities Catalog. According to Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities , FCEB agencies have to address the identified vulnerabilities by the due date to protect their ne

Cybersecurity 83

Cybersecurity Authentication Risk Security 83

Rocket Software

MARCH 4, 2022

For the first time, we currently have five generations in the workplace. While there are variations on values and approaches to work within each generation, research has shown that people in each have taken on characteristics as a whole. The Silent Generation (born 1925 to 1945) still make up about 3% of the workforce and are known for their strong work ethic and formal nature in the workplace.

Authentication 81

Authentication Communications IT 81

Advertisement

Generative AI is upending the way product developers & end-users alike are interacting with data. Despite the potential of AI, many are left with questions about the future of product development: How will AI impact my business and contribute to its success? What can product managers and developers expect in the future with the widespread adoption of AI?

Analytics

Security Affairs

MARCH 4, 2022

State communications watchdog Roskomnadzor has ordered to block access to Facebook in Russia amid the ongoing invasion of Ukraine. State communications watchdog Roskomnadzor ordered to block access to Facebook over its decision to ban Russian media and state information resources. The block comes after Facebook recently deactivated or restricted access to accounts belonging to media outlets and news agencies spreading Russian propaganda, including RIA Novosti, Sputnik, and Russia Today.

Communications 80

Communications Access Government Security 80

Dark Reading

MARCH 4, 2022

Study shows more than 97% have exposed assets on AWS — among a wide range of other issues.

Risk 101

Risk Cybersecurity IT 101

Security Affairs

MARCH 4, 2022

While Russia is invading Ukraine, multiple forces are joining in the conflict, especially in the cyber space, let’s analyze them. The analysis of the current scenario in cyberspace is not easy due to the presence of multiple threat actors and the difficulty of attributing the attacks. Security group CyberKnow shared an interesting analysis about the group, their operations and the channels they are using to disclose their operations.

Ransomware 77

Ransomware Security IT Cybersecurity 77

Dark Reading

MARCH 4, 2022

While attackers and researchers shift their attention to the next new vulnerability, security teams make sure they finish patching vulnerable Log4j versions in their applications and services.

Security 68

Security 68

Advertisement

Many organizations today are unlocking the power of their data by using graph databases to feed downstream analytics, enahance visualizations, and more. Yet, when different graph nodes represent the same entity, graphs get messy. Watch this essential video with Senzing CEO Jeff Jonas on how adding entity resolution to a graph database condenses network graphs to improve analytics and save your analysts time.

Analytics

Threatpost

MARCH 4, 2022

Notes threatening to tank targeted companies' stock price were embedded into the DDoS ransomware attacks as a string_of_text directed to CEOs and webops_geeks in the URL.

Ransomware 67

Ransomware IoT Cloud Security 67

Dark Reading

MARCH 4, 2022

The firm continues rapid growth with the addition of industry-recognized experts on cybersecurity, data privacy, and IT risk management talent.

Data Privacy 73

Data Privacy Privacy Cybersecurity Risk 73

IG Guru

MARCH 4, 2022

Check out the article here. The post LTO-9 Tape Format Projected to Boost Tape Usage via CIOinsight appeared first on IG GURU.

Archiving 78

Archiving Information governance Risk Government 78

Threatpost

MARCH 4, 2022

Cruddy cryptography means victims whose files have been encrypted by the Ukraine-tormenting ransomware can break the chains without paying extortionists.

Ransomware 66

Ransomware Encryption Security 66

Advertisement

Start-ups & SMBs launching products quickly must bundle dashboards, reports, & self-service analytics into apps. Customers expect rapid value from your product (time-to-value), data security, and access to advanced capabilities. Traditional Business Intelligence (BI) tools can provide valuable data analysis capabilities, but they have a barrier to entry that can stop small and midsize businesses from capitalizing on them.

Analytics

Dark Reading

MARCH 4, 2022

Vade's annual phishing report reveals a sharp rise in Facebook phishing and growing sophistication in Microsoft phishing attacks.

Phishing 71

Phishing 71

Synergis Software

MARCH 4, 2022

March’s spotlight is on Craig Schuler, Solutions Architect for Synergis Software. Craig’s worked at Synergis for six and a half years as accomplice, tactician, and savvy demo master for the sales team.

Sales 52

Sales 52

Gimmal

MARCH 4, 2022

We are pleased to announce the release of the new PortableConnect for Gimmal Physical. With Gimmal Physical’s PortableConnect, wireless scanning of barcodes and RFID tags just got easier. PortableConnect runs on the new TC52 Zebra device, using Android 11. PortableConnect allows clients to collect information about the location of their holdings with a hand-held portable device.

52

52

Docuware

MARCH 4, 2022

When you’re thinking about how to implement digital document management for your company — or how to enhance your existing system — focusing on the fundamentals and defining your goals helps ensure success. Get a head start by putting these best practices for document management in place right away.

Digital transformation 62

Digital transformation 62

Advertisement

Geopolitical risk is now at the top of the agenda for CEOs. But tracking it can be difficult. The world is more interconnected than ever, whether in terms of economics and supply chains or technology and communication. Geopolitically, however, it is becoming increasingly fragmented – threatening the operations, financial well-being, and security of globally connected companies.

Risk

Dark Reading

MARCH 4, 2022

Criminals will keep stealing end-user credentials despite employee awareness, so organizations need high-tech solutions as well.

Security 55

Security 55

Troy Hunt

MARCH 4, 2022

With travel now behind me, I'm back to a stable schedule and doing these on time again. Mind you, I came home to some of the wildest weather I've ever seen here, but it was kinda cool to watch and the kids didn't complain getting days off school. Oh - and I also loaded a bunch of new data breaches this week, the Robinhood one from earlier today being particularly noteworthy with more than 5M unique email addresses.

Data breaches 23

Data breaches IT 23

Rocket Software

MARCH 4, 2022

This week, Rocket unveiled an updated Rocket® Open AppDev for Z solution, which breaks down existing siloes to unify DevOps for all platforms, including the mainframe, in a single pipeline. Open source is the future of software development and production, and with this update, customers are better able to access that future. The enhanced offering gives developers the open software they want with the security and support IBM® Z® customers demand, enabling them to bring applications to market fast

Customer Experience 81

Customer Experience Marketing Risk Security 81

Schneier on Security

MARCH 4, 2022

Squid , of course. As usual, you can also use this squid post to talk about the security stories in the news that I haven’t covered. Read my blog posting guidelines here.

Security 82

Security 82

Advertisement

While data platforms, artificial intelligence (AI), machine learning (ML), and programming platforms have evolved to leverage big data and streaming data, the front-end user experience has not kept up. Holding onto old BI technology while everything else moves forward is holding back organizations. Traditional Business Intelligence (BI) aren’t built for modern data platforms and don’t work on modern architectures.

Artificial Intelligence

Krebs on Security

MARCH 4, 2022

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like to be an employee of Conti’s sprawling organization. Today’s Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims.

Ransomware 206

Ransomware Insurance Security IT 206

OpenText Information Management

MARCH 4, 2022

We stand with the people of Ukraine. Ukraine is being attacked, an unprovoked war against an independent sovereign nation with a democratically elected government. The attack is both inhumane and unjustified. Like the rest of the world, we are watching the war with horror and condemnation in the strongest possible terms. These acts are war crimes. … The post OpenText Supporting Humanitarian Efforts in Ukraine appeared first on OpenText Blogs.

Government 123

Government 123

Collibra

MARCH 4, 2022

Adaptive data and analytics governance is the foundation for becoming a data-driven company. The business insights available through the analysis of the data a company already owns are invaluable. While the need is clear, a daunting number of obstacles can often cause organizations to hesitate before beginning that journey. Historically, data governance consisted of many manual processes with rigid rules focused on strict control of data.

Analytics 52

Analytics Government Access Compliance 52