Education, Exercises, Information Security and IT

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Start by assessing what critical information your organization needs to protect and maintain access to in order to provide services. A data inventory allows you to focus the greatest security (and monitoring) where it needs to be. Educate employees. Related: High-profile healthcare hacks in 2021. Create an asset inventory.

Passwords

Passwords Cybersecurity Education Phishing

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

Among the organizations that have designated a DPO, the most represented sectors are, unsurprisingly, the public administration, education and health sectors. Provide information and advice. the detail of the CNIL online DPO designation form and information to be communicated to the CNIL in that respect.

GDPR

GDPR Compliance Personal data Communications

Less than two months to go until DSP Toolkit submission deadline

IT Governance

FEBRUARY 19, 2019

Less than two months remain for healthcare organisations to demonstrate compliance with NHS Digital’s DSP (Data Security and Protection) Toolkit. Ask a healthcare expert >> Data security standards and the GDPR. It must now be part of an overall organisational security culture. Unsure if you need to comply?

GDPR

GDPR Compliance Government Information Security

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

Instead, these rules demanded that the management of the company personally sign affidavits of responsibility for the information in the annual reports and that the company must publicly disclose the financial expertise for board members. Therefore, we should examine each category and consider what the rules fundamentally request.

Cybersecurity

Cybersecurity Compliance Risk Communications

California Privacy Law Overhaul – Proposition 24 Passes

Data Matters

NOVEMBER 4, 2020

It does not expand the private right of action to all CCPA violations; it retains the opt-out consent model for the sale of personal information; and it leaves room for the continued use of loyalty and other financial incentive programs that rely upon the use of consumers’ personal information. A Closer Look at Key CPRA Provisions.

Privacy

Privacy B2B Sales Data breaches

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Perimeter security tools include: Firewalls: Filter traffic and monitor access based upon firewall rules and policies for the network, network segment, or assets protected by different types of firewalls. Perimeter Defense Perimeter defense blocks threats at the network’s edge.

Security

Security Cloud Cybersecurity Risk

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

KnowBe4

APRIL 4, 2023

But, according to security researchers at Abnormal Security, cybercriminals are becoming brazen and are taking their shots at very large prizes. According to Abnormal Security, nearly every aspect of the request looked legitimate. The email attaches a legitimate-looking payoff letter complete with loan details.

Phishing

Phishing Security awareness Cybersecurity Education

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

Consumers can ask businesses what categories of their PI is being collected. Businesses cannot discriminate against a consumer for exercising their rights. Businesses must provide clear notice about categories of PI it collects. Consumers must submit a VCR to exercise their rights and business must respond within 45 days.

Data Privacy

Data Privacy Privacy Government Compliance

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

Data Matters

APRIL 6, 2022

Securities and Exchange Commission (SEC) Division of Enforcement (EXAMS or Division) issued its annual examination priorities. Both categories will be examined for compliance with the SEC Standards for Covered Clearing Agencies. 5 See The Division of Examinations’ Continued Focus on Digital Asset Securities, available here.

Retail

Retail Compliance Sales Risk

What Should Be The Core Competencies For Cybersecurity For C-Suite

Cyber Info Veritas

JULY 18, 2018

Most IT specialists, board directors, and C-suite executives aren’t too familiar with matters to do with information security. It’s this lack of adequate information that brings about evasion or irresolution when it comes to cybersecurity, and in a more serious scenario, a resigned acknowledgment that cyber attacks are inevitable.

Cybersecurity

Cybersecurity Ransomware Information Security Risk

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

KnowBe4

JULY 5, 2023

This latest impersonation campaign makes the case for ensuring users are vigilant when interacting with the web – something accomplished through continual Security Awareness Training. Blog post with links: [link] [Live Demo] Ridiculously Easy Security Awareness Training and Phishing Old-school awareness training does not hack it anymore.

Phishing

Phishing Security awareness Passwords Computer and Electronics

Malaysian Data Protection Law Takes Effect

Hunton Privacy

NOVEMBER 19, 2013

Of these, the most significant on a practical level appear to be a principle requiring the data user to provide the data subject with notice of the purposes for which it will process personal data (and certain other information), and a principle requiring that a data subject must give consent to the processing of personal data.

Personal data

Personal data Marketing Communications Insurance

The Hacker Mind Podcast: How To Become A 1337 Hacker

ForAllSecure

SEPTEMBER 14, 2022

Hammond: I tend to, I guess, try and explain capture the flag is sort of gamified cybersecurity education. We’ll start with Jeopardy, which is much like the game show, where you have a board with categories and challenges underneath each category each worth increasingly more points. So they want to tackle that category.

Military

Military IT Education Cybersecurity

The Hacker Mind Podcast: Shall We Play A Game?

ForAllSecure

JANUARY 27, 2021

Vamosi: Today, John has taken his juvenile curiosity in breaking things down to become a security researcher with Huntress Labs. Capture the Flag is a game, a community, and a really cool hacker culture. But will we one day stream CTFs like we do World of Warcraft or League of Legends? Oh, and what is this rheostat-thingie doing over here?

Computer and Electronics

Computer and Electronics Military IT Education

The Hacker Mind Podcast: Shall We Play A Game?

ForAllSecure

JANUARY 27, 2021

Vamosi: Today, John has taken his juvenile curiosity in breaking things down to become a security researcher with Huntress Labs. Capture the Flag is a game, a community, and a really cool hacker culture. But will we one day stream CTFs like we do World of Warcraft or League of Legends? Oh, and what is this rheostat-thingie doing over here?

Computer and Electronics

Computer and Electronics Military IT Education

The Hacker Mind Podcast: Hacking Industrial Control Systems

ForAllSecure

APRIL 26, 2022

So there’s a need, a definite need, for information security professionals to have access to industrial control systems -- not virtual, but actual hands on systems -- so they can learn. In a moment I’ll introduce you to someone who is trying to do that--bring ICS equipment to security conferences. When they did that.

Energy and Utilities

Energy and Utilities Manufacturing Risk IT

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

In this case, the alleged leaker was prolific on social media. That’s understandable, given his age. So, investigators and reporters had a name. But could they connect this name to the evidence that they had? They could. It turns out some of the classified documents were photographed on a marble countertop, like in a kitchen countertop.

IT

IT Sales Security Honeypots

Information Management Today

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

France: The CNIL publishes a practical guide on Data Protection Officers

Webinars

Trending Sources

Less than two months to go until DSP Toolkit submission deadline

Webinars

New SEC Cybersecurity Rules Could Affect Private Companies Too

California Privacy Law Overhaul – Proposition 24 Passes

Network Security Architecture: Best Practices & Tools

CyberheistNews Vol 13 #14 [Eyes on the Prize] How Crafty Cons Attempted a 36 Million Vendor Email Heist

5 learnings from the “Meeting the CCPA Challenge” webinar

SEC Announces 2022 Examination Priorities: Private Funds, ESG, Retail, Cyber, Digital Assets Top the List

What Should Be The Core Competencies For Cybersecurity For C-Suite

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

Malaysian Data Protection Law Takes Effect

The Hacker Mind Podcast: How To Become A 1337 Hacker

The Hacker Mind Podcast: Shall We Play A Game?

The Hacker Mind Podcast: Shall We Play A Game?

The Hacker Mind Podcast: Hacking Industrial Control Systems

The Hacker Mind Podcast: Hacking Real World Criminals Online

Stay Connected