Examples, Exercises, Government and Information Security

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Hunton Privacy

JULY 5, 2022

On June 21, 2022, President Biden signed into law, the State and Local Government Cybersecurity Act of 2021 (S. 1097) (the “Cyber Workforce Program Act”), two bipartisan bills aimed at enhancing the cybersecurity postures of the federal, state and local governments.

Cybersecurity

Cybersecurity Government Education Communications

Data Protection: Where’s the Brexit Privacy Dividend?

Data Protector

AUGUST 17, 2020

One of the Government's core objectives throughout the Brexit negotiations has been to respect data protection rights, slash Brussels' red tape and allow the United Kingdom to be a competitive safe haven for businesses all over the world. Consider, for example, the mayhem that has just been caused by the Schrems II decision.

Privacy

Privacy GDPR Personal data Computer and Electronics

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

Data Matters

JANUARY 28, 2022

The advisory was promptly endorsed by the National Cyber Security Centre, a division of Government Communications Headquarters (“GCHQ”), a UK intelligence agency. government, especially in light of ongoing tensions between the U.S. This is an important public action by the U.S. and Russia in Ukraine.

Cybersecurity

Cybersecurity Financial Services Authentication Government

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

The Dutch government will not tolerate ransomware attacks that could threaten national security, it will use intelligence or military services to curb them. The Dutch government announced that it will not tolerate cyberattacks that pose a risk to its national security and will employ intelligence or military services to counter them.

Ransomware

Ransomware Military Government Security

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

Security Affairs

AUGUST 21, 2023

One of these virtual private servers was exclusively employed in attacks against entities across Taiwan, including commercial firms and at least one municipal government organization. We suspect the HiatusRAT cluster serves as another example of tradecraft that could be applied against the U.S. ” continues the report.

Military

Military Manufacturing Government Access

How to start your career in cyber security

IT Governance

DECEMBER 7, 2017

There has never been a better time to get into cyber security. If you’re thinking about starting a career in cyber security, here are five things you should do. As with most industries, you’re much more likely to get ahead in cyber security if you have experience. Get work experience. Get qualified.

Security

Security Information Security Government Cybersecurity

Free resources to help you prevent and respond to data breaches

IT Governance

SEPTEMBER 20, 2018

The situation might seem hopeless, with cyber criminals outnumbering overworked and underfunded information security personnel, but there are plenty of ways you can improve your defences, even on a tight budget. Our blog provides daily updates on all things information security-related. Green papers.

Data breaches

Data breaches GDPR Security awareness Paper

Understanding the differences between ISO 27001 and ISO 27002

IT Governance

APRIL 2, 2019

Anyone with an interest in information security will have encountered ISO 27001 , the international standard that describes best practice for an ISMS (information security management system). It’s a supplementary standard that provides advice on how to implement the security controls listed in Annex A of ISO 27001.

Information Security

Information Security Compliance Risk Security

Does your use of CCTV comply with the GDPR?

IT Governance

OCTOBER 3, 2019

The Regulation isn’t just about written details, like names and addresses; it applies to any information that can identify someone. That includes pictures and videos, which is why you should be careful about the way you use CCTV. A public task : for example, to complete official functions or tasks in the public interest.

GDPR

GDPR Privacy Retail Personal data

When And How Cos. Should Address Cyber Legal Compliance

Data Matters

OCTOBER 30, 2017

When a company experiences a major data breach or hacking incident, media attention turns to speculation or allegations about the company’s past history of underinvesting in cyber defenses, its supposed culture of cyber complacency, or its history of unaddressed (but, in retrospect, allegedly clear) vulnerabilities. 1] The U.S.

Compliance

Compliance Cybersecurity Risk Government

How to implement the General Data Protection Regulation (GDPR)

IBM Big Data Hub

FEBRUARY 23, 2024

There are a few more things worth noting about the GDPR’s scope. For example, a business that collects user health data needs stronger protections than one that collects only email addresses. Draft a data privacy policy The GDPR requires that organizations keep people informed about how they use their data.

GDPR

GDPR Compliance Personal data Privacy

5 learnings from the “Meeting the CCPA Challenge” webinar

Collibra

MARCH 12, 2020

Collibra recently partnered with Kelle O’Neal, CEO of First San Francisco Partners (FSFP), to host a joint webinar “ Meeting the CCPA Challenge ” about the complexities of the California Consumer Protection Act (CCPA) for the International Association of Privacy Professionals (IAPP). Right to equal service. Notice to consumer.

Data Privacy

Data Privacy Privacy Government Compliance

How to start your career in cyber security

IT Governance

FEBRUARY 25, 2019

If you can demonstrate the relevance of your existing experience – what recruiters call ‘transferable skills’ –there’s no reason why you can’t get a foothold on the cyber security career ladder. Account executives and junior penetration testers, for example, tend to have little work experience, and can learn while on the job.

Security

Security Systems administration Information Security Government

Hackers exploit coronavirus fears as cyber attacks soar

IT Governance

MARCH 17, 2020

For example, millions of employees will likely to be forced to work remotely, as the UK government prepares for a lockdown scenario. For example, Piers Corbyn, the weather forecaster and brother of Labour leader Jeremy Corbyn, recently tweeted his belief that COVID-19 was designed to cull the population and fight climate change.

Phishing

Phishing Risk Communications Government

5 best online cyber security training courses and certifications in 2020

IT Governance

APRIL 20, 2020

Those looking for a broader understanding of the threat landscape should take our Certified Cyber Security Foundation Training Course. This one-day course is designed and run by real-world practitioners, who help you gain an understanding of risks through practical exercises, group discussions and case studies. One virus is enough.

Security

Security GDPR Phishing Data breaches

New SEC Cybersecurity Rules Could Affect Private Companies Too

eSecurity Planet

SEPTEMBER 23, 2022

For example, in the Enron financial fraud, executives and board members claimed ignorance or that they could not understand the financial maneuvering of Enron’s CFO (chief financial officer). See the top Governance, Risk & Compliance (GRC) tools. Proposed SEC Security Changes. SOX: Consequences.

Cybersecurity

Cybersecurity Compliance Risk Communications

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

AIIM

JULY 24, 2018

For example, under GDPR data subjects and/or regulators may now pursue direct remedies against data processors in the event of infringement of obligations, whereas such remedies did not exist under the prior data privacy regulation. Want more information?

GDPR

GDPR Compliance Privacy Data Privacy

The Cathay Pacific Breach: Is Data Protection and Cyber Security Law in Hong Kong About to Receive an Upgrade?

HL Chronicle of Data Protection

JUNE 17, 2019

Hong Kong’s past reforms to the PDPO have been “event driven”, the best example being the Octopus Rewards case in 2010, which led to extensive reforms to Hong Kong’s direct marketing controls. On the other hand, there is a concern about inadvertently creating a more litigious society, such as in the US.

Personal data

Personal data Data breaches Security Compliance

What Should Be The Core Competencies For Cybersecurity For C-Suite

Cyber Info Veritas

JULY 18, 2018

On July 2017, one of the most devastating incidents in the history of cyber attacks took place when a group of elite hackers hacked into Equifax, one of the largest credit bureaus in the globe and stole private data including social security numbers, credit card numbers etc of around 145 million clients.

Cybersecurity

Cybersecurity Ransomware Information Security Risk

California Consumer Privacy Act Signed, Introduces Key Privacy Requirements for Businesses

Hunton Privacy

JUNE 29, 2018

This definition of personal information aligns more closely with the EU General Data Protection Regulation’s definition of personal data. The above disclosures must be made within 45 days of receipt of the request using one of the prescribed methods specified in the Act.

Privacy

Privacy Sales Personal data Communications

2022 Cyber Security Review of the Year

IT Governance

DECEMBER 20, 2022

Google , Clearview AI , and Meta all receives hefty penalties in 2022, demonstrating the continued important of effective information security. But these were far from the only notable cyber security headlines of the year. million (about £1.5 There usually isn’t much doubt about whether you’ve been hit by ransomware.

Security

Security Data breaches Ransomware Military

A Practical Guide to Cyber Incident Response

IT Governance

MAY 24, 2024

Furthermore, as Vanessa Horton, our cyber incident responder, pointed out in an interview about anti-forensics : The cyber world is changing all the time, which means we’re playing a bit of a cat-and-mouse game. For example, not so long ago, LockBit [an infamous ransomware gang] got taken down. Not even big cyber threat actors!

Risk

Risk Security Ransomware Phishing

11th Circuit Vacates LabMD Enforcement Order; Casts Doubt on Decades of FTC Cybersecurity Enforcement Practices

Data Matters

JUNE 12, 2018

In recent years, the Federal Trade Commission has increasingly exercised its enforcement authority to target deceptive and unfair information security practices. But if these were, in fact, the court’s motivations, it picked an unusual way to go about achieving them. Wyndham Worldwide Corp., 3d 236 (3d Cir.

Cybersecurity

Cybersecurity Information Security Security IT

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

Perform purple team exercises to sharpen security posture. As of now, the information security industry is at the outset of implementing SBOM for software products. Also Read: Cybersecurity Becomes A Government Priority. Deploy file integrity monitoring and threat hunt regularly. Excessive Access by Tokens.

Cybersecurity

Cybersecurity Ransomware Access Encryption

The Hacker Mind Podcast: Hacking Diversity

ForAllSecure

APRIL 7, 2021

Welcome to the hacker mind and original podcast from for all secure, it's about challenging our expectations about the people who hack for a living. We're talking about millions of jobs that are being left open. Vamosi: So what am I missing here.

Cybersecurity

Cybersecurity Information Security IT Security

The Hacker Mind Podcast: Hacking Diversity

ForAllSecure

APRIL 7, 2021

Welcome to the hacker mind and original podcast from for all secure, it's about challenging our expectations about the people who hack for a living. We're talking about millions of jobs that are being left open. Vamosi: So what am I missing here.

Cybersecurity

Cybersecurity Information Security IT Security

The Hacker Mind Podcast: How To Get Paid To Hack

ForAllSecure

SEPTEMBER 29, 2022

And my editor turned to me and said, What do you know about computer viruses? And the rest, they say is this as a reporter, I was in a position to learn as I wrote about information security. In the last episode I talked about capture the flag as a point of entry into the field. Then you heard about this.

Mining

Mining IT Communications Marketing

What it Takes to Be Your Organisation’s DPO or Data Privacy Lead

IT Governance

DECEMBER 6, 2023

As privacy professionals, we see consumers exercising their rights to withdraw consent to their data being processed via ‘opt out’ or ‘unsubscribe’ buttons, for example. Having one or more of the following can significantly help with this: An ISO 27001 ISMS (information security management system).

Data Privacy

Data Privacy Privacy GDPR IT

Best beginner cyber security certifications

IT Governance

SEPTEMBER 13, 2021

System administrator Network administrator Security administrator IT auditor Security analyst or security specialist Security consultant. You can find out more about this qualification by taking our CompTIA Security Training Course. Certified Cyber Security Foundation Training Course. Download now.

Security

Security Systems administration Honeypots Risk

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

However, much of the current discussion is about offense. Increasing our offensive capabilities without being able to secure them is like having all the best guns in the world, and then storing them in an unlocked, unguarded armory. NATO does try to test cyberweapons outside such exercises, but has limited scope in doing so.

Military

Military Cybersecurity Communications Manufacturing

Network Security Architecture: Best Practices & Tools

eSecurity Planet

APRIL 26, 2024

Effective implementation improves data throughput, system reliability, and overall security for any organization. This article explores network security architecture components, goals, best practices, frameworks, implementation, and benefits as well as where you can learn more about network security architecture.

Security

Security Cloud Cybersecurity Risk

What Is a SaaS Security Checklist? Tips & Free Template

eSecurity Planet

APRIL 9, 2024

SaaS systems frequently handle sensitive client information, and compliance covers this by protecting data security , reduces risks, and fosters trust among stakeholders. ISO 27000 is a standard for information security and SOC is for maintaining consumer data integrity and security across several dimensions.

Security

Security Compliance Cybersecurity Communications

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

KnowBe4

JULY 5, 2023

We're talking about brands like Nike, Guess, Fossil, Tommy Hilfiger, Skechers, and many more. Government. However, as The Insider found out, it is not only China that the US should be worried about: Russia has reanimated the Soviet spy center Lourdes in Cuba, officially closed by Putin in 2001. "As

Phishing

Phishing Security awareness Passwords Computer and Electronics

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

NOVEMBER 28, 2018

Both were well-equipped to teach, test and train individuals ranging from teen-agers and non-technical adults, to working system administrators and even seasoned tech security pros. Today Merit supplies IT infrastructure to schools, universities, government and other entities across the state.

Cybersecurity

Cybersecurity Systems administration Military Manufacturing

The Hacker Mind Podcast: Hacking Industrial Control Systems

ForAllSecure

APRIL 26, 2022

Lee, CEO of Dragos, on Vice TV : Lee: So it all started about six months previous December's about six months previous. So it wasn't this story that we hear sometimes thrown around about Lightspeed net speed cyberattacks, you know it was human adversaries doing research on the environment, so the attack starts.

Energy and Utilities

Energy and Utilities Manufacturing Risk IT

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

Data Matters

JANUARY 24, 2020

Information Security . decrease from FY 2018, OCIE attributes the relatively small decrease to the month long suspension of examinations during the 2019 government shutdown. In FY 2019, OCIE examined approximately 15% of all RIAs, notwithstanding the government shutdown in early 2019. While this represents a 2.7%

Cybersecurity

Cybersecurity Retail Compliance Marketing

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

Data Matters

FEBRUARY 20, 2020

Information Security . decrease from FY 2018, OCIE attributes the relatively small decrease to the month long suspension of examinations during the 2019 government shutdown. In FY 2019, OCIE examined approximately 15% of all RIAs, notwithstanding the government shutdown in early 2019. While this represents a 2.7%

Retail

Retail Compliance Marketing Risk

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

Daniel Clemens, CEO of ShadowDragon, talks about his more than two decades of digital investigations, from the origins of the Code Red worm to the mass shooter in Las Vegas, with a fair number of pedophiles and human traffickers identified as well. I’m going to be talking a lot about OSINT throughout this episode. CLEMENS: I do.

IT

IT Sales Security Honeypots

EU Publishes Common Toolbox and Data Protection Guidance on Tracing Apps to Fight COVID-19

Hunton Privacy

APRIL 21, 2020

Legal basis for the data processing: Users’ consent would be required for installation of the apps and the storing of information on their device, while national health authorities should rely on a Member State law and the need to comply with that law as a legal basis for processing the data.

Personal data

Personal data Privacy GDPR Access

The Hacker Mind Podcast: The Fog of Cyber War

ForAllSecure

JULY 6, 2022

There’s an online war in Ukraine, one that you haven’t heard much about because that country is holding its own with an army of infosec volunteers worldwide. It’s about challenging our expectations about the people who hack for a living. Welcome to the HAcker Mind, an original podcast from FroAllSecure.

Ransomware

Ransomware Military Government Security

The Trouble with Politicians Sharing Passwords

Troy Hunt

DECEMBER 4, 2017

As it turns out, some folks were rather alarmed about her position on sharing what we would normally consider to be a secret. If we can't get to grips with the root cause then we're not going to be able to effectively talk about the solutions. It's normalising a behaviour that we should be actively working towards turning around.

Passwords

Passwords Access Risk Security

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

AIIM

JANUARY 10, 2019

While a blockchain provides a trusted framework for the integrity and auditability of transactions it stands in stark contrast to the ambition of the GDPR Regulation, the foundation of which is to enable data subjects to exercise greater degree of control over the processing of personally identifiable information.

Blockchain

Blockchain GDPR Privacy Personal data

What Is Our Professional Future?

Brandeis Records Manager

SEPTEMBER 19, 2016

Like most people, I prefer to have a reasonable sense of job security, as long as my interest is engaged. At the risk of sounding alarmist, I have concerns about the records management profession’s long-range future. Reading through Kelly’s book as a records manager or archivist is an exercise in marathon squirming.

Blockchain

Blockchain Records Management Unstructured data Artificial Intelligence

A Flurry of Recent Cybersecurity Activity from the Trump Administration

Data Matters

JUNE 25, 2018

A period of relative calm with respect to matters of federal cybersecurity policy followed the issuance of EO 13800, as federal departments and agencies set about completing the various reports the Order assigned them. government engagement with international and domestic partners to address the growing cyber threat.

Cybersecurity

Cybersecurity Government Risk Marketing

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Data Protection: Where’s the Brexit Privacy Dividend?

Trending Sources

U.S. and Foreign Cybersecurity and Intelligence Agencies Recommend Measures to Counteract Threat of Russian Cyberattacks

The Netherlands declares war on ransomware operations

New HiatusRAT campaign targets Taiwan and U.S. military procurement system

How to start your career in cyber security

Free resources to help you prevent and respond to data breaches

Understanding the differences between ISO 27001 and ISO 27002

Does your use of CCTV comply with the GDPR?

When And How Cos. Should Address Cyber Legal Compliance

How to implement the General Data Protection Regulation (GDPR)

5 learnings from the “Meeting the CCPA Challenge” webinar

How to start your career in cyber security

Hackers exploit coronavirus fears as cyber attacks soar

5 best online cyber security training courses and certifications in 2020

New SEC Cybersecurity Rules Could Affect Private Companies Too

GDPR Compliance Obligations: The relationship between Data Controllers and Third-Party Processors

The Cathay Pacific Breach: Is Data Protection and Cyber Security Law in Hong Kong About to Receive an Upgrade?

What Should Be The Core Competencies For Cybersecurity For C-Suite

California Consumer Privacy Act Signed, Introduces Key Privacy Requirements for Businesses

2022 Cyber Security Review of the Year

A Practical Guide to Cyber Incident Response

11th Circuit Vacates LabMD Enforcement Order; Casts Doubt on Decades of FTC Cybersecurity Enforcement Practices

The Biggest Lessons about Vulnerabilities at RSAC 2021

The Hacker Mind Podcast: Hacking Diversity

The Hacker Mind Podcast: Hacking Diversity

The Hacker Mind Podcast: How To Get Paid To Hack

What it Takes to Be Your Organisation’s DPO or Data Privacy Lead

Best beginner cyber security certifications

Vulnerabilities in Weapons Systems

Network Security Architecture: Best Practices & Tools

What Is a SaaS Security Checklist? Tips & Free Template

CyberheistNews Vol 13 #27 [Heads Up] Massive Impersonation Phishing Campaign Imitates Over 100 Brands and Thousands of Domains

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Hacker Mind Podcast: Hacking Industrial Control Systems

SEC and FINRA Issue 2020 Examination Priorities (Including Cybersecurity) for Broker-Dealers and Investment Advisers

SEC and FINRA Issue 2020 Examination Priorities for Broker-Dealers and Investment Advisers

The Hacker Mind Podcast: Hacking Real World Criminals Online

EU Publishes Common Toolbox and Data Protection Guidance on Tracing Apps to Fight COVID-19

The Hacker Mind Podcast: The Fog of Cyber War

The Trouble with Politicians Sharing Passwords

The Tension between GDPR and Blockchain: Are they Polar Opposites or Can they Co-exist

What Is Our Professional Future?

A Flurry of Recent Cybersecurity Activity from the Trump Administration

Stay Connected