Incident Response: Why a Tabletop Exercise Is Essential

Data Breach Today

Attorney Ronald Raether on Building a Cybersecurity Culture Tabletop exercises are a critical way to make sure an organization's incident response plan is effective and everyone knows their roles, says Ronald Raether of the law firm Troutman Sanders

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise

Security Affairs

The international live-fire cyber defence exercise Locked Shields 2019 (LS19) took place on April 8-12 in Tallinn, Estonia, and the figures behind this important competition are important.

Bank of England cyber resilience exercise

Data Protection Report

BoE publish high level findings of the financial sector (“sector”) cyber simulation exercise. Exercise overview. The exercise explored the sector’s resilience to a major cyber incident impacting the UK.

Laying the Path for a Successful IT Modernization Exercise

Micro Focus

Today, most businesses don’t need to be convinced about the need to modernize their IT landscape. Nevertheless, any big transformation can have a wide-ranging impact on the organization. So, it needs to be well thought out. Primarily, enterprises are looking to modernize for two main reasons. One, they are keen to futureproof their business by. View Article. Application Modernization and Connectivity COBOL Core Systems Disruptive technologies Enterprise Applications Mainframe Modernization

IT 65

Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid against cyber attacks

Security Affairs

DoE announced the Liberty Eclipse exercise to test the electrical grid ‘s ability to recover from a blackout caused by cyberattacks. This is the first exercise that is going to test the “blackstart” cranking paths that were excluded from previous simulations.

In Boston Exercise, Election Hackers Bypass Voting Machines

The Security Ledger

At an exercise in Boston that imagined a cyber attack designed to disrupt an important election in a “swing state,” voting machines were not an issue.

Weekly podcast: TSB, hotel locks and NATO exercise

IT Governance

This week, we discuss TSB’s chaotic system upgrade, a security flaw in electronic hotel locks and a major NATO cyber security exercise. According to CCDCOE, the exercise is running from 23 to 27 April.

Real Pen Work and Exercises for Flourishing

Archives Blogs

There are handwriting exercises as well as exercises for flourishing, the latter of which sounds suspiciously like something one would find on a clean eating and wellness blog.

IT 26

Cybersecurity Panel Discussion: A Live Cyber Attack Tabletop Exercise

Hunton Privacy

On March 21, 2017, Hunton & Williams is pleased to host an in-person seminar in its London office featuring seasoned cybersecurity practitioners. Drawing from deep experience in their respective fields, the panel members will discuss the implications of the EU General Data Protection Regulation’s breach notification obligations in the context of a state-of-the-art cyber attack simulation.

Mozilla's Guide to Privacy-Aware Christmas Shopping

Schneier on Security

Mozilla reviews the privacy practices of Internet-connected toys, home accessories, exercise equipment, and more

68% of Companies Say Red Teaming Beats Blue Teaming

Dark Reading

The majority of organizations surveyed find red team exercises more effective than blue team testing, research shows

86

Strava Fitness App Shares Secret Army Base Locations

Dark Reading

The exercise tracker published a data visualization map containing exercise routes shared by soldiers on active duty

65

False Alarm: Phishing Attack Against DNC Was Just a Test

Data Breach Today

Unannounced Exercise Stoked Voter Database Hacking Fears A website that appeared to be part of a phishing campaign designed to gain access to the Democratic National Committee's voter database has turned out to be part of an uncoordinated security exercise.

Fact Checking: Sizing Up Facebook's Efforts

Data Breach Today

Is the social media giant merely conducting a public relations exercise A Former Fact Checker Shares Her Experience Facebook's effort to stem the flow of fake news globally has been ineffective, allege some fact checkers who have collaborated with the social media giant to identify and debunk false stories.

157
157

Beginning Fuzz Cycle Automation: Improving Testing and Fuzz Development with Coverage Analysis

ForAllSecure

This time we’ll take a look at how to write better tests in the form of harness programs (also known as fuzz drivers, programs written to exercise specific parts of the code) that we will use for fuzz testing

80

NATO Group Catfished Soldiers to Prove a Point About Privacy

WIRED Threat Level

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders. Security

Digital transformation threats and opportunities in travel and transportation

DXC Technology

In travel and transportation most companies today don’t look at customer journeys as a collaborative exercise. They consider their job done when passengers are delivered safely to their appointed destination for their segment.

This is the old ChiefTech blog.: BEA's annual enterprise portal report and the 4th way

ChiefTech

Saturday, 10 November 2007 BEA's annual enterprise portal report and the 4th way Ok, its a marketing exercise by BEA so its going to be a little biased but their annual report on the state of the enterprise portal market is still worth a look. This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009.

G-7 authorities to war game cyber attack on bank for first time

Information Management Resources

Financial watchdogs are preparing one of the broadest war-gaming exercises to test the effect of a cyber attack that disables a large international bank for days.

Editorial Judgement

OpenText Information Management

In a BBC article, editing was described as “an exercise in selection and judgement: what to put in and – just as important – what to leave out.” For anyone who writes, an editor helps make the final product better.

Steps for implementing a non-invasive data governance program

Information Management Resources

Organizations need to ensure that the exercise of data governance is non-invasive and transparent so it does not seem forceful. Data governance Data quality Data management Data ownership

Attacking Soldiers on Social Media

Schneier on Security

A research group at NATO's Strategic Communications Center of Excellence catfished soldiers involved in an European military exercise -- we don't know what country they were from -- to demonstrate the power of the attack technique.

3 things you need to know to pivot between projects

OpenText Information Management

Pivoting between projects and industries is key to success, but time pressures and hard deadlines can make this an intense juggling exercise. Creative work can be extremely fun and rewarding, although not without its challenges.

Man Behind Fatal ‘Swatting’ Gets 20 Years

Krebs on Security

Tyler Barriss , a 26-year-old California man who admitted making a phony emergency call to police in late 2017 that led to the shooting death of an innocent Kansas resident, has been sentenced to 20 years in federal prison. Tyler Barriss, in an undated selfie.

How to Prepare for the Brazil Data Protection Law

InfoGoTo

Undertaking a data-mapping exercise can help filter out the data that is not subject to the law’s requirements, such as B2B data.

B2B 56

How Facebook and Google dodge EU data rules

Information Management Resources

The government-funded Norwegian Consumer Council issued a report showing that the tech companies’ rely on 'dark patterns' to discourage users from exercising their privacy rights. Data privacy Customer data Facebook Google

Science Fiction Writers Helping Imagine Future Threats

Schneier on Security

I discounted the exercise at the time, calling it "embarrassing." The French army is going to put together a team of science fiction writers to help imagine future threats.

Risk 114

SHARED INTEL: What it takes to preserve business continuity, recover quickly from a cyber disaster

The Last Watchdog

Here’s a scenario for how AD is factoring into ransomware attacks: The attacker gets a toehold inside the network by phishing an employee login , or via a targeted credential stuffing exercise, or through cross-site scripting. To pay or not to pay?

Intelligent Information Management - Learning from CHOCOLATE?!

AIIM

One of the exercises I developed was called "The Taxonomy of Salad". on them, I'd switch that exercise out for a much sweeter one focused on developing a taxonomy of chocolate. But we mixed in discussions, exercises, and activities to help liven up the subject matter.

Thinking Through the WP Engine Acquisition of StudioPress

PerezBox

As a fun thought exercise I decided to think through the WP Engine and Studio Press acquisition. Specifically, what I would do, and think they will do, with the new. Read More. The post Thinking Through the WP Engine Acquisition of StudioPress appeared first on PerezBox. Business Business Tools And Resources Strategic Thinking

43

Government Shutdown Leaves Americans More Vulnerable to Identity Theft, Scams

Adam Levin

For now, people who suspect they have been targeted by identity thieves should contact the Identity Theft Resource Center , and exercise as much caution as possible with their finances and when visiting government websites.

Manage Your Privacy Journey: GDPR, CCPA and Beyond

InfoGoTo

Organizations need to stay current on how they are collecting and managing requests made by individuals to exercise their data subject rights to assess, delete and rectify concerns over their personal data. I love adventures!

GDPR 69

The Privacy Rules Changed in 2018 – What Does that Mean Going Forward?

InfoGoTo

Between GDPR in the EU, similar legislation in other countries, the controversy surrounding the way social networks handle personal information and the ongoing drumbeat of breaches and data theft, the issue of how organizations should exercise responsible care of personal information was one of the biggest stories of 2018.

Calif. Man Pleads Guilty in Fatal Swatting Case, Faces 20+ Years in Prison

Krebs on Security

But it would also be nice if more police forces around the country received additional training on exercising restraint in the use of deadly force, particularly in responding to hostage or bomb threat scenarios that have hallmarks of a swatting hoax.

Who Will Get the First Big GDPR Fine and How to Avoid It?

HL Chronicle of Data Protection

In July, Eduardo Ustaran spoke at Privacy Laws & Business’ International Conference in Cambridge about the sort of activities likely to prompt regulators into exercising their increased fining powers under the EU GDPR.

GDPR 52

Who Will Get the First Big GDPR Fine and How to Avoid It?

HL Chronicle of Data Protection

In July, Eduardo Ustaran spoke at Privacy Laws & Business’ International Conference in Cambridge about the sort of activities likely to prompt regulators into exercising their increased fining powers under the EU GDPR.

GDPR 52

How to prepare for the California Consumer Privacy Act

Thales eSecurity

Also, entities under the CCPA must post a “Do Not Sell My Personal Information” link on their websites allowing consumers to easily exercise their right of opting-out. (4) 5) The right of Californians to equal service and price, even if they exercise their privacy rights.