10 Benefits of Running Cybersecurity Exercises

Dark Reading

There may be no better way to ascertain your organization's strengths and weaknesses than by running regular security drills

President Biden’s Peloton exercise equipment under scrutiny

Security Affairs

President Joe Biden can’t bring his Peloton exercise equipment to the White House due to security reasons. Peloton exercise equipment’s popularity surged during the pandemic, it allows users to do gymnastic exercise from home, interacting with each other within an online community.

IoT 86
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Incident Response: Why a Tabletop Exercise Is Essential

Data Breach Today

Attorney Ronald Raether on Building a Cybersecurity Culture Tabletop exercises are a critical way to make sure an organization's incident response plan is effective and everyone knows their roles, says Ronald Raether of the law firm Troutman Sanders

Exercising Social Distancing With Online Doctor Appointments

Record Nations

The post Exercising Social Distancing With Online Doctor Appointments appeared first on Record Nations. At a time where pandemics like the COVID-19 virus are widespread and signs or symptoms of infection are still unclear, many people will obviously want to be able to consult their doctor about preventative measures and treatment options. Unfortunately though, some of those preventative measures include social distancing and stay at home standards, which in […].

52

This Is Not a Drill: Designing Tabletop Exercises to Test Your Preservation Strategies

Hanzo Learning Center

If you—or your child—have ever been in a live performance, you know that it hardly matters how much time and effort the cast and crew have put in: the moment that curtain goes up, everything changes.

IT 52

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise

Security Affairs

The international live-fire cyber defence exercise Locked Shields 2019 (LS19) took place on April 8-12 in Tallinn, Estonia, and the figures behind this important competition are important. “This year the exercise evolved around 4000 virtualised systems that had to take more than 2500 attacks. ” said Lauri Luht, Head of Cyber Exercises at NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE).

Laying the Path for a Successful IT Modernization Exercise

Micro Focus

Today, most businesses don’t need to be convinced about the need to modernize their IT landscape. Nevertheless, any big transformation can have a wide-ranging impact on the organization. So, it needs to be well thought out. Primarily, enterprises are looking to modernize for two main reasons. One, they are keen to futureproof their business by. View Article. Application Modernization and Connectivity COBOL Core Systems Disruptive technologies Enterprise Applications Mainframe Modernization

IT 66

Bank of England cyber resilience exercise

Data Protection Report

BoE publish high level findings of the financial sector (“sector”) cyber simulation exercise. Exercise overview. The exercise explored the sector’s resilience to a major cyber incident impacting the UK. The exercise demonstrated the sector’s ability to respond to a dynamic and challenging disruption simulation. Communication practices – the exercise recognised the importance of effective communications in maintaining customer and market confidence in the system.

HHS Announces Exercise of Enforcement Discretion for Entities Engaged in COVID-19 Relief Efforts

Data Matters

First, as covered in an earlier posting , HHS took action to waive penalties and assure companies that it would exercise enforcement discretion with respect to the Privacy Rule’s application to telehealth services and certain limited communication activities related to COVID-19 treatment efforts. The post HHS Announces Exercise of Enforcement Discretion for Entities Engaged in COVID-19 Relief Efforts appeared first on Data Matters Privacy Blog.

In Boston Exercise, Election Hackers Bypass Voting Machines

The Security Ledger

At an exercise in Boston that imagined a cyber attack designed to disrupt an important election in a “swing state,” voting machines were not an issue. It’s election day in Nolandia, an imaginary, mid-sized U.S. city in a key “swing” state, and things are not going as planned – at least for government. Read the whole entry. »

Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid against cyber attacks

Security Affairs

DoE announced the Liberty Eclipse exercise to test the electrical grid ‘s ability to recover from a blackout caused by cyberattacks. The Department of Energy wants to test the resilience of an electrical grid to a cyber attack, so it’s going to launch the first hands-on exercise to test the ability of the operators of such infrastructure in recovering from a blackout caused by a cyber attack.

Weekly podcast: TSB, hotel locks and NATO exercise

IT Governance

This week, we discuss TSB’s chaotic system upgrade, a security flaw in electronic hotel locks and a major NATO cyber security exercise. NATO has announced that it has launched “the largest and most advanced international live-fire cyber defence exercise” this week to “practise protection of national IT systems and critical infrastructure under the intense pressure of a severe cyber attack”. According to CCDCOE, the exercise is running from 23 to 27 April.

To the Victor Go the Spoliation Sanctions: Eastern District of Louisiana Exercises Inherent Power to Issue Sanctions for Spoliation via JD Supra

IG Guru

” The post To the Victor Go the Spoliation Sanctions: Eastern District of Louisiana Exercises Inherent Power to Issue Sanctions for Spoliation via JD Supra appeared first on IG GURU. “The court found that Defendant proved that Plaintiff had violated its discovery obligations because it showed that Plaintiff had previously posted the original, unaltered photo on social media.”

IT 43

Real Pen Work and Exercises for Flourishing

Archives Blogs

There are handwriting exercises as well as exercises for flourishing, the latter of which sounds suspiciously like something one would find on a clean eating and wellness blog. We recently acquired a lovely volume entitled Real Pen Work: Self Instructor in Penmanship, published in 1884 by Knowles & Maxim. This book includes step-by-step instructions on everything from how to sit properly at your writing desk to the proper degree to which to slant letters.

IT 20

Cybersecurity Panel Discussion: A Live Cyber Attack Tabletop Exercise

Hunton Privacy

On March 21, 2017, Hunton & Williams is pleased to host an in-person seminar in its London office featuring seasoned cybersecurity practitioners. Drawing from deep experience in their respective fields, the panel members will discuss the implications of the EU General Data Protection Regulation’s breach notification obligations in the context of a state-of-the-art cyber attack simulation.

How a Phishing Awareness Test Went Very Wrong

Data Breach Today

But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships Tribune Publishing Co. Employees Outraged at Phishing Test Teasing a Bonus Training employees to resist phishing emails is key to preventing compromises.

7 Must-Haves for a Rockin' Red Team

Dark Reading

Follow these tips for running red-team exercises that will deliver added insight into your operations

82

HHS Issues Limited Waiver of Certain HIPAA Privacy Rule Obligations and Exercises Enforcement Discretion with Respect to Telehealth Services In Light of COVID Public Health Emergency

Data Matters

First, effective March 15, 2020, Health and Human Services Secretary Azar exercised his statutory authority to issue a waiver of penalties and sanctions that would otherwise apply to certain hospitals for violations of specified provisions of the HIPAA Privacy Rule. This week the Department of Health and Human Services (HHS) took action to relax certain federal health information privacy restrictions under HIPAA in response to COVID-19.

Teleworking by Healthcare Employees: Security Challenges

Data Breach Today

With increasing demands on healthcare organizations to quickly accommodate a surge of teleworking employees as a result of the COVID-19 pandemic, IT and information security departments need to exercise security vigilance, says former healthcare CIO Drex DeFord

Strava Fitness App Shares Secret Army Base Locations

Dark Reading

The exercise tracker published a data visualization map containing exercise routes shared by soldiers on active duty

53

Fight Phishing with Intention

Dark Reading

Phishing exercises have become a staple, but it helps to be as clear as possible on exactly why you're doing them

68% of Companies Say Red Teaming Beats Blue Teaming

Dark Reading

The majority of organizations surveyed find red team exercises more effective than blue team testing, research shows

76

Apple White Hat Hack Shows Value of Pen Testers

eSecurity Planet

An eye-opening exercise at Apple showed the value of human security testers in addition to tools - and the value of bug bounty programs too

Introducing 'Secure Access Service Edge'

Dark Reading

The industry's latest buzzword is largely a repackaging exercise that bundles a collection of capabilities together and offers them as a cloud-delivered service

Mozilla's Guide to Privacy-Aware Christmas Shopping

Schneier on Security

Mozilla reviews the privacy practices of Internet-connected toys, home accessories, exercise equipment, and more

False Alarm: Phishing Attack Against DNC Was Just a Test

Data Breach Today

Unannounced Exercise Stoked Voter Database Hacking Fears A website that appeared to be part of a phishing campaign designed to gain access to the Democratic National Committee's voter database has turned out to be part of an uncoordinated security exercise.

Fact Checking: Sizing Up Facebook's Efforts

Data Breach Today

Is the social media giant merely conducting a public relations exercise A Former Fact Checker Shares Her Experience Facebook's effort to stem the flow of fake news globally has been ineffective, allege some fact checkers who have collaborated with the social media giant to identify and debunk false stories.

151
151

NATO Group Catfished Soldiers to Prove a Point About Privacy

WIRED Threat Level

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders. Security

Nation-State Attacks: Why Healthcare Must Prepare

Data Breach Today

and Iran continue to rise, healthcare organizations need to exercise extra vigilance in shoring up their security to defend against potential Iranian cyberattacks on critical infrastructure sectors, says Errol Weiss of the Health Information Sharing and Analysis Center As tensions between the U.S.

This is the old ChiefTech blog.: BEA's annual enterprise portal report and the 4th way

ChiefTech

Saturday, 10 November 2007 BEA's annual enterprise portal report and the 4th way Ok, its a marketing exercise by BEA so its going to be a little biased but their annual report on the state of the enterprise portal market is still worth a look. This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009.

I think, therefore I modernize: introducing Enterprise Suite 6.0

Micro Focus

I need to change – IT needs to change Rapid and large-scale IT change is a very costly exercise. Worse still, it is fraught with risk, the IT world beset with uncomfortable stories of failed transformational programs. CIOs can ill-afford such risk. By reusing valuable, trusted core applications and data, a smarter approach is available. View Article.

Risk 81

Facebook's Download-Your-Data Tool Is Incomplete

Schneier on Security

As a user this means you can't exercise your rights under GDPR because you don't know which companies have uploaded data to Facebook. Information provided about the advertisers is also very limited (just a name and no contact details), preventing users from effectively exercising their rights.

SynerComm Reboots a Security Staple with 'Continuous' Pen Testing

Dark Reading

In addition to a service that offers round-the-clock pen testing, SynerComm also provides purple team testing, effectively splitting the difference with red- and blue-team exercises SPONSORED CONTENT: Penetration testing has evolved well beyond a couple guys you hire to try and break into your network, according to SynerComm's Brian Judd.

Containers Complicate Compliance (And What To Do About It)

The Security Ledger

Here, we see it’s all too common for organizations to treat testing compliance as a checkbox exercise and to thereby view compliance in a way that goes against its entire purpose. If you work within the security industry, compliance is seen almost as a dirty word.

Digital transformation threats and opportunities in travel and transportation

DXC

In travel and transportation most companies today don’t look at customer journeys as a collaborative exercise. They consider their job done when passengers are delivered safely to their appointed destination for their segment. A railway, for example, may only care that it has moved passengers safely from station A to station B. It ignores the […].

Three ways the California Consumer Privacy Act (CCPA) can help bolster your customer satisfaction

IBM Big Data Hub

This exploitation is a result of the theft or breach of data, as well as the limited controls and rights that people associated with this data can exercise. Data has grown exponentially over the last decade, to the extent where it is often referred to as a “natural resource,” and its rapid and uncontrolled growth has resulted in its poor management.

IT 52

Beginning Fuzz Cycle Automation: Improving Testing and Fuzz Development with Coverage Analysis

ForAllSecure

This time we’ll take a look at how to write better tests in the form of harness programs (also known as fuzz drivers, programs written to exercise specific parts of the code) that we will use for fuzz testing In my previous post , we covered using bncov to do open-ended coverage analysis tasks to inform our testing.

62

Steps for implementing a non-invasive data governance program

Information Management Resources

Organizations need to ensure that the exercise of data governance is non-invasive and transparent so it does not seem forceful. Data governance Data quality Data management Data ownership

G-7 authorities to war game cyber attack on bank for first time

Information Management Resources

Financial watchdogs are preparing one of the broadest war-gaming exercises to test the effect of a cyber attack that disables a large international bank for days. Data security Cyber security Fintech Cyber attacks

Why have I joined the LinkedIn Data Protection Reform Group?

Data Protector

Complexity also frustrates individuals who try to exercise information rights, only to learn that obscure exceptions to the rules actually result in them having fewer rights than they realised.

GDPR 156