10 Benefits of Running Cybersecurity Exercises

Dark Reading

There may be no better way to ascertain your organization's strengths and weaknesses than by running regular security drills

Incident Response: Why a Tabletop Exercise Is Essential

Data Breach Today

Attorney Ronald Raether on Building a Cybersecurity Culture Tabletop exercises are a critical way to make sure an organization's incident response plan is effective and everyone knows their roles, says Ronald Raether of the law firm Troutman Sanders

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

President Biden’s Peloton exercise equipment under scrutiny

Security Affairs

President Joe Biden can’t bring his Peloton exercise equipment to the White House due to security reasons. Peloton exercise equipment’s popularity surged during the pandemic, it allows users to do gymnastic exercise from home, interacting with each other within an online community.

IoT 107

Exercising Social Distancing With Online Doctor Appointments

Record Nations

The post Exercising Social Distancing With Online Doctor Appointments appeared first on Record Nations.

54

Locked Shields 2019 – Chapeau, France wins Cyber Defence Exercise

Security Affairs

The international live-fire cyber defence exercise Locked Shields 2019 (LS19) took place on April 8-12 in Tallinn, Estonia, and the figures behind this important competition are important. “This year the exercise evolved around 4000 virtualised systems that had to take more than 2500 attacks. ” said Lauri Luht, Head of Cyber Exercises at NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE).

This Is Not a Drill: Designing Tabletop Exercises to Test Your Preservation Strategies

Hanzo Learning Center

If you—or your child—have ever been in a live performance, you know that it hardly matters how much time and effort the cast and crew have put in: the moment that curtain goes up, everything changes.

IT 52

DNC Incident Was a Phishing Exercise

Dark Reading

False alarm sent Democratic National Committee into high alert this week amid concerns of a new cyberattack

Laying the Path for a Successful IT Modernization Exercise

Micro Focus

Today, most businesses don’t need to be convinced about the need to modernize their IT landscape. Nevertheless, any big transformation can have a wide-ranging impact on the organization. So, it needs to be well thought out. Primarily, enterprises are looking to modernize for two main reasons. One, they are keen to futureproof their business by. View Article. Application Modernization and Connectivity COBOL Core Systems Disruptive technologies Enterprise Applications Mainframe Modernization

IT 51

HHS Announces Exercise of Enforcement Discretion for Entities Engaged in COVID-19 Relief Efforts

Data Matters

First, as covered in an earlier posting , HHS took action to waive penalties and assure companies that it would exercise enforcement discretion with respect to the Privacy Rule’s application to telehealth services and certain limited communication activities related to COVID-19 treatment efforts. The post HHS Announces Exercise of Enforcement Discretion for Entities Engaged in COVID-19 Relief Efforts appeared first on Data Matters Privacy Blog.

In Boston Exercise, Election Hackers Bypass Voting Machines

The Security Ledger

At an exercise in Boston that imagined a cyber attack designed to disrupt an important election in a “swing state,” voting machines were not an issue. It’s election day in Nolandia, an imaginary, mid-sized U.S. city in a key “swing” state, and things are not going as planned – at least for government. Read the whole entry. »

Dept. of Energy announced the Liberty Eclipse exercise to test electrical grid against cyber attacks

Security Affairs

DoE announced the Liberty Eclipse exercise to test the electrical grid ‘s ability to recover from a blackout caused by cyberattacks. The Department of Energy wants to test the resilience of an electrical grid to a cyber attack, so it’s going to launch the first hands-on exercise to test the ability of the operators of such infrastructure in recovering from a blackout caused by a cyber attack.

Weekly podcast: TSB, hotel locks and NATO exercise

IT Governance

This week, we discuss TSB’s chaotic system upgrade, a security flaw in electronic hotel locks and a major NATO cyber security exercise. NATO has announced that it has launched “the largest and most advanced international live-fire cyber defence exercise” this week to “practise protection of national IT systems and critical infrastructure under the intense pressure of a severe cyber attack”. According to CCDCOE, the exercise is running from 23 to 27 April.

To the Victor Go the Spoliation Sanctions: Eastern District of Louisiana Exercises Inherent Power to Issue Sanctions for Spoliation via JD Supra

IG Guru

” The post To the Victor Go the Spoliation Sanctions: Eastern District of Louisiana Exercises Inherent Power to Issue Sanctions for Spoliation via JD Supra appeared first on IG GURU.

IT 52

Cybersecurity Panel Discussion: A Live Cyber Attack Tabletop Exercise

Hunton Privacy

On March 21, 2017, Hunton & Williams is pleased to host an in-person seminar in its London office featuring seasoned cybersecurity practitioners. Drawing from deep experience in their respective fields, the panel members will discuss the implications of the EU General Data Protection Regulation’s breach notification obligations in the context of a state-of-the-art cyber attack simulation.

Real Pen Work and Exercises for Flourishing

Archives Blogs

There are handwriting exercises as well as exercises for flourishing, the latter of which sounds suspiciously like something one would find on a clean eating and wellness blog. We recently acquired a lovely volume entitled Real Pen Work: Self Instructor in Penmanship, published in 1884 by Knowles & Maxim. This book includes step-by-step instructions on everything from how to sit properly at your writing desk to the proper degree to which to slant letters.

IT 20

How a Phishing Awareness Test Went Very Wrong

Data Breach Today

But an exercise run by Tribune Publishing Co. created a searing backlash after its phishing exercise tempted employees with bogus bonuses in a year in which they had already endured financial hardships Tribune Publishing Co. Employees Outraged at Phishing Test Teasing a Bonus Training employees to resist phishing emails is key to preventing compromises.

7 Must-Haves for a Rockin' Red Team

Dark Reading

Follow these tips for running red-team exercises that will deliver added insight into your operations

64

Teleworking by Healthcare Employees: Security Challenges

Data Breach Today

With increasing demands on healthcare organizations to quickly accommodate a surge of teleworking employees as a result of the COVID-19 pandemic, IT and information security departments need to exercise security vigilance, says former healthcare CIO Drex DeFord

HHS Issues Limited Waiver of Certain HIPAA Privacy Rule Obligations and Exercises Enforcement Discretion with Respect to Telehealth Services In Light of COVID Public Health Emergency

Data Matters

First, effective March 15, 2020, Health and Human Services Secretary Azar exercised his statutory authority to issue a waiver of penalties and sanctions that would otherwise apply to certain hospitals for violations of specified provisions of the HIPAA Privacy Rule. This week the Department of Health and Human Services (HHS) took action to relax certain federal health information privacy restrictions under HIPAA in response to COVID-19.

Fight Phishing with Intention

Dark Reading

Phishing exercises have become a staple, but it helps to be as clear as possible on exactly why you're doing them

Strava Fitness App Shares Secret Army Base Locations

Dark Reading

The exercise tracker published a data visualization map containing exercise routes shared by soldiers on active duty

41

68% of Companies Say Red Teaming Beats Blue Teaming

Dark Reading

The majority of organizations surveyed find red team exercises more effective than blue team testing, research shows

62

False Alarm: Phishing Attack Against DNC Was Just a Test

Data Breach Today

Unannounced Exercise Stoked Voter Database Hacking Fears A website that appeared to be part of a phishing campaign designed to gain access to the Democratic National Committee's voter database has turned out to be part of an uncoordinated security exercise.

Introducing 'Secure Access Service Edge'

Dark Reading

The industry's latest buzzword is largely a repackaging exercise that bundles a collection of capabilities together and offers them as a cloud-delivered service

Mozilla's Guide to Privacy-Aware Christmas Shopping

Schneier on Security

Mozilla reviews the privacy practices of Internet-connected toys, home accessories, exercise equipment, and more

Apple White Hat Hack Shows Value of Pen Testers

eSecurity Planet

An eye-opening exercise at Apple showed the value of human security testers in addition to tools - and the value of bug bounty programs too

Fact Checking: Sizing Up Facebook's Efforts

Data Breach Today

Is the social media giant merely conducting a public relations exercise A Former Fact Checker Shares Her Experience Facebook's effort to stem the flow of fake news globally has been ineffective, allege some fact checkers who have collaborated with the social media giant to identify and debunk false stories.

142
142

NATO Group Catfished Soldiers to Prove a Point About Privacy

WIRED Threat Level

With $60 and a few fake Facebook accounts, researchers were able to identify service members in a military exercise, track their movement, and even persuade them to disobey orders. Security

Don’t Wanna Pay Ransom Gangs? Test Your Backups.

Krebs on Security

” Wosar said it’s essential that organizations drill their breach response plans in periodic tabletop exercises, and that it is in these exercises that companies can start to refine their plans. That’s why tabletop exercises are incredibly important.

I think, therefore I modernize: introducing Enterprise Suite 6.0

Micro Focus

I need to change – IT needs to change Rapid and large-scale IT change is a very costly exercise. Worse still, it is fraught with risk, the IT world beset with uncomfortable stories of failed transformational programs. CIOs can ill-afford such risk.

Risk 103

This is the old ChiefTech blog.: BEA's annual enterprise portal report and the 4th way

ChiefTech

Saturday, 10 November 2007 BEA's annual enterprise portal report and the 4th way Ok, its a marketing exercise by BEA so its going to be a little biased but their annual report on the state of the enterprise portal market is still worth a look. This is the old ChiefTech blog. Nice of you to drop in and visit. However, you need to come over and see my new blog at chieftech.com.au. ©2005-2009. ©2005-2009.

Nation-State Attacks: Why Healthcare Must Prepare

Data Breach Today

and Iran continue to rise, healthcare organizations need to exercise extra vigilance in shoring up their security to defend against potential Iranian cyberattacks on critical infrastructure sectors, says Errol Weiss of the Health Information Sharing and Analysis Center As tensions between the U.S.

Facebook's Download-Your-Data Tool Is Incomplete

Schneier on Security

As a user this means you can't exercise your rights under GDPR because you don't know which companies have uploaded data to Facebook. Information provided about the advertisers is also very limited (just a name and no contact details), preventing users from effectively exercising their rights.

Applied Threat Modeling at Blackhat 2021!

Adam Shostack

This is capped off with an end-to-end exercise that brings the skills together. At Blackhat USA, I’ll be teaching Applied Threat Modeling. This hands-on, interactive class will focus on learning to threat model by executing each of the steps.

IT 52

Three ways the California Consumer Privacy Act (CCPA) can help bolster your customer satisfaction

IBM Big Data Hub

This exploitation is a result of the theft or breach of data, as well as the limited controls and rights that people associated with this data can exercise.

IT 67

Digital transformation threats and opportunities in travel and transportation

DXC

In travel and transportation most companies today don’t look at customer journeys as a collaborative exercise. They consider their job done when passengers are delivered safely to their appointed destination for their segment. A railway, for example, may only care that it has moved passengers safely from station A to station B. It ignores the […].

Can Training Work Remotely?

Adam Shostack

I see two sets of advantages: the exercises and time budgets. On the exercises, people can spend the time they need. This can also be a curse, and so our exercises have a time range per exercise so people can see when to ask for help.) Also, doing the exercises in small groups does have its advantages, and a key disadvantage: the weaker students can just nod along, rather than struggling through the exercises.

IT 40

UK: Lloyd v Google LLC – data protection class action claims

DLA Piper Privacy Matters

If the “same interest” test is satisfied, should the Court exercise its discretion and disallow the representative action proceeding in any event?

SynerComm Reboots a Security Staple with 'Continuous' Pen Testing

Dark Reading

In addition to a service that offers round-the-clock pen testing, SynerComm also provides purple team testing, effectively splitting the difference with red- and blue-team exercises SPONSORED CONTENT: Penetration testing has evolved well beyond a couple guys you hire to try and break into your network, according to SynerComm's Brian Judd.

Steps for implementing a non-invasive data governance program

Information Management Resources

Organizations need to ensure that the exercise of data governance is non-invasive and transparent so it does not seem forceful. Data governance Data quality Data management Data ownership