Enhancing Security Governance

Data Breach Today

Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S.

US Government Sites Give Bad Security Advice

Krebs on Security

government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now. government. Many U.S.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Russian Hackers Revamp Malware, Target Governments: Report

Data Breach Today

Turla Group Targeted Agencies in Eastern Europe, ESET Researchers Say Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET.

UK Government Proposes IoT Security Measures

Data Breach Today

government is taking the first steps toward creating new security requirements for manufacturers to strengthen password protections and improve how vulnerabilities are reported

IoT 151

The Evolution of Cloud Governance

Data Breach Today

Expanse CTO Matt Kraning on Meeting New Demands for Cloud Security The good news is: Organizations are embracing the cloud, and that's a boon to velocity and digital transformation. The bad news: Visibility and governance take a huge hit.

Data Governance Makes Data Security Less Scary

erwin

The Regulatory Rationale for Integrating Data Management & Data Governance. Now, as Cybersecurity Awareness Month comes to a close – and ghosts and goblins roam the streets – we thought it a good time to resurrect some guidance on how data governance can make data security less scary.

Data Governance 2.0: The CIO’s Guide to Collaborative Data Governance

erwin

In the data-driven era, CIO’s need a solid understanding of data governance 2.0 … Data governance (DG) is no longer about just compliance or relegated to the confines of IT. Today, data governance needs to be a ubiquitous part of your organization’s culture.

Hackers Target Chinese Government Agencies Via VPNs: Report

Data Breach Today

Zero-Day Vulnerabilities in VPN Servers Exploited, Quihoo 360 Reports Hackers are targeting Chinese government agencies and their employees by taking advantage of zero-day vulnerabilities in VPN servers to plant backdoors and other malware, researchers at the Chinese security firm Qihoo 360 report

Government Shutdown: Impact on Health Data Security, Privacy

Data Breach Today

HIPAA Enforcement Agency Open, But Regulatory Activity Slows Down Some regulatory activity related to health data privacy and security is on hold as a result of the partial government shutdown.

Kazakhstan Government Intercepting All Secured Internet Traffic

Adam Levin

The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders. Once installed, this certificate allows the government to decrypt and analyze all incoming internet traffic. . Data Security Government Cybersecurity Technology featured kazakhstan https

Zoom Bombing Attack Hits U.S. Government Meeting

Threatpost

Web Security coronavirus Privacy Security US government work from home zoom zoom security Zoom-bombingA recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter.

Government Shutdown Hampers Cybersecurity

Adam Levin

Government has impacted federal cybersecurity according to several reports. 85% of the National Institute of Standards and Technology , which produces the Cybersecurity Framework of private and public sector security standards. The ongoing shutdown of the U.S.

Recent DNS Hijacking Campaigns Trigger Government Action

Data Breach Today

governments to issues warnings and policy updates to improve security

Data Governance as an Emergency Service

erwin

Data governance (DG) as a an “emergency service” may be one critical lesson learned coming out of the COVID-19 crisis. Deploying a Data Governance Strategy. Deploying individual data governance elements does not constitute a strategy, much less a sustainable program.

Data Governance for Smart Data Distancing

erwin

During this coronavirus emergency, we are all being deluged by data from politicians, government agencies, news outlets, social media and websites, including valid facts but also opinions and rumors. Data Governance Methods for Data Distancing. Hello from my home office!

Services Provider to Government Left Database Exposed: Report

Data Breach Today

federal and local government agencies left a massive production database exposed to the internet, potentially allowing attackers to rewrite content on websites or plant malware, according to a security researcher

U.S. government innovates cyber security job fulfillment

Information Management Resources

government has made in using creative and innovative approaches to hiring individuals for cyber security roles. Cyber security Data security Cyber attacksA number of agencies recently commented on the progress the U.S.

Metadata Management, Data Governance and Automation

erwin

erwin released its State of Data Governance Report in February 2018, just a few months before the General Data Protection Regulation (GDPR) took effect. Download Free GDPR Guide | Step By Step Guide to Data Governance for GDPR?. Can the 80/20 Rule Be Reversed?

The Changing Face of Data Security in Federal Government

Thales eSecurity

The post The Changing Face of Data Security in Federal Government appeared first on Data Security Blog | Thales eSecurity. Data security

Government Agencies Field More Cybersecurity Maturity Models

Data Breach Today

Pentagon and DOE Pitch Security Frameworks - But Should They Defer to NIST? The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls.

Business Process Can Make or Break Data Governance

erwin

Data governance isn’t a one-off project with a defined endpoint. Data governance, today, comes back to the ability to understand critical enterprise data within a business context, track its physical existence and lineage, and maximize its value while ensuring quality and security.

Data Governance Tools: What Are They? Are They Optional?

erwin

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance 1.0

French Government App Shows Difficulties with Secure Communications

Adam Levin

A messaging app released by the French government to secure internal communications has gotten off to a troubled start. Tchap was released in beta earlier this month as a secure messaging app exclusively for government officials.

Analysis: Government Policies on Huawei's 5G Role

Data Breach Today

The latest edition of the ISMG Security Report discusses the ramifications of the U.K's Plus: Updates on Wawa's stolen card offered for sale and nascent security threats from social networks and drones

Government VPN Servers Targeted in Zero-Day Attack

Threatpost

The attacks are being carried out against Chinese government interests worldwide, according to Qihoo 360.

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . local governments have increasingly been targeted by ransomware campaigns, including Baltimore, Atlanta and several Florida cities.

Security Risks of Government Hacking

Schneier on Security

Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking.

Risk 70

Federal Government is Excelling at Digital Transformation While Security Challenges Gain Ground

Thales eSecurity

federal government contends with a tidal wave of demands in the COVID-19 battle, agencies are pushed to unprecedented limits. Unfortunately, some ground is also being lost in a tradeoff between aggressively transforming technology and data security. Data securityAs the U.S.

8 Steps to Enhance Government Agencies' Security Posture

Dark Reading

Given the heterogeneous architectures of critical state and local systems, it's imperative we learn from the security exposures of other critical infrastructure and pledge to be better

Data governance for data privacy

Collibra

They need data governance. . They need data governance. What does data governance do? Governance delivers the context, relationships, lineage, and access data citizens need to make decisions around data. Data governance puts processes around your data.

Official Government COVID-19 Apps Hide a Raft of Threats

Threatpost

Government Mobile Security Privacy Vulnerabilities Android backdoor Colombia coronavirus tracking COVID-19 google play government apps Irán italy mobile apps official mobile apps Pandemic tracking apps vulnerabilities ZeroFOX Alpha Team

Proposed government Coronavirus contact tracing app leaked data

Security Affairs

A contact tracking app for the Coronavirus proposed to the government of the Netherlands is affected by security issues that could expose user data. The development team is working to fix the security and privacy issue and announced that it will go on with the selection process.

Welcoming the Icelandic Government to Have I Been Pwned

Troy Hunt

Hot on the heels of onboarding the USA government to Have I Been Pwned last month , I'm very happy to welcome another national government - Iceland! Have I Been Pwned Government

For the second time in a few days, Greek Government websites hit by DDoS attacks

Security Affairs

The Greek government announced that a DDoS cyber attack hit the official state websites of the prime minister, the national police and fire service and several important ministries. The websites involved in the attack have been already restored by the government IT staff.

The Russian Government blocked ProtonMail and ProtonVPN

Security Affairs

The p opular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service.

CERT France – Pysa ransomware is targeting local governments

Security Affairs

CERT France is warning of a new wave of attacks using Pysa ransomware (Mespinoza) that is targeting local governments. CERT France cyber-security agency is warning about a new wave of ransomware attack that is targeting the networks of local government authorities.

Using Strategic Data Governance to Manage GDPR/CCPA Complexity

erwin

In light of recent, high-profile data breaches, it’s past-time we re-examined strategic data governance and its role in managing regulatory requirements. Govern PII “at rest”. Govern PII “in motion”. Strengthen data security.

GDPR 112

Top 10 Data Governance Trends for 2020: Data’s Real Value Comes Into Focus

erwin

Understanding the data governance trends for the year ahead will give business leaders and data professionals a competitive edge … Happy New Year! Regulatory compliance and data breaches have driven the data governance narrative during the past few years.

Government Websites Deliver Cryptocurrency Mining Code

Data Breach Today

Security of Code Pushed by Content Delivery Networks Remains Ongoing Concern More than 4,200 websites, some belonging to the U.S., and Australian governments, have been turning their visitors' computers into mining machines to harvest the virtual currency Monero.

Mining 173

Microsoft's Records Management Tool Aims to Simplify Data Governance

Dark Reading

Records Management is intended to help businesses manage security and data governance as more struggle to handle increased amounts of data and regulatory requirements