Expert insights. Personalized for you.
In this blog, we will focus on the importance of Governance, Risk Management, and Compliance (GRC) programs within the NIST Privacy Framework. Having an organizational governance structure increases the effectiveness and efficiency in privacy program management. MORE
Most data and IT leaders know that their organizations need data governance to stay afloat in the current market landscape. In order to implement data governance, your organization needs to see that there is value in embarking on the journey. 3 Building blocks of a governance use case. MORE
Turla Group Targeted Agencies in Eastern Europe, ESET Researchers Say Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET MORE
Google has removed an app from the Play Store that was used by the Belarusian government to spy on anti-government protesters. App mimicked a popular anti-government news site and collected location and device owner details. SecurityAffairs – hacking, Belarusian government). MORE
Web Security coronavirus Privacy Security US government work from home zoom zoom security Zoom-bombingA recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter. MORE
The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks. . MORE
US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks. MORE
In the data-driven era, CIO’s need a solid understanding of data governance 2.0 … Data governance (DG) is no longer about just compliance or relegated to the confines of IT. Today, data governance needs to be a ubiquitous part of your organization’s culture. As the CIO, your stakeholders include both IT and business users in collaborative relationships, which means data governance is not only your business, it’s everyone’s business. Data Security. MORE
federal and local government agencies left a massive production database exposed to the internet, potentially allowing attackers to rewrite content on websites or plant malware, according to a security researcher Researcher Says Exposed Granicus Database Could Have Made Websites Vulnerable One of the largest IT services providers for U.S. MORE
The news is not surprising for people working in the cyber security sector, the British military claims to have had an offensive cyber capability for a decade. The post The British government aims at improving its offensive cyber capability appeared first on Security Affairs. MORE
The Norwegian government has blamed Russia for a hacking campaign that targeted the email accounts of parliament members. The Russian government has dismissed the allegations as baseless, citing a lack of evidence. “We MORE
And as you make this transition, you need to understand what data you have, know where it is located, and govern it along the way. By using automated and repeatable capabilities, you can quickly and safely migrate data to the cloud and govern it along the way. MORE
Organizations with a solid understanding of data governance (DG) are better equipped to keep pace with the speed of modern business. In this post, the erwin Experts address: What Is Data Governance? Why Is Data Governance Important? What Is Good Data Governance? MORE
The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning of an increase in Emotet malware-based phishing attacks on state and local agencies. Since then, government agencies in the U.S., MORE
Following in the footsteps of many other national governments before them , I'm very happy to welcome the Canadian Centre for Cyber Security to Have I Been Pwned. The Canadian Centre for Cyber Security now has full and free access to query all Canadian federal government domains across both past and future breaches. Canada's inclusion in the service brings the total to 11 federal governments across North America, Europe and Australia. MORE
government has made in using creative and innovative approaches to hiring individuals for cyber security roles. Cyber security Data security Cyber attacksA number of agencies recently commented on the progress the U.S. MORE
Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S. Department of Health and Human Services Healthcare Industry Cybersecurity Task Force MORE
Cybersecurity and Infrastructure Security Agency is warning about a recent spike in Emotet botnet attacks - designed to spread other malware - that are targeting state and local government agencies Botnet Called 'One of the Most Prevalent Ongoing Threats' The U.S. MORE
I recently had the pleasure of sharing some industry insights from our 2019 Data Threat Report-Federal Edition on Cyberwire’s Daily Podcast –specifically addressing the gap in security responsibility many federal agencies face today as they move tremendous amounts of sensitive data into multicloud environments. The post The Changing Face of Data Security in Federal Government appeared first on Data Security Blog | Thales eSecurity. Data security MORE
Pentagon and DOE Pitch Security Frameworks - But Should They Defer to NIST? The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls. But should they defer to the NIST Cybersecurity Framework instead MORE
Why should you integrate data governance (DG) and enterprise architecture (EA)? Data governance provides time-sensitive, current-state architecture information with a high level of quality. Automating Data Governance and Enterprise Architecture. MORE
governments to issues warnings and policy updates to improve security US and UK Agencies Respond to Increasing Attacks A recent spate of attacks targeting domain name system protocols and registrars, including several incidents that researchers believe have ties to nation-state espionage, is prompting the U.S. and U.K. MORE
Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data governance refers to the strategic and ongoing efforts by an organization to ensure that data is discoverable and its quality is good. It is also used to make data more easily understood and secure. MORE
erwin released its State of Data Governance Report in February 2018, just a few months before the General Data Protection Regulation (GDPR) took effect. This research showed that the majority of responding organizations weren’t actually prepared for GDPR, nor did they have the understanding, executive support and budget for data governance – although they recognized the importance of it. Download Free GDPR Guide | Step By Step Guide to Data Governance for GDPR?. MORE
government is taking the first steps toward creating new security requirements for manufacturers to strengthen password protections and improve how vulnerabilities are reported Rules Would Strengthen Password Protection and Vulnerability Reporting With the number of installed internet of things devices expected to surpass 75 billion by 2025, the U.K. MORE
The Regulatory Rationale for Integrating Data Management & Data Governance. Now, as Cybersecurity Awareness Month comes to a close – and ghosts and goblins roam the streets – we thought it a good time to resurrect some guidance on how data governance can make data security less scary. It’s easier to protect sensitive data when you know what it is, where it’s stored and how it needs to be governed. Happy Halloween! Do you know where your data is? What data you have? MORE
As organizations adapt to this changed environment, they will need to prepare for an uptick in the amount and type of information generated, and move more quickly toward governance automation to manage their data. MORE
Security Security / Cyberattacks and HacksA previously unreported Fancy Bear campaign persisted for well over a year—and indicates that the notorious group has broadened its focus. MORE
Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. From the report's conclusion: Government hacking is often lauded as a solution to the "going dark" problem. Backdoors, however, mean everybody is vulnerable and a security failure fails catastrophically. MORE
government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now. government. Many U.S. MORE
Data governance is important because it brings meaning to an organization’s data. Why is data governance important? Data governance is about managing data and processes so data can be used as a consistent, secure and organized asset that meets policies and standards. MORE
Zero-Day Vulnerabilities in VPN Servers Exploited, Quihoo 360 Reports Hackers are targeting Chinese government agencies and their employees by taking advantage of zero-day vulnerabilities in VPN servers to plant backdoors and other malware, researchers at the Chinese security firm Qihoo 360 report MORE
Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products MORE
Data governance isn’t a one-off project with a defined endpoint. Data governance, today, comes back to the ability to understand critical enterprise data within a business context, track its physical existence and lineage, and maximize its value while ensuring quality and security. Historically, little attention has focused on what can literally make or break any data governance initiative — turning it from a launchpad for competitive advantage to a recipe for disaster. MORE
The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders. Under a new directive effective 7/17, the Kazakhstan government is requiring every internet service provider in the country to install a security certificate onto every internet-enabled device and browser. Once installed, this certificate allows the government to decrypt and analyze all incoming internet traffic. . MORE
Sites to Implement HTTP Strict Transport Security Protocol Federal agencies will add a layer of security to their websites that use the top-level domain.gov. All the sites eventually will use the HSTS protocol, which ensures that a users' connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking MORE
HIPAA Enforcement Agency Open, But Regulatory Activity Slows Down Some regulatory activity related to health data privacy and security is on hold as a result of the partial government shutdown. But the agency that enforces HIPAA remains open MORE
Expanse CTO Matt Kraning on Meeting New Demands for Cloud Security The good news is: Organizations are embracing the cloud, and that's a boon to velocity and digital transformation. The bad news: Visibility and governance take a huge hit. Matt Kraning, CTO and co-founder of Expanse, discusses this challenge and how to improve cloud governance MORE
Government has impacted federal cybersecurity according to several reports. The roughly 800,000 federal workers currently on furlough include: 45% of staff from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency , which is tasked with defending critical infrastructure from cyber and physical threats. The Department of Homeland Security’s 2019 Cybersecurity and Innovation Showcase, initially scheduled to begin January 8, was also cancelled. MORE
The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. Threat actors fraudulently acquired login credentials of 9,041 GCKey account holders and used them to try and access government services. MORE
Data Breach Today
DECEMBER 4, 2018
Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S. Department of Health and Human Services Healthcare Industry Cybersecurity Task Force
Krebs on Security
MARCH 25, 2020
government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now. government. Many U.S.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Data Breach Today
OCTOBER 7, 2020
Cybersecurity and Infrastructure Security Agency is warning about a recent spike in Emotet botnet attacks - designed to spread other malware - that are targeting state and local government agencies Botnet Called 'One of the Most Prevalent Ongoing Threats' The U.S.
erwin
AUGUST 28, 2020
Organizations with a solid understanding of data governance (DG) are better equipped to keep pace with the speed of modern business. In this post, the erwin Experts address: What Is Data Governance? Why Is Data Governance Important? What Is Good Data Governance?
Data Breach Today
JUNE 23, 2020
Sites to Implement HTTP Strict Transport Security Protocol Federal agencies will add a layer of security to their websites that use the top-level domain.gov. All the sites eventually will use the HSTS protocol, which ensures that a users' connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking
Data Breach Today
JANUARY 28, 2020
government is taking the first steps toward creating new security requirements for manufacturers to strengthen password protections and improve how vulnerabilities are reported Rules Would Strengthen Password Protection and Vulnerability Reporting With the number of installed internet of things devices expected to surpass 75 billion by 2025, the U.K.
|
Data Breach Today
SEPTEMBER 10, 2019
Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products
erwin
OCTOBER 31, 2019
The Regulatory Rationale for Integrating Data Management & Data Governance. Now, as Cybersecurity Awareness Month comes to a close – and ghosts and goblins roam the streets – we thought it a good time to resurrect some guidance on how data governance can make data security less scary. It’s easier to protect sensitive data when you know what it is, where it’s stored and how it needs to be governed. Happy Halloween! Do you know where your data is? What data you have?
Data Breach Today
MAY 27, 2020
Turla Group Targeted Agencies in Eastern Europe, ESET Researchers Say Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET
Adam Levin
OCTOBER 15, 2020
The Norwegian government has blamed Russia for a hacking campaign that targeted the email accounts of parliament members. The Russian government has dismissed the allegations as baseless, citing a lack of evidence. “We
|
Security Affairs
OCTOBER 13, 2020
The news is not surprising for people working in the cyber security sector, the British military claims to have had an offensive cyber capability for a decade. The post The British government aims at improving its offensive cyber capability appeared first on Security Affairs.
Data Breach Today
JANUARY 24, 2019
HIPAA Enforcement Agency Open, But Regulatory Activity Slows Down Some regulatory activity related to health data privacy and security is on hold as a result of the partial government shutdown. But the agency that enforces HIPAA remains open
erwin
SEPTEMBER 3, 2020
Why should you integrate data governance (DG) and enterprise architecture (EA)? Data governance provides time-sensitive, current-state architecture information with a high level of quality. Automating Data Governance and Enterprise Architecture.
erwin
DECEMBER 6, 2019
In the data-driven era, CIO’s need a solid understanding of data governance 2.0 … Data governance (DG) is no longer about just compliance or relegated to the confines of IT. Today, data governance needs to be a ubiquitous part of your organization’s culture. As the CIO, your stakeholders include both IT and business users in collaborative relationships, which means data governance is not only your business, it’s everyone’s business. Data Security.
erwin
OCTOBER 8, 2020
And as you make this transition, you need to understand what data you have, know where it is located, and govern it along the way. By using automated and repeatable capabilities, you can quickly and safely migrate data to the cloud and govern it along the way.
Adam Levin
JULY 19, 2019
The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders. Under a new directive effective 7/17, the Kazakhstan government is requiring every internet service provider in the country to install a security certificate onto every internet-enabled device and browser. Once installed, this certificate allows the government to decrypt and analyze all incoming internet traffic. .
Adam Levin
JANUARY 9, 2019
Government has impacted federal cybersecurity according to several reports. The roughly 800,000 federal workers currently on furlough include: 45% of staff from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency , which is tasked with defending critical infrastructure from cyber and physical threats. The Department of Homeland Security’s 2019 Cybersecurity and Innovation Showcase, initially scheduled to begin January 8, was also cancelled.
Adam Levin
OCTOBER 8, 2020
The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning of an increase in Emotet malware-based phishing attacks on state and local agencies. Since then, government agencies in the U.S.,
Data Breach Today
JULY 22, 2019
governments to issues warnings and policy updates to improve security US and UK Agencies Respond to Increasing Attacks A recent spate of attacks targeting domain name system protocols and registrars, including several incidents that researchers believe have ties to nation-state espionage, is prompting the U.S. and U.K.
Data Breach Today
APRIL 7, 2020
Zero-Day Vulnerabilities in VPN Servers Exploited, Quihoo 360 Reports Hackers are targeting Chinese government agencies and their employees by taking advantage of zero-day vulnerabilities in VPN servers to plant backdoors and other malware, researchers at the Chinese security firm Qihoo 360 report
Security Affairs
OCTOBER 12, 2020
US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. The agencies warn of risk to elections information housed on government networks.
Security Affairs
OCTOBER 23, 2020
The US government declared that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. state, local, territorial, and tribal (SLTT) government networks, as well as aviation networks. .
Troy Hunt
OCTOBER 6, 2020
Following in the footsteps of many other national governments before them , I'm very happy to welcome the Canadian Centre for Cyber Security to Have I Been Pwned. The Canadian Centre for Cyber Security now has full and free access to query all Canadian federal government domains across both past and future breaches. Canada's inclusion in the service brings the total to 11 federal governments across North America, Europe and Australia.
Security Affairs
AUGUST 17, 2020
The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. Threat actors fraudulently acquired login credentials of 9,041 GCKey account holders and used them to try and access government services.
InfoGoTo
AUGUST 4, 2020
As organizations adapt to this changed environment, they will need to prepare for an uptick in the amount and type of information generated, and move more quickly toward governance automation to manage their data.
Schneier on Security
SEPTEMBER 13, 2018
Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. From the report's conclusion: Government hacking is often lauded as a solution to the "going dark" problem. Backdoors, however, mean everybody is vulnerable and a security failure fails catastrophically.
Thales eSecurity
JULY 3, 2019
I recently had the pleasure of sharing some industry insights from our 2019 Data Threat Report-Federal Edition on Cyberwire’s Daily Podcast –specifically addressing the gap in security responsibility many federal agencies face today as they move tremendous amounts of sensitive data into multicloud environments. The post The Changing Face of Data Security in Federal Government appeared first on Data Security Blog | Thales eSecurity. Data security
Security Affairs
SEPTEMBER 3, 2020
Google has removed an app from the Play Store that was used by the Belarusian government to spy on anti-government protesters. App mimicked a popular anti-government news site and collected location and device owner details. SecurityAffairs – hacking, Belarusian government).
Collibra
SEPTEMBER 30, 2020
Data governance is important because it brings meaning to an organization’s data. Why is data governance important? Data governance is about managing data and processes so data can be used as a consistent, secure and organized asset that meets policies and standards.
Data Breach Today
SEPTEMBER 11, 2019
Pentagon and DOE Pitch Security Frameworks - But Should They Defer to NIST? The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls. But should they defer to the NIST Cybersecurity Framework instead
Information Management Resources
SEPTEMBER 17, 2019
government has made in using creative and innovative approaches to hiring individuals for cyber security roles. Cyber security Data security Cyber attacksA number of agencies recently commented on the progress the U.S.
WIRED Threat Level
JULY 24, 2020
Security Security / Cyberattacks and HacksA previously unreported Fancy Bear campaign persisted for well over a year—and indicates that the notorious group has broadened its focus.
Threatpost
APRIL 17, 2020
Web Security coronavirus Privacy Security US government work from home zoom zoom security Zoom-bombingA recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter.
Data Breach Today
FEBRUARY 13, 2020
federal and local government agencies left a massive production database exposed to the internet, potentially allowing attackers to rewrite content on websites or plant malware, according to a security researcher Researcher Says Exposed Granicus Database Could Have Made Websites Vulnerable One of the largest IT services providers for U.S.
Collibra
OCTOBER 22, 2020
Most data and IT leaders know that their organizations need data governance to stay afloat in the current market landscape. In order to implement data governance, your organization needs to see that there is value in embarking on the journey. 3 Building blocks of a governance use case.
erwin
NOVEMBER 6, 2019
erwin released its State of Data Governance Report in February 2018, just a few months before the General Data Protection Regulation (GDPR) took effect. This research showed that the majority of responding organizations weren’t actually prepared for GDPR, nor did they have the understanding, executive support and budget for data governance – although they recognized the importance of it. Download Free GDPR Guide | Step By Step Guide to Data Governance for GDPR?.
erwin
SEPTEMBER 19, 2019
Data governance isn’t a one-off project with a defined endpoint. Data governance, today, comes back to the ability to understand critical enterprise data within a business context, track its physical existence and lineage, and maximize its value while ensuring quality and security. Historically, little attention has focused on what can literally make or break any data governance initiative — turning it from a launchpad for competitive advantage to a recipe for disaster.
erwin
NOVEMBER 14, 2019
Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data governance refers to the strategic and ongoing efforts by an organization to ensure that data is discoverable and its quality is good. It is also used to make data more easily understood and secure.
OpenText Information Management
SEPTEMBER 28, 2020
In this blog, we will focus on the importance of Governance, Risk Management, and Compliance (GRC) programs within the NIST Privacy Framework. Having an organizational governance structure increases the effectiveness and efficiency in privacy program management.
55 
Let's personalize your content