Enhancing Security Governance

Data Breach Today

Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S. Department of Health and Human Services Healthcare Industry Cybersecurity Task Force

US Government Sites Give Bad Security Advice

Krebs on Security

government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. Unfortunately, part of that message is misleading and may help perpetuate a popular misunderstanding about Web site security and trust that phishers have been exploiting for years now. government. Many U.S.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

What Is Data Governance? (And Why Your Organization Needs It)

erwin

Organizations with a solid understanding of data governance (DG) are better equipped to keep pace with the speed of modern business. In this post, the erwin Experts address: What Is Data Governance? Why Is Data Governance Important? What Is Good Data Governance?

Enhancing the Security of Government Websites

Data Breach Today

Sites to Implement HTTP Strict Transport Security Protocol Federal agencies will add a layer of security to their websites that use the top-level domain.gov. All the sites eventually will use the HSTS protocol, which ensures that a users' connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking

Mergers & Acquisitions: How to Handle Your Data feat. Oracle & Onna

Speaker: Lisa Ripley: Director of eDiscovery & Information Governance, Legal Operations at Oracle & Scott McVeigh: Senior Solutions Consultant, Onna

From multiple toolsets to governance processes, to differing retention policies, when two organizations join together handling all this data gets complicated. Lisa Ripley Director of eDiscovery & Information Governance, Legal Operations.

CISA Warns of Emotet Attacks Against Government Agencies

Data Breach Today

Cybersecurity and Infrastructure Security Agency is warning about a recent spike in Emotet botnet attacks - designed to spread other malware - that are targeting state and local government agencies Botnet Called 'One of the Most Prevalent Ongoing Threats' The U.S.

The Evolution of Cloud Governance

Data Breach Today

Expanse CTO Matt Kraning on Meeting New Demands for Cloud Security The good news is: Organizations are embracing the cloud, and that's a boon to velocity and digital transformation. The bad news: Visibility and governance take a huge hit. Matt Kraning, CTO and co-founder of Expanse, discusses this challenge and how to improve cloud governance

US Government Ban on Kaspersky Formalized

Data Breach Today

Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products

Integrating Data Governance and Enterprise Architecture

erwin

Why should you integrate data governance (DG) and enterprise architecture (EA)? Data governance provides time-sensitive, current-state architecture information with a high level of quality. Automating Data Governance and Enterprise Architecture.

Data Governance Makes Data Security Less Scary

erwin

The Regulatory Rationale for Integrating Data Management & Data Governance. Now, as Cybersecurity Awareness Month comes to a close – and ghosts and goblins roam the streets – we thought it a good time to resurrect some guidance on how data governance can make data security less scary. It’s easier to protect sensitive data when you know what it is, where it’s stored and how it needs to be governed. Happy Halloween! Do you know where your data is? What data you have?

US Government: Russia “Likely” Behind SolarWinds Breach

Adam Levin

The post US Government: Russia “Likely” Behind SolarWinds Breach appeared first on Adam Levin. Data Security Government Cybersecurity Data breach featured russia government FBI russian hacking solarwinds

Book Review: Non-Invasive Data Governance: The Path of Least Resistance and Greatest Success

IG Guru

The post Book Review: Non-Invasive Data Governance: The Path of Least Resistance and Greatest Success appeared first on IG GURU. January 10, 2021 by Patricia C. Franks It’s (finally) 2021—do you know where your data is?

Cybersecurity for Information Governance Professionals via Eleven Fifty Academy

IG Guru

Most companies ignore the importance of information governance in ensuring good cybersecurity. Advancing technology, such as cloud computing, increasing compliance mandates, and increasing amounts of data to be secured have made it essential to improve your cybersecurity strategies.

Russian Hackers Revamp Malware, Target Governments: Report

Data Breach Today

Turla Group Targeted Agencies in Eastern Europe, ESET Researchers Say Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET

Government Shutdown: Impact on Health Data Security, Privacy

Data Breach Today

HIPAA Enforcement Agency Open, But Regulatory Activity Slows Down Some regulatory activity related to health data privacy and security is on hold as a result of the partial government shutdown. But the agency that enforces HIPAA remains open

Data Governance 2.0: The CIO’s Guide to Collaborative Data Governance

erwin

In the data-driven era, CIO’s need a solid understanding of data governance 2.0 … Data governance (DG) is no longer about just compliance or relegated to the confines of IT. Today, data governance needs to be a ubiquitous part of your organization’s culture. As the CIO, your stakeholders include both IT and business users in collaborative relationships, which means data governance is not only your business, it’s everyone’s business. Data Security.

Kazakhstan Government Intercepting All Secured Internet Traffic

Adam Levin

The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders. Under a new directive effective 7/17, the Kazakhstan government is requiring every internet service provider in the country to install a security certificate onto every internet-enabled device and browser. Once installed, this certificate allows the government to decrypt and analyze all incoming internet traffic. .

Creating a data governance framework

Collibra

Creating a data governance framework is crucial to becoming a data-driven enterprise because data governance brings meaning to an organization’s data. However, many organizations struggle to build a data governance program because the practice can seem amorphous.

What is adaptive data governance?

Collibra

Data governance is a linchpin for data programs; it is the practice of managing and organizing data and processes to enable collaboration and compliant access to data. But what is this term, “adaptive data governance,” that has gained more traction in recent years?

Government Shutdown Hampers Cybersecurity

Adam Levin

Government has impacted federal cybersecurity according to several reports. The roughly 800,000 federal workers currently on furlough include: 45% of staff from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency , which is tasked with defending critical infrastructure from cyber and physical threats. The Department of Homeland Security’s 2019 Cybersecurity and Innovation Showcase, initially scheduled to begin January 8, was also cancelled.

Iranian Government Hacking Android

Schneier on Security

Balancing Security, Customer Service

Data Breach Today

Experian's David Britton on Identity Governance and Security Organizations can enhance security while maintaining a good customer experience by leveraging data for authentication, says David Britton of Experian

Norwegian Government Blames Russia for Hacking Campaign

Adam Levin

The Norwegian government has blamed Russia for a hacking campaign that targeted the email accounts of parliament members. The Russian government has dismissed the allegations as baseless, citing a lack of evidence. “We

Recent DNS Hijacking Campaigns Trigger Government Action

Data Breach Today

governments to issues warnings and policy updates to improve security US and UK Agencies Respond to Increasing Attacks A recent spate of attacks targeting domain name system protocols and registrars, including several incidents that researchers believe have ties to nation-state espionage, is prompting the U.S. and U.K.

The British government aims at improving its offensive cyber capability

Security Affairs

The news is not surprising for people working in the cyber security sector, the British military claims to have had an offensive cyber capability for a decade. The post The British government aims at improving its offensive cyber capability appeared first on Security Affairs.

Hackers Target Chinese Government Agencies Via VPNs: Report

Data Breach Today

Zero-Day Vulnerabilities in VPN Servers Exploited, Quihoo 360 Reports Hackers are targeting Chinese government agencies and their employees by taking advantage of zero-day vulnerabilities in VPN servers to plant backdoors and other malware, researchers at the Chinese security firm Qihoo 360 report

Data governance program: Starting successfully

Collibra

But what about right-sizing your data governance program? Can you implement a lean data governance program in such a complex regulatory environment? Is it possible to reduce the complexity of your governance program without incurring undue risk? Updated September 2, 2020 .

Doing Cloud Migration and Data Governance Right the First Time

erwin

And as you make this transition, you need to understand what data you have, know where it is located, and govern it along the way. By using automated and repeatable capabilities, you can quickly and safely migrate data to the cloud and govern it along the way.

Security Risks of Government Hacking

Schneier on Security

Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. From the report's conclusion: Government hacking is often lauded as a solution to the "going dark" problem. Backdoors, however, mean everybody is vulnerable and a security failure fails catastrophically.

Risk 63

The Changing Face of Data Security in Federal Government

Thales eSecurity

I recently had the pleasure of sharing some industry insights from our 2019 Data Threat Report-Federal Edition on Cyberwire’s Daily Podcast –specifically addressing the gap in security responsibility many federal agencies face today as they move tremendous amounts of sensitive data into multicloud environments. The post The Changing Face of Data Security in Federal Government appeared first on Data Security Blog | Thales eSecurity. Data security

U.S. government innovates cyber security job fulfillment

Information Management Resources

government has made in using creative and innovative approaches to hiring individuals for cyber security roles. Cyber security Data security Cyber attacksA number of agencies recently commented on the progress the U.S.

CISA Warns Government Agencies of Increasing Emotet Attacks

Adam Levin

The United States Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert warning of an increase in Emotet malware-based phishing attacks on state and local agencies. Since then, government agencies in the U.S.,

Government Agencies Field More Cybersecurity Maturity Models

Data Breach Today

Pentagon and DOE Pitch Security Frameworks - But Should They Defer to NIST? The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls. But should they defer to the NIST Cybersecurity Framework instead

How to implement data governance

Collibra

So your team has identified implementing data governance as a priority for the year. But what happens once you purchase a data governance platform? This article is meant to outline the vital steps for implementing data governance. Why a data governance roadmap is vital.

Compare information governance vs. records management via Tech Target

IG Guru

The post Compare information governance vs. records management via Tech Target appeared first on IG GURU. Check out the article here.

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. Threat actors fraudulently acquired login credentials of 9,041 GCKey account holders and used them to try and access government services.

Zoom Bombing Attack Hits U.S. Government Meeting

Threatpost

Web Security coronavirus Privacy Security US government work from home zoom zoom security Zoom-bombingA recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter.

French Government App Shows Difficulties with Secure Communications

Adam Levin

A messaging app released by the French government to secure internal communications has gotten off to a troubled start. Tchap was released in beta earlier this month as a secure messaging app exclusively for government officials. Its development and release was made to address security concerns and data vulnerabilities in more widely used apps including WhatsApp and Telegram (a favorite of French Prime Minister Emmanuel Macron).

Services Provider to Government Left Database Exposed: Report

Data Breach Today

federal and local government agencies left a massive production database exposed to the internet, potentially allowing attackers to rewrite content on websites or plant malware, according to a security researcher Researcher Says Exposed Granicus Database Could Have Made Websites Vulnerable One of the largest IT services providers for U.S.

Master Data Governance: Comprehensive Guide

Reltio

That’s called master data governance. . What is master data governance? Master data governance creates a system of rules and the policies and procedures enforcing them to ensure data quality and consistency. . Why is master data governance important? .