Enhancing Security Governance

Data Breach Today

Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S.

UK Government Proposes IoT Security Measures

Data Breach Today

government is taking the first steps toward creating new security requirements for manufacturers to strengthen password protections and improve how vulnerabilities are reported

IoT 153

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Data Governance Makes Data Security Less Scary

erwin

The Regulatory Rationale for Integrating Data Management & Data Governance. Now, as Cybersecurity Awareness Month comes to a close – and ghosts and goblins roam the streets – we thought it a good time to resurrect some guidance on how data governance can make data security less scary.

US Government Ban on Kaspersky Formalized

Data Breach Today

Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products

Data Governance 2.0: The CIO’s Guide to Collaborative Data Governance

erwin

In the data-driven era, CIO’s need a solid understanding of data governance 2.0 … Data governance (DG) is no longer about just compliance or relegated to the confines of IT. Today, data governance needs to be a ubiquitous part of your organization’s culture.

Services Provider to Government Left Database Exposed: Report

Data Breach Today

federal and local government agencies left a massive production database exposed to the internet, potentially allowing attackers to rewrite content on websites or plant malware, according to a security researcher

Kazakhstan Government Intercepting All Secured Internet Traffic

Adam Levin

The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders. Once installed, this certificate allows the government to decrypt and analyze all incoming internet traffic. . Data Security Government Cybersecurity Technology featured kazakhstan https

Metadata Management, Data Governance and Automation

erwin

erwin released its State of Data Governance Report in February 2018, just a few months before the General Data Protection Regulation (GDPR) took effect. Download Free GDPR Guide | Step By Step Guide to Data Governance for GDPR?. Can the 80/20 Rule Be Reversed?

Recent DNS Hijacking Campaigns Trigger Government Action

Data Breach Today

governments to issues warnings and policy updates to improve security

Data Governance Tools: What Are They? Are They Optional?

erwin

Data governance tools used to occupy a niche in an organization’s tech stack, but those days are gone. The rise of data-driven business and the complexities that come with it ushered in a soft mandate for data governance and data governance tools. Data Governance 1.0

Analysis: Government Policies on Huawei's 5G Role

Data Breach Today

The latest edition of the ISMG Security Report discusses the ramifications of the U.K's Plus: Updates on Wawa's stolen card offered for sale and nascent security threats from social networks and drones

Government Shutdown Hampers Cybersecurity

Adam Levin

Government has impacted federal cybersecurity according to several reports. 85% of the National Institute of Standards and Technology , which produces the Cybersecurity Framework of private and public sector security standards. The ongoing shutdown of the U.S.

Government Agencies Field More Cybersecurity Maturity Models

Data Breach Today

Pentagon and DOE Pitch Security Frameworks - But Should They Defer to NIST? The Pentagon and the Department of Energy are pitching new or revised cybersecurity capability maturity models to help their sectors prioritize cybersecurity investments and refine processes and controls.

The Changing Face of Data Security in Federal Government

Thales eSecurity

The post The Changing Face of Data Security in Federal Government appeared first on Data Security Blog | Thales eSecurity. Data security

U.S. government innovates cyber security job fulfillment

Information Management Resources

government has made in using creative and innovative approaches to hiring individuals for cyber security roles. Cyber security Data security Cyber attacksA number of agencies recently commented on the progress the U.S.

Business Process Can Make or Break Data Governance

erwin

Data governance isn’t a one-off project with a defined endpoint. Data governance, today, comes back to the ability to understand critical enterprise data within a business context, track its physical existence and lineage, and maximize its value while ensuring quality and security.

Security Risks of Government Hacking

Schneier on Security

Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking.

Risk 85

Texas Government Agencies Hit by Ransomware

Adam Levin

The local governments and agencies from twenty-three Texas towns were hit by a coordinated ransomware campaign last week. . local governments have increasingly been targeted by ransomware campaigns, including Baltimore, Atlanta and several Florida cities.

Top 10 Data Governance Trends for 2020: Data’s Real Value Comes Into Focus

erwin

Understanding the data governance trends for the year ahead will give business leaders and data professionals a competitive edge … Happy New Year! Regulatory compliance and data breaches have driven the data governance narrative during the past few years.

Welcoming the Norwegian Government to HIBP

Troy Hunt

Over the last couple of years, I've been increasingly providing governments with better access to their departments' data exposed in breaches by giving them free and unfettered API access to their domains.

French Government App Shows Difficulties with Secure Communications

Adam Levin

A messaging app released by the French government to secure internal communications has gotten off to a troubled start. Tchap was released in beta earlier this month as a secure messaging app exclusively for government officials.

Government Perspective on Supply Chain Security

Schneier on Security

This is an interesting interview with a former NSA employee about supply chain security. I consider this to be an insurmountable problem right now. cybersecurity infrastructure internetofthings nationalsecuritypolicy nsa

The Russian Government blocked ProtonMail and ProtonVPN

Security Affairs

The p opular ProtonMail end-to-end encrypted email service and ProtonVPN VPN service have been blocked by the Russian government this week. This week the Russian government has blocked the ProtonMail end-to-end encrypted email service and ProtonVPN VPN service.

Welcoming the Danish Government to Have I Been Pwned

Troy Hunt

In a continued bid to make breach data available to the government departments around the world tasked with protecting their citizens, I'm very happy to welcome the first country onto Have I Been Pwned for 2020 - Denmark! Have I Been Pwned Government

This Government-Subsidized Phone Comes With Malware

WIRED Threat Level

Security Security / Security News BusinessThe Android devices are a part of the FCC's Lifeline Assistance Program, which makes free or subsidized phones available to millions of low-income users.

UK government cracks down on cyber security

IT Governance

To improve cyber risk governance among public-sector departments and their suppliers, the UK government has issued a series of minimum cyber security standards that will be incorporated into the Government Functional Standard for Security.

Using Strategic Data Governance to Manage GDPR/CCPA Complexity

erwin

In light of recent, high-profile data breaches, it’s past-time we re-examined strategic data governance and its role in managing regulatory requirements. Govern PII “at rest”. Govern PII “in motion”. Strengthen data security.

GDPR 111

Data Governance Framework: Three Steps to Successful & Sustainable Implementation

erwin

A strong data governance framework is central to the success of any data-driven organization because it ensures this valuable asset is properly maintained, protected and maximized. When implementing or maturing a data governance framework, an accurate assessment of the ‘here and now’ is key.

Insights from information governance practitioners

OpenText Information Management

Information governance is often presented as a broad set of challenges; automating the process requires that practitioners move from a solid IT foundation for compliance and risk management to capture, security compliance, and reporting solutions.

Large-Scale Government Hacks Hit Russia, Bulgaria

Threatpost

Breach Government Hacks Privacy Bulgaria Cyberattacks FSB russian security agency secret projects tax informationThe Bulgarian attack impacted almost all tax information for the entire country.

Government Websites Deliver Cryptocurrency Mining Code

Data Breach Today

Security of Code Pushed by Content Delivery Networks Remains Ongoing Concern More than 4,200 websites, some belonging to the U.S., and Australian governments, have been turning their visitors' computers into mining machines to harvest the virtual currency Monero.

Mining 173

How Iran's Government Shut Off the Internet

WIRED Threat Level

Security Security / Security NewsAfter years of centralizing internet control, Iran pulled the plug on connectivity for nearly all of its citizens.

Government Agency Partners on New Tool for Election Security

Dark Reading

The Cybersecurity and Infrastructure Security Agency has partnered with VotingWorks on an open source tool to aid election result audits

Hacker broke into super secure French Government’s Messaging App Tchap hours after release

Security Affairs

A white hat hacker discovered how to break Tchap, a new secure messaging app launched by the French government for officials and politicians. It aims at replacing popular instant messaging services like Telegram and WhatsApp for government people.

ObliqueRAT, a new malware employed in attacks on government targets in Southeast Asia

Security Affairs

Experts from Cisco Talos discovered a new malware, tracked as ObliqueRAT, that appears a custom malware developed by a threat actor focused on government and diplomatic targets. . “CrimsonRAT has been known to target diplomatic and government organizations in Southeast Asia.”

Iran – Government blocks Internet access in response to the protests

Security Affairs

Iran – After the announcement of the government to cut fuel subsidies, protests erupted in the country and the authorities blocked Internet access. Initially, mobile networks stopped working in large areas of the country, the government blocked any access to the Internet.

Access 101

How the U.S. Govt. Shutdown Harms Security

Krebs on Security

federal government shutdown is having a tangible, negative impact on cybercrime investigations, according to interviews with federal law enforcement investigators and a report issued this week by a group representing the interests of FBI agents. The ongoing partial U.S.