US Government Sites Give Bad Security Advice

Krebs on Security

government Web sites now carry a message prominently at the top of their home pages meant to help visitors better distinguish between official U.S. government properties and phishing pages. government. Many U.S.

Why Didn't Government Detect SolarWinds Attack?

Data Breach Today

Senators Want to Know Why DHS' Einstein System Did Not Discover the Incident Two senators are pressing the Department of Homeland Security to explain why its Einstein system failed to detect the SolarWinds supply chain breach that affected agencies as well as corporations

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Enhancing Security Governance

Data Breach Today

Longtime CISO Vito Sardanopoli on Building an Effective Security Program A formal security program that spells out precise governance components is critical to protecting sensitive data, says Vito Sardanopoli, who served on the U.S. Department of Health and Human Services Healthcare Industry Cybersecurity Task Force

New Social Security Scam Spoofs Government Badges

Dark Reading

Criminals text or email photos of fake government identification badges to trick people into sending money

The Next-Generation Cloud Data Lake: An Open, No-Copy Data Architecture

A next-gen cloud data lake architecture has emerged that brings together the best attributes of the data warehouse and the data lake. This new open data architecture is built to maximize data access with minimal data movement and no data copies.

Enhancing the Security of Government Websites

Data Breach Today

Sites to Implement HTTP Strict Transport Security Protocol Federal agencies will add a layer of security to their websites that use the top-level domain.gov.

UK Government Proposes IoT Security Measures

Data Breach Today

government is taking the first steps toward creating new security requirements for manufacturers to strengthen password protections and improve how vulnerabilities are reported

IoT 150

The Evolution of Cloud Governance

Data Breach Today

Expanse CTO Matt Kraning on Meeting New Demands for Cloud Security The good news is: Organizations are embracing the cloud, and that's a boon to velocity and digital transformation. The bad news: Visibility and governance take a huge hit.

How Data Governance Protects Sensitive Data

erwin

Data Security Starts with Data Governance. Lack of a solid data governance foundation increases the risk of data-security incidents. And knowing the business purpose translates into actively governing personal data against potential privacy and security violations.

What Is Data Governance? (And Why Your Organization Needs It)

erwin

Organizations with a solid understanding of data governance (DG) are better equipped to keep pace with the speed of modern business. In this post, the erwin Experts address: What Is Data Governance? Why Is Data Governance Important? What Is Good Data Governance?

Data Governance Maturity and Tracking Progress

erwin

Data governance is best defined as the strategic, ongoing and collaborative processes involved in managing data’s access, availability, usability, quality and security in line with established internal policies and relevant data regulations. Data Governance Is Business Transformation.

Data Governance 2.0: The CIO’s Guide to Collaborative Data Governance

erwin

In the data-driven era, CIO’s need a solid understanding of data governance 2.0 … Data governance (DG) is no longer about just compliance or relegated to the confines of IT. Today, data governance needs to be a ubiquitous part of your organization’s culture.

CISA Warns of Emotet Attacks Against Government Agencies

Data Breach Today

Cybersecurity and Infrastructure Security Agency is warning about a recent spike in Emotet botnet attacks - designed to spread other malware - that are targeting state and local government agencies Botnet Called 'One of the Most Prevalent Ongoing Threats' The U.S.

Data Governance Makes Data Security Less Scary

erwin

The Regulatory Rationale for Integrating Data Management & Data Governance. Now, as Cybersecurity Awareness Month comes to a close – and ghosts and goblins roam the streets – we thought it a good time to resurrect some guidance on how data governance can make data security less scary. It’s easier to protect sensitive data when you know what it is, where it’s stored and how it needs to be governed. Happy Halloween! Do you know where your data is? What data you have?

Russian Hackers Revamp Malware, Target Governments: Report

Data Breach Today

Turla Group Targeted Agencies in Eastern Europe, ESET Researchers Say Turla, a sophisticated hacking group with suspected ties to the Russian government, recently used a revamped version of its malware to target government entities in Eastern Europe, according to new research from the security firm ESET.

Information Governance: Navigating the Global Digital Economy

Information Governance Perspectives

It is indeed an exciting time, but we are acutely (headline news) aware of the impacts of compromised data security and privacy, including the financial impact on brand and reputation, litigation, and the overall burden and distraction on the business. information governance #privacy.

Integrating Data Governance and Enterprise Architecture

erwin

Why should you integrate data governance (DG) and enterprise architecture (EA)? Data governance provides time-sensitive, current-state architecture information with a high level of quality. Automating Data Governance and Enterprise Architecture.

The What & Why of Data Governance

erwin

Modern data governance is a strategic, ongoing and collaborative practice that enables organizations to discover and track their data, understand what it means within a business context, and maximize its security, quality and value. The What: Data Governance Defined.

US Government Ban on Kaspersky Formalized

Data Breach Today

Final Rule Includes Ban on Government Contractors Using Russian Firm's Products A final rule published in the Federal Register Tuesday officially bans U.S. government agencies and their contractors from buying or supporting Kaspersky security products

The Value of Data Governance and How to Quantify It

erwin

erwin recently hosted the second in its six-part webinar series on the practice of data governance and how to proactively deal with its complexities. The business drivers and motivation should be the starting point for any data governance initiative. Govern PII “at rest”.

Government Shutdown: Impact on Health Data Security, Privacy

Data Breach Today

HIPAA Enforcement Agency Open, But Regulatory Activity Slows Down Some regulatory activity related to health data privacy and security is on hold as a result of the partial government shutdown. But the agency that enforces HIPAA remains open

Hackers Target Chinese Government Agencies Via VPNs: Report

Data Breach Today

Zero-Day Vulnerabilities in VPN Servers Exploited, Quihoo 360 Reports Hackers are targeting Chinese government agencies and their employees by taking advantage of zero-day vulnerabilities in VPN servers to plant backdoors and other malware, researchers at the Chinese security firm Qihoo 360 report

Kazakhstan Government Intercepting All Secured Internet Traffic

Adam Levin

The Kazakhstan government is intercepting all HTTPS-encrypted internet traffic within its borders. Under a new directive effective 7/17, the Kazakhstan government is requiring every internet service provider in the country to install a security certificate onto every internet-enabled device and browser. Once installed, this certificate allows the government to decrypt and analyze all incoming internet traffic. .

Government Shutdown Hampers Cybersecurity

Adam Levin

Government has impacted federal cybersecurity according to several reports. The roughly 800,000 federal workers currently on furlough include: 45% of staff from the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency , which is tasked with defending critical infrastructure from cyber and physical threats. The Department of Homeland Security’s 2019 Cybersecurity and Innovation Showcase, initially scheduled to begin January 8, was also cancelled.

Iranian Government Hacking Android

Schneier on Security

Services Provider to Government Left Database Exposed: Report

Data Breach Today

federal and local government agencies left a massive production database exposed to the internet, potentially allowing attackers to rewrite content on websites or plant malware, according to a security researcher

Zoom Bombing Attack Hits U.S. Government Meeting

Threatpost

Web Security coronavirus Privacy Security US government work from home zoom zoom security Zoom-bombingA recent U.S. House Oversight Committee meeting was the latest victim of Zoom bombing, according to an internal letter.

Data Governance for Smart Data Distancing

erwin

During this coronavirus emergency, we are all being deluged by data from politicians, government agencies, news outlets, social media and websites, including valid facts but also opinions and rumors. Data Governance Methods for Data Distancing. Hello from my home office!

Cybersecurity for Information Governance Professionals via Eleven Fifty Academy

IG Guru

Most companies ignore the importance of information governance in ensuring good cybersecurity. Advancing technology, such as cloud computing, increasing compliance mandates, and increasing amounts of data to be secured have made it essential to improve your cybersecurity strategies.

Doing Cloud Migration and Data Governance Right the First Time

erwin

And as you make this transition, you need to understand what data you have, know where it is located, and govern it along the way. By using automated and repeatable capabilities, you can quickly and safely migrate data to the cloud and govern it along the way.

Government Demands for Amazon User Data Exploded in 2020

WIRED Threat Level

Plus: Smartmatic lawsuits, a fake WhatsApp, and more of the week’s top security news. Security Security / Security News

Recent DNS Hijacking Campaigns Trigger Government Action

Data Breach Today

governments to issues warnings and policy updates to improve security US and UK Agencies Respond to Increasing Attacks A recent spate of attacks targeting domain name system protocols and registrars, including several incidents that researchers believe have ties to nation-state espionage, is prompting the U.S. and U.K.

Data Governance as an Emergency Service

erwin

Data governance (DG) as a an “emergency service” may be one critical lesson learned coming out of the COVID-19 crisis. Deploying a Data Governance Strategy. Deploying individual data governance elements does not constitute a strategy, much less a sustainable program.

Metadata Management, Data Governance and Automation

erwin

erwin released its State of Data Governance Report in February 2018, just a few months before the General Data Protection Regulation (GDPR) took effect. This research showed that the majority of responding organizations weren’t actually prepared for GDPR, nor did they have the understanding, executive support and budget for data governance – although they recognized the importance of it. Download Free GDPR Guide | Step By Step Guide to Data Governance for GDPR?.

Balancing Security, Customer Service

Data Breach Today

Experian's David Britton on Identity Governance and Security Organizations can enhance security while maintaining a good customer experience by leveraging data for authentication, says David Britton of Experian

Security Risks of Government Hacking

Schneier on Security

Some of us -- myself included -- have proposed lawful government hacking as an alternative to backdoors. A new report from the Center of Internet and Society looks at the security risks of allowing government hacking. From the report's conclusion: Government hacking is often lauded as a solution to the "going dark" problem. Backdoors, however, mean everybody is vulnerable and a security failure fails catastrophically.

Risk 64

Norwegian Government Blames Russia for Hacking Campaign

Adam Levin

The Norwegian government has blamed Russia for a hacking campaign that targeted the email accounts of parliament members. The Russian government has dismissed the allegations as baseless, citing a lack of evidence. “We

Welcoming the Icelandic Government to Have I Been Pwned

Troy Hunt

Hot on the heels of onboarding the USA government to Have I Been Pwned last month , I'm very happy to welcome another national government - Iceland! Have I Been Pwned Government

Nation-state actors target Australia, Government warns

Security Affairs

A state-based actor is launching cyber attacks against government, public services and businesses, Australia ‘s prime minister said. Australia ‘s prime minister Scott Morrison said that a “state-based actor” is targeting government, public services, and businesses.

US Government: Russia “Likely” Behind SolarWinds Breach

Adam Levin

The post US Government: Russia “Likely” Behind SolarWinds Breach appeared first on Adam Levin. Data Security Government Cybersecurity Data breach featured russia government FBI russian hacking solarwinds