How To, Libraries and Risk - Information Management Today

Protect funding for public libraries at risk

CILIP

FEBRUARY 20, 2024

Protect funding for public libraries at risk In this election year it is more important than ever to bring libraries into the public and political spotlight as central government cuts council budgets across the country. The Libraries at Risk Monitor builds on the Know your Rights campaign, which has been running since 2023.

Libraries

Libraries Risk Government IT

Statement: Libraries Minister must protect local library services

CILIP

MARCH 6, 2024

CILIP has previously signalled deep concern over the lack of financial support to Local Authorities and the fact that the recently announced ‘Exceptional Financial Support’ (EFS) package will prompt a ‘fire sale’ of vital assets, including public libraries, in the 19 Councils concerned.

Libraries

Libraries Sales Risk Government

Future Libraries - invitation to tender

CILIP

APRIL 17, 2023

Future Libraries - invitation to tender CILIP is looking to commission a collaborative research and development project focused on re-imagining England’s public library sector for the future and funded by Arts Council England. This may involve organisations changing both their missions and their business models.

Libraries

Libraries Risk IT

Webinars

Peak Performance: Continuous Testing & Evaluation of LLM-Based Applications

MORE WEBINARS

The horizon scanning department for public libraries

CILIP

AUGUST 8, 2023

The horizon scanning department for public libraries THE appetite for horizon scanning among public librarians is huge – as we have recently seen at the CILIP Conference – but the number of public librarians paid to do it is minimal. For me the next progression would have been outside of the library world. “For

Libraries

Libraries Access Artificial Intelligence IT

How to Package and Price Embedded Analytics

How much value could you add? This framework explains how application enhancements can extend your product offerings. Just by embedding analytics, application owners can charge 24% more for their product. Brought to you by Logi Analytics.

Analytics

GhostTouch: how to remotely control touchscreens with EMI

Security Affairs

MAY 27, 2022

The researchers demonstrated how to inject two types of basic touch events, taps and swipes, into targeted locations of the touchscreen. “In places like a cafe, library, meeting room, or conference lobbies, people might place their smartphone face-down on the table2. The events allowed the researchers to control the devices (i.e.

Paper

Paper Libraries Authentication Passwords

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

eSecurity Planet

FEBRUARY 26, 2024

Table of Contents Toggle How Does Cross-Site Scripting Work? 3 Common Types of Cross-Site Scripting Attacks Top 5 Risks Associated with XSS Attacks How to Tell if You’re Vulnerable to XSS Attacks Can You Prevent Cross-Site Scripting? The threat actor could launch an attack using the URL fragments.

Risk

Risk Financial Services Security Libraries

How to write an ISO 27001-compliant risk assessment procedure

IT Governance

NOVEMBER 15, 2019

ISO 27001 says that you must document your information security risk assessment process. Key elements of the ISO 27001 risk assessment procedure. of the Standard states that organisations must “define and apply” a risk assessment process. Identify risks. Analyse risks. Evaluate risks. Clause 6.1.2

Risk

Risk Information Security Libraries Compliance

The long game: how to get a library into the limelight

CILIP

JANUARY 31, 2020

The long game: how to get a library into the limelight. The long game: how to get a library into the limelight. s library, says Arwen Caddy, RB?s s one of a number of big shifts ushered in by the library?s Proof of this is a complete rethinking of the library?s RECKITT Benckiser (RB) is the UK?s

Libraries

Libraries Metadata IT Archiving

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

New DNS Spoofing Threat Puts Millions of Devices at Risk

eSecurity Planet

MAY 3, 2022

Security researchers have uncovered a critical vulnerability that could lead to DNS spoofing attacks in two popular C standard libraries that provide functions for common DNS operations. Also read: How to Prevent DNS Attacks. The C Library DNS Vulnerability. How to Protect Against the DNS Threat.

Risk

Risk Libraries IoT Security

How to improve your risk assessment process

IT Governance

FEBRUARY 23, 2018

For many people, the prospect of conducting a risk assessment is daunting. After all that, they’ll probably realise how inconvenient spreadsheets are. The risk assessment software vsRisk provides a simple and fast way to identify relevant threats, and deliver repeatable, consistent assessments year after year.

Risk

Risk Libraries Access IT

A brief guide to cyber security risk assessments

IT Governance

JANUARY 12, 2021

Cyber security risk assessments are essential for organisations to protect themselves from malicious attacks and data breaches. But what exactly does a risk assessment do? How likely is it that these scenarios will occur? If you have the means to address a risk, there is no reason to continue considering it ‘acceptable’.

Risk

Risk Security Libraries Data breaches

Working Internationally for Libraries: How to write effective grant proposals

CILIP

NOVEMBER 15, 2019

Working Internationally for Libraries: How to write effective grant proposals. How did it all start? I had heard about the International Federation of Library Associations (IFLA) during my MSc, but I didn?t You can imagine how glad I was to have started that conversation. How to write an effective grant proposals?

Libraries

Libraries Mining Access IT

How to Remove Malware: Removal Steps for Windows & Mac

eSecurity Planet

OCTOBER 26, 2023

Also read: 19 Different Types of Malware Attacks: Examples & Defenses Best Antivirus Software Solutions How to Remove Malware on Windows (PC) Removing malware from a Windows PC requires a systematic approach to ensure the malicious software is eradicated. Being aware of potential risks empowers you to recognize and avoid them effectively.

Cleanup

Cleanup Privacy Access Cybersecurity

Terry Kendrick helps libraries achieve their marketing, communications and engagement goals

CILIP

JUNE 7, 2021

Now more than ever, libraries must find ways to engage with their communities in order to demonstrate the value they create and deliver. It takes each element of the strategic marketing domain and outlines both current marketing best practice and its detailed application in the library and information sector. Information Now Ltd ?

Libraries

Libraries Marketing Communications Education

How to Prevent Software Supply Chain Attacks

eSecurity Planet

JUNE 3, 2022

” Third, Shah said, when he was a developer, it was usually about 80 percent his code and 20 percent open source libraries – while today, it’s often the opposite. Increasing developers’ awareness of those concerns is a good start, he said, though each company has to determine its own risk tolerance.

Security

Security Libraries Risk Authentication

Libraries: don't mess with trust

CILIP

JANUARY 6, 2020

Libraries: don't mess with trust. Libraries: don't mess with trust. Jeni Tennison, CEO of the ODI discusses how libraries could fit into it without damaging themselves. Operational uses such as using data to support the day-to-day running of a library. a reputational risk that people get worried about.?

Libraries

Libraries Personal data GDPR Risk

How to best protect your organization against Log4j, a Java-based exploit

Jamf

DECEMBER 20, 2021

Log4j, a third-party security vulnerability affecting Java libraries that handle logging has recently been making the rounds, impacting an unknown number of products and services that utilize those libraries. This is making systems vulnerable to attacks by threat actors actively exploiting the affected systems in the wild.

Libraries

Libraries Risk Security IT

Public library content in an age of impact

CILIP

FEBRUARY 4, 2020

Public library content in an age of impact. Public library content in an age of impact. The range of activities, services and impacts a modern library service provides has grown significantly and undeniably in recent years. Very few public library services now have the luxury of dedicated, in-house cataloguers.

Libraries

Libraries Customer Experience Retail Risk

Feminist leadership, libraries and Covid-19

CILIP

MARCH 8, 2021

Feminist leadership, libraries and Covid-19. s Library which was established in 1991 and now has more than 20 paid staff ? Here she talks about how the Clore Leadership Fellowship programme helped her focus on her own professional development and assess what it means to be a leader. s Library were sown.? Adele said: ?I

Libraries

Libraries Communications IT Archiving

How to best protect your organization against Log4j, a Java-based exploit

Jamf

DECEMBER 20, 2021

Log4j, a third-party security vulnerability affecting Java libraries that handle logging has recently been making the rounds, impacting an unknown number of products and services that utilize those libraries. This is making systems vulnerable to attacks by threat actors actively exploiting the affected systems in the wild.

Libraries

Libraries Risk Security IT

What’s your data democratization strategy? How to successfully democratize data

Collibra

MAY 23, 2022

If you’re already sold on the importance of data democratization , you’re likely wondering how to get started with your data democratization strategy. How can you ensure that the right people can access the right data, at the right time? Security risks. How to successfully democratize data appeared first on Collibra.

Education

Education Access Data science Libraries

How to enable trustworthy AI with the right data fabric solution

IBM Big Data Hub

SEPTEMBER 20, 2022

Alongside the significant brand reputation risk, there’s also a growing set of data and AI regulations across the world and across industries — like the upcoming European Union AI Act — that companies must adhere to. Your model risk management team, IT operations team and line-of-business employees also need appropriate access.

Data science

Data science Metadata Government Access

Meet The Team Behind Mayhem: Come See Us At These Upcoming May 2023 Events

ForAllSecure

MAY 4, 2023

We participated in B Sides last month, hosted a webinar on “How to Increase Test Coverage With Mayhem for API”, and hosted a university hackathon at UC Santa Cruz. Use Open-Source Safely: How to Uncover and Address Vulnerabilities in Open-Source Libraries Open-source libraries can be a double-edged sword for software developers.

Libraries

Libraries Sales Risk Marketing

Shift happens: the future office/library in a connected world

CILIP

SEPTEMBER 21, 2021

Shift happens: the future office/library in a connected world. Governments have drawn boundaries with wildly differing interpretations of risk. s because productivity is doing what we know how to do today, co-ordinating and co-operating with our colleagues. and, yes, the library. s President?s Join CILIP?s

Libraries

Libraries Retail IT Digital transformation

How to accelerate time to value with predictive data quality and observability

Collibra

MAY 26, 2022

Is it reducing the regulatory risk or revenue loss? Data quality cleansing prep : All cleansing and standardization activities depend on your domain and the depth of your rule library. . You also need to set up monitoring and how best to handle the data when quality issues arise. Cut costs: Accelerate cloud data migrations.

Data migration

Data migration Compliance Customer Experience Libraries

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

eSecurity Planet

APRIL 15, 2024

To mitigate these risks, users must promptly apply vendor-provided software patches and updates, as well as exercise vigilance when using online services and apps. Check out our article on SaaS security checklist and learn how to create one. In addition to securing internal assets, you also need to ensure SaaS data is protected.

Libraries

Libraries Risk Cybersecurity Honeypots

Experts found critical RCE in Spotify’s Backstage

Security Affairs

NOVEMBER 15, 2022

The issue can be exploited by triggering a recently disclosed VM sandbox escape vulnerability (CVE-2022-36067 aka Sandbreak) in the vm2 third-party library. The researchers explained that the template engine utilizes the vm2 library to prevent the execution of untrusted code. ” reads the advisory published by Oxeye.

Libraries

Libraries Authentication Paper Risk

Meet The Team Behind Mayhem: Come See Us At These Upcoming June 2023 Events

ForAllSecure

JUNE 7, 2023

Let's talk about how to optimize these processes while maintaining our momentum. ‍ Join top DevSecOps experts as they discuss how DevSecOps brings development and cybersecurity teams together. Learn how to shift application security further left with less friction. Where : Virtual When : June 12 / 1 p.m ET Why Attend?‍

Libraries

Libraries Sales Cybersecurity Education

Common IT Security Vulnerabilities – and How to Defend Against Them

eSecurity Planet

JANUARY 8, 2021

Here are some of the most common IT security vulnerabilities and how to protect against them. Here are a few of the more common vulnerabilities – and how to defend against them. Solution : For server products and libraries, diligently stay up to date on the latest bug reports for your systems. Missing data encryption.

IT

IT Security Encryption Authentication

Hundreds of millions of Android users exposed to hack due to CVE-2020-8913

Security Affairs

DECEMBER 4, 2020

Hundreds of millions of Android users are potentially exposed to the risk of hack due to the use of Android Play Core Library versions vulnerable to CVE-2020-8913. The CVE-2020-8913 flaw is a local, arbitrary code execution vulnerability that resides exists in the SplitCompat.install endpoint in Android’s Play Core Library.

Libraries

Libraries e-Delivery Risk Authentication

Five open-source AI tools to know

IBM Big Data Hub

DECEMBER 15, 2023

Open-source AI projects and libraries, freely available on platforms like GitHub, fuel digital innovation in industries like healthcare, finance and education. Leveraging existing libraries and tools, small teams of developers can build valuable applications for diverse platforms like Microsoft Windows, Linux, iOS and Android.

Libraries

Libraries Artificial Intelligence Education Access

Do libraries have a role at the cutting edge of tech ethics?

CILIP

AUGUST 12, 2020

Do libraries have a role at the cutting edge of tech ethics? s understanding of the risks posed by digital technology, there is very little they can do with that understanding. ?People Now organisations like libraries might feel responsible for helping people cope with what happens when they get online.

Libraries

Libraries Government IT Risk

Archival Document Storage Explained: Essential Guide to Preserving Your History

Armstrong Archives

APRIL 23, 2024

Understanding those specific risks and addressing them properly is the key to effective archival storage. History is filled with examples like Egypt’s Library of Alexandria, Alexander the Great’s massive collection that was ultimately lost. which holds the Magna Carta.

Archiving

Archiving Paper Libraries Risk

World Digital Preservation Day guest blog: managing the “digital deluge” at the National Library of Australia

Preservica

NOVEMBER 7, 2019

Terence: Since our partnership began more than seven years ago, Preservica has played an ever-increasing role in helping the library improve digital preservation of collections to ensure their future accessibility. Beginning in 2008, the Library developed an in-house solution for processing content from physical carriers.

Digital preservation

Digital preservation Libraries Archiving Government

[Podcast] A “Carnegie” Approach to Change Management

AIIM

MARCH 5, 2020

In 1936, Dale Carnegie's " How to Win Friends and Influence People " first published. Advice On Influence: The only way on earth to influence other people is to talk about what they want and show them how to get it. First, we hear from Dr. Michelle Rozen about her keynote, How to Hit the Change Button – Leaning Forward Through Change.

Libraries

Libraries Compliance Cloud Risk

[Podcast] The AIIM Conference – Then and Now

AIIM

FEBRUARY 25, 2020

First, we hear from Tod Chernikoff, Information System Development Analyst at Navy Federal Credit Union, about his upcoming session at AIIM20 on How to Align Systems Development with Your Organization's RIM Practices. Click here to access our full library of episodes. Want more episodes like this?

Records Management

Records Management Insurance Libraries Education

Want To Prevent Another SolarWinds? Start With Developers

The Security Ledger

MAY 13, 2021

An all-star roundtable of security experts tackles the question of how to prevent another SolarWinds. Related Stories Researchers Test UN’s Cybersecurity, Find Data on 100k Dispute Over Data Leak Highlights Legal Risks for UK Researchers Critical Flaws Found In Widely Used Netmask Open Source Library.

Libraries

Libraries Cybersecurity Risk Security

What Is the CIA Triad and Why Is It Important?

IT Governance

FEBRUARY 14, 2023

One thing that these frameworks have in common is the emphasis they place on risk assessments. ISO 27001 and the GDPR in particular mandate that organisations analyse their operations to measures the risks, threats and vulnerabilities in their systems that could compromise sensitive information.

IT

IT Risk GDPR Information Security

API Security 101 for Developers: How to Easily Secure Your APIs

ForAllSecure

MARCH 29, 2023

In the following sections, we will discuss: API Basics Common API Security Vulnerabilities Best Practices for API Security How to do API Security Automatically By the end of this blog post, you will have a good understanding of API security and the steps you can take to easily secure your APIs. API Basics: What Is an API and How Do APIs Work?

Security

Security Authentication Passwords Encryption

RSAC insights: Software tampering escalates as bad actors take advantage of ‘dependency confusion’

The Last Watchdog

JUNE 3, 2022

Log4J, aka Log4Shell, refers to a gaping vulnerability that exists in an open-source logging library that’s deeply embedded within servers and applications all across the public Internet. In today’s environment, organizations need to figure out how to secure their external edge, that’s for certain. Obfuscated tampering.

Systems administration

Systems administration Libraries Risk Authentication

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

The Last Watchdog

MARCH 29, 2022

Log4j, for instance, is a ubiquitous logging library. How a given open-source library works in a specific app can be a mystery because arbitrary parties contributed pieces of coding that may or may not have been documented,” he says. They’re now the norm and security teams must assess and manage the risk of these stacks.”.

Security

Security Cloud Digital transformation Cybersecurity

Gartner Security & Risk Management Summit 2018 Trip Report

Thales Cloud Protection & Licensing

JUNE 19, 2018

called Gartner Security & Risk Management Summit. This event is focused on the needs of senior IT and security professionals, such as CISOs, chief risk officers, architects, IAM and network security leaders. They looked at “risk” through analogies, and spoke about what can be controlled and what can’t.

Risk

Risk Security Digital transformation Blockchain

Protect funding for public libraries at risk

Statement: Libraries Minister must protect local library services

Webinars

Trending Sources

Future Libraries - invitation to tender

Webinars

The horizon scanning department for public libraries

How to Package and Price Embedded Analytics

GhostTouch: how to remotely control touchscreens with EMI

What Is Cross-Site Scripting (XSS)? Types, Risks & Prevention

How to write an ISO 27001-compliant risk assessment procedure

The long game: how to get a library into the limelight

5 Early Indicators Your Embedded Analytics Will Fail

New DNS Spoofing Threat Puts Millions of Devices at Risk

How to improve your risk assessment process

A brief guide to cyber security risk assessments

Working Internationally for Libraries: How to write effective grant proposals

How to Remove Malware: Removal Steps for Windows & Mac

Terry Kendrick helps libraries achieve their marketing, communications and engagement goals

How to Prevent Software Supply Chain Attacks

Libraries: don't mess with trust

How to best protect your organization against Log4j, a Java-based exploit

Public library content in an age of impact

Feminist leadership, libraries and Covid-19

How to best protect your organization against Log4j, a Java-based exploit

What’s your data democratization strategy? How to successfully democratize data

How to enable trustworthy AI with the right data fabric solution

Meet The Team Behind Mayhem: Come See Us At These Upcoming May 2023 Events

Shift happens: the future office/library in a connected world

How to accelerate time to value with predictive data quality and observability

Vulnerability Recap 4/15/24 – Palo Alto, Microsoft, Ivanti Exploits

Experts found critical RCE in Spotify’s Backstage

Meet The Team Behind Mayhem: Come See Us At These Upcoming June 2023 Events

Common IT Security Vulnerabilities – and How to Defend Against Them

Hundreds of millions of Android users exposed to hack due to CVE-2020-8913

Five open-source AI tools to know

Do libraries have a role at the cutting edge of tech ethics?

Archival Document Storage Explained: Essential Guide to Preserving Your History

World Digital Preservation Day guest blog: managing the “digital deluge” at the National Library of Australia

[Podcast] A “Carnegie” Approach to Change Management

[Podcast] The AIIM Conference – Then and Now

Want To Prevent Another SolarWinds? Start With Developers

What Is the CIA Triad and Why Is It Important?

API Security 101 for Developers: How to Easily Secure Your APIs

RSAC insights: Software tampering escalates as bad actors take advantage of ‘dependency confusion’

MY TAKE: Log4j’s big lesson – legacy tools, new tech are both needed to secure modern networks

Gartner Security & Risk Management Summit 2018 Trip Report

Stay Connected