Articles Tagged with ''risk management''

cyber remote work

CISA issues emergency directive and alert on Microsoft Exchange vulnerabilities

March 4, 2021
CISA has issued Emergency Directive (ED) 21-02 and Alert AA21-062A addressing critical vulnerabilities in Microsoft Exchange products. Successful exploitation of these vulnerabilities could allow an attacker to access on-premises Exchange servers, enabling them to gain persistent system access and control of an enterprise network. 
Read More
airplane

Malaysian Airlines is breached

March 3, 2021
Malaysia Airlines has confirmed it has suffered a "data security incident" via a third-party IT service provider. The company also said the breach had not affected its carrier's core IT infrastructure and systems. 
Read More
cyber freepik

DoS vulnerability discovered in Eclipse Jetty

March 3, 2021
Synopsys Cybersecurity Research Center (CyRC) researchers have discovered CVE-2020-27223, a denial of service vulnerability in Eclipse Jetty, a widely used open source web server and servlet container.
Read More
cyber hack

Researcher discovers and patches Linux kernel vulnerabilities

March 3, 2021
Positive Technologies security researcher Alexander Popov has discovered and fixed five similar issues in the virtual socket implementation of the Linux kernel. These vulnerabilities could be exploited for local privilege escalation, as confirmed by Popov in experiments on Fedora 33 Server. The vulnerabilities, known together as CVE-2021-26708, have received a CVSS v3 base score of 7.0 (high severity).
Read More
SEC0321-Leadership-Feat-slide1_900px
Leadership & Management

Humor in leadership? Funny you should ask

Sometimes it’s better to disarm than to arm. Put another way, humor can be both a powerful leadership and tactical tool for security.
Michael Gips
Michael Gips
March 3, 2021

Humor is tricky business in the security world, however. Briefing staff on warning signs of workplace violence, precursors of terrorist attacks, contingency plans for natural disasters, and methods of corporate espionage doesn’t exactly lend themselves to one-liners. Dealing with most security incidents isn’t a laughing matter.


Read More
SEC0321-Burnout-Feat-slide1_900px
Leadership and Your Security Career

Secure your mask before others: Preventing security burnout

Steven Antoine 3
Steven Antoine
March 3, 2021

Left attempting to optimize security teams while struggling to cope with multiple crises simultaneously, security leaders feel as if almost 75% of the workday is spent battling internal bureaucracy, while 25% is spent dedicated to the issues that require attention. But you’re not alone. To start, have some real conversations with your staff, and don’t forget to focus on yourself and your own well-being.


Read More
cloudnetwork

Securing the cloud in 2021: 3 steps to cloud-based identity

March 2, 2021

Now that we’ve learned this dependency on the cloud will continue to grow, there are new challenges that organizations have to solve in the year ahead – starting with making these cloud infrastructures more secure. To do this, organizations must reroute the security perimeter to focus on identity. While cloud-based identity can be a complicated concept for a number of reasons, there are a few simple steps organizations can take to evolve their identity access management (IAM) strategies. By moving beyond “effective permissions,” they should instead focus on threats and risks, following a cloud IAM lifecycle approach.


Read More
vaccine covid

CISA releases COVID-19 vaccine physical security guidance

March 2, 2021
CISA created the COVID-19 Vaccine Distribution Physical Security Measures guidance. This guidance provides a non-comprehensive list of physical security resources available to the public to help facility owners and operators enhance their physical security to protect workers and individuals.
Read More
Juan Rodriguez

Juan Rodriguez named Executive Vice President & Chief Information Security Officer at Comerica Incorporated

March 2, 2021

Comerica Incorporated announced that Juan Rodriguez has been named Executive Vice President, Chief Information Security Officer. Reporting to Executive Vice President and Chief Technology & Operations Services Officer Megan Crespi, Rodriguez oversees Comerica's enterprise-wide information security policy, strategy, architecture, operations and capability enhancements of the bank. 


Read More
cybersecurity

NSA issues guidance on Zero Trust Security Model

March 2, 2021

The National Security Agency (NSA) published a cybersecurity guidance, “Embracing a Zero Trust Security Model.” This guidance shows how deploying Zero Trust security principles can better position cybersecurity professionals to secure enterprise networks and sensitive data.


Read More

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!