Security Leadership and Management
Security Leadership and Management RSS Feed RSS

SEC1220-talk-Feat-slide1_900px
Security Talk

The 20-mile trail to zero

Maggie Shein
Maggie Shein
December 3, 2020

William Boelcke spent the years 1998 to 2000 with the U.S. Air Force. He’d spend the next 18-plus years battling mental health issues and substance abuse. Two years ago, in a treatment facility in Rockford, Ill., Boelcke was introduced to BraveHearts and its equine-assisted therapy program. The non-profit organization based in Illinois has been working with veterans, providing free equine-assisted therapy and a place of calm and acceptance, since 2007.


Read More
Cyber Incident Recovery

Turla Crutch attacks Ministry of Foreign Affairs in an EU country, misuses Dropbox in cyber-espionage

December 2, 2020
ESET researchers discovered a previously undocumented backdoor and document stealer used for cyber-espionage. ESET has been able to attribute the program, dubbed Crutch by its developers, to the infamous Turla APT group. It was in use from 2015 until at least early 2020. ESET has seen Crutch on the network of a Ministry of Foreign Affairs in a country of the European Union, suggesting that this malware family is only used against very specific targets. These tools were designed to exfiltrate sensitive documents and other files to Dropbox accounts controlled by Turla operators.
Read More
5 mins with

5 minutes with David Bodnick - Is the California Privacy Rights Act (CPRA) effective?

Maria Henriquez
December 2, 2020

On November 4, 2020, the YES on Prop 24 campaign announced the passage of the California Privacy Rights Act (CPRA), with a majority of Californians supporting the measure to strengthen consumer privacy rights. The new law aims to give Californians the strongest online privacy rights in the world. But, does the CPRA do enough to advance the data privacy of California consumers? Many security and privacy leaders argue that it does not. To find out more, we talk to David Bodnick, Chief Technology Officer and co-founder of Startpage, a private search engine. 


Read More
BEC email laptop

FBI warns of BEC scammers using email forwarding

Maria Henriquez
December 2, 2020
The U.S. Federal Bureau of Investigation (FBI) issued a Private Industry Notification alert, noting that cybercriminals are increasingly implementing auto-forwarding rules on victims' web-based email clients to conceal their activities. According to the FBI, cybercriminals then capitalize on this reduced visibility to increase the likelihood of a successful business email compromise (BEC).
Read More
online shopping

14% rise in suspected 2020 holiday weekend e-commerce fraud

December 2, 2020
TransUnion released new findings around online retail trends during the start of the 2020 global holiday shopping season. The research shows a 1% decrease in suspected online retail fraud worldwide during the start of the 2020 holiday shopping season compared to the same period in 2019, a 59% increase from the same period in 2018 and a 14% increase from all of 2020 so far. The findings are based on the same-store sales analysis of TransUnion’s e-commerce customers during the traditional start of the global holiday shopping season, Thanksgiving to Cyber Monday.
Read More
NSAcyber

NSA announces winner of 8th Annual Best Scientific Cybersecurity Research Paper Competition

December 1, 2020

The National Security Agency’s Research Directorate has announced it has selected “Spectre Attacks: Exploiting Speculative Execution” as the winner of its 8th Annual Best Cybersecurity Research Paper competition. Originally published at the 2019 IEEE Security & Privacy Symposium, the winning paper, in combination with Meltdown, another award-winning paper released earlier by the same researchers, launched a global effort to mitigate critical vulnerabilities in processors. 


Read More
SEC1220-Leadership-Feat-slide1_900px
Leadership & Management

AI and EI as allies

Michael Gips
Michael Gips
December 1, 2020

Both artificial intelligence (AI) and emotional intelligence (EI) have critical roles to play in security. But two recent reports accentuate the challenge of leadership that tethers technology to humanity.


Read More
data-enews

Analyzing the draft standard contractual clauses

Once finalized, US entities can use the new Standard Contractual Clauses to legally transfer data out of the EEA when combined with appropriate supplementary measures.
david stauss
David M. Stauss
December 1, 2020
As discussed in our prior post, on November 12, 2020, the European Commission published a draft implementing decision on standard contractual clauses (SCCs) for the transfer of personal data to third countries and draft standard contractual clauses. Once finalized, the SCCs will replace the existing SCCs for data transfers out of the EEA.
Read More
SEC1220-Career-Feat-slide1_900px
Career Intelligence

End of year security career reflections

Brennan-2016-200px.jpg
Jerry J. Brennan
December 1, 2020

The close of 2020 is fast approaching, and many security professionals have experienced a wide swing in career highs and lows during this challenging year. Many shifts were obviously pandemic-related. Organizations were either forced to consider business realignment or utilized the upheaval to move in a direction that may have been already under consideration. Regardless of the circumstance, the result was a reduction in opportunities in the security profession for some, and career advancement for others.


Read More

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.

SUBSCRIBE TODAY!