Security Leadership and Management

RSS

Data Center Security is far more just implementing Access Control Lists (ACL) on a router and firewalls. Physical colocation requires a minimum of “five rings of security.” These five security features are a must for all colocation providers and cover public spaces from the perimeter all the way to the individual server housings.

The Department of Commerce announced prohibitions on transactions relating to mobile applications (apps) WeChat and TikTok to safeguard the national security of the United States.

The Department of Homeland Security has awarded $10 million to 29 select projects to support the development of a nationwide Terrorism and Targeted Violence Prevention (TVTP) Framework. These awards were made through a competitive process under the Fiscal Year 2020 Targeted Violence and Terrorism Prevention Grant Program.

New York Attorney General Letitia James announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts. 

The fallout from the Schrems II judgment continued with an announcement from Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) that the Swiss-US Privacy Shield regime “does not provide an adequate level of protection for data transfer from Switzerland to the US pursuant to [Switzerland’s] Federal Act on Data Protection (FADP).”

To meet modern day challenges and address the evolving retail bank landscape, Origin Bank embraces innovative technology and solutions that boost efficiencies, reduce fraud and enhance service. The organization considers the protection of its clients’ assets to be paramount and strives to deliver a safe banking experience.

Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura's security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous. 

Siemens USA announced the launch of its technologically advanced cyber test range housed at its U.S. R&D headquarters in Princeton, New Jersey. The COVID-19 pandemic and the related increase in cyberattacks has highlighted the need for facilities such as this to focus on prevention, detection, and response solutions.

Synopsys, Inc. published BSIMM11, the latest version of the Building Security In Maturity Model (BSIMM), created to help organizations plan, execute, measure, and improve their software security initiatives (SSIs). BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, health care, Internet of Things, insurance, and retail.