Security Leadership and Management
Security Leadership and Management RSS Feed RSS

data_security_-_blog_-768x423

EDPB issues guidance for cross-border data transfers in wake of Schrems II judgment

The EDPB’s FAQs resolve some open questions, such as whether there will be a grace period for companies relying on Privacy Shield, but raise other questions, such as what “supplementary measures” companies need to put in place to use Standard Contractual Clauses and Binding Corporate Rules.
david stauss
David M. Stauss
July 28, 2020
In the wake of the Court of Justice of the European Union’s Schrems II judgment, on July 23, 2020, the European Data Protection Board (EDPB) adopted a Frequently Asked Questions document to “provide initial clarification and give preliminary guidance to stakeholders on the use of legal instruments for the transfer of personal data to third countries, including the U.S.” The EDPB stated that the document will be updated, and further guidance provided, as it continues to examine and consider the judgment. The six-page FAQs provides the following guidance.
Read More
SEC0719-Privacy-Feat-slide1_900px

Implementing Zero Trust with FIM and SCM

chris hudson
Chris Hudson
July 27, 2020
Zero Trust model creator John Kindervag puts it like this: “The point of Zero Trust is not to make networks, clouds, or endpoints more trusted; it's to eliminate the concept of trust from digital systems altogether.” He came up with the model in 2010, at a time when many businesses were just beginning to put foundational cybersecurity controls in place and over-relied on the assumed security inside their enterprise-owned network boundaries.
Read More
Gaps in Cybersecurity Programs

The risky door that telecommuting can open to your network

Benny Lakunishok
Benny Lakunishok
July 24, 2020
With telecommuting here to stay, now is the perfect time to re-examine just how much network access you are giving your users and machines. You might be shocked to see how open your network really is. Most organizations allow more access than their users or machines will ever need or should ever have – this excessive trust is what allows attackers who get into the network to spread and cause a lot of damage.
Read More
Big data

Goodbye, honeypots – Hello, true deception technology

Wade Lance
Wade Lance
July 23, 2020
Honeypots were the first form of deception technology. IT security researchers started using them in the 1990s, with the intent to deceive malicious actors who had made it onto the network into interacting with a false system. In this way, honeypots could gather and assess the behavior of the malicious actors. They were not created for threat detection. However, things have changed a great deal in the years since honeypots were created – including deception technology.
Read More
enterprise responsive default

Survey explores path to closing skills gap for SOC effectiveness

July 22, 2020

CISOs who can reduce or close their critical skills gaps have the highest probability of minimizing the business impact of cyberattacks – even when budgets and staffing are constrained, says a new SANS Institute survey, "Closing the Critical Skills Gap for Modern and Effective Security Operations Centers (SOCs),


Read More

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!