Security Leadership and Management
Security Leadership and Management RSS Feed RSS

Encryption Future - Security Magazine

Best practices for protecting your data from ransomware

Jon Toor
Jon Toor
December 3, 2020

Ransomware penetrates an organization’s IT infrastructure through phishing emails or endpoint vulnerabilities and then encrypts files, holding data hostage until a fee is paid to decrypt them. The FBI has deemed ransomware the fastest growing malware threat, causing significant revenue loss, business downtime and reputational damage. It’s critical organizations protect their data by following the best practices.


Read More
Limiting Access Is the First Step to Securing Networks, cyber security news, NIST Cybersecurity Framework, access management

Mitigating DDoS attacks with network function virtualization

Itay Glick
Itay Glick
December 3, 2020
Distributed denial of service (DDoS) attacks are more than an inconvenience; they paralyze operations and cause significant direct and indirect costs to those affected. Over 23,000 DDoS attacks are recorded per day, leaving companies to deal with disrupted online services. Recently, New Zealand’s Stock Exchange (NZX) was hit by a large DDoS attack for four consecutive days which led to a stock market closure that barred many from trading.
Read More
energy critical infrastructure

Upcoming guidance from DHS S&T will improve critical infrastructure resilience

December 3, 2020

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) will be releasing a document that provides a roadmap to threat mitigation of Position, Navigation, and Timing (PNT) services, a national critical function powering many of the critical infrastructure sectors that enable modern society. The conformance framework was developed with input from industry stakeholders and will help critical infrastructure owners and operators make risk-informed decisions when deciding what PNT equipment to deploy. It provides distinct levels of resilience so end users can choose equipment that’s appropriate for their needs, based on criticality and risk tolerance.


Read More
Hacktivist

CISA warns APT groups targeting US think tanks

Maria Henriquez
December 3, 2020
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have observed persistent continued cyber intrusions by advanced persistent threat (APT) actors targeting U.S. think tanks. This malicious activity is often, but not exclusively, directed at individuals and organizations that focus on international affairs or national security policy. The following guidance may assist U.S. think tanks in developing network defense procedures to prevent or rapidly detect these attacks.
Read More
SEC1220-Access-Feat-slide1_900px

Managing access in higher education during COVID-19

Security professionals in higher education can implement a number of strategies to ensure safety and security without hindering the learning environment.
Maggie Shein
Maggie Shein
December 3, 2020

Security professionals in higher education can implement a number of strategies to ensure safety and security without hindering the learning environment.


Read More
SEC1220-talk-Feat-slide1_900px
Security Talk

The 20-mile trail to zero

Maggie Shein
Maggie Shein
December 3, 2020

William Boelcke spent the years 1998 to 2000 with the U.S. Air Force. He’d spend the next 18-plus years battling mental health issues and substance abuse. Two years ago, in a treatment facility in Rockford, Ill., Boelcke was introduced to BraveHearts and its equine-assisted therapy program. The non-profit organization based in Illinois has been working with veterans, providing free equine-assisted therapy and a place of calm and acceptance, since 2007.


Read More
Cyber Incident Recovery

Turla Crutch attacks Ministry of Foreign Affairs in an EU country, misuses Dropbox in cyber-espionage

December 2, 2020
ESET researchers discovered a previously undocumented backdoor and document stealer used for cyber-espionage. ESET has been able to attribute the program, dubbed Crutch by its developers, to the infamous Turla APT group. It was in use from 2015 until at least early 2020. ESET has seen Crutch on the network of a Ministry of Foreign Affairs in a country of the European Union, suggesting that this malware family is only used against very specific targets. These tools were designed to exfiltrate sensitive documents and other files to Dropbox accounts controlled by Turla operators.
Read More
5 mins with

5 minutes with David Bodnick - Is the California Privacy Rights Act (CPRA) effective?

Maria Henriquez
December 2, 2020

On November 4, 2020, the YES on Prop 24 campaign announced the passage of the California Privacy Rights Act (CPRA), with a majority of Californians supporting the measure to strengthen consumer privacy rights. The new law aims to give Californians the strongest online privacy rights in the world. But, does the CPRA do enough to advance the data privacy of California consumers? Many security and privacy leaders argue that it does not. To find out more, we talk to David Bodnick, Chief Technology Officer and co-founder of Startpage, a private search engine. 


Read More
BEC email laptop

FBI warns of BEC scammers using email forwarding

Maria Henriquez
December 2, 2020
The U.S. Federal Bureau of Investigation (FBI) issued a Private Industry Notification alert, noting that cybercriminals are increasingly implementing auto-forwarding rules on victims' web-based email clients to conceal their activities. According to the FBI, cybercriminals then capitalize on this reduced visibility to increase the likelihood of a successful business email compromise (BEC).
Read More

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!