Tim Wiseman, the University of Wyoming’s chief risk officer, has been elected to the University Risk Management and Insurance Association (URMIA) Board of Directors. Wiseman is one of two new board members selected for a three-year term.
Sumo Logic released findings from its fifth annual report. ”The Continuous Intelligence Report: The State of Modern Applications, DevSecOps and the Impact of COVID-19” provides an inside look into the state of the modern application technology stack, including changing trends in cloud and application adoption and usage by customers, and the impact of COVID-19 as an accelerant for digital transformation efforts.
Few cybersecurity components are as familiar as the next-generation firewall (NGFW) for enterprise protection. Despite this ubiquity, it is common for security teams to operate their NGFW in a suboptimal manner. The TAG Cyber team has observed, for example, that many enterprise teams operate their NGFW more like a traditional firewall. This can result in a reduction of traffic visibility, which in turn degrades prevention, detection, and response.
There is an opportunity here for IT teams to stabilize their work-from-home situations while also preparing for the future back in the office, or for many, supporting a hybrid model. Long term solutions are needed for organizational success. There are many steps that can be taken to ensure infrastructure is properly cared for and ready to be used when teams are able to return to the office.
Open-source intelligence (OSINT) is having a moment. Just a few years ago, presentations on OSINT began with a quote from one of a few different senior intelligence community officials who reportedly said that somewhere between 80-90% of valuable information comes from public sources. Many presentations today start similarly, but OSINT no longer needs the validation of government greats. Films like Searching and Don’t f**ck with Cats have introduced the discipline to a wider audience, organizations such as Trace Labs host popular OSINT competitions for the common good, and the investigators associated with the website Bellingcat are now media fixtures.
KnowBe4 announced it is partnering with the Center for Cyber Safety and Education to launch a Women in Cybersecurity Scholarship to offer $10,000 to be applied to tuition, fees, books and required electronics for the recipient.
Facebook has fixed a critical flaw in the Facebook Messenger for Android messaging app. Natalie Silvanovich of Google’s Project Zero reported the bug to the Facebook bug bounty program. The bug could have allowed a sophisticated attacker logged in on Messenger for Android to simultaneously initiate a call and send an unintended message type to someone logged in on Messenger for Android and another Messenger client (i.e. web browser).
During a time where hospitals are already strapped for resources, Mercy Iowa City hospital reported that an internal email compromise and phishing email incident led to the exposure of personal information of some 60,473 individuals.
In today's ever changing environment, no organization and enterprise is immune from violence. Whether it is a church, movie theater, mall, or healthcare setting the need to plan for an act of violence, including active shooter events, is of paramount importance. And while public safety situational awareness and vigilance is an absolute must in our modern world, much thought has been given to how to develop plans, procedures, training and technology to stop these acts of violence. Here, we talk to Tim Sulzer, Chief Technology Officer (CTO) of ZeroEyes, about how physical security technology has evolved over the years to help make a difference in situations involving an active shooter or to reduce workplace and gun violence in various settings.
Working at home poses many challenges. One smart solution for enterprises that continues to help maintain business continuity is Virtual Desktop Infrastructure (VDI). It enables IT organizations to deliver a corporate endpoint experience on relatively inexpensive hardware while maintaining strict IT standards that will provide benefits well into the future.