Technologies & Solutions - Articles - Page 131

Revised NIST Cyber Security Framework - Security Magazine

How to lead an economical and efficient infosec program

August 7, 2020

Today's challenging reality presents an opportunity for CISO’s to reevaluate the economics and efficiencies of their current infosec program. To do so, CISO’s must narrow their focus on maximizing their return on investments and shift to a risk-based prioritization strategy. No matter the situation, CISO’s are always expected to meet goals and drive results. Even though security professionals cannot reduce risk to zero, they can reduce risk significantly by first eliminating the most impactful risks facing their organization. Below, I discuss the four critical steps of leading an economical and efficient information security program while following a risk-based approach.

Outsourcing Data: Don't Take a Fairytale Approach

The good, the bad and the ugly: Standard contractual clauses after Schrems II

Mike Slipsky

Saad Gul

August 7, 2020

Countless businesses export data from the European Union to the United States. Does your human resources office have information on European employees? The sales department information on European clients? That is personal data. The question is if data exports can continue in the wake of the Court of Justice of the European Union’s (CJEU) ruling in the “Schrems II” case.

Authentication vs. authorization | Why we need authorization standards and what it means for enterprise cybersecurity

I witnessed the transition from bespoke authentication to standards-based authentication. It’s time to do the same for authorization.

Bill Mann

August 6, 2020

Twenty years ago, almost everything in the IT world was on-premises: hardware and software, including the tools you used to verify who your users were and what they could do in your systems. In today’s cloud-native world, almost nothing is on-prem, and because of the explosion of apps, remote users and devices, it has become a considerably more complicated task, by orders of magnitude, to verify the identity of a user — or a service — and determine policies that say what they are and aren’t allowed to do.

Making the business case for security by design

Rodney Joffe

August 6, 2020

Organizations need to evolve their thinking around cybersecurity to stay ahead of these changing threats. A holistic approach that effectively builds security into all infrastructure and processes from the ground up is cost-effective and necessary to safeguard valuable employee and customer data. This requires an overall shift in philosophy – and adopting the concept of security by design is a key first step.

Understanding the Distinct and Dependent Roles of Data, Privacy and Cybersecurity Professionals

94% of organizations experienced at least one business-impacting cyberattack in the past year

August 6, 2020

The vast majority of organizations (94 percent) have experienced a business-impacting cyberattack in the past 12 months, according to both business and security executives.

1.1 billion fraud attacks detected since the beginning of 2020

August 6, 2020

A new Arkose Labs study revealed that in the first half of 2020, there were more than 1.1 billion online fraud attacks, double the attack volume compared to the second half of 2019 and a 25 percent attack rate increase across all transactions.

Unprepared Companies Vulnerable to Ransomware Attacks

Canon suffers ransomware attack that impacts numerous services

August 6, 2020

Canon has suffered a ransomware attack that impacts numerous services, including Canon's email, Microsoft Teams, USA website, and other internal applications.

CISA releases Trusted Internet Connections 3.0 core guidance documentation

August 6, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) released core guidance documentation for the Trusted Internet Connections (TIC) program, developed to assist agencies in protecting modern information technology architectures and services.

Virginia becomes the first US state to launch contact tracing app

August 6, 2020

Virginia has unveiled a new app designed to aid in contact tracing during the coronavirus pandemic.

Security of TikTok: How does a Microsoft acquisition change things?

Sam Rubin

August 6, 2020

Security fears linger around the wildly popular, Chinese-owned social media platform TikTok, and discussions are in the works for the platform to potentially be acquired by Microsoft. Should users be concerned in the interim? Will a change of ownership to a U.S.-based company allay security and privacy fears?