The Information Security Forum (ISF) announced the launch of ISF Aligned Tools Suite 2020, bringing together 14 ISF tools and cross reference aids, including a rebuilt Benchmark platform and the new IRAM2 WebApp. Aligned to the latest version of the Standard of Good Practice for Information Security 2020 (SOGP 2020), the suite – which also includes Security Healthcheck, Supply Chain accelerator tools and SOGP 2020 cross-references – helps ISF Members demonstrate compliance with international standards and assure security across their external suppliers.
Why are CISOs constrained from delivering metrics at scale and why is producing good security metrics so difficult? Here, find out what the five stages of security metrics maturity are, and how you can achieve a mature security metrics program.
Following a competitive review process, CISA awarded $2,000,000 to the University of Mississippi Medical Center (UMMC) for a two-year period of performance beginning on September 30, 2020. UMMC will use REMCDP funds to build on the successes of its previous REMCDP awards.
As cybercriminals increase their attacks during the COVID-19 pandemic, Metro Health – University of Michigan Health is fighting back. Metro Health has joined an innovative partnership of cybersecurity experts working 24/7 to protect patients and employees from scams and information theft.
The Michigan Healthcare Security Operations Center launched in 2018 as the first collective of its kind in the nation. Mi|HSOC brings together leading IT security experts from Michigan Medicine, Beaumont Health, Munson Healthcare, the Michigan Health & Hospital Association and security company CyberForce|Q.
On its third day, GSX+ kicked off with a keynote address on Military & Law Enforcement Appreciation Day by General Stanley McChrystal, former commander of U.S. and International forces in Afghanistan and best-selling author of Team of Teams: New Rules of Engagement for a Complex World.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) issued a Public Service Announcement (PSA) to raise awareness of the potential threat posed by attempts to spread disinformation regarding the results of the 2020 elections. Foreign actors and cybercriminals could create new websites, change existing websites, and create or share corresponding social media content to spread false information in an attempt to discredit the electoral process and undermine confidence in U.S. democratic institutions, warns the PSA.
At least three TikTok profiles with more than 350,000 followers combined have been promoting multiple fraudulent mobile apps that generated $500,000 in profit, according to an Avast report.
A coalition of law enforcement agencies across the world announced the results of a coordinated operation known as DisrupTor which targeted vendors and buyers of illicit goods on the dark web.
StackRox released the findings of the State of Containers and Kubernetes Security Report, Fall 2020. Security incidents remain high (90 percent), and nearly half of respondents have delayed rolling out applications into production because of security concerns (44 percent). At the same time, organizations have progressed in developing DevSecOps initiatives (83 percent have some form in place) and in maturing their container and Kubernetes security strategies (only 25 percent lack a strategy).
As documented in Dirceu Santa Rosa’s article for the IAPP’s Privacy Tracker, efforts to delay the effective date of Brazil’s General Data Protection Law – Lei Geral de Proteção de Dados or LGPD – recently failed, and the law is expected to go into force in the coming days. Brazil’s federal government also published a decree approving the regulatory structure of the Autoridade Nacional de Proteção de Dados, i.e., Brazil’s national data protection authority.