Life used to be simpler for security teams. In the legacy world, they had a clear understanding of the environment they needed to protect—typically the standard LAMP stack (Linux, Apache, MySQL, PhP). Within this straightforward, relatively static infrastructure, they could carve out a network layer all for themselves to implement the security technologies of their choice. They also had a direct line to vendors to discuss the security controls that needed to be implemented. But in the age of DevOps and cloud, things just don’t work this way anymore. Four key changes have left security teams struggling to protect applications and organizations.
Antisemitic incidents remained at a historically high level across the United States in 2020, with a total of 2,024 incidents of assault, harassment and vandalism reported to ADL (the Anti-Defamation League). While antisemitic incidents declined by 4 percent after hitting an all-time high in 2019, last year was still the third-highest year for incidents against American Jews since ADL started tracking such data in 1979.
The Transportation Security Administration (TSA) is extending the face mask requirement for individuals across all transportation networks throughout the United States, including at airports, onboard commercial aircraft, on over-the-road buses, and on commuter bus and rail systems through September 13.
Director Jared M. Maples of the New Jersey Office of Homeland Security and Preparedness (NJOHSP) discussed the impact of US Department of Homeland Security (DHS) grant programs on the ability of New Jersey communities to combat threats and prepare for emergencies when he testified before the US House of Representatives Subcommittee on Emergency Preparedness, Response, and Recovery on April 28. The hearing, “State and Local Perspectives on DHS Preparedness Grant Programs,” examined the critical role federal grants play in security and resiliency planning, especially as new tactics and events continue to alter the threat landscape in both the physical and cyber realms.
State of Cybersecurity 2021 report finds that 61% of cybersecurity teams are understaffed
May 4, 2021
The pandemic’s disruption has rippled across the globe, impacting workforces in nearly every sector. However, according to the findings from the State of Cybersecurity 2021 Part 1 survey report from ISACA in partnership with HCL Technologies, the cybersecurity workforce has largely been unscathed, though all-too familiar challenges in hiring and retention continue at levels similar to years past.
In a new study that surveyed enterprises with 3,000 or more employees, 60% of respondents are concerned pentesting gives them limited coverage or leaves them with too many blind spots.
In order to remain resilient and meet the emerging priorities around effective supplier management, improved business continuity planning, and increased community engagement, business leaders need to assess and benchmark their performance around three core areas of organizational resilience: operational resilience, supply chain resilience, and information resilience.
The National Security Agency (NSA) released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology.” The CSA details how to evaluate risks to systems and improve the security of connections between OT and enterprise networks. Information technology (IT) exploitation can serve as a pivot point for OT exploitation, so carefully evaluating the risk of connectivity between IT and OT systems is necessary to ensure unique cybersecurity requirements are met.
U.S. Customs and Border Protection and the World Business Alliance for Secure Commerce Organization (WBO) issued a joint statement affirming their shared commitment to enhance supply chain security. In the joint statement, CBP and WBO expressed their intent to collaborate on implementing a nine-point action plan that calls for, among other measures: Enhanced information sharing; Joint training and outreach on supply chain security; Customs Trade Partnership Against Terrorism (CTPAT) recognition for WBO certified supply chain partners that successfully complete a CBP validation process; and
Paul Suarez joins Casey's General Stores in the newly created Chief Information Security Officer position at the company, which operates 2,200 convenience stores across 16 states.
RSS
