Management

RSS

Over the weekend, Fairfax, Va. County Public Schools, the 10th largest school district in the country, was hit by Maze ransomware, resulting in an apparent leak of student and faculty data, just days after previous attacks on these two other school systems.

Eric Cardwell has been named Axio's  Director of Cyber Risk Engineering. Mr. Cardwell will be responsible for addressing cyber risk requirements for industry clients, identifying government and trade association contracts, and driving innovation in the advancement of security and financial controls across the energy and utilities sector.

In the lead-up to the 2020 US elections, the nonpartisan global technology association ISACA surveyed more than 3,000 IT governance, risk, security and audit professionals in the US in January and again in July.

Digital Shadows revealed new research looking at the growing problem of company access keys inadvertently exposed during software development. Access keys, and their corresponding secrets, are used by developers to authenticate into other systems.

Two new public safety committees were created this month by University of Utah Chief Safety Officer Marlon Lynch and appointed by U President Ruth Watkins. The Public Safety Advisory Committee and the Independent Review Committee are comprised of students, faculty, and staff from across the institution and are designed to ensure a broad representation of constituents are included in public safety decision-making.

What are the expectations, technical implementations, and challenges of using cloud security access brokers (CASB)? Cloud Security Alliance's latest study reveal unrealized gaps between the rate of implementation or operation and the effective use of the capabilities within the enterprise.

From the early days of the web, the concept of authentication has been synonymous with the notion of ‘logging in,’ typically with a username and password. Today, this ubiquity has exploded to the point that the average individual has 191 usernames and passwords acting as one-to-one keys for any website they’ve registered with.

Today, Zero Trust is the subject of much discussion and debate; for instance, is Zero Trust doable in reality or more so in theory?  As many are aware, Zero Trust is a concept that deems everyone (employees, freelancers and vendors) and everything (datacenters, applications and devices) must be verified before being allowed into a network perimeter – whether they are on the inside or the outside of an organization.

The Fourth District Court of Louisiana has been hit by ransomware. Hacking group/ransomware strain Conti has claimed the attack on the US Court, and published apparent proof of the attack on its dark web page this week, CBR reports. 

In September 2019, the Department of Homeland Security (DHS) issued its Strategic Framework for Countering Terrorism and Targeted Violence (CTTV Framework) and now offers this corresponding Public Action Plan demonstrating the Department’s efforts to combat emerging threats and improve information sharing.