Cybersecurity
RSS

Understanding the Distinct and Dependent Roles of Data, Privacy and Cybersecurity Professionals

CISOs struggling to prepare for upcoming security compliance audits

Survey finds CISOs highly interested in automation to address major concerns about doing more with less, preparing for audits remotely and speeding evidence collection

September 18, 2020

Shujinko announced the results of a survey of North American CISOs documenting the challenges facing security and compliance professionals preparing for a wave of upcoming audits. The survey, a joint effort between Shujinko and Pulse, found that calendars for security and compliance audits are largely unchanged despite COVID-19, yet the pandemic is straining teams as they work remotely.

Dunkin' Donuts settles data breach lawsuit

September 18, 2020

New York Attorney General Letitia James announced a settlement with Dunkin’ Brands, Inc. (Dunkin’) — franchisor of Dunkin’ Donuts — resolving a lawsuit over the company’s failure to respond to successful cyberattacks that compromised tens of thousands of customers’ online accounts.

Switzerland’s DPA concludes that Swiss-US Privacy Shield does not provide adequate level of protection

David M. Stauss

September 18, 2020

The fallout from the Schrems II judgment continued with an announcement from Switzerland’s Federal Data Protection and Information Commissioner (FDPIC) that the Swiss-US Privacy Shield regime “does not provide an adequate level of protection for data transfer from Switzerland to the US pursuant to [Switzerland’s] Federal Act on Data Protection (FADP).”

Compliance regulators don’t stop working when companies go remote

Jeff Sizemore

September 18, 2020

Compliance regulators don’t take days off – not even in a pandemic. Faced with steep penalties for non-compliance and potential reputational damage, organizations are being forced to rethink their compliance strategies to account for new and emerging risks. For digital businesses today, the best place to start is by assessing how systems should be good enough, understand how data integrity is currently being managed, identifying any compliance hazards or gaps, and considering how automation can help address them.

Can the voting process be hacked?

Carnell Council CISSP

September 17, 2020

The term "Kill Chain Methodology" or "Cyber Kill Chain" has been widely used in the world of cybersecurity to interpret the different stages involved in a cyberattack. In a nutshell, from a hacker's perspective, a kill chain is a way to illegally gain access to a network or network device via a series of progressive steps. Consequently, from a defender's perspective, every stage of this process presents an opportunity to prevent intrusions. So, what kind of systems, networks or devices can hackers exploit by employing this methodology? Let's talk about the election.

What the Zerologon vulnerability means for the state of enterprise security

September 17, 2020

On August’s Patch Tuesday, Microsoft closed several vulnerabilities, among them CVE-2020-1472, known as Zerologon. Secura's security expert Tom Tervoort discovered the vulnerabilty and recently explained in a blog why the vulnerability is so dangerous.

Siemens USA launches cybersecurity analytics lab to help protect operational technology

September 17, 2020

Siemens USA announced the launch of its technologically advanced cyber test range housed at its U.S. R&D headquarters in Princeton, New Jersey. The COVID-19 pandemic and the related increase in cyberattacks has highlighted the need for facilities such as this to focus on prevention, detection, and response solutions.

US charges 5 Chinese “Apt41” actors for hacking into more than 100 companies

September 17, 2020

U.S. federal agencies revealed criminal charges against five computer hackers, all of whom were residents and nationals of the People’s Republic of China (PRC). All were charged of computer intrusions affecting over 100 victim companies in the United States and abroad, including software development companies, computer hardware manufacturers, telecommunications providers, social media companies, video game companies, non-profit organizations, universities, think tanks, and foreign governments, as well as pro-democracy politicians and activists in Hong Kong.

new study says public-private partnerships best way to cybersecure governments

More than 80% of government cybersecurity leaders say private-public partnerships a necessity

September 17, 2020

According to a new report, public-private collaboration would help government leaders keep pace with cyberthreats.

BSIMM11 study shows fundamental shifts in software security initiatives in response to DevOps & digital transformation

The 11th iteration of the Building Security In Maturity Model reflects how organizations are adapting their software security efforts to support modern software development paradigms

September 17, 2020

Synopsys, Inc. published BSIMM11, the latest version of the Building Security In Maturity Model (BSIMM), created to help organizations plan, execute, measure, and improve their software security initiatives (SSIs). BSIMM11 reflects the software security practices observed across 130 firms from multiple industry verticals including financial services, FinTech, independent software vendors, cloud, health care, Internet of Things, insurance, and retail.

Domestic violence remains a complex driver of workplace violence, creating high-risk scenarios that require coordination across departments without clear ownership. Learn how threat management teams can manage domestic violence referrals from the start.

OSHA fines grab headlines, but most compliance issues start with everyday operational gaps: missed protocols, unsecured areas, or slow response. Learn how emerging technologies & AI can be leveraged towards a more proactive model of compliance.

Cybersecurity
RSS

CISOs struggling to prepare for upcoming security compliance audits

Dunkin' Donuts settles data breach lawsuit

Switzerland’s DPA concludes that Swiss-US Privacy Shield does not provide adequate level of protection

Compliance regulators don’t stop working when companies go remote

Can the voting process be hacked?

What the Zerologon vulnerability means for the state of enterprise security

Siemens USA launches cybersecurity analytics lab to help protect operational technology

US charges 5 Chinese “Apt41” actors for hacking into more than 100 companies

More than 80% of government cybersecurity leaders say private-public partnerships a necessity

BSIMM11 study shows fundamental shifts in software security initiatives in response to DevOps & digital transformation

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

Cybersecurity RSS

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

Cybersecurity
RSS