Cybersecurity

RSS

In the wake of the Court of Justice of the European Union’s Schrems II judgment, on July 23, 2020, the European Data Protection Board (EDPB) adopted a Frequently Asked Questions document to “provide initial clarification and give preliminary guidance to stakeholders on the use of legal instruments for the transfer of personal data to third countries, including the U.S.” The EDPB stated that the document will be updated, and further guidance provided, as it continues to examine and consider the judgment. The six-page FAQs provides the following guidance.

Joyce Flinn, Vice President and Information Security & Disaster Recovery Officer at First United Bank & Trust, has been appointed to the Cyber Risk Institute Board of Directors.

Colorado Secretary of State Jena Griswold announced the creation of a new Rapid Response Election Security Cyber Unit (RESCU), a highly-trained team of election security experts who will help protect Colorado’s elections from cyber-attacks, foreign interference, and disinformation campaigns.

 Druva, Inc. announced the appointment of Andrew Daniels as the company’s new Chief Information Officer (CIO) and Chief Information Security Officer (CISO). Daniels will be responsible for enhancing and scaling out Druva’s security operations, incident response and global IT infrastructure.

With fewer than 100 days left until Election Day, the report reveals US states and local election administrators are still in widely varying stages of cybersecurity readiness, according to a new Area 1 Security study.

The US Senate passed a bipartisan amendment to the FY 2021 National Defense Authorization Act (NDAA) to require the Department of Homeland Security to establish a Cybersecurity State Coordinator position in every state.

Zero Trust model creator John Kindervag puts it like this: “The point of Zero Trust is not to make networks, clouds, or endpoints more trusted; it's to eliminate the concept of trust from digital systems altogether.” He came up with the model in 2010, at a time when many businesses were just beginning to put foundational cybersecurity controls in place and over-relied on the assumed security inside their enterprise-owned network boundaries.