ISACA's new COBIT guidance builds upon best practices shared for the governance and management of information and technology aimed at the whole enterprise through the lens of information security, and details additional metrics and activities that should be considered when implementing or assessing COBIT in the context of information security.

It’s easy to see why the Open Supervised Device Protocol (OSDP), has become the security industry’s gold standard for access control installations. It enhances security, adds flexibility and makes systems easy to update and integrate with other devices. The Security Industry Association (SIA), with significant input from manufacturers and integrators, introduced OSDP in 2011 and it is now recommended for any public or private enterprise installation requiring a high level of security. Earlier this year, the International Electrotechnical Commission approved OSDP as an international standard.

Theft, fraud and losses from other retail “shrink” totaled $61.7 billion in 2019, up from $50.6 billion the year before as industry security executives reported increases in the number of shoplifting, organized retail crime and employee theft incidents, according to the annual National Retail Security Survey released by the National Retail Federation.

“There are only two types of companies: those that have been hacked, and those that will be.” When former FBI Director Robert Mueller spoke those words in 2012, he sounded hyperbolic. Almost a decade later, it seems prophetic.

In early June, the California Attorney General filed final CCPA regulations with the California Office of Administrative Law. The final regulations were accompanied by a 59-page Final Statement of Reasons along with six appendices containing over 500 pages of comments on the regulations and the Attorney General’s responses to those comments. One of the many topics that the Attorney General’s office discussed was the final regulation’s requirements for drafting privacy policies. Given that the drafting of a privacy policy is a necessary part of CCPA compliance, it is worth analyzing those comments.

Threat actors launched a cyberattack against the Texas Office of Court Administration, the IT provider for many Texas courts, and encrypted their computer systems with ransomware, leaving those systems useless. Cognizant, which has a large presence in Dallas-Fort Worth and is one of the world’s largest and most sophisticated providers of information technology services for other companies, was hit with ransomware with losses currently estimated between $50 million and $70 million.

There is a trade-off between technology innovation and security. The adoption of emerging technologies like 5G will fuel the proliferation of Internet of Things (IoT) which are often built with basic security controls, creating a larger attack surface. At the same time, reliance on data means that data breaches can cause greater damage.

Mission 500 and The New Jersey Electronic Life Safety Association (NJELSA), teamed up for the second year in a row during the NJELSA Annual Symposium, held March 11-13 at Harrah’s Atlantic City for a School Backpack Building Event.

Outsourcing has become a vital part of most business strategies. Not only is it a way to save money, but it’s a simple way to take advantage of expertise you might not currently have in house. But outsourcing can also leave companies vulnerable if the third-party doesn’t have proper cybersecurity procedures.