This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies By closing this message or continuing to use our site, you agree to our cookie policy. Learn MoreThis website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
In a paper released recently, “An integrated cyber approach to your cloud migration strategy,” Deloitte explores how an integrated cloud-cyber strategy enables organizations to use cyber as a differentiator, and outlines how cybersecurity teams must adapt.
CISA created the COVID-19 Vaccine Distribution Physical Security Measures guidance. This guidance provides a non-comprehensive list of physical security resources available to the public to help facility owners and operators enhance their physical security to protect workers and individuals.
Extension will allow the Task Force to continue its work as outlined in its recently released Year 2 Report and position itself to support the supply chain risk management imperative in 2021
February 9, 2021
The Cybersecurity and Infrastructure Security Agency (CISA) announced a six-month extension of the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force. The Task Force, chaired by CISA and the Information Technology (IT) and Communications Sector Coordinating Councils, is a public-private partnership composed of a diverse range of representatives from large and small private sector organizations charged with identifying challenges and devising workable solutions and recommendations for managing risks to the global ICT supply chain.
Girl Scouts of Tropical Florida (GSTF), Ryder System Inc. and the University of Tennessee's Global Supply Chain Institute partnered to create supply-chain curriculum for K-12.
The Cybersecurity and Infrastructure Security Agency (CISA) and government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an annual report on its progress to advance meaningful partnerships and analysis around supply chain security and resilience.
ESET researchers recently discovered attempts to deploy Lazarus malware via a supply-chain attack (on less secure parts of the supply network) in South Korea. In order to deliver its malware, the attackers used an unusual supply-chain mechanism, abusing legitimate South Korean security software and digital certificates stolen from two different companies. The attack was made easier for Lazarus since South Korean internet users are often asked to install additional security software when visiting government or internet banking websites.
The Cybersecurity and Infrastructure Security Agency (CISA) and government and industry members of the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force released an analysis report on the impact of COVID-19 on global supply chains. Building A More Resilient ICT Supply Chain: Lessons Learned During The COVID-19 Pandemic examines how ICT supply chains have been logistically impacted by the pandemic and provides practical recommendations to increase supply chain resiliency from future risks.
Security teams in the financial services sector are experiencing even more exacting demands as they defend their organizations in a world under a new and unexpected threat — a global pandemic, says a new Accenture report, "2020 Future Cyber Threats: The latest extreme but plausible threat scenarios in financial services."
The Information Security Forum (ISF) announced the launch of ISF Aligned Tools Suite 2020, bringing together 14 ISF tools and cross reference aids, including a rebuilt Benchmark platform and the new IRAM2 WebApp. Aligned to the latest version of the Standard of Good Practice for Information Security 2020 (SOGP 2020), the suite – which also includes Security Healthcheck, Supply Chain accelerator tools and SOGP 2020 cross-references – helps ISF Members demonstrate compliance with international standards and assure security across their external suppliers.
StackRox released the findings of the State of Containers and Kubernetes Security Report, Fall 2020. Security incidents remain high (90 percent), and nearly half of respondents have delayed rolling out applications into production because of security concerns (44 percent). At the same time, organizations have progressed in developing DevSecOps initiatives (83 percent have some form in place) and in maturing their container and Kubernetes security strategies (only 25 percent lack a strategy).
