Welcome:
Login
|
Sign Up
|
About CircleID
Follow:
|
|
|
Cybersecurity |
Sponsored by |
|
According to a new report by the Danish government's Center for Cybersecurity, hackers have breached email accounts and servers at both the Defense Ministry and the Foreign Ministry in 2015 and 2016. more
Recently the 2013 revisions of the internationally acclaimed standard for information security management, ISO27001 and accompanying 27002, 'Code of practice for information security management controls' were released. Whether you're new to this or are looking for a smooth transition, it's important to reflect on the changes made. Being compliant with the latest information security standards is becoming more and more important these days. more
Change is hard, and the larger the system, the slower the pace of change. There are just so many systems that need to change their behaviors, and the motivations of users, vendors, service providers, content generators and many others all vary. Getting all of us to change some aspect of our technology, platform or application set is hard, if not impossible, to orchestrate such that it happens at the same time. more
CENTR, the association which represents European country code top-level domain name registries (ccTLDs), such as .de for Germany or .no for Norway, has provided feedback to the United Nations' initiative on a Global Digital Compact (GDC). The GDC seeks to "outline shared principles for an open, free and secure digital future for all", and invites multistakeholder participation in the consultation phase. more
So far this year I think I've attended 20+ security conferences around the world - speaking at many of them. Along the way, I got to chat with hundreds of attendees and gather their thoughts on what they hoped to achieve or learn at each of these conferences. In way too many cases I think the conference organizers have missed the mark. I'd like to offer the following thoughts and feedback to the people organizing and facilitating these conferences (especially those catering to local security professionals). more
A long time ago, I worked in a secure facility. I won't disclose the facility; I'm certain it no longer exists, and the people who designed the system I'm about to describe are probably long retired. Soon after being transferred into this organization, someone noted I needed to be trained on how to change the cipher door locks. We gathered up a ladder, placed the ladder just outside the door to the secure facility, popped open one of the tiles on the drop ceiling, and opened a small metal box with a standard, low-security key. more
The U.S. Department of Justice and the FBI announced on Wednesday that they have taken actions to disable an international botnet of more than two million infected computers responsible for stealing corporate data including user names, passwords and financial information. more
"Russian banks will be faced with a whole range of new regulations, and penalties for non-compliance, when it comes to cyber-security, according to the country's Central Bank," Eugene Gerden reported today in SC Magazine UK more
Iran's nuclear facilities are immune to cyber attack a senior Iranian military official has claimed today according to various reports. "Gholam Reza Jalali, who heads an Iranian military unit in charge of combatting sabotage, was quoted Monday by the official IRNA news agency as saying that Iran and its nuclear facilities possess the technology and knowledge to deal with malicious software." more
According to a new security report released today by SANS Institute, TippingPoint and Qualys, the number of vulnerabilities found in applications in the last few years is far greater than the number of vulnerabilities discovered in operating systems. "On average, major organizations take at least twice as long to patch client-side vulnerabilities as they take to patch operating system vulnerabilities. In other words the highest priority risk is getting less attention than the lower priority risk." more
Kicking off the sixth annual National Cybersecurity Awareness Month this October, the Department of Homeland Security (DHS) has urged computer users to practice good "cyber hygiene". The campaign was given a boost Wednesday when the Senate passed resolution 285 to support its goal to make U.S. citizens more aware of how to secure the internet. DHS has also announced that is has been given new authority to recruit and hire up to 1,000 cybersecurity professionals across the department to fill roles such as: cyber risk and strategic analysis; cyber incident response; vulnerability detection and assessment; intelligence and investigation; and network and systems engineering. more
According to a new study by PGP Corporation and Ponemon Institute, data breach incidents cost U.S. companies $202 per compromised customer record in 2008, compared to $197 in 2007. The study is based on 43 organizations across 17 different industry sectors with a range of 4,200 to 113,000 records that were affected. It is also noted that since 2005, the cost component has grown by more than $64 on a per victim basis since -- nearly a 40% increase. more
In the aviation world safety is paramount. Commercial airlines go to major lengths to make sure that their planes are fully up to code and can fly safely in the air. The risks - loss of human lives - are far too extreme to take any chances. One result of this diligence is the fact that travel by plane is far safer than any other method - nearly 40 times safer per mile than travel by car. While application security risks are not as dire, research shows CSOs fail to use the same stringent level of safety to secure their Internet-facing applications. more
Intel plans to buy security company McAfee for $7.68 billion -- the biggest acquisition in its 42-year history. The chipmaker said Thursday it has entered into a definitive agreement to buy all of McAfee's common stock at $48 per share in cash. McAfee's stock closed Wednesday at $29.93, making Intel's offer a 60 percent premium. The boards of both companies have approved the deal. more
A research paper commissioned by the International Commission on Nuclear Non-proliferation and Disarmament (ICNND) suggests that nuclear command and control systems are vulnerable to cyber terrorism. "Despite claims that nuclear launch orders can only come from the highest authorities, numerous examples point towards an ability to sidestep the chain of command and insert orders at lower levels," says the report. more
A World-Renowned Source for Internet Developments. Serving Since 2002.