The current state of privacy laws in the USA 2020: what you need to know

Posted by:

After the introduction of the CCPA in 2018 a whole slew of states got on board the data privacy bandwagon, and it looked like there was real momentum in the direction of increased rights for citizens over their own data.  By the middle of 2019 more than a dozen states had introduced some kind of privacy bill, either from scratch or as an amendment to existing privacy laws.

So how has that turned out?

Well, if you’re an advocate for increased user ...

Read More →
0

Why it is high time to consider a CISO on demand

Posted by:

Many years ago I went to the doctor with a weird arm.  If I held my elbow and wrist just-so, it seemed to stop the blood supply going to my fingers.  Nothing too dramatic, but worth getting checked out. I was referred to the local hospital where the specialist remarked that he had never seen anything like it and he was keen to investigate further.

“I should add that you’ve been referred to the wrong department.  This ...

Read More →
0

Isn’t it time we talk seriously about a nation-wide Privacy Act?

Posted by:

Would you be surprised if someone told you that they felt even less secure online today, compared to five years ago? 

All we hear about are big companies screwing up and losing user data

Nah. Me neither. As reports Mitchell Noordyke from iapp, “state level momentum for comprehensive privacy bills is at an all time high. 

One of the hot topics now is whether the United States, Like the EU, ...

Read More →
0

The Delicate OpSecs needed to secure Supply Chains

Posted by:

OPSEC is a pretty familiar term in this industry, but reviewing its fundamental meaning and what it implies for us today in our current threat landscape is a useful exercise.

After all, being able to secure our systems and information from prying eyes from the likes of cyber thieves, scammers, ransomers, and so on, is a key priority for most businesses today.

OPSEC is the term the industry uses to talk about operational security. ...

Read More →
0

Securing IoT can make profitable sense to any company

Posted by:

A survey conducted by Ponemon in 2018 found that 97 percent of security professionals thought that a cyber attack vectoring from an insecure device could be “catastrophic” for the business. They also found that only 15 percent had bothered to do an inventory of the IoT devices, which were indeed connected to their systems. And only half had protocols to disconnect high-risk devices upon detection.

The survey stresses the importance of addressing this vulnerability:

Read More →

0

DevSecOps: an intro on why you need it

Posted by:

We’ve pulled together an FAQ on DevSecOps, so you can give some thought on whether this approach might be beneficial in your organization. We hope it’s useful.

What is DevSecOps?

The concept evolved from its predecessor DevOps, a portmanteau for Development and IT Operations (Dev + Ops). I have also heard it referred to as “Agile on steroids”. The idea is simple: it bridges the gap between development and IT teams through collaboration to reduce project ...

Read More →
1

Should C-level Bonuses Be Tied To Cybersecurity Posture?

Posted by:

The cybersecurity catch-22 – have you run across it? This is where, for example, you’ve found a vulnerability in a product, and you inform the affected company in a responsible way, but you never receive a response.

Or perhaps you work in the development team, and really want your employers to give you the resources you need to address a security flaw, only to see your requests shoved aside to focus on new, sexier features.

Read More →

0

How the US government shutdown damages cybersecurity for everybody

Posted by:

The US government has been in shutdown mode for a record length of time, already at the time of writing exceeding the previous Clinton-era record, 21 days in 1995-96, by more than 50%.

With disagreement over the $5 billion cost of President Trump’s border wall showing no signs of abating, the shutdown could well roll on into February.

What impact is the shutdown having on cybersecurity?

Website certificates: 

The most visible effect has been on government-run websites. ...

Read More →
0

2019: What to expect in cybersecurity this year

Posted by:

Another year is upon us. 2018 was a cyber rollercoaster with massive internet scandals and data breaches.  With that in mind there are a number of IT security topics that should be top of mind for 2019.

Take a look at a few we’ve identified…

Security by Design

We expect to see a greater focus on baked-in security, be this in application development, or in IT and company strategies. In 2018, with the enforcement of Europe’s data ...

Read More →
0

Are employees really the weakest link in your cyber-defense strategy?

Posted by:

It’s been touted for awhile that people, be they employees, business partners or consultants, are the true weakness in the cyber defenses of an organization.

It is people – all with some level of access to the inner sanctum of the network – that have been a main focus for malicious agents (aka “the bad guys”).

It isn’t rocket science as to why – as technology gets more complex and savvy, it is more difficult to sneak into a system undetected from ...

Read More →
0
Page 1 of 5 12345
})
SEC Cybersecurity Exams