Обзор докладов WEIS, ссылка на которые публиковалась выше
https://lukatsky.blogspot.com/2019/06/iso-27001-bug-bounty.html?m=1
https://lukatsky.blogspot.com/2019/06/iso-27001-bug-bounty.html?m=1
Blogspot
Почему сертификат ISO 27001 приводит к снижению инвестиционной привлекательности, а программа bug bounty лучше пентестов...
Блог Алексея Лукацкого "Бизнес без опасности"
Forwarded from Пост Лукацкого
Выложены презентации с ITSF 2019 https://t.co/UCKRt2c48l @itsfkzn
— Alexey Lukatsky (@alukatsky) June 14, 2019
— Alexey Lukatsky (@alukatsky) June 14, 2019
itsecurityforum.ru
ITSF 2019
XIII Цифровой Форум - ITSF. Большие данные. Кибербезопасность. Законодательство.
Forwarded from RUSCADASEC news: Кибербезопасность АСУ ТП (Anton Shipulin)
The International Society of Automation (ISA) выпустило книгу «Security PHA Review for Consequence-Based Cybersecurity» от Edward M. Marszal and Jim McGlone из компании Kenexis. Авторы рассказывают, как использовать результаты анализа опасностей process hazard analysis (PHA) для определения уязвимых к кибератакам сценариев и устранения проблем. Доступна электронная версия книги
https://www.isa.org/store/security-pha-review-for-consequence-based-cybersecurity/65832391
https://www.isa.org/store/security-pha-review-for-consequence-based-cybersecurity/65832391
Continuous Monitoring for IT Infrastructure | NCCoE
https://www.nccoe.nist.gov/projects/building-blocks/continuous-monitoring
https://www.nccoe.nist.gov/projects/building-blocks/continuous-monitoring
SP 800-205, Attribute Considerations for Access Control Systems | CSRC
https://csrc.nist.gov/publications/detail/sp/800-205/final
https://csrc.nist.gov/publications/detail/sp/800-205/final
CSRC | NIST
NIST Special Publication (SP) 800-205, Attribute Considerations for Access Control Systems
This document provides federal agencies with a guide for implementing attributes in access control systems. Attributes enable a logical access control methodology where authorization to perform a set of operations is determined by evaluating attributes associated…
Public Comments - Protecting CUI | CSRC
https://csrc.nist.gov/projects/protecting-cui/public-comments
https://csrc.nist.gov/projects/protecting-cui/public-comments
CSRC | NIST
Public Comments - Protecting CUI | CSRC
Comments Received on Draft SP 800-171B Below are comments received on Draft Special Publication 800-171B, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations – Enhanced Security Requirements for Critical Programs and High…
'Operational guidance for the EU's international cooperation on cyber capacity building: A playbook' https://t.co/jgujHo4oAs
https://t.co/lTHxyyJ2me
https://t.co/lTHxyyJ2me
op.europa.eu
Operational guidance for the EU's international cooperation on cyber capacity building : a playbook.
Details of the publication
061919_Wyden_Sensitive_Data_Transmission.pdf
1.5 MB
061919 Wyden Sensitive Data Transmission Best Practices Letter to NIST.pdf