Forwarded from ZLONOV security
Национальный центр кибербезопасности Соединенного Королевства (NCSC) выпустил свой отчет «Активная киберзащита 2019» (ACD — Active Cyber Defence), с анализом результатов программы ACD NCSC, направленной на снижение вреда от кибератак https://www.ncsc.gov.uk/report/active-cyber-defence-report-2019
Forwarded from ZLONOV security
The Water Information Sharing and Analysis Center (WaterISAC) недавно выпустил обновленное руководство по основам кибербезопасности для предприятий водоснабжения и водоотведения «15 Cybersecurity Fundamentals for Water and Wastewater Utilities». https://www.waterisac.org/fundamentals
Еще один набор лучших международных практик для финансовых организаций от института Карнеги.
https://carnegieendowment.org/2019/07/16/carnegie-launches-cyber-resilience-and-financial-organizations-capacity-building-tool-box-pub-79511
https://carnegieendowment.org/2019/07/16/carnegie-launches-cyber-resilience-and-financial-organizations-capacity-building-tool-box-pub-79511
Carnegie Endowment for International Peace
Carnegie Launches the “Cyber Resilience and Financial Organizations: A Capacity-building Tool Box”
Carnegie Endowment for International Peace today released “Cyber Resilience and Financial Organizations: A Capacity-building Tool Box” in partnership with the SWIFT Institute, the original sponsor, the IMF, the Financial Services Information Sharing and Analysis…
The Tool Box contains:
(1) Board-Level Guide: Cybersecurity Leadership;
(2) CEO-Level Guide: Cybersecurity Leadership;
(3) CISO-Level Guide: Protecting Your Organization;
(4) CISO-Level Guide: Protecting Your Customers;
(5) CISO-Level Guide: Protecting Connections to Third Parties; and
(6) Incident Response Guide – each accompanied by a checklist and a supplementary report detailing the various standards and policies that informed the development of the tool box.
(1) Board-Level Guide: Cybersecurity Leadership;
(2) CEO-Level Guide: Cybersecurity Leadership;
(3) CISO-Level Guide: Protecting Your Organization;
(4) CISO-Level Guide: Protecting Your Customers;
(5) CISO-Level Guide: Protecting Connections to Third Parties; and
(6) Incident Response Guide – each accompanied by a checklist and a supplementary report detailing the various standards and policies that informed the development of the tool box.
TLS Server Certificate
Organizations that do not have a plan are at higher risk for system outages and security breaches, which can result in:
revenue loss
harm to reputation or brand
loss of privacy
exposure of confidential data to attackers
Management | NCCoE
https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management
Organizations that do not have a plan are at higher risk for system outages and security breaches, which can result in:
revenue loss
harm to reputation or brand
loss of privacy
exposure of confidential data to attackers
Management | NCCoE
https://www.nccoe.nist.gov/projects/building-blocks/tls-server-certificate-management
Forwarded from Листок бюрократической защиты информации
Роскомнадзор разработал памятку для торговых площадок, использующих персональные данные участников электронных аукционов.