Forwarded from CNews.ru
Три главных ИТ-тренда и пять важных тенденций для корпоративного сектора
http://www.cnews.ru/news/top/2019-09-02_tri_glavnyh_ittrenda_i_pyat
http://www.cnews.ru/news/top/2019-09-02_tri_glavnyh_ittrenda_i_pyat
CNews.ru
3 главных ИТ-тренда для корпоративного сектора
Аналитическая компания Gartner выпустила очередной Hype Cycle для предприятий категории midsize enterprise по ее классификации....
NIST Releases Final Public Draft SP 800-160 Vol. 2 | CSRC
https://csrc.nist.gov/news/2019/nist-releases-final-public-draft-sp-800-160-vol-2
https://csrc.nist.gov/news/2019/nist-releases-final-public-draft-sp-800-160-vol-2
CSRC | NIST
NIST Releases Final Public Draft SP 800-160 Vol. 2 | CSRC
NIST has released the Final Public Draft of Special Publication (SP) 800-160 Volume 2, 'Developing Cyber Resilient Systems: A Systems Security Engineering Approach.' Public comment are due by November 1, 2019.
Один из примеров нового риска из за развития машинного обучения.
Forget email: Scammers use CEO voice 'deepfakes' to con workers into wiring cash | ZDNet
https://www.zdnet.com/article/forget-email-scammers-use-ceo-voice-deepfakes-to-con-workers-into-wiring-cash/
Forget email: Scammers use CEO voice 'deepfakes' to con workers into wiring cash | ZDNet
https://www.zdnet.com/article/forget-email-scammers-use-ceo-voice-deepfakes-to-con-workers-into-wiring-cash/
ZDNET
Forget email: Scammers use CEO voice 'deepfakes' to con workers into wiring cash
AI-generated audio was used to trick a CEO into wiring $243,000 to a scammer's bank account.
The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks — ProPublica
https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacks
https://www.propublica.org/article/the-extortion-economy-how-insurance-companies-are-fueling-a-rise-in-ransomware-attacks
ProPublica
The Extortion Economy: How Insurance Companies Are Fueling a Rise in Ransomware Attacks
Even when public agencies and companies hit by ransomware could recover their files on their own, insurers prefer to pay the ransom. Why? The attacks are good for business.
A project aims to help ISPs mind their routing security manners | Ars Technica
https://arstechnica.com/information-technology/2019/09/a-project-aims-to-help-isps-to-mind-their-routing-security-manners/
https://arstechnica.com/information-technology/2019/09/a-project-aims-to-help-isps-to-mind-their-routing-security-manners/
Ars Technica
A project aims to help ISPs mind their routing security manners
MANRS Observatory gives a peek inside security issues of Internet routing.
Forwarded from Vulnerability Management and more
The news that Rostelecom (Solar) will begin to provide Qualys Vulnerability Management services (rus) probably doesn't mean much on a global scale, but it's quite interesting for Russian market and for markets of other "countries with strict data sovereignty rules".
What problems we have with global cloud-based security solutions, including Vulnerability Management solutions? When the data about vulnerabilities of Russian organizations is stored and processed somewhere abroad and it is not clear how and by whom, (even if we are not even talking about the real threats) it's is a red flag for government regulators, like FSTEC. And they can easily make the usage of such services VERY complicated, at least among the customers that are somehow related to the government. The same restrictions stimulate the development of local security products, that's why we have local players on Russian #VulnerabilityManagement market, like Positive Technologies, Altx-Soft, NPO Echelon, etc.
What problems we have with global cloud-based security solutions, including Vulnerability Management solutions? When the data about vulnerabilities of Russian organizations is stored and processed somewhere abroad and it is not clear how and by whom, (even if we are not even talking about the real threats) it's is a red flag for government regulators, like FSTEC. And they can easily make the usage of such services VERY complicated, at least among the customers that are somehow related to the government. The same restrictions stimulate the development of local security products, that's why we have local players on Russian #VulnerabilityManagement market, like Positive Technologies, Altx-Soft, NPO Echelon, etc.
Если кто пропустил новый аддон по приватности к стандарту 27001 и 27002.
ISO - Tackling privacy information management head on: first International Standard just published
https://www.iso.org/news/ref2419.html
ISO - Tackling privacy information management head on: first International Standard just published
https://www.iso.org/news/ref2419.html
ISO
Tackling privacy information management head on: first International Standard just published
We are more connected than ever, bringing with it the joys, and risks, of our digital world. Cybersecurity is a growing concern, with attacks against business almost doubling over the last few years1) and is an increasingly significant threat to global stability.
Нист опубликовал черновик фреймворка по приватности.
Working Drafts | NIST
https://www.nist.gov/privacy-framework/working-drafts
Working Drafts | NIST
https://www.nist.gov/privacy-framework/working-drafts
NIST
Working Drafts
NIST is developing the Privacy Framework in stages to enable the greatest amount of engagemen