ISACARuSec – Telegram
ISACARuSec
@IsacaRuSec
2.27K subscribers
1.77K photos
13 videos
303 files
5.64K links
Канал направления ИБ Московского отделения ISACA

Направление канала новости ISACA, новости в области управления ИБ в России и мире, обмен лучшими практиками.

https://engage.isaca.org/moscow/home

Связь с администрацией
@popepiusXIII
Download Telegram
About
Blog
Apps
Platform
Join
ISACARuSec
2.27K subscribers
ISACARuSec
https://rusrim.blogspot.com/2020/04/din-din-spec-4997.html?m=1
Blogspot
Германия: Национальный орган по стандартизации DIN опубликовал спецификации DIN SPEC 4997 по запроектированной защите персональных…
В конце марта 2020 года немецкий национальный орган по стандартизации DIN сообщил о публикации спецификаций DIN SPEC 4997:2020-04  «Запр...
354 views
ISACARuSec
https://twitter.com/jeffespo/status/1252600639345111040?s=09
Twitter
Jeff Esposito
Mark your calendar. April 28-30, #TheSAS2020 comes to your home #SASatHome @TheSAScon https://t.co/NPNcEeYMPT See you there!
283 views
ISACARuSec
https://twitter.com/EU_EDPB/status/1252653139850911745?s=09
Twitter
EDPB
The EDPB guidelines on the processing of health data for the purpose of scientific research in the context of the COVID-19 outbreak are now available here: https://t.co/TpqOJhf8TD
332 views
ISACARuSec
https://www.enisa.europa.eu/news/enisa-news/european-cybersecurity-month-highlights-of-the-2019-campaign
www.enisa.europa.eu
European Cybersecurity Month: highlights of the 2019 Campaign
The European Union Agency for Cybersecurity publishes the report on the 2019 European Cybersecurity Month campaign.
260 views
ISACARuSec
Forwarded from RUSCADASEC news: Кибербезопасность АСУ ТП (Anton Shipulin)
Прогнозы на период 2020-2029 в области промышленной кибербезопасности в техническом и нормативном плане от испанского центра INCIBE-CERT

Технический
- The security of ICS will become more “conventional”
- Proliferation of tools for exploiting vulnerabilities in industrial environments
- Use of active detection
- Collaboration on OT threats
- Continuous monitoring in control networks
- Use of a reference architecture or model for each type of existing industrial infrastructure
- The attack surface is increasing
- Growing interest of cybercriminals in industrial environments
- Red team and blue team exercises in industrial environments

Нормативный
- Emergence of standards for ICS security
- Changes in legal compliance within industrial cybersecurity

https://www.incibe-cert.es/en/blog/industrial-security-predictions-2020-2029
INCIBE-CERT
Industrial security predictions 2020-2029
The future of industrial cybersecurity is currently a great challenge for many companies that have started their digitalization in order to join the 4.0 industry. Therefore, it is necessary to know
16 views
ISACARuSec
Novel way of testing security products - testing against exact known techniques of the researched APT hackers

MITRE ATT&CK Evaluation for Kaspersky | Kaspersky
https://www.kaspersky.com/enterprise-security/mitre-attack
287 viewsedited  
ISACARuSec
Identity Fabrics & the Future of Identity Management - KuppingerCole
https://www.kuppingercole.com/events/identity-fabrics-future-of-identity-management
KuppingerCole
Identity Fabrics & the Future of Identity Management
With this Virtual Event, KuppingerCole will help you in defining a step-by-step approach to migrate from your legacy IAM to a future-proof Identity Fabric.
298 views
ISACARuSec
Forwarded from Листок бюрократической защиты информации
​​📣Изменения в приказ ФСТЭК № 21

ФСТЭК России анонсирован проект ведомственного приказа о внесении изменений в Состав и содержание организационных и технических мер по обеспечению безопасности персональных данных при их обработке в информационных системах персональных данных, утверждённые приказом ФСТЭК России от 18.02.2013 № 21.
Соответсвующий документ размещён для общественного обсуждения на Федеральном портале проектов нормативных правых актов.
——————————————————
Изменений немного и касаются они только использования средств защиты информации того или иного уровня доверия.
13 views
ISACARuSec
Forwarded from Cisco Russia
Угрозы информационной безопасности сегодня являются одной из самых серьезных проблем, с которыми сталкиваются руководители компаний по всему миру. Для того, чтобы цифровая трансформация прошла без сбоев, а также чтобы обезопасить свой бизнес от взломов и утечек, важно знать о последних трендах в сфере безопасности и о том, что происходит по ту сторону баррикад. Мы опросили 2800 руководителей служб ИБ и ИТ в различных индустриях, чтобы определить 20 основных факторов, которые будут влиять на информационную безопасность в 2020 году: http://cs.co/61821NjGA

Другие отчеты по кибербезопасности: http://cs.co/61871NjHB
20 views
ISACARuSec
Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF) | CSRC
https://csrc.nist.gov/publications/detail/white-paper/2020/04/23/mitigating-risk-of-software-vulnerabilities-with-ssdf/final
CSRC | NIST
Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)
Few software development life cycle (SDLC) models explicitly address software security in detail, so secure software development practices usually need to be added to each SDLC model to ensure the software being developed is well secured. This white paper…
302 views
ISACARuSec
https://www3.corelight.com/webinar/close-the-gaps-in-your-security-investigations
Corelight
Corelight Webinar: Close the Gaps in Your Security Investigations
Successfully solving security incidents requires aggregating data from many telemetry sources, including the network. Join Chronicle and Corelight to learn about the critical role of Network Detection and Response in detecting attacks, hunting for threats
295 views
ISACARuSec
https://www.enisa.europa.eu/news/enisa-news/encrypted-traffic-analysis-use-cases-security-challenges
www.enisa.europa.eu
Encrypted Traffic Analysis: Use Cases & Security Challenges
The EU Agency for Cybersecurity explores encrypted traffic analysis’ use cases and identifies security challenges & opportunities
320 views
ISACARuSec
Проект МУ ФСТЭК.pdf
93.1 KB
Проект МУ ФСТЭК.pdf
446 views
ISACARuSec
One colleges of mine drawed a nice mindmap on the new FSTEK threat modelling guidlines draft.
297 viewsedited  
ISACARuSec
406 views
ISACARuSec
https://twitter.com/SANSEMEA/status/1253663764672643073?s=09
Twitter
SANS Institute, EMEA
SANS has over 30 PDF posters and cheat sheets covering all areas of the cybersecurity curriculum.. and one board game! ⤵️ Download these for free and make your life that little bit easier: https://t.co/UPl4O5nHFK
305 views
ISACARuSec
http://correlatedsecurity.com/introducing-speed-use-case-framework-v1-0/amp/
Correlated Security
Introducing: SPEED Use Case Framework for SIEM
The framework is an analytical tool that has a series of cyber security related distinctions which facilitate cyber security detection rules for SIEM.
331 viewsedited  
ISACARuSec
https://twitter.com/TAdviser/status/1253609641877090304?s=09
Twitter
TAdviser
Gartner назвала 7 трендов в информационной безопасности на 2020 год https://t.co/RaEHnB03lx
350 views
ISACARuSec
https://www.enisa.europa.eu/news/enisa-news/csirt-training-tools-new-orchestration
ENISA
New Training: on orchestration of CSIRT Tools
The EU agency for Cybersecurity introduces new training materials to support Member States’ CSIRTs.
377 views
ISACARuSec
https://www.gartner.com/en/insights/coronavirus
Gartner
Pandemic Research and Insights | Gartner
Build resilience through COVID-19 recovery.
359 viewsedited  
ISACARuSec
https://www.helpnetsecurity.com/2020/04/24/soc-2-compliance/
Help Net Security
Five best practices for achieving and maintaining SOC 2 compliance - Help Net Security
This expert opinion article offers five tactical best practices for organizations struggling to achieve and/or maintain SOC 2 compliance.
342 viewsedited