ISACARuSec – Telegram
ISACARuSec
@IsacaRuSec
2.27K subscribers
1.77K photos
13 videos
303 files
5.63K links
Канал направления ИБ Московского отделения ISACA

Направление канала новости ISACA, новости в области управления ИБ в России и мире, обмен лучшими практиками.

https://engage.isaca.org/moscow/home

Связь с администрацией
@popepiusXIII
Download Telegram
About
Blog
Apps
Platform
Join
ISACARuSec
2.27K subscribers
ISACARuSec
https://www.isaca.org/go/covid19-study
ISACA
COVID-19 Study
ISACA Professionals Weigh in on Impact and Outlook
337 viewsedited  
ISACARuSec
Good manual updated every (!) month.

Australian Government Information Security Manual (ISM) | Cyber.gov.au
https://www.cyber.gov.au/acsc/view-all-content/ism
www.cyber.gov.au
Information security manual | Cyber.gov.au
The Information security manual (ISM) is a cybersecurity framework that an organisation can apply, using their risk management framework, to protect their information technology and operational technology systems, applications and data from cyberthreats.
309 viewsedited  
ISACARuSec
It looks like that official hardware bugs and backdoors are getting from mythical to lawful, it must be considered during risk assessments.

https://www.theregister.com/2020/06/24/us_encryption_backdoor/
The Register
After huffing and puffing for years, US senators unveil law to blow the encryption house down with police backdoors
Lawmakers will attempt to bend the laws of mathematics to their will
624 viewsedited  
ISACARuSec
Forwarded from Пост Лукацкого
Полезный обзор Валерия Естехина нового Положения Банка России от 08.04.2020 № 716-П по управлению операционным рисков в части планирования деятельности служб ИБ https://t.co/qmAX1txb65
— Sergey Borisov (@sb0risov) June 26, 2020
Blogspot
Год 2022. Новое Положение Банка России от 08.04.2020 № 716-П
Все в этой жизни построено на оценке рисков   Про план действий служб ИБ и ИТ по внедрению Положения Банка России № 716-П читайте здесь . ...
29 views
ISACARuSec
ITL Bulletin , NIST Privacy Framework: An Overview | CSRC
https://csrc.nist.gov/publications/detail/itl-bulletin/2020/06/nist-privacy-framework/final
CSRC | NIST
ITL Bulletin June 2020, NIST Privacy Framework: An Overview
This bulletin summarizes the information found in the voluntary NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management (Version 1.0). The Privacy Framework is a tool developed in collaboration with stakeholders intended to…
302 views
ISACARuSec
https://twitter.com/enisa_eu/status/1276170530715025408?s=09
Twitter
ENISA
The #GDPR has met most of its objectives according to the @EU_Commission's evaluation report https://t.co/tmXu7EsX0I #ENISA actively supports the GDPR implementation by translating legal obligations into technical approaches, publishing relevant guidelines…
337 views
ISACARuSec
http://rusrim.blogspot.com/2020/06/blog-post_27.html?m=1
Blogspot
ИСО: Опубликован новый стандарт менеджмента правового риска
В качестве вступления скажу, что, работая в качестве национального эксперта в Международной организации по стандартизации (ИСО), я наблюда...
353 views
ISACARuSec
Forwarded from RUSCADASEC news: Кибербезопасность АСУ ТП (Anton Shipulin)
IEC выпустила финальную версию стандарта IEC 62443-3-2:2020 Security for industrial automation and control systems - Part 3-2: Security risk assessment for system design. Доступен для покупки.

IEC 62443-3-2:2020(E) establishes requirements for:
• defining a system under consideration (SUC) for an industrial automation and control system (IACS);
• partitioning the SUC into zones and conduits;
• assessing risk for each zone and conduit;
• establishing the target security level (SL-T) for each zone and conduit; and
• documenting the security requirements.

https://webstore.iec.ch/publication/30727
40 views
ISACARuSec
https://www.kuppingercole.com/events/pam-enterprise
KuppingerCole
Privileged Access Management (PAM) for Your Enterprise
In this virtual event, KuppingerCole and other top experts in the industry will present crucial information on why companies need PAM and how PAM works best to prevent security breaches and credential thefts through defining and implementing the right strategy.
294 viewsedited  
ISACARuSec
https://otcybersecurity.blog/2020/06/25/the-classic-ics-perimeter/amp/
OT Cybersecurity
The Classic ICS perimeter
This blog describes the security of the "classic" perimeter for industrial control systems (ICS). It discusses 16 different topologies and their security aspects.
307 viewsedited  
ISACARuSec
http://rusrim.blogspot.com/2020/06/isoiec-tr-240282020.html?m=1
Blogspot
ИСО: Опубликован технический отчёт ISO/IEC TR 24028:2020 «Обзор вопросов доверия к искусственному интеллекту»
Сайт Международной организации по стандартизации (ИСО) в начале июня 2020 года сообщил о публикации технического отчёта ISO/IEC TR 24028...
272 views
ISACARuSec
https://twitter.com/TomConkle/status/1277713419760807936?s=09
Twitter
Tom Conkle
I'm excited to share that @ISACANews has released Risk IT Framework 2nd Edition. I'm happy for the opportunity to contribute to a book that helps organizations leverage Risk Management activities in their organization. #ManageTheRisk #OpticCyber https://t.co/zNS5wf5H5V
274 views
ISACARuSec
https://twitter.com/CISecurity/status/1277739124133429249?s=09
Twitter
Center for Internet Security (CIS)
The Summer 2020 issue of Cybersecurity Quarterly is out. https://t.co/dTPHMstH48
316 views
ISACARuSec
https://medium.com/anton-on-security/more-musings-on-reverse-security-theater-and-security-signalling-40beef667d65
Medium
More Musings on Reverse Security Theater and “Security Signalling”
“Security theater” (a term widely attributed to Bruce Schneier) “refers to security measures that make people feel more secure without…
323 views
ISACARuSec
Cybercrime: It’s Worse Than We Thought | NIST
https://www.nist.gov/blogs/taking-measure/cybercrime-its-worse-we-thought
NIST
Cybercrime: It’s Worse Than We Thought
The cyber world is relatively new, and unlike other types of assets, cyber assets are potentially accessible to criminals in far-off locations.
335 views
ISACARuSec
SP 800-77 Rev. 1, Guide to IPsec VPNs | CSRC
https://csrc.nist.gov/publications/detail/sp/800-77/rev-1/final
CSRC | NIST
NIST Special Publication (SP) 800-77 Rev. 1, Guide to IPsec VPNs
Internet Protocol Security (IPsec) is a widely used network layer security control for protecting communications. IPsec is a framework of open standards for ensuring private communications over Internet Protocol (IP) networks. IPsec configuration is usually…
345 views
ISACARuSec
https://cloud.google.com/blog/products/identity-security/how-cloud-dlp-can-help-with-compliance-security-and-privacy
Google Cloud Blog
How Cloud DLP can help with compliance, security, and privacy | Google Cloud Blog
A look back at the history of DLP before discussing how DLP is useful in today’s environment, including compliance, security, and privacy use cases.
367 views
ISACARuSec
https://twitter.com/3dwave/status/1278642983236186112?s=09
Twitter
Andrey Prozorov, CISM, CIPP/E, CDPSE
ENISA Launches Public Consultation for First Candidate Cybersecurity Certification Scheme — ENISA https://t.co/beuSHXIsqa
349 views
ISACARuSec
Forwarded from #ПоИБэшечка (Lev)
Интересное мероприятие от AM, погляжу в записи или так. И вам советую

​​07 июля 2020 в 11:00 состоится первая онлайн-конференция в формате AM Live. Приглашаем всех принять участие.

Мы подведем итоги публичного сравнения услуг коммерческих SOC (центров мониторинга и реагирования на инциденты информационной безопасности) и обсудим следующие вопросы: 

1. На что заказчику обращать внимание при выборе SOC?
• Технологическая платформа. Особенности работы с ГосСОПКА. Как формируется стоимость услуг?

2. SLA - что должен и что не может гарантировать коммерческий SOC?
• Время и формат рекомендаций реагирования на инцидент. Допустимый уровень ложных срабатываний. 

3. Как получить от SOC еще больше?
• Что удобно аутсорсить вместе с SOC? Мониторинг и аналитика BigData.

Модератор: Илья Шабанов, генеральный директор АМ Media

Спикеры:
Владимир Дрюков, директор центра мониторинга и реагирования на кибератаки, Solar JSOC;
Алексей Юдин, директор центра мониторинга «Инфосекьюрити»;
Алексей Мальнев, Руководитель Центра мониторинга и реагирования на инциденты ИБ Jet CSIRT.

Трансляция будет осуществляться в прямом эфире на сайте мероприятия https://live.anti-malware.ru/
53 views
ISACARuSec
https://pentestmag.com/top-10-cyber-security-fundamentals-for-small-to-medium-businesses/
Pentestmag
Top 10 Cyber Security Fundamentals for Small to Medium Businesses
Top 10 Cyber Security Fundamentals for Small to Medium Businesses by David Evenden 1. Develop an Effective Asset Management Program Asset Management is the process of taking inventory of all internal and external assets spread throughout the network…
332 views
ISACARuSec
Forwarded from RPPA PRO: Privacy • AI • Cybersecurity • IP
​​#materials #privacy #GDPR #RPPA

Обновлённая презентация от Алексея Мунтяна: Рассмотрение механизмов и специфики применения Генерального регламента ЕС о защите данных (GDPR), здесь
48 views
Show comments