Forwarded from SecurityLab.ru
Организации European Network for Cyber Security (ENCS) и European Distribution System Operators’ Association (E.DSO) выпустили требования по кибербезопасности для распределенной автоматизации (Distribution Automation, DA) устройств связи с объектом (Remote Terminal Units, RTU).
Представлены новые требования по кибербезопасности распределенной автоматизации
Представлены новые требования по кибербезопасности распределенной автоматизации
t.me
Представлены новые требования по кибербезопасности распределенной автоматизации
Требования являются важным инструментом безопасности данных для коммунальных предприятий в Европе.
NISTIR 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM) | CSRC
https://csrc.nist.gov/publications/detail/nistir/8286/final
https://csrc.nist.gov/publications/detail/nistir/8286/final
CSRC | NIST
NIST Internal or Interagency Report (NISTIR) 8286, Integrating Cybersecurity and Enterprise Risk Management (ERM)
The increasing frequency, creativity, and severity of cybersecurity attacks means that all enterprises should ensure that cybersecurity risk is receiving appropriate attention within their enterprise risk management (ERM) programs. This document is intended…
WEIS 2020
The 2020 Workshop on the Economics of Information Security (Brussels, December 14-15, 2020)
free and online this year.
https://weis2020.econinfosec.org/
The 2020 Workshop on the Economics of Information Security (Brussels, December 14-15, 2020)
free and online this year.
https://weis2020.econinfosec.org/
For the chapter members: 2021 membership and Certifications are open. Do not forget to submit you CPE for 2020.
Why Cybersecurity Budget Benchmarks are a Waste of Time
https://www.philvenables.com/post/why-cybersecurity-budget-benchmarks-are-a-waste-of-time
https://www.philvenables.com/post/why-cybersecurity-budget-benchmarks-are-a-waste-of-time
Risk and Cyber
Why Cybersecurity Budget Benchmarks are a Waste of Time
I have built up a disdain for cybersecurity budgeting benchmarks. To be fair, there are some good attempts amid a sea of haphazard approaches, but my real problem is with the very concept of these benchmarks. So much so that I think budget benchmarking has…
AWS Security Best Practices: Cloud Security | Cloud Security Alliance
https://cloudsecurityalliance.org/blog/2020/10/05/aws-security-best-practices-cloud-security-report-2020-for-infosec/
https://cloudsecurityalliance.org/blog/2020/10/05/aws-security-best-practices-cloud-security-report-2020-for-infosec/
cloudsecurityalliance.org
AWS Security Best Practices: Cloud Security Report 2020
This post focuses on key report findings that matter to information security teams and covers some best practices for cloud security management.
Cloud & DevOps Security 2020 | Cyber Security Training | SANS Institute
https://www.sans.org/event/cloud-devops-security-summit-2020-live-online/summit-night-agenda
https://www.sans.org/event/cloud-devops-security-summit-2020-live-online/summit-night-agenda
www.sans.org
Cloud & DevOps Security 2020 | Cyber Security Training | SANS Institute
Choose from closely aligned, immersive information security courses to expand your expertise.
Cloud OS Security Specification v2.0 | Cloud Security Alliance
https://cloudsecurityalliance.org/artifacts/cloud-os-security-specification-v2/
https://cloudsecurityalliance.org/artifacts/cloud-os-security-specification-v2/
CSA
Cloud OS Security Specification v2.0 | CSA
Currently, most of the standards related to cloud computing security focus on information security management systems (ISMS), and corresponding certifications only concentrate on cloud services rather than specific cloud components. There is a lack of internationally…
Gartner Identifies the Top Strategic Technology Trends for 2021.
Two of them are directly attached to a cybersecurity.
https://www.gartner.com/en/newsroom/press-releases/2020-10-19-gartner-identifies-the-top-strategic-technology-trends-for-2021
Two of them are directly attached to a cybersecurity.
https://www.gartner.com/en/newsroom/press-releases/2020-10-19-gartner-identifies-the-top-strategic-technology-trends-for-2021
Gartner
Gartner Identifies the Top Strategic Technology Trends for 2021
Gartner Identifies the Top Strategic #Technology Trends for 2021. Read more here. #GartnerSYM #CIO #TechTrends #IT @Gartner_SYM
"...Privacy-Enhancing Computation
CIOs in every region face more privacy and noncompliance risks than ever before as global data protection legislation matures. Unlike common data-at-rest security controls, privacy-enhancing computation protects data in use while maintaining secrecy or privacy.
Gartner believes that by 2025, half of large organizations will implement privacy-enhancing computation for processing data in untrusted environments and multiparty data analytics use cases. Organizations should start identifying candidates for privacy-enhancing computation by assessing data processing activities that require transfers of personal data, data monetization, fraud analytics and other use cases for highly sensitive data..."
CIOs in every region face more privacy and noncompliance risks than ever before as global data protection legislation matures. Unlike common data-at-rest security controls, privacy-enhancing computation protects data in use while maintaining secrecy or privacy.
Gartner believes that by 2025, half of large organizations will implement privacy-enhancing computation for processing data in untrusted environments and multiparty data analytics use cases. Organizations should start identifying candidates for privacy-enhancing computation by assessing data processing activities that require transfers of personal data, data monetization, fraud analytics and other use cases for highly sensitive data..."
"...Cybersecurity Mesh
The cybersecurity mesh enables anyone to access any digital asset securely, no matter where the asset or person is located. It decouples policy enforcement from policy decision making via a cloud delivery model and allows identity to become the security perimeter. By 2025, the cybersecurity mesh will support over half of digital access control requests.
“The COVID-19 pandemic has accelerated the multidecade process of turning the digital enterprise inside out,” said Mr. Burke. “We’ve passed a tipping point — most organizational cyberassets are now outside the traditional physical and logical security perimeters. As anywhere operations continues to evolve, the cybersecurity mesh will become the most practical approach to ensure secure access to, and use of, cloud-located applications and distributed data from uncontrolled devices.” ..."
The cybersecurity mesh enables anyone to access any digital asset securely, no matter where the asset or person is located. It decouples policy enforcement from policy decision making via a cloud delivery model and allows identity to become the security perimeter. By 2025, the cybersecurity mesh will support over half of digital access control requests.
“The COVID-19 pandemic has accelerated the multidecade process of turning the digital enterprise inside out,” said Mr. Burke. “We’ve passed a tipping point — most organizational cyberassets are now outside the traditional physical and logical security perimeters. As anywhere operations continues to evolve, the cybersecurity mesh will become the most practical approach to ensure secure access to, and use of, cloud-located applications and distributed data from uncontrolled devices.” ..."