Probably ransom number record - 50 mil. $.

https://www.bleepingcomputer.com/news/security/computer-giant-acer-hit-by-50-million-ransomware-attack/amp/

Another splendid example of Security awareness song. This time in Rap genre.

https://twitter.com/ArchieScorp/status/1373276414632415234

"When asked which top three threats are explicitly factored into their strategic risk management activities, 'cyber threats' was the most selected by UK CEOs and chosen by 75%, ahead of 'pandemics and other health crises' (62%), and 'uncertain economic growth' (57%).

Just over three three-quarters (77%) of UK CEOs say they plan to increase their investment in digital transformation in 2021. Meanwhile, concerns over the rate of technological change declined from 75% last year to 55% this year. 

Two third of UK CEOs say they plan to increase investment in cyber security and data privacy. At a global level, cyber threats are the top concern for CEOs in the asset and wealth management, insurance, private equity, banking and capital markets, and technology sectors, according to PwC. "


https://www.zdnet.com/article/remote-work-makes-cybersecurity-a-top-worry-for-ceos/

API security becomes a ‘top’ priority for enterprise players | ZDNet
https://www.zdnet.com/article/api-security-becomes-a-top-priority-for-enterprise-players/

Свежая аналитика от ФинЦЕРТа - https://t.co/0y7lir58ML
— Alexey Lukatsky (@alukatsky) March 23, 2021

NISTIR 8360 (Draft), Machine Learning for Access Control Policy Verification | CSRC
https://csrc.nist.gov/publications/detail/nistir/8360/draft

К сегодняшнему мероприятию по DevSecOps уже возможно подключиться, мероприятие стартовало в 19:10. Ссылка https://meet.google.com/pkw-fpii-uew .

Обращаем внимание, что мы оставляем за собой право ограничить подключение для не зарегистрировавшихся ранее участников на сайте отделения ISACA.

Программа встречи:

1. Иван Елкин, QIWI - “DevSecOps, начало. Если вы купили еще одну компанию.”
2. Сергей Харюк, Технический директор Cyberlands.io - "DevSecOps - безопасность в CI\CD."
3. Андрей Бажин, Независимый эксперт, "SDLC проблемы и пути решения на примере финансового сектора."

NIST requests additional discussion and feedback for consideration on open issues for the upcoming draft NIST Special Publication (SP) 800-63 rev. 4. NIST has posted the below items for open discussion on the GitHub repository:

IAL 1 Update - Low assurance identity proofing and enrolment

Liveness test for remote identity proofing

Differentiation of phishing-resistant authentication at AAL2

Requirements for wireless authenticators

Redefinition of verifier impersonation resistance

Requirements to strongly bind assertions to authenticated sessions at FAL3

The 60-day open discussion period will end on May 15. Important to note NIST will not be adjudicating discussions, but may offer additional clarification if needed. Please direct all feedback and discussion

· GitHub
https://github.com/usnistgov/800-63-4/issues