Forwarded from Пост Лукацкого
Пока все ждут инструмента по оценке угроз от ФСТЭК, на #RSAC рассказывают о двух open source инструментах для решения данной задачи и о инструменте по оценке рисков по методу FAIR (это тот, который все в деньги переводит, - вчера про него писал) pic.twitter.com/v1ftLeVjqO
— Alexey Lukatsky (@alukatsky) May 18, 2021
— Alexey Lukatsky (@alukatsky) May 18, 2021
Twitter
#rsac hashtag on Twitter
6h ago @mediaphyter tweeted: "I keep forgetting #RSAC is even happenin.." - read what others are saying and join the conversation.
Запись вебинара по новой версии CIS controls v8
https://cisecurity.wistia.com/medias/9qnuy1s5vb
https://cisecurity.wistia.com/medias/9qnuy1s5vb
Wistia
Webinar | Welcome to CIS Controls v8
May 18, 2021 | 10 AM EDT Based on feedback from users around the world and working in a breadth of industries, we enhanced CIS Controls Version 8 to keep up with modern systems and software. Learn about the newly released CIS Controls v8 including its creation…
В ответах на твит много интересных ссылок.
https://twitter.com/likethecoins/status/1394802463371300865
https://twitter.com/likethecoins/status/1394802463371300865
Twitter
Katie Nickels
Someone asked me today about all the different jobs in cybersecurity and I rattled off 20+. Does anyone have a good resource describing potential jobs in cybersecurity or information security? I feel like I've seen a few resources around, but can't find them…
Новый черновик лучших практик Нист.
As part of a zero trust approach, data-centric security management aims to enhance protection of information (data) regardless of where the data resides or who it is shared with. Data-centric security management necessarily depends on organizations knowing what data they have, what its characteristics are, and what security and privacy requirements it needs to meet so the necessary protections can be achieved. Standardized mechanisms for communicating data characteristics and protection requirements are needed to make data-centric security management feasible at scale.
https://www.nccoe.nist.gov/projects/building-blocks/data-classification
As part of a zero trust approach, data-centric security management aims to enhance protection of information (data) regardless of where the data resides or who it is shared with. Data-centric security management necessarily depends on organizations knowing what data they have, what its characteristics are, and what security and privacy requirements it needs to meet so the necessary protections can be achieved. Standardized mechanisms for communicating data characteristics and protection requirements are needed to make data-centric security management feasible at scale.
https://www.nccoe.nist.gov/projects/building-blocks/data-classification
Намерение генеральных директоров увеличить расходы на цифровые решения и ИТ неизбежно влечет повышение расходов на ИБ.
https://www.gartner.com/smarterwithgartner/ceos-see-growth-in-2021-marked-by-3-shifts/
https://www.gartner.com/smarterwithgartner/ceos-see-growth-in-2021-marked-by-3-shifts/
Gartner
Gartner CEO Survey Shows Most Expect Growth in 2021
The 2021 Gartner #CEO Survey, with responses from 465 global #business leaders, shows where CEOs are placing their growth bets this year. Read more from @Gartner_inc.
Forwarded from Пост Лукацкого
Интересный обзор новой стратегии США кибербезопасности - https://t.co/B7SchxQknr pic.twitter.com/CGDntQcaBA
— Alexey Lukatsky (@alukatsky) May 20, 2021
— Alexey Lukatsky (@alukatsky) May 20, 2021
Опасный прецедент перевода реальных атак в ответ на кибератаки.
#secactor
https://therecord.media/israel-bombed-two-hamas-cyber-targets/
#secactor
https://therecord.media/israel-bombed-two-hamas-cyber-targets/
therecord.media
Israel bombed two Hamas cyber targets
Amid the recent flareup in the Israel-Palestine conflict, the Israeli military said it bombed two objectives in the Gaza Strip that housed centers for Hamas cyber operations.