Запись вебинара по новой версии CIS controls v8
https://cisecurity.wistia.com/medias/9qnuy1s5vb
https://cisecurity.wistia.com/medias/9qnuy1s5vb
Wistia
Webinar | Welcome to CIS Controls v8
May 18, 2021 | 10 AM EDT Based on feedback from users around the world and working in a breadth of industries, we enhanced CIS Controls Version 8 to keep up with modern systems and software. Learn about the newly released CIS Controls v8 including its creation…
В ответах на твит много интересных ссылок.
https://twitter.com/likethecoins/status/1394802463371300865
https://twitter.com/likethecoins/status/1394802463371300865
Twitter
Katie Nickels
Someone asked me today about all the different jobs in cybersecurity and I rattled off 20+. Does anyone have a good resource describing potential jobs in cybersecurity or information security? I feel like I've seen a few resources around, but can't find them…
Новый черновик лучших практик Нист.
As part of a zero trust approach, data-centric security management aims to enhance protection of information (data) regardless of where the data resides or who it is shared with. Data-centric security management necessarily depends on organizations knowing what data they have, what its characteristics are, and what security and privacy requirements it needs to meet so the necessary protections can be achieved. Standardized mechanisms for communicating data characteristics and protection requirements are needed to make data-centric security management feasible at scale.
https://www.nccoe.nist.gov/projects/building-blocks/data-classification
As part of a zero trust approach, data-centric security management aims to enhance protection of information (data) regardless of where the data resides or who it is shared with. Data-centric security management necessarily depends on organizations knowing what data they have, what its characteristics are, and what security and privacy requirements it needs to meet so the necessary protections can be achieved. Standardized mechanisms for communicating data characteristics and protection requirements are needed to make data-centric security management feasible at scale.
https://www.nccoe.nist.gov/projects/building-blocks/data-classification
Намерение генеральных директоров увеличить расходы на цифровые решения и ИТ неизбежно влечет повышение расходов на ИБ.
https://www.gartner.com/smarterwithgartner/ceos-see-growth-in-2021-marked-by-3-shifts/
https://www.gartner.com/smarterwithgartner/ceos-see-growth-in-2021-marked-by-3-shifts/
Gartner
Gartner CEO Survey Shows Most Expect Growth in 2021
The 2021 Gartner #CEO Survey, with responses from 465 global #business leaders, shows where CEOs are placing their growth bets this year. Read more from @Gartner_inc.
Forwarded from Пост Лукацкого
Интересный обзор новой стратегии США кибербезопасности - https://t.co/B7SchxQknr pic.twitter.com/CGDntQcaBA
— Alexey Lukatsky (@alukatsky) May 20, 2021
— Alexey Lukatsky (@alukatsky) May 20, 2021
Опасный прецедент перевода реальных атак в ответ на кибератаки.
#secactor
https://therecord.media/israel-bombed-two-hamas-cyber-targets/
#secactor
https://therecord.media/israel-bombed-two-hamas-cyber-targets/
therecord.media
Israel bombed two Hamas cyber targets
Amid the recent flareup in the Israel-Palestine conflict, the Israeli military said it bombed two objectives in the Gaza Strip that housed centers for Hamas cyber operations.
Forwarded from SecurityLab.ru (SecurityLab news)
Одна из крупнейших в США страховых компаний CNA заплатила хакерам $40 млн за восстановление доступа к своим сетям после атаки вымогательского ПО.
https://www.securitylab.ru/news/520430.php
https://www.securitylab.ru/news/520430.php
t.me
Страховой гигант CNA заплатил кибервымогателям $40 млн
Как показало внутреннее расследование CNA, группировка Phoenix не попадает под действие санкций правительства США.
Постер по аваренесу от Санс.
https://www.sans.org/security-resources/posters/leadership/security-awareness-roadmap-managing-human-risk-385/
https://www.sans.org/security-resources/posters/leadership/security-awareness-roadmap-managing-human-risk-385/
www.sans.org
SANS Institute
Computer security training, certification and free resources. We specialize in computer/network security, digital forensics, application security and IT audit.