7 matches found
The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD
Every conversation I have with information security leaders tends to land in the same place. People understand what matters. They know the frameworks, the controls, and the guidance. They can explain why identity security, patching, and access control are critical. And yet incidents keep happenin...
The security implementation gap: Why Microsoft is supporting Operation Winter SHIELD
Every conversation I have with information security leaders tends to land in the same place. People understand what matters. They know the frameworks, the controls, and the guidance. They can explain why identity security, patching, and access control are critical. And yet incidents keep happenin...
CISA, FBI, NSA, and Treasury Release Guidance on OSS in OT/ICS Environments
Today, CISA, the Federal Bureau of Investigation, the National Security Agency, and the U.S. Department of the Treasury released guidance on improving the security of open source software OSS in operational technology OT and industrial control systems ICS. In alignment with CISA’s recently releas...
The critical role of Zero Trust in securing our world
We are operating in the most complex cybersecurity landscape that we’ve ever seen. While our current ability to detect and respond to attacks has matured incredibly quickly in recent years, bad actors haven’t been standing still. Large-scale attacks like those pursued by Nobelium1 and Hafnium,...
NSA on the Future of National Cybersecurity
Glenn Gerstell, the General Counsel of the NSA, wrote a long and interesting op-ed for the New York Times where he outlined a long list of cyber risks facing the US. There are four key implications of this revolution that policymakers in the national security sector will need to address: The firs...
UK launches cyberstrategy with long-term relevance
Like most major global economies, the United Kingdom continues to place cybersecurity issues front and center. The National Cyber Security Strategy: 2016-2021 document—published by the UK Government and released nearly two years ago—describes the plan to make the UK secure and resilient in...
NIST Updates Cybersecurity Framework to Tackle Supply Chain Threats, Vulnerability Disclosure and More
Four years after the initial iteration was released, the National Institute of Standards and Technology NIST has released version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity. The framework was developed to be a voluntary, risk-based framework to improve cybersecurity...