CISA: Dams Sector Waterside Barriers Guide

This guide was developed to assist dam owners and operators in understanding the possible need for waterside barriers as part of their overall security plan. It provides them and security personnel with a cursory level of information on barriers and their use, maintenance considerations, and...

CISA: February 2015/1st Edition - Facility Security Plan: an Interagency Security Committee Guide

System About Files News Vote Help | Services API Advertise Contact | Account Join Login ---|---|---...

Microsoft Does Damage Control With Its New 'Secure Future Initiative'

Following a string of serious security incidents, Microsoft says it has a plan to deal with escalating threats from cybercriminals and state-backed hackers...

The War on Passwords Enters a Chaotic New Phase

The transition from traditional logins to cryptographic passkeys is getting messy. But don’t worry—there’s a plan...

Adopting a Zero Trust approach throughout the lifecycle of data

Instead of believing everything behind the corporate firewall is safe, the Zero Trust model assumes breach and verifies each request as though it originates from an uncontrolled network. Regardless of where the request originates or what resource it accesses, Zero Trust teaches us to “never trust...

3 Guideposts for Building a Better Incident-Response Plan

The COVID-19 pandemic has highlighted the pressing need for security organizations to implement a structured, detailed and well-practiced incident-response plan. While the walls of organizations have extended from corporate offices to employee living rooms, security-control effectiveness has...

Top Security and Data Privacy Regulations for Financial Services

Regulatory compliance has become an increasingly more important part of the financial services industry in recent years. And it’s a trend that’s likely to continue due to the upsurge in cloud computing, the use of mobile applications, and a shift to IoT devices, all of which are driving exponenti...

Top Tips For Home Cybersecurity And Privacy In A Coronavirus-Impacted World (Part 2)

The past few months have seen radical changes to our work and home life under the Coronavirus threat, upending norms and confining millions of American families within just four walls. In this context, it’s not surprising that more of us are spending an increasing portion of our lives online. But...

IBM Data Risk Manager Authentication Bypass / Command Injection / File Download Exploit

IBM Data Risk Manager suffers from authentication bypass, command injection, insecure default password, and arbitrary file download vulnerabilities. Multiple Vulnerabilities in IBM Data Risk Manager By Pedro Ribeiro email protected from Agile Information Security Disclosure Date: 21/04/2020 | Las...

Changing the Monolith—Part 3: What’s your process?

In my 25-year journey, I have led security and privacy programs for corporations and provided professional advisory services for organizations of all types. Often, I encounter teams frantically running around in their own silos, trying to connect the dots and yet unsure if those are the right dot...

IRS Security Summit Series for Tax Professionals: Create a Data Theft Recovery Plan

The fifth and final step in the Internal Revenue Service IRS Security Summit series for tax professionals is creating a data theft recovery plan. IRS issued a news release highlighting the importance of understanding the risks posed by national and international cybersecurity criminal syndicates,...

IRS Reminds Tax Professionals: Create a Data Security Plan

The Internal Revenue Service IRS has issued a news release reminding professional tax preparers that they are required by law to have a written data security plan. Creating and maintaining a data security plan ensures that tax professionals are reviewing their data security protections and...

A Plan to Stop Breaches With Dead Simple Database Encryption

Database giant MongoDB has a new encryption scheme that should help slow the scourge of breaches...

RSA 2010: Howard Schmidt Lays Out U.S. Security

The nation’s new cybersecurity czar in a Town Hall meeting session here today mapped out his top priorities in the post and provided a glimpse at how the Obama administration may handle security issues with other countries. National cybersecurity coordinator Howard Schmidt also announced that the...