How can programs aimed at K-12 students encourage more kids to consider cybersecurity as a career? Watch the webinar recording now!
This interactive webinar is designed for educators and professionals who want to learn from cybersecurity professionals who have developed engaging STEM events to get kids excited about cybersecurity as a possible career. The panelists will share examples of successful events and activities that they have led with K-12 students for over a decade, many of which you can duplicate in your own community.Read More
“The abundance of technology investments gives firms a false sense of confidence in their security posture. Their challenges reveal a different story,” said the report. Security executives currently employ a variety of tools and technologies to identify risks and test the effectiveness of their security controls. As a result, they are left with point-in-time assessments that require them to cobble together data from disparate systems to truly understand the organisation’s security posture. This approach is reactive, labour-intensive, and insufficient in scale, explained the report. [via CI Security 9/30/19]
[via CI Security] “The National Critical Functions construct provides a risk management approach that focuses on better understanding the functions that an entity enables or to which it contributes, rather than focusing on a static sector-specific or asset world view. This more holistic approach is better at capturing cross-cutting risks and associated dependencies that may have cascading impact within and across sectors. It also allows for a new way to view criticality, which is linked to the specific parts of an entity that contribute to critical functions. By viewing risk through a functional lens, we can ultimately add resilience and harden systems across the critical infrastructure ecosystem in a more targeted, prioritized, and strategic manner.”
Every organization must face and deal with cyber risk associated with Internet of Things (IoT) devices connecting to other systems and the extended enterprise network. I had the privilege of leading a group of about 50 information security professionals in a Peer-to-Peer session at RSA Conference on March 6, 2019, and I learned that this problem is pervasive across all industries. Read More
FBI Warns of HiatusRAT Malware Targeting Webcams and DVRs
Hackers are exploiting security weaknesses in devices like Hikvision cameras and D-Link devices as many vendors haven’t addressed critical vulnerabilities like CVE-2017-7921 (Hikvision cameras), CVE-2020-25078 (D-Link…
Cyber Storm IX, the ninth iteration of the drills, was the first that the agency had invited the ministry to participate in. The exercises involved 2,200 participants from 11 countries simulating major cyberattacks, testing…
Phishers Spoof Google Calendar Invites in Fast-Spreading, Global Campaign
The campaign, discovered by researchers at Check Point Software, relies on modified "sender" headings to make emails appear as if they were sent via Google Calendar on behalf of a legitimate entity, such…
![[1/2] Docent Institute Chicago Security Speakeasy with 60 guests for drinks and dinner at the oldest private club in Chicago. A wonderful venue for a formal pre-holiday party and charity fundraiser. Thanks to my friends for making it possible, as members of this exclusive club!](https://johndjohnson.com/wp-content/plugins/instagram-feed/img/placeholder.png)