Why health care cybersecurity is in ‘critical condition’

The Parallax

government-sponsored Health Care Industry Cybersecurity Task Force delivered more than 100 recommendations to the Department of Homeland Security to make medical technology more resistant to hackers. READ MORE FROM ‘NO PANACEA FOR MEDICAL CYBERSECURITY’.

Triaging modern medicine’s cybersecurity issues

The Parallax

Hackers often talk about practicing good “cybersecurity hygiene” : making sure that basic standards, such as using unique passwords for each log-in, are met. ”—Jacki Monson, chief privacy and information security officer, Sutter Health. READ MORE ON MEDICAL SECURITY.

Georgia bill could stifle the state’s booming cybersecurity community

The Parallax

A new bill winding its way through the Georgia state senate has cybersecurity experts on alert. As Senate Bill 315 is currently written, academics and independent security researchers alike could be subject to prosecution in Georgia alongside malicious hackers.

Cybersecurity Style Guide helps you write like a hacker

The Parallax

The Bishop Fox Cybersecurity Style Guide , published last week , was developed over the last year and a half to fill a vacuum, says its lead editor, Brianne Hughes. My real goal was to bridge the gap between people who are writing in security, and the people who have to read that.”.

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

THE BASICS: Single Sign-On, Security Integration. As more users have relevant information at their ingertips to book lights, purchase. to update information from within the. Flexible Security Application teams have already invested. security model and setting up diferent.

6 cybersecurity trends we’re thankful for

The Parallax

You might think of cybersecurity professionals as tech’s collective “ watchers on the wall ”—the guardians who let you know when doom is coming. Here are six things on the cybersecurity and privacy front we’re glad that organizations are helping consumers become more aware of than ever before.

Trends 179

Context Conversations preview: Election security

The Parallax

When it comes to election security, it’s hard not to think of the United States as a proverbial dumpster fire. And while some states are taking steps to secure their voting processes, many are not. Why current funding to secure U.S.

The 10th Cyber & Information Security Research (CISR) Conference at Oak Ridge Tn, 7-9 April 2015

CTOvision

The 10th Cyber & Information Security Research (CISR) Conference, 7-9 April 2015, will be held at the Conference Center, 2nd Floor, Building 5200, Oak Ridge National Laboratory, Oak Ridge, Tennessee. The conference brings together cyber security researchers, program managers, decision makers, security vendors, and practitioners to discuss many challenging tasks and novel solutions pertaining to cyber security. By Charles Hall.

Getting Started with Cloudera’s Cybersecurity Solution

Cloudera Engineering

A quick conversation with most Chief Information Security Officers (CISOs) reveals they understand they need to modernize their security architecture and the correct answer is to adopt a machine learning and analytics platform as a fundamental and durable part of their data strategy.

Israel’s cybersecurity industry is a unicorn. Here’s why

The Parallax

Fewer attendees, perhaps, expected him to reference the Hollywood action movies of Jean-Claude van Damme, who happened to be sitting in the front row for the highest-profile speech of Israel’s largest cybersecurity conference. Cybersecurity is a true blood sport,” Netanyahu quipped.

Red Owl Analytics: Enabling information security and compliance teams to proactively tackle insider risk

CTOvision

Red Owl Analytics is a highly regarded provider of a software solution that enables security and compliance teams to proactively tackle their most pressing problem-- insider risk. Guy finished his Army career as a special assistant to the Director of the National Security Agency.

How to Package and Price Embedded Analytics

With this approach, you turn features off and on through visibility controls, conditional logic, and your application’s security model. You need to be able to use your existing security. leveraging adaptive security models >. security • Dashboards • Widgets • Pages • Tables.

Kubernetes user? Drop everything and patch NOW

TechBeacon

The Kubernetes project has disclosed a super-critical security bug that’s in every supported version (and probably loads of unsupported ones, too).

.Net 85

In the gig economy, a cybersecurity divide

The Parallax

Not likely , but those questions go to the heart of the tension between the gig economy and cybersecurity. Because the companies they contract with aren’t communicating or enforcing best security practices as intensely.

Things To Do Right Now About Your Cybersecurity Workforce Crisis

CTOvision

Intel Security has released Hacking the Skills Shortage , a report revealing the current cybersecurity workforce crisis. The shortage in cybersecurity skills has done measurable damage to companies. Additional key findings of the survey include: 82% of respondents reported a shortage of cybersecurity skills. 9 out of 10 respondents say that cybersecurity technology could help compensate for skill shortages. Bob Gourley.

2017 in cybersecurity and privacy news

The Parallax

From rampant ransomware to the Equifax breach to geopolitical machinations, it’s hard not to be a cynic about the past 12 months of security and privacy news. And not all federal cybersecurity decisions this year were necessarily harmful to consumers.

Whitelisting, blacklisting, and your security strategy: It's not either-or

TechBeacon

Security, Information Security, Information Security (Info Sec Windows vs. Mac. AWS vs. Azure. Kubernetes vs. Swarm. If you work in IT, these are some of the big decisions you may need to make at one point or another in your career.

Azure 41

5 Early Indicators Your Embedded Analytics Will Fail

application admins say it’s a pain to manage security settings in two different places.” When we need to update the information in the dashboard, we don’t like having to leave. Updating your application’s dashboards and reporting features. may feel optional—until suddenly it’s not.

Panera Bread’s feckless security puts consumers at risk

The Parallax

Security researcher Dylan Houlihan says he notified Panera Bread, a chain of more than 2,000 stores in the United States, of a website vulnerability in August 2017. How to attack security issues like Google and Microsoft just did.

Securing voting machines means raising funds

The Parallax

When the Senate failed to move the Secure Elections Act forward in August because of White House concerns over states’ rights , coupled with funding concerns, the United States lost its best chance this year of taking steps toward patching voting machines. Why current funding to secure U.S.

Software Defined Perimeter, Cloud Security Alliance: Coca-Cola Case Study

CTOvision

One of the many topics coved at the event was software defined perimeter and cloud security alliance. Next Steps for the Cybersecurity Framework (vormetric.com). On September 30 th Sierra Ventures hosted their 9th CIO summit in Palo Alto, CA.

Scale and Speed with Cyber Security

CTOvision

Dealing with the scale that the internet can deliver, has unfortunately left us with a series of other non-optimal cyber security approaches and solutions. In cybersecurity we’re have a hard time dealing with scale. Out of all the problems to deal with subverting bureaucracy to enable security scaling is the hardest. All three when synchronized create strong feedback loops and learning curves for the enterprise leading to a strengthened cyber security posture.

Why “Build or Buy?” Is the Wrong Question for Analytics

What’s more, they gain the security of working with. informed decisions. workflows and security models. WHY “BUILD OR BUY?” IS THE WRONG QUESTION FOR ANALYTICS Introduction.1 When to Build Your Own Analytics. 2 When to Buy a Bolt-On Solution. 6 When to Take a Combined Approach.

Mueller’s indictment of election hackers a cybersecurity ‘wake-up call’

The Parallax

As Dave Aitel, former NSA cybersecurity analyst and the current chief security technical officer of cybersecurity company Cyxtera tells The Parallax, the details of the indictment indicate the high level of confidence the Justice Department has in its charges. Regardless of U.S.

Smart Cities Cybersecurity Challenge

CTOvision

Smart Cities will become a full-scale cyber war battleground unless Congress mandates cybersecurity. Big Data and Analytics Cloud Computing CTO Cyber Security Cyber War Government Cyberwar smart cityThe biggest danger in Smart Cities is the assumption that IoT sensors communicating over a 5G fabric to Machine Learning and Blockchain systems will be safe from cyberattacks. To the contrary Smart Cities suffer from all the cyber vulnerabilities we have today [.].

NSA leader to hackers: Cybersecurity’s a team sport

The Parallax

LAS VEGAS—It wasn’t so long ago that DefCon attendees enthusiastically engaged in the conference pastime “ Spot the Fed ”—clearly separating themselves from employees of federal organizations like the National Security Agency, if not demonizing them. Cybersecurity really is a team sport.

Sport 163

Security chatbot empowers junior analysts, helps fill cybersecurity gap

Kacy Zurkus - CSO Online

The alarming number of unfilled jobs in information security has many leaders in the industry wondering how to solve the manpower problem. Awareness is part of the problem — in that the pipelines aren't getting filled fast because many young people don't know about jobs in security. A second problem of awareness, though, is the inherent problem in a majority of security operation centers (SOCs) — programming language.

The 5 Levels of Analytics Maturity

relationship between applications and analytics by adding single sign- on security, co-presentation of content, and eventually workflow. At Level 1, Bolt-On Analytics, the addition of security integration provides single sign-on functionality. to information.

The Bill Codifying The New Cybersecurity and Infrastructure Security Agency Is Short and Sweet

CTOvision

The Cybersecurity and Infrastructure Security Agency (CISA) was created out of several existing organizations within the DHS. CTO Cyber Security NewsThe nation has a new federal agency. The CISA was codified by a law signed by the President on 16 November 2018. I read what DHS said about CISA (see more here). Then thought I should spend a […].

Join Women in Cybersecurity This Week in Dallas

CTOvision

Women in Cybersecurity (WiCyS) is hosting its third annual Women in Cybersecurity event on March 31 through April 2 at the Hyatt Regency DFW International Airport. WiCyS continues to innovatively expand its mission to bring together women in cybersecurity from academia, research and industry. Any individual or organization interested in supporting recruiting and retention efforts for women in cybersecurity is encouraged to participate. Find more information here.

Open source the secret sauce in secure, affordable voting tech

The Parallax

SAN FRANCISCO—The fastest, most cost-effective way to secure direct-record electronic voting machines in the United States, according to cybersecurity experts, is to stop using them. Experts disagree on how to secure absentee votes. Why current funding to secure U.S.

Prepare for The Cyber Threat : What Executives Need to Know to Manage Risk

CTOvision

Cybersecurity is one of the most high-profile topics for organizations today and one of their biggest sources of risk. Conducting a holistic review of the organization to identify areas of vulnerability and improve network security is a proactive measure that no organization should overlook.

Iterate Your Way to a Top Analytics Product Experience

Speaker: Richard Cheng, Associate Product Manager, Mark43

To fix traditionally paper-heavy and error-prone processes, they needed a secure and easy-to-use product experience that simplified and unified crime data collection and management. Mark43 is on a mission to bring public safety data management into the 21st century.

Primer: The next act for security theater

The Parallax

The day after DefCon concluded this year, a prominent cybersecurity researcher and hacker known as the brain behind hacks featured on hit TV show Mr. Robot offered his resignation as the head of its security operations. Why are Androids less secure than iPhones? Security theater.

Hotels 175

Lessons from the Synergy Forum: Affordability of Cybersecurity & Risk Management

CTOvision

Technology and Emerging Concepts for Enhanced Cybersecurity , the forum’s first panel discussion, consisted of David Bray, Brian Carrier, Peter Fonash, and Dean Hall, who collectively identified many of the growing opportunities and challenges in the cyber arena.

Phraudsters put the lock on phishing. Is it Google's fault?

TechBeacon

Security, Security Blogwatch, Information Security (Info Sec How do you protect your users against phishing? Do you teach them how to avoid phake sites?

What You Need To Know About The Administration’s Cybersecurity National Action Plan

CTOvision

The Whitehouse released a plan on 9 Feb 2016 that should be read and understood by cybersecurity professionals everywhere. As for the plan, here are the key points, taken from the Factsheet titled " Cybersecurity National Action Plan ": The plan calls for establishing a "Commission on Enhancing National Cybersecurity." The plans calls for the creation of a federal chief information security officer. Bob Gourley.

AWS finally adds default privacy setting to S3 buckets

TechBeacon

Security, Security Blogwatch, Data Security, Information Security (Info Sec Finally! Amazon Web Services is tackling the public bucket problem.

AWS 62

How symlinks pwned Kubernetes (and how we fixed it)

TechBeacon

Security, Application Security, Application Security (App Sec), Kubernetes, Containerized Architecture, Information Security (Info Sec Michelle Au, software engineer at Google, co-wrote this article.

Update On The Megatrend of Cybersecurity

CTOvision

In this post we dive deeper into the trend of enhanced Cybersecurity. We can make a prediction with absolute certainty: In the future, cybersecurity will be like watching a rodeo. If the executive team does not really care, the security program will be sub-optimized. Bob Gourley.

2018 Goal: Re-position Cybersecurity As An Enabler

CTOvision

As long as cybersecurity is viewed as a pain, it’ll never be integrated into the fabric of an organization. Fortunately, there have been significant advances in cloud-based security services that enable new ways to embed cybersecurity into enterprise services people want. CTO Cyber Security Mobile News cybersecurity

Cloud 80

There is no longer any such thing as Computer Security

Coding Horror

Remember "cybersecurity"? security-facabook.com. They were working with IT and security professionals. Work emails were protected by two-factor authentication, a technique that uses a second passcode to keep accounts secure. If it's SMS, it's not secure, period.

Security

Planbox

Security, Trust and Privacy @ Planbox. Data encryption in transit and at rest Encrypted full backup every 24 hours Full data privacy and GDPR protection Multi-layered security approach Daily vulnerability scans and regular penetration tests Enterprise, social and native Identity Management Compliance with industry standards and regulations SAML 2.0 SSO for Enterprise customers Security. Systems Security. Creating, modifying and assigning security roles.