NIST Cybersecurity Framework – РИСК-АКАДЕМИЯ – АНО ДПО ИСАР

How to get an A+ in cybersecurity now that schools are back in session

riskacademy — Thu, 19 Nov 2020 21:46:25 +0000

Students will be spending significantly more time on their computers throughout the fall, increasing the risk of cyber threats such as phishing and Zoom bombing.

Courtesy of BigStock.com — Copyright: Prasit Rodphan

The world has changed dramatically since the advent of COVID-19. This change is visible when we see people wearing masks and abiding by the six-foot distancing rule, restaurant signs advertising takeout service, and plexiglass shields at checkout counters. Because fewer folks are out and about and we’re staying further apart, life may seem sleepier than it was in the “before” time. However, what happens behind closed doors these days is often much more chaotic.

Many of us are now working from home. As if that is not difficult enough, a fair share of the new remote workforce is trying to get the job done with their children in the house. The back-to-school season has recently brought an added twist to this dynamic. Now home office work and virtual learning are all taking place under one roof. Of course, the challenges this creates are not solely within the four walls of our homes – online students also make us more vulnerable to hackers.

Months ago, when the…

Supply Chain Cybersecurity: What You Need to Consider

riskacademy — Sat, 24 Oct 2020 18:08:23 +0000

As companies and organizations evaluate their attack surface, they know to look at their own systems and infrastructure to defend against threats and manage vulnerabilities. However, what about their critical partners and the supply chain? With up to 80% of cyber-attacks now beginning in the supply chain, breaches at even the smallest vendors can have big consequences for enterprise level operations. The problem of supply chain cybersecurity has become so pressing that the United States Department of Defense is rolling out the Cybersecurity Maturity Model Certification (CMMC) as a means to help secure the defense industry. Prime contractors and subcontractors will have to achieve CMMC compliance to do business as part of a DoD contract. The Primes are also expected to take a greater responsibility to ensure that subcontractors are implementing the appropriate security practices and compliance with the DoD standard.

One problem in securing the supply chain is where the organizational responsibility lies. Many different departments of an enterprise work with the supply chain and other critical partners, but there’s no one person or team held accountable.

Corporate legal may…

The importance of a cybersecurity framework | 2020-10-01

riskacademy — Mon, 05 Oct 2020 17:21:23 +0000

The importance of a cybersecurity framework | 2020-10-01 | Security Magazine

Get to Know the Standards Advancing Cybersecurity | 2020-09-11

riskacademy — Fri, 11 Sep 2020 05:39:39 +0000

Get to Know the Standards Advancing Cybersecurity | 2020-09-11 | Security Magazine

Harmonize FinServ Cybersecurity Standards with the Financial Sector Cybersecurity Profile

riskacademy — Sun, 23 Aug 2020 14:57:42 +0000

The Financial Services Sector (FSSCC) Cyber Security Profile is one of the critical pieces of information used for proving compliance across a host of standards necessary of financial institutions of all types, financial services companies, financial firms, and their third-party providers. In 2018, a survey showed that CISOs in the financial services sector spent 40% of their time, and their teams’ time reconciling various cybersecurity and regulatory frameworks instead of focusing on cybersecurity needs. This time spent was because each regulation has its own standards for institutions to follow for their cybersecurity initiatives resulting in a segmented approach to compliance with various regulatory standards. As such, the Financial Services Sector Coordinating Council developed the Financial Services Sector Cybersecurity Profile to unify CISOs and practitioners’ efforts to maintain and improve their compliance activity.

The FSSCC Cybersecurity Profile uses a cybersecurity risk management-based approach, very similar to the NIST Cybersecurity Framework, from which it draws inspiration. One thing that separates the FSSCC from the NIST CSF is that the FSSCC is broken up…

4 Evolving Technology Areas Of Smart Cybersecurity

riskacademy — Mon, 06 Jul 2020 02:23:56 +0000

Motion blur. Abstract technology and cyber space environment 3D render

Getty

The surge in digital connectivity and more sophisticated cyber-threats has promulgated the need for smart cybersecurity. Smart Cybersecurity is a logical reaction to try to manage risk by lessening security gaps often posed by reliance on manual processes that are impacted by a continual cybersecurity skills shortage and the administrative burdens of data security management.

Despite the challenges, there is promise for reducing dependence on humans and bolstering cybersecurity capabilities. A myriad of evolving cognitive technologies can help us enhance cybersecurity and navigate the increasingly malicious and disruptive cyber threat landscape. They include:

• Artificial Intelligence

• Machine Learning

• Automated and Adaptive Networks:

• Super-Computing

Artificial intelligence (AI): Gartner describes AI as a “technology that appears to emulate human performance typically by learning, coming to its own conclusions, appearing to understand complex content, engaging in natural dialogs with people, enhancing…

Cybersecurity risk abounds. HDR introduces how to fix mission critical problems …

riskacademy — Tue, 19 May 2020 15:13:11 +0000

Cybersecurity risk abounds. HDR introduces how to fix mission critical problems of traditional cybersecurity methods with 21st century quantitative techniques and produce measurably improved outcomes. https://hubbardresearch.com/shop/webinar-measure-anything-cybersecurity-risk/

Присоеденяйтесь к официальной группе ИСАР в Facebook