Jun 28 2020

Apple strong-arms entire CA industry into one-year certificate lifespans

Category: cyber securityDISC @ 11:18 pm

Apple, Google, and Mozilla reduce the lifespan for HTTPS certificates to 398 days, against the wishes of Certificate Authorities. A decision that Apple unilaterally took in February 2020 has reverberated across the browser landscape and has effectively strong-armed the Certificate Authority industry into bitterly accepting a new default lifespan of 398 days for TLS certificates.

Following Apple’s initial announcement, Mozilla and Google have stated similar intentions to implement the same rule in their browsers.

Starting with September 1, 2020, browsers and devices from Apple, Google, and Mozilla will show errors for new TLS certificates that have a lifespan greater than 398 days.

Source: Apple strong-arms entire CA industry into one-year certificate lifespans | ZDNet

How does HTTPS work? What’s a CA? What’s a self-signed Certificate?
httpv://www.youtube.com/watch?v=T4Df5_cojAs





Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

DISC InfoSec 🔒 securing the business 🔒 via latest InfoSec titles

Tags: Cert Authority, Cert Lifespan

Jun 27 2020

Good Cyber Hygiene in a Post-Pandemic World Starts with Us

Category: cyber security,Security vulnerabilitiesDISC @ 1:00 pm

Three ways that security teams can improve processes and collaboration, all while creating the common ground needed to sustain them.

Source: Good Cyber Hygiene in a Post-Pandemic World Starts with Us

Cyber ‘hygiene’ could resolve 90% of cyber attacks | FT Business Notebook
httpv://www.youtube.com/watch?v=3Qm0NgDBR3w

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

Jun 23 2020

A daily average of 80,000 printers exposed online via IPP

Category: cyber security,data securityDISC @ 1:39 pm

Experts found tens of thousands of printers that are exposed online that are leaking device names, organization names, WiFi SSIDs, and other info.

Source: A daily average of 80,000 printers exposed online via IPP

Exploiting Network Printers
httpv://www.youtube.com/watch?v=DwKzSO4yA_s

How To Hack A Printer And See All Documents Printed
httpv://www.youtube.com/watch?v=6JFP_gUIZZY

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Take an awareness quiz to test your basic cybersecurity knowledge

Jun 16 2020

CyberSecurity Awareness Quiz

Category: cyber security,Security AwarenessDISC @ 2:16 pm

Take an InfoSec awareness quiz to test your basic cybersecurity knowledge







Would like to know more on InfoSec Awareness…

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Jun 16 2020

Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found

Category: Cyber Attack,Cyber Espionage,Cyber resilience,cyber security,Cyber Threats,Cyber War,CybercrimeDISC @ 10:19 am

The publication of ‘Vault 7’ cyber tools by WikiLeaks marked the largest data loss in agency history, a task force concluded.

The theft of top-secret computer hacking tools from the CIA in 2016 was the result of a workplace culture in which the agency’s elite computer hackers “prioritized building cyber weapons at the expense of securing their own systems,” according to an internal report prepared for then-director Mike Pompeo as well as his deputy, Gina Haspel, now the current director.

Source: Elite CIA unit that developed hacking tools failed to secure its own systems, allowing massive leak, an internal report found.

Wikileaks Vault 7: What’s in the CIA Hacking Toolbox?
httpv://www.youtube.com/watch?v=X45Bb8O-gMI

CIA Hacking Tools Released in Wikileaks Vault 7 – Threat Wire
httpv://www.youtube.com/watch?v=5LYSjLwkAo4

Download a Security Risk Assessment steps paper!

Download a vCISO template

Take an awareness quiz to test your basic cybersecurity knowledge

Subscribe to DISC InfoSec blog by Email

Jun 06 2020

5 principles for effective cybersecurity leadership in a post-COVID world

Category: cyber security,Security Risk AssessmentDISC @ 6:32 pm

 

As more people work from home due to COVID-19, cybersecurity operations are facing tremendous challenges. These five principles can help Chief Information Security Officers (CISOs) and cybersecurity leaders ensure effective business continuity in the “new normal.”

Source: 5 principles for effective cybersecurity leadership in a post-COVID world

7 Security Risks and Hacking Stories for Web Developers
httpv://www.youtube.com/watch?v=4YOpILi9Oxs

Download a Security Risk Assessment steps paper!

Download a vCISO template

Subscribe to DISC InfoSec blog by Email

Tags: COVID-19, worrisome risks

May 02 2020

10 Steps to Cyber Security

Category: cyber securityDISC @ 12:17 am

[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/05/10-Steps-to-Cyber-Security.pdf” title=”10 Steps to Cyber Security”]

10 Steps to Cyber Security pdf


Free Download Cybersecurity For Dummies Cheat Sheet

10 steps to improve your online security and stop hackers
httpv://www.youtube.com/watch?v=H3XpuDN4Tsc

10 Steps To Becoming An Elite Cyber Security Pro Hacker
httpv://www.youtube.com/watch?v=YbUFjeHeY6A

Full Ethical Hacking Course – Network Penetration Testing for Beginners
httpv://www.youtube.com/watch?v=3Kq1MIfTWCE

Subscribe to DISC InfoSec blog by Email

Apr 27 2020

Cyber Security Planning Guide

Category: cyber securityDISC @ 11:54 am

Cyber Security Planning Guide

Open a PDF file The best practice guide for an effective infoSec function.



Guide to Developing a Cybersecurity Strategy & Roadmap
httpv://www.youtube.com/watch?v=TGPHB2wq-IQ






Subscribe to DISC InfoSec blog by Email

Apr 26 2020

Blue Team Cheat Sheets

Category: Blue team,Cheat Sheet,cyber security,HackingDISC @ 3:47 pm
Blue-Team-Tools-Ethical-Hackers-Academy-1Download

Cyber Security Fundamentals: What is a Blue team?

Open a PDF file The best practice guide for an effective infoSec function.

Blue Team Cheat Sheets

Blue-Team-Cheat-SheetsDownload

Subscribe to DISC InfoSec blog by Email

Tags: Blue team, Red team

Apr 26 2020

CyberSecurity for Dummies

Category: cyber security,Information SecurityDISC @ 12:22 am

CyberSecurity for Dummies

Open a PDF file The best practice guide for an effective infoSec function.

 
Introduction to Cybersecurity
httpv://www.youtube.com/watch?v=ULGILG-ZhO0

What You Should Learn Before Cybersecurity




Subscribe to DISC InfoSec blog by Email




Apr 25 2020

Preparing a Secure Evolution to 5G

Category: cyber security,Information Security,Wi-Fi SecurityDISC @ 12:23 pm

5G CYBERSECURITY

Preparing a Secure Evolution to 5G

[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/04/5G-CYBERSECURITY.pdf” title=”5G CYBERSECURITY”]



Tech Talk: 5G Security
httpv://www.youtube.com/watch?v=7ETDxh2d2sU

Security of 5G networks: EU Member States complete national risk assessments
httpv://www.youtube.com/watch?v=O_Jt9wp9FDc

Bye bye privacy with 5G
httpv://www.youtube.com/watch?v=a0359OG6CyY




Subscribe to DISC InfoSec blog by Email




Tags: 5G privacy, 5G security

Jan 03 2020

The Cybersecurity Guide For Leaders in Today’s Digital World

Category: cyber securityDISC @ 10:55 am

The Cybersecurity Guide For Leaders in Today’s Digital World – World Economic Forum

[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/01/WEF_Cybersecurity_Guide_for_Leaders.pdf”]


The best practice guide for an effective infoSec function

Practice Guide

Open a PDF file The Cybersecurity Guide For Leaders in Today’s Digital World.




Annual Meeting on Cybersecurity 2019 | Enabling Leadership for a Secure Digital Future | World Economic Forum


Cybersecurity in a Digital World. The Future is Bright
httpv://www.youtube.com/watch?v=Tu1dkliqpHQ






Subscribe to DISC InfoSec blog by Email




Oct 16 2019

CyberSecurity for Digital Operations

Category: cyber security,data securityDISC @ 1:09 pm

DigitalSecurity

 
This report examines the general state of security within business today, exploring the hurdles that are preventing companies from an ideal security posture and suggesting the steps that can lead to improved security in the digital economy.

As the technology industry enters the next phase of maturity, there are more questions about the implications of emerging trends operating on a global scale. Aside from social impact ramification, utmost reliance on digital data and the sweeping collection of personal information are highlighting the critical nature of information security and privacy.

Digital Transformation: From AI and IoT to Cloud, Blockchain, and Cybersecurity | MIT PE
httpv://www.youtube.com/watch?v=NwwazhND9BA

Inside the CenturyLink Security Operations Center: Securing Your Digital Business
httpv://www.youtube.com/watch?v=_UyhYPOnNcY

The Convergence (and Divergence) of IT and OT Cyber Security


Subscribe to DISC InfoSec blog by Email




Oct 14 2019

The best practice guide for an effective infoSec function

Category: cyber security,Information Security,ISO 27k,NIST CSF,Risk AssessmentDISC @ 10:48 am

Building ISMS

The best practice guide for an effective infoSec function: iTnews has put together a bit of advice from various controls including ISO 27k and NIST CSF to guide you through what’s needed to build an effective information security management system (ISMS) within your organization.

This comprehensive report is a must-have reference for executives, senior managers and folks interested in the information security management area.

 

Practice Guide

Open a PDF file The best practice guide for an effective infoSec function.

How to Build a Cybersecurity Program based on the NIST Cybersecurity Framework
httpv://www.youtube.com/watch?v=pDra0cy5WZI

Beginners ultimate guide to ISO 27001 Information Security Management Systems
httpv://www.youtube.com/watch?v=LytISQyhQVE

Conducting a cybersecurity risk assessment


Subscribe to DISC InfoSec blog by Email




Tags: isms

Aug 18 2019

State of Cyber Security

Category: cyber securityDISC @ 3:59 pm

State of Cyber Security – 2019 Annual Report

A View from the Front Lines of Cybersecurity


 

Enter your email address:

Delivered by FeedBurner

DISC InfoSec 🔒 securing the business 🔒 Learn more




Jul 25 2019

Protecting Controlled Unclassified Information

Category: Cyber resilience,cyber securityDISC @ 12:04 am

Protecting Controlled  Unclassified Information 





CCPA: What You Need to Know About California’s New Privacy Law


CCPA Assessment:

A Roadmap to NIST 800-171 Compliance

DISC helps business owners in California to meet the new 2018 requirements of the CCPA and how to implement the National Institute of Standards and Technology’s (NIST) 800-171 cybersecurity framework. The roadmap is provided specifically to the CCPA either for a business, agency or organization that is required to meet this new State Law and describes both technical and administrative measures that will attain an acceptable level of compliance for State certifying officials. Assessment will include but not limited to compliance with policies and procedures, security strategy/plan, and plan of actions & milestones. The initial assessment will determine the as-is state of your data privacy program business, legal and regulatory requirements. DISC will provide a target state (to-be) which will include tech controls, mgmt. control, and ops control to build your data privacy program based on NIST 800-171. So basically the transition plan (roadmap) will enumerate the details of how to get from as-is state to to-be state.

DISC Cybersecurity consultant support business and agencies effectively to meet the 110 security controls in NIST 800-171 which has become the de facto standard for cybersecurity compliance. It ensures that security policies and practices of the framework meet the intent of CCPA. Adequate security is defined by ”compliance” with the 110 NIST 800-171 security controls.


NIST 800-171 Overview






Enter your email address:

Delivered by FeedBurner




Jul 19 2019

The Problem With the Small Business Cybersecurity Assistance Act

Category: cyber securityDISC @ 1:08 pm

Small Business Administration (SBA) Cyber Awareness Act (H.R. 2331)

The Small Business Cybersecurity Assistance Act may provide business owners with access to government-level tools to secure small business against attacks.

Source: The Problem With the Small Business Cybersecurity Assistance Act

The House passes Small Business Administration (SBA) Cyber Awareness Act (H.R. 2331), which requires the SBA to expand its ability to combat cyber threats.

Source: Small Business Cybersecurity: House Passes Key Bill – MSSP Alert

 

10 Cyber Security Tips for Small Business


9 Interesting Cybersecurity Statistics Everyone Should Know  




Tags: SBCAA

May 04 2019

Cyber Readiness Report 2019

Category: cyber security,Cyber WarDISC @ 7:32 pm

Cyber Readiness Report 2019 – By Hiscox





Mar 29 2019

Common Terms Used in Cyber Security by NCSC

Category: cyber securityDISC @ 1:29 pm

Common Terms Used in Cyber Security by NCSC


  • Cyber Security Awareness





    • Mar 04 2019

    RSAC 2019: 58% of Orgs Have Unfilled Cyber Positions | Threatpost

    Category: CISSP,cyber security,InfoSec jobsDISC @ 10:14 am

    The workforce and skills gap in cybersecurity continues to plague organizations.

    Source: RSAC 2019: 58% of Orgs Have Unfilled Cyber Positions | Threatpost

  • InfoSec Jobs
  • InfoSec Certs

    • Enter your email address:

    Delivered by FeedBurner




    « Previous PageNext Page »