Cyber Security Fundamentals: What is a Blue team?
Open a PDF file The best practice guide for an effective infoSec function.
Blue Team Cheat Sheets
Subscribe to DISC InfoSec blog by Email
Apr 26 2020
CyberSecurity for Dummies
CyberSecurity for Dummies
Open a PDF file The best practice guide for an effective infoSec function.
Introduction to Cybersecurity
httpv://www.youtube.com/watch?v=ULGILG-ZhO0
What You Should Learn Before Cybersecurity
Subscribe to DISC InfoSec blog by Email
Apr 25 2020
Preparing a Secure Evolution to 5G
5G CYBERSECURITY
Preparing a Secure Evolution to 5G
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/04/5G-CYBERSECURITY.pdf” title=”5G CYBERSECURITY”]
Tech Talk: 5G Security
httpv://www.youtube.com/watch?v=7ETDxh2d2sU
Security of 5G networks: EU Member States complete national risk assessments
httpv://www.youtube.com/watch?v=O_Jt9wp9FDc
Bye bye privacy with 5G
httpv://www.youtube.com/watch?v=a0359OG6CyY
Subscribe to DISC InfoSec blog by Email
Apr 20 2020
Q3 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]
Q3 2019 Top-Clicked Phishing Email Subjects from KnowBe4. Users continue to fall for LinkedIn, Facebook, and security-minded messages. See the full report!
Source: Q3 2019 Top-Clicked Phishing Email Subjects from KnowBe4 [INFOGRAPHIC]
This is what happens when you reply to spam email | James Veitch
httpv://www.youtube.com/watch?v=_QdPW8JrYzQ
How to Spot a Phishing Email I Fortune
httpv://www.youtube.com/watch?v=jfnA7UmlZkE
Anatomy of Scam Emails – How To Recognise A Phishing Scam Message
httpv://www.youtube.com/watch?v=3gpOM9c6mmA
Subscribe to DISC InfoSec blog by Email
Apr 14 2020
ISO 31000 and ISO 22301 available now for free to read
Because of the COVID-19 crisis, ISO enabled free access to ISO 22301, ISO 22395, ISO 22320, ISO 22316, and ISO 31000 standards – find the links here.
Source: ISO 31000 and ISO 22301 available now for free to read
ISO standards:
Subscribe to DISC InfoSec blog by Email
Apr 14 2020
Comprehensive open source free tools list
SANS Faculty has a comprehensive open source free tools available to support your information security career, training and research.
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/04/SANS-Free-tool-list.pdf” title=”SANS Free tool list”]
to download pdf for open source free tools list
Open Source Tools For Working Remotely From Home: pfsense, OpenVPN, Syncthing, and Nextcloud
httpv://www.youtube.com/watch?v=UHzAke2oyfo
Subscribe to DISC InfoSec blog by Email
Apr 03 2020
Coronavirus Business Continuity Management Bundle
#Coronavirus Business Continuity Management (#BCM) Bundle
Ensure your organisation can survive in the face of disaster; learn how to create and implement an effective business continuity plan.
#Coronavirus Business Continuity Management (#BCM) Bundle
Webinar: Business Continuity Management: Impact Analysis and Risk Assessment
httpv://www.youtube.com/watch?v=awLn7yZDKXs
Subscribe to DISC InfoSec blog by Email
Mar 25 2020
Threat Simulation Overview and Setup – Active Countermeasures
Intro: No software project is complete without testing. In this blog series, we’ll cover how to test if your Threat Hunting platform can detect common threats.[…]
Source: Threat Simulation Overview and Setup – Active Countermeasures
Why You Need Threat Hunting!
httpv://www.youtube.com/watch?v=sKQHJhd-YWE
Cyber Threat Hunting: Identify and Hunt Down Intruders
httpv://www.youtube.com/watch?v=60pyxA0U9EQ
Real-Time Threat Hunting – SANS Threat Hunting & Incident Response Summit 2017
httpv://www.youtube.com/watch?v=TTbZd0he94U
Detecting Malware Beacons with Zeek and RITA
httpv://www.youtube.com/watch?v=eETUi-AZYgc
Subscribe to DISC InfoSec blog by Email
Feb 21 2020
Hunting For Privilege Escalation in Windows Environment
Privilege Escalation FTW
httpv://www.youtube.com/watch?v=yXe4X-AIbps
Windows Privilege Escalation Techniques (Local)
httpv://www.youtube.com/watch?v=PC_iMqiuIRQ
Learn System Hacking E13: Windows 10 Privilege Escalation
httpv://www.youtube.com/watch?v=5Q6vEyLY7kY
Subscribe to DISC InfoSec blog by Email
Jan 29 2020
Tokenization vs. Encryption vs. Aliasing – How to Truly Minimize Compliance Risk
https://en.wikipedia.org/wiki/Tokenization_(data_security)
Source: Tokenization vs. Encryption vs. Aliasing – How to Truly Minimize Compliance Risk
The tokenization of things | Matthew Roszak | TEDxSanFrancisco
httpv://www.youtube.com/watch?v=Rto-earGcxg
Subscribe to DISC InfoSec blog by Email
Jan 19 2020
NIST Releases Version 1.0 of Privacy Framework
Source: NIST Releases Version 1.0 of Privacy Framework
Tool will help optimize beneficial uses of data while protecting individual privacy
The best practice guide for an effective privacy function
Practice Guide
Open a PDF file NIST Releases Version 1.0 of Privacy Framework
Developing the NIST Privacy Framework – Part 1
httpv://www.youtube.com/watch?v=W-snx9jRFf4
Developing the NIST Privacy Framework – Part 2
httpv://www.youtube.com/watch?v=gZ7ED0t09zk
Developing the NIST Privacy Framework – Part 3
httpv://www.youtube.com/watch?v=x6lTHu1VbiM
Subscribe to DISC InfoSec blog by Email
Jan 03 2020
The Cybersecurity Guide For Leaders in Today’s Digital World
The Cybersecurity Guide For Leaders in Today’s Digital World – World Economic Forum
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2020/01/WEF_Cybersecurity_Guide_for_Leaders.pdf”]
Practice Guide
Open a PDF file The Cybersecurity Guide For Leaders in Today’s Digital World.
Annual Meeting on Cybersecurity 2019 | Enabling Leadership for a Secure Digital Future | World Economic Forum
Cybersecurity in a Digital World. The Future is Bright
httpv://www.youtube.com/watch?v=Tu1dkliqpHQ
Subscribe to DISC InfoSec blog by Email
Dec 30 2019
Threat Modeling for Data Protection
Threat Modeling for Data Protection
When evaluating the security of an application and data model ask the questions:
- What is the sensitivity of the data?
- What are the regulatory, compliance, or privacy requirements for the data?
- What is the attack vector that a data owner is hoping to mitigate?
- What is the overall security posture of the environment, is it a hostile environment or a relatively trusted one?
Data When threat modeling, consider the following common scenarios:
Source: Threat Modeling for Data Protection
Threat Modeling in 2019
httpv://www.youtube.com/watch?v=ZoxHIpzaZ6U
Subscribe to DISC InfoSec blog by Email
Dec 19 2019
ISO/IEC 27701 2019 Standard and Toolkit
ISO/IEC 27701 is the international standard that serves as an extension to an ISO 27001/ ISO 27002 #ISMS (information security management system). It provides guidelines for implementing, maintaining, and continually improving a #PIMS (privacy information management system).
Develop a privacy information management system as an extension to your ISO 27001-conformant ISMS with ISO/IEC 27701. Supports GDPR compliance.
SECURITY TECHNIQUES — EXTENSION TO ISO/IEC 27001 AND ISO/IEC 27002 FOR PRIVACY INFORMATION MANAGEMENT SYSTEM #PIMS
Key features:
* The Standard includes mapping to the GDPR, ISO/IEC 29100, ISO/IEC 27018, and ISO/IEC 29151
* Integrates with other management system standards, including the information security standard, ISO/IEC 27001
* Provides PIMS-specific guidance for ISO/IEC 27002
* Specifies requirements and provides guidance for establishing, implementing, maintaining, and continually improving a PIMS
* Supports compliance with the GDPR and DPA 2018
* Provides guidance for data controllers and processors responsible for processing personal data
ISO 27701 Gap Analysis Tool
Achieve full compliance with ISO 27701:2019
The ISO 27701 Gap Analysis Tool has been created to help organizations identify whether they are meeting the requirements of the Standard and where they are falling short. Note that this tool assumes that you have a complete and functioning ISO 27001:2013 ISMS (information security management system).
It helps organizations prioritise work areas in order to expand an existing ISMS to take account of privacy. It also gives organizations direction, helping project managers identify where to start.
What does the tool do?
The tool is designed to work in any Microsoft environment. It does not need to be installed like software, and it does not depend on complex databases; it relies on human involvement.
ISO 27701 The New Privacy Extension for ISO 27001
httpv://www.youtube.com/watch?v=-NUfTDXlv30
Quick Guide to ISO/IEC 27701 – The Newest Privacy Information Standard
httpv://www.youtube.com/watch?v=ilw4UmMSlU4
General Data Protection Regulation (GDPR) | The California Consumer Privacy Act (CCPA)
Subscribe to DISC InfoSec blog by Email
Dec 15 2019
Global Threat Detection Report
2019 Global Threat Detection Report
via CrowdStrike
Practice Guide
Open a PDF file 2019 Global Threat Detection Report.
2019 Global Threat Report- The 1-10-60 Rule
httpv://www.youtube.com/watch?v=y70R2vUbvls
World Economic Forum Global Risks Report 2019
httpv://www.youtube.com/watch?v=kwQMsBWd-jo
“Threat Detection & Prevention” appliances
Subscribe to DISC InfoSec blog by Email
Dec 13 2019
Data Security Solutions for Fintech Startups
By Ena Kadribasic on Security
The fintech sector has brought consumers an endless stream of modern offerings that have enabled them to ditch several outdated banking and lending products.
Companies now have advanced B2B payment solutions at their fingertips, and online financial solutions have never been more convenient – largely thanks to the progress made by fintech startups.
But, despite being on the cutting edge of digital financial products, young fintech companies are at a disadvantage in a wildly important arena: data security.
With limited resources, growing compliance regulations around the world, and a constantly-evolving list of increasingly dangerous cyber threats, fintech startups face a uniquely difficult uphill battle.
And, with data breaches continuing to leer as an ever-present security threat, fintech firms are turning to new and advanced approaches to data privacy.
But, first, what do we mean when we talk about data security for startups?
Source: Data Security Solutions for Fintech Startups
Subscribe to DISC InfoSec blog by Email
Dec 07 2019
NIST CyberSecurity Framework and ISO 27001
NIST CyberSecurity Framework and ISO 27001
[pdf-embedder url=”https://blog.deurainfosec.com/wp-content/uploads/2019/12/NIST_ISO_Green_Paper_NEW_V3___Final_Edits.pdf”]
How to get started with the NIST Cybersecurity Framework (CSF) – Includes Preso
Written Information Security Program (WISP) – ISO 27002, NIST Cybersecurity Framework & NIST 800-53
httpv://www.youtube.com/watch?v=B8QjwD6f4rc
What is ISO 27001?
httpv://www.youtube.com/watch?v=AzSJyfjIFMw
Virtual Session: NIST Cybersecurity Framework Explained
httpv://www.youtube.com/watch?v=nFUyCrSnR68
Nov 30 2019
Cybersecurity Through the CISO’s Eyes
infographic via Rafeeq Rehman
PERSPECTIVES ON A ROLE
Cybersecurity Through the CISO’s Eyes
Cybersecurity CISO Secrets with Accenture and ISACA
Cybersecurity Talk with Gary Hayslip: Aspiring Chief Information Security Officer? Here are the tips
So you want to be a CISO, an approach for success By Gary Hayslip
Our most recent articles in the CISO category.
Explore latest Chief Information Security Officer titles
Nov 21 2019
Five Keys for Building a Security program
https://www.sans.org/media/critical-security-controls/Poster_CIS-Security-Controls_2018.pdf
The best practice guide for an effective infoSec function
Five Keys for Building a Security program
Open a PDF file Five Keys for Building a Security Program.
Nov 18 2019
CISO or vCISO? The Benefits of a Contractor C-level Security Role
Read how a virtual chief information security officer (vCISO) can help you uplift a struggling information security program.
Source: CISO or vCISO? The Benefits of a Contractor C-level Security Role
Webinar: vCISO vs CISO – Which is the right path for you?
httpv://www.youtube.com/watch?v=HIvuIIQob7o
CISO as a Service or Virtual CISO
httpv://www.youtube.com/watch?v=X8XSe3ialNk
The Benefits of a vCISO
httpv://www.youtube.com/watch?v=jQsG-65wxyU
Subscribe to DISC InfoSec blog by Email
« Previous Page — Next Page »
