%term

Channeling Regulatory Requirements into Practical Cyber Risk Assessments

Feb 2, 2022 By Kroll In Kroll

Does the saying "compliance does not equal security" paint a holistic picture? Sure, the concept is genuine; meeting a single compliance standard will not directly improve security posture. However, after working with hundreds of organizations, we have learned there are key considerations that can help maximize the value and urgency of compliance requirements by channeling such efforts into more practical risk assessments.

Read Post

Kroll

Read more about Channeling Regulatory Requirements into Practical Cyber Risk Assessments

CISO Insider - S3E2 - Driving diversity in infosec with Lisa Hall

Feb 2, 2022 By Nightfall In Nightfall

PagerDuty Head of Information Security Lisa Hall joins us on CISO Insider for an in-depth discussion on what diversity in the infosec industry really looks like — not just hiring to meet DEI quotas, but fostering differences to build strengths across the board. Diversity in thought and background among her staff is a success factor for Lisa’s team, and it leads to greater diversity in the work they do at PagerDuty.

View Video

Nightfall

Read more about CISO Insider - S3E2 - Driving diversity in infosec with Lisa Hall

NewEdge, You've Come a Long Way Baby

Feb 2, 2022 By Jeff Brainard In Netskope

Just over three years ago, Joe DePalo joined Netskope as Senior Vice President of Platform Engineering. He had most recently led the infrastructure design and build-out at AWS, the world’s largest public cloud, and prior to that, engineering and operations for one of the largest content delivery networks (CDNs) at Limelight Networks.

Read Post

Netskope

Read more about NewEdge, You've Come a Long Way Baby

Cloud Threats Memo: New Malicious Campaign Using GitHub for Command and Control

Feb 2, 2022 By Paolo Passeri In Netskope

State-sponsored threat actors continue to exploit legitimate cloud services. In their latest campaign, uncovered by Malwarebytes during January 2022, the North Korean group Lazarus (AKA HIDDEN COBRA) has been carrying out spear phishing attacks, delivering a malicious document masquerading as a job opportunity from Lockheed Martin (37% of malware is now delivered via Office documents).

Read Post

Netskope

Read more about Cloud Threats Memo: New Malicious Campaign Using GitHub for Command and Control

Fix the Broken State of Security with a "Security for all" mindset

Feb 1, 2022 By Chris Tozzi In Torq

Which cultural values empower businesses to thrive today? That's an open question, of course. But I suspect most employees, managers, and analysts would include items like collaboration, transparency, and creativity on the list of essential ingredients in business success. Indeed, you could argue that these values are at the core of a variety of modern organizational and technical innovations, from DevOps (which is all about collaboration) to open source software (which centers on collaboration and transparency) and the creator/maker movement (which is, of course, all about creativity).

Read Post

Torq

Read more about Fix the Broken State of Security with a "Security for all" mindset

Fast-Growing Distributor Nuvias Group Joins the Global Technology Distribution Council

Feb 1, 2022 By Nuvias

The innovative European company serves more than 7,000 partners with leading-edge solutions enabling security, agility and manageability in Hybrid IT and unified communications.

Read Post

Read more about Fast-Growing Distributor Nuvias Group Joins the Global Technology Distribution Council

Westcon-Comstor appoints Patrick Aronson as Chief Marketing Officer

Feb 1, 2022 By Westcon-Comstor

Move signals renewed focus on Partner Success for the security, networking and hybrid cloud distributor.

Read Post

Read more about Westcon-Comstor appoints Patrick Aronson as Chief Marketing Officer

Odaseva to Launch Privacy Solution, Solve Compliance Challenges for Enterprises using Salesforce

Feb 1, 2022 By Odaseva

Odaseva announces their Enterprise Privacy Solution for Salesforce to solve compliance challenges for the world's largest companies.

Read Post

Read more about Odaseva to Launch Privacy Solution, Solve Compliance Challenges for Enterprises using Salesforce

CVE-2021-44142: Vulnerability in Samba Enables Bad Actors to Execute Arbitrary Code as Root

Feb 1, 2022 By Miriam Iomin In Mend

A number of security vulnerabilities have been identified on the popular freeware, Samba, which implements the Server Message Block (SMB) protocol that allows users to access files, printers, and other commonly shared resources over a network. These flaws enable remote attackers the ability to execute arbitrary code with the highest privileges on affected installations. The most prominent is CVE-2021-44142, which affects all versions of Samba before 4.13.17.

Read Post

Mend

Read more about CVE-2021-44142: Vulnerability in Samba Enables Bad Actors to Execute Arbitrary Code as Root

What will 2022 Bring for Cloud Computing?

Feb 1, 2022 By Forward Networks In Forward Networks

Predicting the future is tricky business. However, when you’re privileged enough to frequently speak with the technology leadership at Fortune 500 companies, looking forward is less about gazing into a crystal ball and more of an extrapolation of trends that you're seeing. I’m honored that Fast Mode published my article detailing what I think is in store for cloud computing in 2022.

Read Post