Page 1

Desafíos

EL DIARIO DEL CISO (THE CISO JOURNAL)

Mayo(May), Volumen 9/2019

Pensando y Trabajando por un Líder de Seguridad Digital

En esta edición

Desafíos de un Líder de Seguridad Digital (LSD) CISOS.CLUB

 Desafíos de un LSD de hoy (Challenges of a

Durante estos últimos días y semanas, se ha visto como la realidad de la ciber-seguridad cada vez es más compleja, ambigua, volátil e incierta. Dentro del conjunto de noticias más comentadas a través de los diferentes medios y que se han comentado con mayor frecuencia están: Las fallas graves de seguridad en los ambientes SAP, se celebró el día del password que suscitaron un sinnúmero de reflexiones; el reporte esperado de la firma Verizon que año a año muestra las dinámicas y complejidad de la seguridad, el robo de 41 millones de Dólares en Bitcoins, la falla de seguridad en WhatsApp, las tensiones geopolíticas que afectan a países como Rusia, China y Estados Unidos, las múltiples reflexiones de las vulnerabilidades identificadas. La exposición aparente de productos Microsoft.

DSL’s today)  Pensamientos de un LSD  Thoughts of a DSL  International InfoSec & CyberSecurity News  Influencers  Influenciadores 

Noticias de Seguridad y Ciberseguridad

Reportes y encuestas de la Semana (Report & surveys of the Week)

 Ruta de la Seguridad  Bolsa de Empleo 

Other Magazines & More

Estas y más noticias reflejan la dinámica de la Ciber-Seguridad a nivel global y con ellos los esfuerzos que deben realizar los Líderes de Seguridad Digital (#LSD) para atender las tensiones mismas que vienen embebidas en el contexto de la realidad digitalmente modificada y densa a la que hoy se enfrentan las organizaciones. Así mismo muestra la necesidad de repensar lo aprendido para desarrollar nuevos aprendizajes. De la misma manera que muestra que nuestros Líderes de Seguridad Digital cada vez deben ser más estratégicos para atender las necesidades de las organizaciones a las que sirve.

¿Para qué un #LSD usa la estrategia? “La cultura se alimenta con la estrategia” Peter Druker

“Culture eats strategy for breakfast" Peter Druker

Pregunta de reflexión

Reflection question

¿Cómo un #LSD construye su capacidad estratégica? How does a #DSL builds its strategic capability?

Challenges of a Digital Security Leader (#DSL) CISOS.CLUB During these last days and weeks, it has been seen how the reality of cyber security is increasingly complex, ambiguous, volatile and uncertain. Within the set of news most commented through the different media and that have been commented with greater frequency are: The serious security failures in SAP environments, was held on the day of the password that a number of reflections aroused; the expected report of the Verizon firm that year after year shows the dynamics and complexity of security, the theft of 41 million dollars in Bitcoins, the security flaw in WhatsApp, the geopolitical tensions that affect countries like Russia, China and EE.UU; the multiple reflections of the identified vulnerabilities. The apparent exposure of Microsoft products. These and more news reflect the dynamics of Cyber Security at the global level and with them the efforts that Digital Security Leaders (# LSD) must make to address the same tensions that are embedded in the context of the digitally modified and dense reality which today organizations face. It also shows the need to rethink what has been learned to develop new learning. In the same way it shows that our Digital Security Leaders must increasingly be more strategic to meet the needs of the organizations they serve.

Why does an #DSL use the strategy?


EL DIARIO DEL CISO (THE CISO JOURNAL)

Pensamientos

Pensando y Trabajando por un Líder de Seguridad Digital Pensamientos de un LSD Capacidad estratégica de un Líder de Seguridad Digital (#LSD, #LíderSegDigital) Andrés Ricardo Almanza Junco En la realidad digitalmente modificada de hoy, está particularmente es una capacidad que todo profesional relacionado con los contextos digitales debe desarrollar, toda vez que la complejidad de contexto digital hace que existan presiones importantes y que afecten el desarrollo de las dinámicas de la organización y la prestación de sus servicios. Para un #LSD es necesario que esta capacidad exista y se desarrolle de manera continua, sin ella no habrá en una realidad como la actualidad la posibilidad de atender de manera prioritaria a las necesidades de la organización. Según Richard Rumel, describe una buena estrategia como “un conjunto de acciones que son creíbles, coherentes y que se enfoca en superar un desafío de acuerdo a su importancia para lograr un objetivo en particular”. En este sentido y aplicando esto a la vida de un #LSD debe tener claro varios elementos.

La siguiente tabla amplia cada uno de estos componente y propone preguntas de reflexión para el lector. Componente Objetivo Acciones

Descripción Lo que se pretende alcanzar

Preguntas orientadoras ¿Cómo se ve el éxito para el #LSD frente al desafío propuesto? Conjunto de pasos, o acciones para ¿Está definido un plan concreto para alcanzar el alcanzar el objetivo objetivo propuesto?

Credibilidad y Coherencia

Que sus elementos no entren conflicto, que este bajo escrutinio

en ¿De qué forma este plan se puede verificar? ¿Quiénes más están conectados y aportan en el plan propuesto? ¿Qué pasaría si sus elementos entran en conflicto?

La priorización del desafío

La estrategia debe atender los mayores ¿Cuál o cuáles son los problemas en términos desafíos. generales que se plantean atender? ¿Cómo se han priorizado los desafíos que desea atender con dicha estrategia? ¿Cuáles son los recursos claves y necesarios para enfrentar estos desafíos?

Según Julie Zhuo, existen tres elementos claves en la búsqueda de ser más estratégico y mejorar con ello el liderazgo.

conectate@cisos.club


EL DIARIO DEL CISO (THE CISO JOURNAL)

Pensamientos2

Pensando y Trabajando por un Líder de Seguridad Digital Pensamientos de un LSD Capacidad estratégica de un Líder de Seguridad Digital (#LSD, #LíderSegDigital) Andrés Ricardo Almanza Junco Saber lo que se busca del éxito, y como es exactamente. Es necesario que haya una alineación de este tema en particular cuando se trata de estrategias de seguridad digitales es necesario que lo que ve el #LSD sea algo similar a lo que vean todos los demás, de lo contrario muy probablemente lo que se considere un resultado exitoso posiblemente solo sea para una de las partes en cuestión. Por tanto es deber del #LSD estar continuamente indagando y validando que lo que se desea alcanzar este tan claro en la cabeza de todas las partes interesadas. Entender, entender y entender. El #LSD debe tener claro que es lo que está intentando resolver, cuál es la verdadera necesidad de la organización y conectar ello a la estrategia, en otras palabras la estrategia debe resolver el crucial desafío. Es necesario que el desafío a resolver se entienda así como todas sus partes y en esa misma línea poder definir la importancia relativa de cada parte con el desafío global, priorizar es parte de entender y esto permite poder atender de la mejor manera el desafío, adicional a ello también es clave entender para quien es relevante el problema, no solo es saber cuál es, cuáles son sus componentes sino que además el #LSD debe saber a quién o a quienes afecta. Con ello en mente se entiende mejor el ecosistema del desafío, en ello es clave entender ¿quién o quienes han intentado resolver el desafío?, ¿qué hicieron?, ¿qué fue útil que se pueda usar?, ¿qué definitivamente no lo fue?, ¿a quienes no tiene en cuenta la o las soluciones planteadas?, ¿Cuáles son las oportunidades y posibilidades de resolver el desafío? Por último en esta gran tarea el #LSD deben enfrentarse al desafío de las capacidades, saber cuáles son las mejores capacidades que se pueden poner al servicio de este problema y cuáles no, identificar las fortalezas que se requieren para enfrentar el desafío y quien o quienes pueden contribuir en ello, y sobre todo cuales son las debilidades. Priorizar. El #LSD al igual que muchos líderes pueden luchar con esta labor, toda vez que la ciencia en muchos estudios neurocientificos ha mostrado que es difícil decir “NO”, sin embargo en muchos escenarios se tiene la cotidianidad de manifestar que el profesional de seguridad digital se le conoce como el doctor “NO” en lo que tiene que ver con la implementación de acciones. Priorizar va a favor del tiempo, el uso de la energía y la atención los cuales son indispensables a la hora de actuar. Por tanto el poder definir con claridad que es primero y que es después será clave para alcanzar los resultados que se buscan y posiblemente obtener mejores. Es cave en este punto como lo anota Julie Zhuo, es necesario preguntarse ¿Cuáles son una, dos o tres acciones claves que se deben hacer? Y ¿cómo asegurar que estás resulten como se esperan? La priorización que un #LSD haga será clave toda vez que esto es garantía de que su programa de seguridad esté en un nivel más allá de lo esperado o de lo que debe cumplir y por tanto entregar más valor a la organización. Tener las capacidades estratégicas como parte de las nuevas capacidades de los líderes de seguridad digital #LSD, son herramientas que deberán ayudar en el desarrollo de la función de seguridad. La clave no es ser perfecto en tener estas capacidades, es más bien poder continuamente hacerlas crecer, continuamente estar enfrentando todos los desafíos. Continuamente hacer frente de frente a los desafíos y dedicar los recursos que considere para enfrentar los grandes desafíos que la seguridad digital de hoy demanda. Hasta este punto valdría la pena que nuestros #LSD se pregunten: Preguntas Reflexione ¿Qué considera el #LSD como capacidades estratégicas? ¿Está siendo usted un estratega de la seguridad? ¿Qué puede desaprender en relación con el pensamiento estratégico? ¿Qué puede reaprender en relación con el pensamiento estratégico? ¿Qué puede usted conservar del hoy para incrementar sus capacidades estratégicas? Deseas conversar sobre este tema. Escríbenos con gusto conversamos. conéctate@cisos.club

Referencias Ideas adaptadas del artículo How to Become a Strategic Leaderr Julie Zhuo. Consultado el 6 de mayo de 2019 Ideas adaptadas del artículo A Structured Approach to Strategic Decisionsr Daniel Kahneman, Dan Lovallo, and Olivier Sibony. Consultado el 6 de mayo de 2019 Ideas adaptadas del artículo Don’t be a “leader”r Eric J. McNulty. Consultado el 6 de mayo de 2019


Thoughts

EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader

Thoughts

Thoughts of LSD Strategic ability of a Digital Security Leader (#DSL, #DigitalSecLeader) AndrĂŠs Ricardo Almanza Junco In today's digitally modified reality, it is particularly a capacity that all professionals related to digital contexts must develop, since the complexity of the digital context means that there are important pressures and that they affect the development of the dynamics of the organization and the provision of their services. For an # LSD it is necessary that this capacity exists and develops continuously, without it there will not be in a reality like the present the possibility of attending as a priority to the needs of the organization. According to Richard Rumel , he describes a good strategy as "a set of actions that are credible, coherent and that focus on overcoming a challenge according to its importance to achieve a particular objective." In this sense and applying this to the life of a # LSD must have several elements clear.

objective

Description What is intended to be achieved

Actions

Set of steps, or actions to achieve the objective

Credibility and Consistency

That its elements do not come into conflict, that How can this plan be verified? this is under scrutiny Who else is connected and contribute in the proposed plan? What would happen if its elements conflict?

The The strategy must meet the greatest challenges. prioritization of the challenge

Guiding questions How does the success for the #LSD look against the proposed challenge? Is a specific plan defined to achieve the proposed objective?

What or what are the problems in general terms that are considered to attend? How have you prioritized the challenges you want to address with this strategy? What are the key and necessary resources to face these challenges?

They exist according to Julie Zhuo , three key elements in the search to be more strategic and thus improve leadership.

conectate@cisos.club


Thou2

EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader

Thoughts of LSD Strategic ability of a Digital Security Leader (#DSL, #DigitalSecLeader) Andrés Ricardo Almanza Junco Know what you are looking for success, and how it is exactly. It is necessary that there is an alignment of this particular issue when it comes to digital security strategies it is necessary that what the #LSD sees is something similar to what everyone else sees, otherwise very likely what is considered a result Successful may only be for one of the parties in question. Therefore it is the duty of the # LSD to continually investigate and validate that what is desired to achieve is so clear in the heads of all interested parties. Understand, understand and understand. The # LSD must be clear about what it is trying to solve, what is the true need of the organization and connect it to the strategy, in other words, the strategy must solve the crucial challenge. It is necessary that the challenge to be resolved is understood as well as all its parts and in the same line to be able to define the relative importance of each part with the global challenge, prioritizing is part of understanding and this allows to attend in the best way the challenge, additional It is also key to understand for whom the problem is relevant, not only to know what it is, what its components are, but also the # LSD must know who or whom it affects. With this in mind the ecosystem of the challenge is better understood, in this it is key to understand who or those who have tried to solve the challenge?, what did they do ?, what was useful that can be used ?, what definitely was not? , To those who do not take into account the solution (s)? What are the opportunities and possibilities to solve the challenge? Finally, in this great task the # LSD must face the challenge of the capacities, to know which are the best capacities that can be put at the service of this problem and which are not, to identify the strengths that are required to face the challenge and who or who They can contribute to this, and above all, what are the weaknesses. Prioritizing. The # LSD like many leaders can fight with this work, since the science in many neuroscientific studies has shown that it is difficult to say "NO", however in many scenarios it is common to state that the digital security professional he is known as the doctor "NO" in what has to do with the implementation of actions. Prioritize goes in favor of time, the use of energy and attention which are indispensable when acting. Therefore, being able to clearly define what is first and what is next will be key to achieving the results that are sought and possibly getting better. Its cave at this point as Julie notes Zhuo , it is necessary to ask what are one, two or three key actions that must be done, and how to ensure that you are as expected? The prioritization that a #LSD will make will be key since this is a guarantee that its security program is at a level beyond what is expected or what it must fulfill and therefore deliver more value to the organization. Having the strategic capabilities as part of the new capabilities of digital security leaders # LSD, are tools that should help in the development of the security function. The key is not to be perfect in having these capacities; it is rather to be able to continually make them grow, to continually be facing all the challenges. Continuously face up to the challenges and dedicate the resources you consider to face the great challenges that digital security demands today. Up to this point it would be worthwhile for our #LSD to ask: Questions What does the #LSD consider strategic capabilities? Are you being a security strategist? What can you unlearn in relation to strategic thinking? What can you relearn in relation to strategic thinking? What can you keep from today to increase your strategic capabilities?

Reflections

You want to talk about this topic. Write us with pleasure we chatted. conéctate@cisos.club References Ideas adapted from the article How to Become a Strategic Leaderr Julie Zhuo. Consultado el 6 de mayo de 2019 Ideas adapted from the article A Structured Approach to Strategic Decisionsr Daniel Kahneman, Dan Lovallo, and Olivier Sibony. Consultado el 6 de mayo de 2019 Ideas adapted from the article Don’t be a “leader”r Eric J. McNulty. Consultado el 6 de mayo de 2019


News0

EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader International InfoSec & Cybersecurity News How a Chinese Nation-State Group Reverse-Engineered NSA Attack Tools New Symantec research shows how the Buckeye group captured an exploit and backdoor used by the National Security Agency and deployed them on other victims.

'Matrix'-Themed Ransomware Variant Spreads 8 Personality Traits for Cybersecurity Better Behavior, Better Biometrics? Credit Card Compromise Up 212% as Hackers Eye ... Data Dump Purportedly Reveals Details on Previously ... Docker Forces Password Reset for 190,000 Accounts ... FBI: Cybercrime Losses Doubled in 2018 How Storytelling Can Help Keep Your Company Safe How the Skills Gap Strains - and Constrains - ... How to Close the Critical Cybersecurity Talent Gap How to Help Your Board Navigate Cybersecurity's ... How We Collectively Can Improve Cyber Resilience Misconfigured Ladders Database Exposed 13M User Records New Initiative Aims to Fast-Track Women into ... Orgs Are Quicker to Disclose Breaches Reported to ... Password Reuse, Misconfiguration Blamed for ... Peer-to-Peer Vulnerability Exposes Millions of IoT ... Russian Nation-State Group Employs Custom Backdoor ... Security Doesn't Trust IT - and IT Doesn't Trust ... Security Top Concern as Mobile Providers Think 5G Social Engineering Slams the C-Suite: Verizon DBIR Study Exposes Breadth of Cyber Risk The Big E-Crime Pivot The Dark Web Is Smaller Than You Think The Fine Line of Feedback: 6 Tips for Talking to ... Trust the Stack, Not the People US DoJ Indicts Chinese Man for Anthem Breach US States with the Worst Consumer Cyber-Hygiene Why Are We Still Celebrating World Password Day?

Simplifying Cyber security Deployments with Automation – Cyber Defense Magazine Security is a whole lot like quantum mechanics. It’s rife with uncertainty and you can’t observe your infrastructure without affecting it.

4 Signs Your Organization is a Good Cyber Attack Target, and What to Do about It 8 Cyber security Practices In Health IT Domain That Every Company Should Learn From Cutting Through the Hype-The Realistic Flaws of a Zero Trust Security Model Enterprise Insider Threats on the Rise On Security and Privacy, States Are Taking the Lead SOAR: The Key to Building a Trustworthy Iot The Internet of Things Signal Transmission Challenges Your Security Teams are Destroying Critical Evidence Zero Trust Security Five Red Flags You Have a Cyber Security Insights Problem

Top Russian Hacking Group Breaches Three AV Companies - Infosecurity Magazine A report published today by Advanced Intelligence revealed that three US-based antivirus software vendors have been breached, and a high-profile collective of Russian hackers is claiming responsibility

#Belfast2019: Cybersec Industry to Generate £70m+ in Salaries in Northern Ireland Baltimore Severs Down After Ransomware Attack C-Suite Under Attack as Money and Data Drive Breaches Canadian Telco Exposes Unencrypted Card Details Cyber-Attacks in UK Grew by 140% in 2018 DHS Releases Analysis of ELECTRICFISH Malware Europol: Two More Dark Web Marketplaces Have Been Seized Fin7 APT Targets Over 130 Orgs after Leader's Arrest Hackers Steal 7K BTC from Binance Cryptocurrency Holiday Scammers Made £7m in 2018 Israel Responds to Cyber-Attack with Air Strike Major Uptick in IoT-Related Breaches and Attacks Matrix-Themed Ransomware MegaCortex Spikes in May Most Firms Rely on Trust Alone for Supply Chain Security New Magecart Group Steals Data from 201 Campus E-Stores Only 0.25% of Reported Data Breaches Have Led to Fines Since GDPR Orange Gains SecureLink, Advances Cyber Offerings Russia Uses Social Media to Sway Public Opinion Ukrainian Faces US Charges for Five-Year Malvertising Campaign Websites Continue to Collect PII Data Insecurely

50,000 companies running SAP installations open to attack via publicly released exploits - Help Net Security Two exploits publicly released in late April at the OPCDE security conference in Dubai could be leveraged to compromise a great number of SAP implementation

3 months, 1900 reported breaches, 1.9 billion records exposed 60% of businesses have experienced a serious security breach in the last two years Bad actors increasingly spreading misinformation via social media ahead of EU elections C-level executives increasingly and proactively targeted by social breaches C-Suite execs and policy makers find cybersecurity technology investments essential Consumers care deeply about their privacy, security, and how their personal information is handled Cybercriminals targeting social media: Facebook and Instagram are becoming phishers’ favorites How institutions, advisors, and investors think about digital assets Is curiosity killing patient privacy? Most SMBs would pay a ransom in order to recover stolen data Network as a Service market to exceed $50bn by 2025 Researchers discover highly stealthy Microsoft Exchange backdoor Securing satellites: The new space race The IoT threat landscape is expanding rapidly, yet few companies are addressing third party risk factors The leading sources of stress for cybersecurity leaders? Regulation, threats, skills shortage Trust is at a tipping point: Consumers will react strongly if they feel their privacy is compromised Unhackable? New chip makes the computer an unsolvable puzzle What differentiates the strongest cybersecurity programs from the rest Whose (usage) data is it, anyway?


News1

EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader bitcoin: Hackers steal $41 million worth of bitcoin from Binance cryptocurrency exchange, IT Security News, ET CISO ciso.economictimes.indiatimes.com

U.S. Charges Chinese Hackers Over Massive 2015 Anthem Breach | SecurityWeek.Com

HONG KONG - Hackers stole bitcoin worth $41 million from Binance, one of the world's largest cryptocurrency exchanges, the company said on Wednesday

hacking group operating in China” in connection with

50,000 companies at risk of SAP systems hack: Report Another Cooperative bank’s server hacked, Rs 68 lakh siphoned off Binance hackers shift stolen bitcoin, identity still unclear: researchers Challenges in securing modern applications: View CIOs can stay ahead of cyber threats with these practices Cryptocurrency thefts, fraud hit $1.2 billion in first quarter : Report cyber crime: Forgers are forcing a $9 trillion business into the digital age G7 countries to simulate cross-border cyber attack next month: France German police shut down major 'darknet' illegal trading site Here’s how this startup is working towards securing more than 5.5 Billion digital identities How Chinese spies got NSA’s hacking tools, and used them for attacks It's time to break up Facebook, says co-founder Chris Hughes Norsk Hydro expects cyber attack costs of nearly $52 mln in Q1 payments: Importance of localising data in payments ecosystem Privacy is no 'luxury good', says Sundar Pichai Telangana power utilities websites hit by ransomware restored The worst data breaches and hacks in the ASEAN region Two Israelis arrested in global 'dark' Internet probe

The U.S. Justice Department on Thursday announced charges against members of an “extremely sophisticated the massive 2015 data breach that impacted health insurer Anthem

An Ode to CISOs: How Real-World Risks Became Cyber Threats Chinese Hackers Used NSA Tool a Year Before Shadow Brokers Leak Facebook Sues South Korea Data Analytics Firm GandCrab Ransomware Detected Targeting Manufacturing Firm Hackers Steal $40 Million in Bitcoin From Cryptocurrency Exchange Binance Hard-Coded Credentials Found in Alpine Linux Docker Images How Crossword Puzzles Can Improve Your Information Security Posture Information Services Giant Wolters Kluwer Hit by Malware Attack IT Specialist Convicted on Cyber Hacking Charges Sentenced Nigerian Cybercrime 'Group' Has 400 Malicious Actors Orange Acquires Cybersecurity Firm SecureLink Over 100 Flaws Expose Buildings to Hacker Attacks Phar Vulnerabilities Patched in Drupal, TYPO3 Russian Hackers Claim Breach of Three U.S. Anti-Virus Companies The Need for Tiered Security at the Edge Turla Uses Sophisticated Backdoor to Hijack Exchange Mail Servers UK Publishes Proposed Regulation for IoT Device Security

Researchers: Spies Exploit Microsoft Exchange Backdoor

Does it matter who the CISO reports to? | CSO Online

A sophisticated nation-state spy network has quietly exploited a backdoor in Microsoft Exchange servers that gave attackers unprecedented access to the email

Reporting relationships are more than lines on an org chart, they're lines of authority. Ultimately,

Advancing Security Operations With Managed Detection and Response Citrix Hackers Camped in Tech Giant's Network for 6 Months Crime Gang Advertises Stolen 'Anti-Virus Source Code' Darknet Disruption: 'Wall Street Market' Closed for Business DHS: Federal Agencies Need to Patch Vulnerabilities Faster Docker Hub Breach: It’s Not the Numbers; It’s the Reach Hackers Steal $41 Million Worth of Bitcoins From Binance JavaScript Sniffer Attacks: More Online Stores Targeted Key Trends in Payments Intelligence - Machine Learning for Fraud Prevention Malware Knocks Out Accounting Software Giant Wolters Kluwer New Skimmer Attack Steals Data From Over 100 E-Commerce Sites Russian Charged in $1.5 Million Cyber Tax Fraud Scheme SAP’s NetWeaver: New Exploits for Misconfigurations Ukrainian National Charged in Malvertising, Botnet Scheme Why Companies are Replacing AV with Advanced Endpoint Protection WikiLeaks’ Assange Signals He'll Fight Extradition to US

Comment: Amazon Hit By Extensive Fraud With Hackers Siphoning Merchant Funds | Information Security Buzz Bloomberg reported yesterday that Amazon.com Inc has been reportedly hit by an “extensive” fraud, revealing that unidentified hackers were able to siphon funds from merchant accounts over six months last year. Access Control — Why Fingerprints Are Better Than Keys Evolving Mobile Device Management Strategies Executive Order On America's Cybersecurity Workforce Experts Comments: Verizon DBIR Facebook Users Being Targeted By "Baby Sussex Scams" Freedom Mobile Data Leak Hackers Breached 3 US Antivirus Providers Microsoft Is Killing Off Passwords In Its Software And Services Microsoft New Privacy Focused Features Samsung Spilled SmartThings App Source Code And Secret Keys Special Events At Infosec Europe 2019 Will Support, Educate And Nurture Security Professionals And Startups

12 tips for effectively presenting cybersecurity to the board 9 types of malware and how to recognize them Assume breach is for losers: These steps will stop data breaches How Akamai implemented a zero-trust model Is the cybersecurity skills shortage getting worse? Key Findings on the State of Operational Technology and Cybersecurity Lock Down Wired Threats with ClearPass Networking and Security: Put It All Together New Intel firmware boot verification bypass enables low-level backdoors North Dakota: An innovative and leading cybersecurity state Public SAP exploits could enable attacks against thousands of companies The Problem with Too Many Security Options What is opsec? A process for protecting critical information What is phishing? How this cyber attack works and how to prevent it Why local governments are a hot target for cyberattacks

North Korean Hackers Using ELECTRICFISH Tunnels to Exfiltrate Data - thehackernews.com The U.S. Department of Homeland Security (DHS) and the FBI have issued another joint alert about a new piece of malware that the prolific North Korean APT hacking group Hidden Cobra Baltimore City Shuts Down Most of Its Servers After Ransomware Attack Binance Hacked — Hackers Stole Over $40 Million Worth Of Bitcoin Chinese Hackers Used NSA Hacking Tools Before Shadow Brokers Leaked Them Microsoft Windows 10 will get a full built-in Linux Kernel for WSL 2 Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites U.S. Charges 9 'SIM Swapping' Attackers For Stealing $2.5 Million Unpatched Flaw in UC Browser Apps Could Let Hackers Launch Phishing Attacks Europol Shuts Down Two Major Illegal 'Dark Web' Trading Platforms


News1.1

EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader Unprotected MongoDB Database Exposes Over 275 Million Personal Records | Cyware Hacker News

190,000 Accounts in Docker Hub Database May Have Been Exposed Security Now

An unprotected MongoDB database exposed over 275 Million personal records.

Potentially poisoned images could be distributed without the distributors realizing that this is occurring.

Airbnb user accounts allegedly hacked; previous bookings canceled and new bookings made Amazon Hit With Extensive Fraud Campaign Impacting Hundreds Of Seller Accounts Attackers delete GitHub, GitLab, and Bitbucket repositories and replace with ransom notes Baltimore City Hall and Potter County hit with ransomware attacks Chinese threat actor group APT3 used NSA-linked tools to target organizations, says new report Cyware Weekly Threat Intelligence, May 06-10, 2019 Freedom Mobile exposed almost 5 million customer records due to a misconfigured database Hackers stole over $41 million from Binance cryptocurrency exchange Iranian cyber espionage operations exposed via Telegram channels and Dark Web websites Mirrorthief cybercrime group targets online campus stores in the US and Canada with card skimming malware Scammers are adopting cloud services such as AWS, Azure, Alibaba, and Google Docs to trick victims Turla threat actor group hijacks Microsoft Exchange mail server using sophisticated LightNeuron backdoor Unprotected database belonging to Burger King exposes 37,900 records of Kool King Shop customers

MegaCortex' Ransomware Hunts 'Big Game' Enterprise Cybercrime Study Finds Increasing Costs as Well as Changing Targets & Methods Enterprise Resilience: It's the Ecosystem, Stupid Quabot Trojan Evolves to Become Harder to Detect & Remove

Airbnb Superhost Secretly Recorded Guests with Hidden Bedroom Camera

Small businesses spent £13.6 billion recovering from cyber crime in 2018 IT Governance Blog

The incident is only the latest in a string of disturbing horror stories of guests finding live, recording cameras hidden in their Airbnb flats.

Chinese Spies Stole NSA Cyberweapons Long Before Shadow Brokers Leak FIN7 Linked to Escalating Active Exploits for Microsoft SharePoint Bug Google Patches Critical Remote Code-Execution Flaws in Android Lax Telco Security Allows Mobile Phone Hijacking and Redirects Oracle WebLogic Exploit-fest Continues with GandCrab Ransomware, XMRig The WannaCry Security Legacy and What’s to Come

Security Workforce 2019: Closing the Gap Builds a Bridge to the Future Serverless Computing: A New World of Security Risks Shadow IT & Unsecured Data Still Rampant Within the Digital Workplace

Top 5 Cyber Security Breaches of 2019 So Far Each Friday, Cyber Security Hub scours the internet to provide readers with a notable ‘incident of the week

4 Ways To Defend The Enterprise From Nation-State Attacks Cyber Security Cross Over: What To Expect When Making That Transition How To Measure Cyber Risk On Your Digital Assets Incident Of The Week: Impact Of Docker Security Breach Risk Management At The Forefront Of Tech Enterprises The Economic Side Of Cyber Security Risk Management

One in three UK companies fell victim to cyber attacks in 2018, with the majority of the damage occurring in small businesses, according to a report by Beaming

Cyber criminals conned holidaymakers out of £7 million in 2018 Different types of cyber attacks IT Governance Free Downloadable Green Papers List of data breaches and cyber attacks in April 2019 – 1.34 billion records leaked Survey reveals just how bad the UK is at creating passwords

Top 5 ways to get more women in your workforce

New MegaCortex Ransomware Targets Corporate Networks | SecureReading

Creating a more diverse workforce can have many benefits for tech companies. Tom Merritt shares five tips for getting women interested in applying.

Security researchers have discovered a new ransomware called MegaCortex targeting corporate networks.

10 warning signs you're about to get fired or laid off Communication breakdown: 10 tips to get users to listen to IT The 10 highest-paying cybersecurity jobs Why marketing teams are critical to successful cybersecurity efforts Why older employees are less likely to get tricked by phishing attacks

Critical Flaw Discovered in Kaspersky Antivirus Engine that Allows Arbitrary Code Execution Critical Flaw discovered in SQLite allowing Remote Code Execution Critical Flaws Discovered in Sierra Wireless AirLink Routers Hackers Discovered Exploiting Microsoft Sharepoint RCE Flaw in the Wild Hackers Stole over $41 Million worth Bitcoins from Binance Cryptocurrency Exchange

Why IT departments miss basic IT security hygiene

What’s Behind the Wolters Kluwer Tax Outage? — Krebs on Security

IT departments are failing to patch security holes in software because of a disconnect between security and operations teams, survey finds.

Early in the afternoon on Friday, May, 3, I asked a friend to relay a message to his security contact at CCH, the cloud-based tax division of the global information services firm Wolters Kluwer

Businesses unprepared for cyber breaches Cyber criminals targeting C-suite, DBIR shows Police down two dark web markets Using simulated disaster management to tackle the security skills gap

Nine Charged in Alleged SIM Swapping Ring Data: E-Retail Hacks More Lucrative Than Ever Feds Bust Up Dark Web Hub Wall Street Market


News2

EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader Cybertalk

Forbes Council Post: CISOs, Stop Focusing On Cybersecurity Council Post: Secure Software Design: The Next Frontier In Cybersecurity ExtraHop BrandVoice: “CIA”: Understand The Cybersecurity Triad In 5 Minutes Or Less New Cybersecurity Report Warns CIOs -- 'If You're Breached Or Hacked, It's Your Own Fault'

Buzz about the grid generates uncertainty Deep Dot Web in deep water How to avoid the domino effect Winning strategies for a top-notch CISO and CFO alliance

Information-Management

Inforisktoday

Bad bot cyber attacks increase in number and sophistication Cyber risk levels hold steady, though larger firms are prime targets Five software programs to improve the security of business websites Most organizations ill prepared to defend against cyber attacks

Despite Doxing, Oilrig APT Group Remains a Threat Hackers Steal, Post Financial Data From Major Corporations Mystery Database Exposed Info on 80 Million US Households

Deloitte

Securitymagazine

CRO Survey: Risk Management Value, Challenges & Trends Pursuing cybersecurity maturity at financial institutions The ascent of the CISO

Physical and Cyber Convergence—At Last? Social Engineering Simulation Testing Tips Tipping the Scale for Effective Cybersecurity

Cisomag Continuous innovation is the key to cyber safety Kenya announces cybersecurity guidelines for financial sector

$3 Million HIPAA Settlement in Delayed Breach Response Case Laid Off Worker Pleads Guilty in Medicaid Incident

Dataprivacysecurityinsider

Trendmicro

Diagnostic Medical Imaging Company Pays $3 Million to Resolve Potential HIPAA Violations Stemming from Data Breach Phishing Continues to Be Seen as Biggest Cybersecurity Threat to Companies

This Week in Security News: BEC Attacks and Botnet Malware This Week in Security News: Skimming Attacks and Ransomware -

Tripwire

Welivesecurity

Cyber Security + Compliance Controls: What Does It All Mean, Rick? RobbinHood ransomware attack brings down parts of City of Baltimore's computer network

Hackers steal US$41 million worth of Bitcoin from cryptocurrency exchange Turla LightNeuron: An email too far

Securityboulevar McAfee Survey Finds IT at Cybersecurity Fault Most The CEO's Guide To Understanding Cyber

Other News ‘CISOs should be able to reach out’ $40 million worth of Bitcoin stolen from Binance cryptocurrency exchange A ransomware attack is holding Baltimore's networks hostage Banks and Their Legal Obligations to Defend Against Cybercri Be wary of emails with links to ... er, Google Drive? Is that right? Bootstrap Business: How to Improve Security for Business and Prepare for All Threats Buckeye: Espionage Outfit Used Equation Group Tools Prior to Shadow Brokers Leak C-level execs being targeted by cyberattacks Cofense: Why it’s time for everyone to defend against phishing Crippling ransomware attacks targeting US cities on the rise Cybersecurity Awareness: A Critical Piece of the Security Puzzle Cybersecurity Jobs Abound. No Experience Required. Cybersecurity Skills Shortage Worsening for Third Year In A Row, Sounding the Alarm for Business Leaders Evaluaciones de Hogan: los 8 rasgos de personalidad para tener éxito en la ciberseguridad FBI Seize DeepDotWeb For Taking Commissions From Illegal Sites FBI Shutters DeepDotWeb Portal; Suspected Admins Arrested Filling the digital transformation skills gap Five free ways SMEs can improve their cyber security Google Online Security Blog: Quantifying Measurable Security Hackers linked to China repurposed NSA's cyberweapons, report says Help the Security Effort By Becoming an IoT Researcher How to Comply with GDPR How to Get Your Employees On Board with Cyber Security In the absence of a secure culture, reducing cyber risk could be impossible Indian corporates seek to bridge skill gap in cyber security management Invisible Malware Is Here and Your Security Software Can't Catch It Is anti-virus obsolete?

LulZSec hackers published sensitive data from 30,000 Roman lawyersSecurity Affairs Marriott doesn't pay a price for massive data breach Microsoft SharePoint vulnerability allows hackers to sift through servers, Saudi authorities warn Millions of Chinese-made devices, including baby monitors, vulnerable to hacking: study MN: American Baptist Homes of the Midwest notifies patients and residents of ransomware incident Month Long Attack on Microsft SharePoint Servers NASCIO Day 2: Hard Transformations and ‘Soft’ Skills Nicaragua: 11,000 Bots Slam La Prensa in 'A Direct Attack' No reason to ship credit card data to third parties, says expert Oversight and Management of Cybersecurity Risks for Board of Directors/Decision Makers Piracy streaming apps are stuffed with malware Report: Chinese Hackers First to Use NSA Cyberattack Tools Russia-Linked Hackers Using Sophisticated Backdoor To Hijack Exchange Servers Russian cyberspies are using one hell of a clever Microsoft Exchange backdoor Students pull off below-the-belt mailing list prank The 4 pillars of a lasting cyber security transformation The Greatest Risk Is Not Doing a Risk Assessment The Secret CSO: Roger Hale, Informatica The State of Cyber Security Incident Response The Strange Journey of an NSA Zero-Day—Into Multiple Enemies' Hands Triton is the world’s most murderous malware, and it’s spreading We aren't prepared for the next wave of cybersecurity risks Why Cybersecurity Startups are Picking Up Growth in SEA Why it’s time for organisations to rethink their cybersecurity strategy Why You Should Constantly Enrich Security Culture Throughout Your Organization Your Financial Org Needs Security Awareness Training More Than Ever

www.cisos.club

conectate@cisos.club


Influencers

EL DIARIO DEL CISO (THE CISO JOURNAL) Thinking and Working for a Digital Security Leader INFLUENCERS The free cyber security onion Layers Of Security (Go free)I have been investigating the free option for Cyber security tools and software.

Brickerbot, 'Zombie' Cars, and IoT vulnerability reporting Note: These are speaking notes from a presentation I gave at SparkleCon in 2018.

How to write a basic Cyber job description The following article is the first in a series of articles I am writing about the job hiring process

Question: How to communicate with a company about private info being on the internet? I'm not apart of a company but I want to talk to One Direction's/Harry Styles's (they are British) management (company is in California) they have done any risk assessment.

Security Researcher: A Road Less Frequently Traveled This article was first published on Medium

To pay a ransom or not? Some organizations say they will never pay a ransom, others say maybe they would depending on the circumstacnes

It's not cyber war. Stop it. To quote a generally reputable 'Wired' - " The role of destructive cyberattacks in all-out warfare has expanded in recent years

CorpSec, Meet InfoSec. (And Vice Versa) I once had a neighbor whose dank little basement was finished entirely in particle board

CISOs are Excelling in Multiple Areas: Where There’s Room for Improvement CISOs have come a long way, baby. From their roots in analyzing and addressing information security and controls, most CISOs have expanded their roles by hiring great talent and fighting incidents very well.

Multimedia Resources (Recursos Multimediales) Week in security with Tony Anscombe | WeLiveSecurity

Smashing Security podcast: 'I do love the Dutch'

ESET researchers dissect LightNeuron, a sophisticated piece of malware that can both spy on emails and act as a fullfeature backdoor.

Israel strikes back at Hamas’s hacking HQ, a new sextortion email comes with a twist, and Carole saves the world with some help from hacked Roomba vacuum cleaners

<i>Defense in Depth</i>: How CISOs Discover New Solutions

<i>Defense in Depth</i>: Is the Cybersecurity Industry Solving Our Problems?

Are security professionals so burned out by aggressive cybersecurity marketing that they're giving up on discovering new and innovative solutions?

ESG Data Point of the Week 38% of those organizations investing in AI initiatives are doing so without a data scientist.

Is the cybersecurity industry solving our problems?

Our "What Not to Do" Security Selling Secret We're not always clear on what vendors should do when selling security products

S‎ hadowTalk by Digital Shadows: Weekly Intelligence Summary: Ep 17 on Apple Podcasts

The 12th Edition Verizon Data Breach Investigations Report (DBIR): Read It And Spring into Action

Show ShadowTalk by Digital Shadows, Ep Weekly Intelligence Summary: Ep 17 - May 3, 2019

By Sean Martin Guests: Gabriel Bassett | John Grim Host: Sean Martin Today's episode comes to you in concert with the release of the 12th edition of the Verizon Data Breach Investigation report

The New CISO Podcast - Exabeam The New CISO is a podcast hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security[...]


EL DIARIO DEL CISO Influenciadores (THE CISO JOURNAL) Pensando y Trabajando por un Líder de Seguridad Digital INFLUENCIADORES CONVERSANDO CON EL LÍDER DE SEGURIDAD DIGITAL(#LSD) CISOS.CLUB tuvo la oportunidad de conversar con el Presidente de ISACA capítulo Bogotá Victor Vasquez, y aquí están por ahora el audio de esta interesante conversación.

CISOS.CLUB tuvo la oportunidad de conversar con Líder del capítulo OWASP Barranquilla Nahúm Deavila, y creador del evento iSecurity Summit Colombia aquí están por ahora el audio de esta interesante conversación.

Reflexiones y aprendizajes sobre los Eventos a los que asistió CISOS.CLUB CISOS.CLUB tuvo el privilegio de ser invitado a la III JORNADA DE SEGURIDAD DE LA INFORMACION organizada por la Universidad ECCI y estos fueron los aprendizajes obtenidos de esta interesante sesión:

El valor de la inclusión Nos sentimos honrados de haber sido invitado, gratamente sorprendidos con el público y con la experiencia de dictar una charla con una intérprete para la comunidad de personas sordas y mudas. Proyecto que la universidad ECCI ya viene trabajando y que según las palabras de su decano M.Sc Cesar Augusto Torres Andrade manifiesta que ha sido un proyecto con el que busca fomentar crecimiento en estas poblaciones y encontrar nuevos talentos que aporten en la sociedad.

Entre los puntos que queremos resaltar están: 1. Fue una experiencia que lleno de emocionalidad el poder contribuir con aquellos quienes poseen algún tipo de discapacidad. 2. El estar en el auditoría y ver como la interprete comunica a este tipo de poblaciones también fue muy interesante y luego de terminar se indagó de como se ha hecho para transmitir los mensajes en esta materia y más aún cuando son mensajes como en algunas charlas, inclusive la nuestra que utiliza lenguaje técnico; y la sorpresa es que ya han creado algunas señas propias y que se está trabajando con la homologación ante los entes competentes para poder incluir dichas creaciones en el lenguaje estándar de señas. 3. Al momento de realizar la sección de preguntas fue otro de los momentos inspiradores toda vez que algunas de ellas vinieron precisamente de estos muchachos y para nosotros fue inspirador ver como nuestro mensaje llegó y sobre todo como el proceso del interpreta logra y transmitir con tanta precisión y con tanto énfasis para que ellos puedan realizar las preguntas que se realizaron. 4. Saber qué haces un aporte en la vida de otras personas y que estas personas salen y agradecen el esfuerzo realizado llena de motivación y de satisfacción. 5. Ver como en el ambiente no existe ningún tipo de sectorización pese a su condición de discapacidad. 6. El agradecimiento a la universidad ECCI por invitarnos y por permitir hacer un aporte y claramente el compromiso para aportar, contribuir en el desarrollo de nuevas generaciones de profesionales del mundo de la seguridad.

Artículos de Influenciadores Latinoamericanos Inteligencia & Confianza digital. Dos realidades, una tensión estratégica (Jeimy Cano) Se dice que en el mundo de los negocios, alguien pierde y alguien gana. Lograr el famoso equilibrio de los acuerdos “gana-gana”, es un ejercicio complejo y que requiere sobremanera disposición de los participantes para ceder algo de su terreno ganado.

Los ciberseguros y la cláusula de exclusión “por guerra” o “ciberguerra” (Jeimy Cano) Con frecuencia se habla de los constantes ataques cibernéticos y los impactos que estos tienen en las organizaciones y las naciones.


Noticias

EL DIARIO DEL CISO (THE CISO JOURNAL) Pensando y Trabajando por un Líder de Seguridad Digital Noticias de Seguridad y Ciberseguridad Hackean Binance, plataforma de intercambio de bitcoin; roban 40MDD noticiasseguridad.com

Un sistema ICS, atacado cada casi segundo en 2018 | CyberSecurity News En 2018, Kaspersky Lab detectó y evitó la actividad de elementos peligrosos en casi la mitad de los ordenadores de sistemas de control industrial (ICS) protegidos por los productos de la compañía y definidos como parte de la infraestructura industrial de una entidad.

La plataforma de intercambio de criptomoneda Binance, que maneja la mayor cantidad de operaciones diarias, ha sido víctima de hacking, reportan expertos del curso de ciberseguridad del IIC

“En el campo de la ciberseguridad hay cabida tanto para hombres como para mujeres” 1 de cada 5 empresas experimentaron algún incidente de seguridad en la nube 4 millones de dólares perdidos al año a causa de los bots que irrumpen en las cuentas online Campaña de falsos anuncios en Google para robar las credenciales Cuando los riesgos del Wi-Fi obligan a crear un estándar wireless común en todo el mundo Descubren una campaña de malware en Google Play que afecta a más de 90 millones de usuarios Detecta un aumento del nuevo ransomware autodenominado MegaCortex Día Mundial de las Contraseñas: cómo pueden usuarios y empresas proteger su información El 61% de los profesionales IT han sufrido una brecha de datos grave El fraude interno de las empresas europeas asciende a 51.387 euros anuales de media El impacto económico de los ciberataques es de más de un billón de euros España es el tercer país más preocupado por la ciberdelincuencia Estas son las ciberamenzas que ponen en riesgo la seguridad de las Smart Cities Facebook se prepara para una macromulta por Cambridge Analytica La mitad de los españoles elegiría tecnologías biométricas para acceder a su cuenta bancaria Los ciberdelincuentes se esconden en Telegram Monitorizar para anticiparse, la clave de éxito contra los Ciberataques Publicada en el BOE la Estrategia de Ciberseguridad Nacional Solo el 17% de las compañías europeas pueden calificarse de “digitalmente maduras”

Ataque de ransomware contra ciudades de Maryland y Texas Brecha de datos en Wyzant, sitio web para contratar tutores Cinco herramientas recientemente usadas por cibercriminales Cuenta regresiva para conocer al hombre detrás del Bitcoin Denegación de servicio interrumpe operaciones de compañía eléctrica Error de verificación de firmas en Mozilla provoca fallas en extensiones Filtración de código fuente confidencial de Samsung Hackean tres compañías antivirus y venden su código fuente Hackers roban código fuente de cientos de repositorios en GitHub Hackers roban fondos de múltiples vendedores de Amazon Herramientas de hacking de la NSA fueron filtradas por chinos desde 2016 Israel afirma haber bombardeado centro cibernético de Hamas LightNeuron, el backdoor diseñado para Microsoft Exchange Malware afecta a usuarios de software financiero Wolters Kluwer Múltiples vulnerabilidades afectan a enrutadores Sierra Wireless AirLink Nueva campaña de phishing dirigida contra YouTubers Vulnerabilidad expone sitios web en Drupal, Joomla y Typo3 Vulnerabilidades críticas impactan Elastic Services Controller de Cisco Vulnerabilidades en cámara de D-Link exponen grabaciones de usuarios Vulnerabilidades en SAP, un riesgo para miles de compañías en el mundo

Un grupo cibercriminal aprovecha una vulnerabilidad crítica en Windows | CIBERCRIMEN | CSO España

Xwo, el malware que escanea internet en busca de vulnerabilidades Xwo es un nuevo malware descubierto por el Alien Labs de AT&T que se recorre todo internet en busca de posibles vulnerabilidades.

La tecnología de prevención de exploits de Kaspersky ha detectado a un grupo cibercriminal anónimo que intentaba aprovechar una vulnerabilidad desconocida de Microsoft, el sistema operativo de Window

Espionaje industrial: patentes en el punto de mira de los ciberatacantes pandasecurity.com

Google Play vuelve a sufrir una vulnerabilidad Los 'deep fakes' entran en el juego político Los riesgos de ciberseguridad para Banco Santander Un grupo de hackers roba 41 millones de euros en 'bitcoins'

Otra Noticias ¿Por qué Chile baja al puesto 83 en Ranking Global de Ciberseguridad (GCI)? ¿Por qué la ciberseguridad es la carrera del futuro? ¿Por qué la ciberseguridad se encuentra en una tormenta perfecta? Incluso las organizaciones grandes descuidan los más básicos elementos de ciberseguridad: Menny Barzilay, ex CISO de los servicios de inteligencia de Israel Administrador del Reservas pondera ciberseguridad del Estado y la banca Análisis de la ciberseguridad de tus datos médicos Buscando talento en ciberseguridad Ciberseguridad y su papel en la organización Ciberseguridad, el desafío de la preservación de datos Ciberseguridad, un elemento clave en el crecimiento de los centros de apuestas en línea Dark web: el lado oscuro de Internet Directivos tienen tienen más posibilidades de sufrir un ciberataque El ‘Malvado Clippy’ De Office Es Indetectable Para Tu Antivirus El coste para las empresas de una brecha de seguridad El malware para Mac crece un 60% en tres meses El Riesgo Cibernético en la Industria Petrolera

FMI señala la deficiente participación de México para intercambiar información sobre ciberataque Gobiernos y cibermuros: Los ladrillos de una política de ciberseguridad Japon trabaja para combatir los ataques informaticos La ciberseguridad como oportunidad de innovación y emprendimiento en Granada La nueva Estrategia Nacional de Ciberseguridad se centra en combatir el ciberterrorismo Las entidades financieras gastan el 10% de su presupuesto TI en ciberseguridad Legislar la seguridad de los dispositivos IoT: ¿es realmente la solución? Leonor, Sofía y los regalos más sorprendentes que han recibido en 2018 Los temas de ciberseguridad que más preocupan a los expertos México cae 35 lugares en Índice Global de Ciberseguridad de la ITU Opinión Python, el lenguaje de la ciberseguridad Riesgos de ciberseguridad en las universidades Robo a Binance: hackers drenaron monederos pese a límite de retiro Sector aéreo nacional debe fortalecer su ciberseguridad


Reportes

EL DIARIO DEL CISO (THE CISO JOURNAL) Pensando y Trabajando por un Líder de Seguridad Digital

Reportes y Encuestas de la Semana (Reports of the Week)


Ruta

EL DIARIO DEL CISO (THE CISO JOURNAL) Pensando y Trabajando por un Líder de Seguridad Digital

www.cisos.club

conectate@cisos.club


Otros

EL DIARIO DEL CISO (THE CISO JOURNAL) Pensando y Trabajando por un Líder de Seguridad Digital

Bolsa de Empleo (Colombia) Amazon busca personas para el cargo de Security Assurance Lead Andean Region en Bogotá, CO | LinkedIn Analista seguridad de la información - Bogotá

Claro Colombia busca personas para el cargo de Administrador/a sr plataformas de seguridad en Bogotá D.C., Colombia | LinkedIn Wood busca personas para el cargo de Seguridad de Procesos en Colombia, CO | LinkedIn

Libros (Books) eBook: "Women Know Cyber: 100 Fascinating Females Fighting Cybercrime" Cybersecurity Ventures is excited to announce that their new book "Women Know Cyber: 100 Fascinating Females Fighting Cybercrime" has just published. Authors: * Steve Morgan * Di Freeze We're proud to announce that Limor Elbaz is among 100 w.

Other Magazines

News & Recolectors IT Security News Weekly Summary – Week 18 | | IT Security News IT Security News Weekly Summary – Week 19 | | IT Security News Jueves, May. 02, 2019 - Ciber-Seguridad en el Mundo Jueves, May. 02, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Jueves, May. 09, 2019 - Ciber-Seguridad en el Mundo Jueves, May. 09, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Lunes, May. 06, 2019 - Ciber-Seguridad en el Mundo Lunes, May. 06, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Martes, May. 07, 2019 - Ciber-Seguridad en el Mundo Martes, May. 07, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Miércoles, May. 01, 2019 - Ciber-Seguridad en el Mundo

Miércoles, May. 01, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Miércoles, May. 08, 2019 - Ciber-Seguridad en el Mundo Miércoles, May. 08, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Sábado, May. 04, 2019 - Ciber-Seguridad en el Mundo Sábado, May. 04, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Sábado, May. 11, 2019 - Ciber-Seguridad en el Mundo Sábado, May. 11, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Viernes, May. 03, 2019 - Ciber-Seguridad en el Mundo Viernes, May. 03, 2019 - Noticias de Ciber-Seguridad (Iberoamericana) Viernes, May. 10, 2019 - Ciber-Seguridad en el Mundo Viernes, May. 10, 2019 - Noticias de Ciber-Seguridad (Iberoamericana)

www.cisos.club

conectate@cisos.club

Profile for cisosclub

El Diario del CISO (The CISO Journal) Edición 9  

Se comparte con todos ustedes una nueva edición de El Diario del CISO (The CISO Journal), esta nueva edición está cargada de noticias, artíc...

El Diario del CISO (The CISO Journal) Edición 9  

Se comparte con todos ustedes una nueva edición de El Diario del CISO (The CISO Journal), esta nueva edición está cargada de noticias, artíc...

Profile for cisosclub
Advertisement