Desafíos de un CISO de hoy (Challenges of a CISO’s today) Se hace un breve resumen recuento de las noticias más importantes de la semana. Un espacio de reflexión para los Líderes de Seguridad acerca de lo que sucede en el mundo. El conocer lo que pasa permite dar una vista ampliada de la realidad y ofrece mayores posibilidades a la hora de mejorar la capacidad de anticipación.
En esta edición Pensamientos de un CISO (Thoughts of a CISO) Una oportunidad de reflexión acerca de lo que un CISO, puede, o debe pensar, pensando en la construcción y desarrollo de sus funciones propias y su
Conversando con el CISO (Evento) Desde ya se está trabajando en la nueva convocatoria para que nuestra comunidad crezca y juntos podamos aprender. Pronto anuncio de nuestro nuevo aliado y una nueva conversación Espéralo!!!!!
crecimiento
Influencer
Influenciador
Recognized industry authors with some articles of interest.
Autores reconocidos de habla hispana de la industria con algunos artículos de interés.
International InfoSec & CyberSecurity News
Noticias de Seguridad y Ciberseguridad
Eventos
Las noticias más importantes del mundo de los principales portales de seguridad digital actuales.
Los eventos de algunas asociaciones y comunidades latinoamericanas que se resaltan en este espacio.
The most important news in the world of the main current digital security portals.
Reporte de la Semana (Survey of the Week) Espacio para revisar los reportes publicados en la semana inmediatamente anterior.
Bolsa de Empleo Espacio de las ofertas laborales de Colombia
Escríbenos
Visítanos
Desafíos de un CISO de hoy Termina una semana, y con ella un mes más, materia de ciberseguridad y seguridad de la grandes desafíos que ponen de manifiesto y tiempos de transformación digital y realidades cambio; dinámica que invita a estar en una nueva realidad digital de la mejor manera. La con el desmonte y cierre y captura de los ataques de denegación de servicios distribuidos esto pone de manifiesto ejercicios interesantes perseguir este tipo de conductas delictivas noticia de la semana tiene que ver con la multa seguridad por parte de los entes regulatorios de gigante como parte de reconocer el error
Abril 2018– Volumen 12 se acaba el mes de abril del año 2018 y en información, hay un sin número de noticias y ratifican que la constante más auténtica en digitalmente cambiantes precisamente es esa, el postura vigilante, atenta y abierta a aceptar la semana comienza con la noticias relacionadas responsables de uno de los sitios que más (DDOS) se ha provocado en toda la historia, alrededor de la cooperación internacional para como bien la noticia lo señala. La otra gran que ha recibido Yahoo! por su brecha de Estados Unidos y que ha decidido aceptar el cometido.
La costosa recuperación del estado de Atlanta en Estados Unidos frente al malware conocido como SamSam que estima en 2.6 billones de dólares, con lo cual según los expertos en divisar la poca preparación frente a los ataques informáticos. Los ataques de Ramsoware siguen a la orden del día y es el gobierno de Ucrania en una de las páginas del ministerio de energía a quien toca la puerta. De igual manera las diferentes industrias se ven advocadas a los adversarios digitales y a sus efectos. Casos como las industrias hoteleras, así como el sector de la salud son los blancos de la semana, que validan la creatividad, innovación y diligencia de los adversarios digitales por permear los estados de tranquilidad de las organizaciones en un contexto digitalmente modificado. Por otra parte se publican reportes importantes como el de Ponemon Institute, quien estudia el costo de los ciberataques en las organizaciones y en esta ocasión en una de las cifras resumen de su informe resalta que en promedio a las organizaciones les cuesta 8.76 millones de dólares al año recuperarse de un incidente informático, cifra no menor y además que ratifica un continuo crecimiento, que demanda atención por parte de las organizaciones. Por ultimo cada vez se hace más cercana la fecha de cumplimiento con el marco regulatorio de la GDPR que ha puesto en vilo a muchas organizaciones alrededor del mundo en el término de su cumplimiento, los diferentes reporte muestran que muchas organizaciones no están listas para cumplir con las exigencias de dicha regulación y por tanto se ha creado un ambiente de incertidumbre alrededor de las cosas que podrán suceder. Todo esto ponen de manifiesto una tensión continua y constante para los líderes de seguridad y resiliencia digital que deben estar atentos a las condiciones que cambian con una dinámica tan compleja que hacen que movimientos inadecuados sean pasos no exitosos en la carrera por construir confianza a la hora de construir la postura de confianza digital que requiere la organización en la que se desenvuelve. Las preguntas de reflexión en esta oportunidad están centradas en: ¿Cuáles deben ser las prioridades de un líder de seguridad y resiliencia digital?, ¿Cuál podría ser el primer paso de un profesional de seguridad y resiliencia digital para guiar a su organización en la construcción de confianza digital?, ¿De qué manera la cooperación, colaboración y cocreación pueden ayudar a un líder de seguridad y resiliencia digital? Escríbenos en
Visítanos en
Pensamientos de un CISO –Thoughts of a CISO
Éxito y fracaso de un CISO
Marketing and sales of a CISO
Dos palabras complejas y de mucha profundidad, con una cantidad de matices y definiciones. Se describe el “éxito” según la RAE como “Buena aceptación que tiene alguien o algo”, en este sentido el éxito tiene que ver con lo que otros perciben, y “fracaso” como “Malogro, resultado adverso de una empresa o negocio”. En este sentido ambos están orientados al resultado. Aplicados a las labores de un líder de seguridad y resiliencia digital se dirá entonces que sus acciones desembocan en resultados que son aceptados, y por tanto hay éxito en su proceder o actuar y fracaso cuando las mismas no desemboquen en resultados con los que la organización este conforme o generen resultados no esperados.
Two complex words and very deep, with a number of nuances and definitions. The Oxford Dictionary define “success” as “The accomplishment of an aim or purpose.” And “failure” as “The neglect or omission of expected or required action”. In this sense both are oriented to the result. Applied to the work of a digital security and resilience leader, it will be said that their actions lead to results that are accepted, and therefore there is success in their actions or actions and failure when they do not result in results with which the organization is agree or generate unexpected results.
En el siguiente espacio de preguntas se deja para la reflexión acerca de lo que puede ser considerado un éxito o un fracaso de un líder de seguridad y resiliencia digital.
In the following space of questions is left for reflection about what can be considered a success or failure of a digital security and resilience leader.
What are considering a CISO as success of his actions?, For a CISO who is considered a failure? ¿Qué está considerando un CISO como éxito de sus acciones?, How does the CISO believe that its management is seen in the ¿Para un CISO que es considerado un fracaso? organization? What does the organization consider to be a successful ¿Cómo cree el CISO que es vista su gestión en la organización?, CISO? ¿Qué considera la organización que es un CISO exitoso? Where can the success of a CISO start? Where does the failure of a ¿Dónde puede empezar el éxito de un CISO?, ¿Dónde empieza el CISO start? fracaso de un CISO? What are the key elements to keep in mind and execute that ¿Cuáles son los elementos claves a tener presente y ejecutar que guarantee the success of a CISO? What do you think may be the garantizan el éxito de un CISO?, ¿Cuáles se creen que puedan ser los elements to consider that a CISO should not do? elementos a considerar que un CISO no debe realizar? How can a CISO achieve success? ¿Cómo un CISO puede alcanzar el éxito? How a CISO can achieve failure? ¿Cómo un CISO puede alcanzar el fracaso? What can be the lessons of a failure for the CISO? ¿Cuáles pueden ser los aprendizajes de un fracaso para el CISO? Te invitamos a que compartas tus opiniones Escríbenos en
We invite you to share your opinions Visítanos en
The complete article is here
Influencers Patrick Watson Patrick Watson is a compulsive trend-observer and John Mauldin’s senior economic analyst Privacy Is Dying, Like It or Not The funny thing about breakthrough technologies is that we rarely see the break. They tend to sneak up on us. Every now and then, something revolutionary comes out of nowhere, like the iPhone in 2007, but it still took a few more years to take off. The other thing that changes slowly is us. Technology modifies our attitudes and beliefs so gradually that we don’t realize it’s happening, but the changes are real and usually permanent. The complete article is here
Helen Patton An Information Security/Risk Professional The Seven Circles of Security: Where This CISO Spends Her Time Most people interested in a career in Security wonder what it is, exactly, that Security people DO. And, as the profession has grown and matured, what Security people DO has grown and matured too. A quick Google of “cyber security mind map” will reveal any number of maps showing the intricacies of Risk Management, Security Operations, Integrations, and the like. I really like these maps. They show me all the things I might be overlooking in my own program, and they let me know if I’m putting emphasis on the right, or the wrong, things.
Richard F. Chambers CIA, QIAL, CGAP, CCSA, CRMA, is president and CEO of The IIA. What Will Internal Audit's Future Leaders Look Like? It is a safe assumption that every profession will change dramatically the deeper we go into the 21st century. Technological innovations, the rapid evolution of artificial intelligence, and geopolitical and macroeconomic pressures virtually guarantee it.
The complete article is here
Daniel Miessler An Information security professional. If you’re not doing Continuous Asset Management you’re Not Doing Security
The more a company can tell me about their assets the better their security is, and the more comprehensive and realtime the inventory is, the more mature they are. This has been true for me over 15 years of consulting across hundreds of organizations. But just try—either as an internal employee or as a consultant—to get a dedicated resource hired to create an asset management system and keep it updated. Most companies will look at you like you asked for the walls to be repainted in invisible paint. The complete article is here
Top of News
International InfoSec & Cybersecurity News
'Webstresser' DDoS Attack Site Shut Down in international operation www.darkreading.com Investigators arrested the admins of Webstresser, the world's largest DDoS marketplace reportedly responsible for more than four million attacks.
Altaba Fined $35m for Yahoo Breach Notification Failings www.infosecurity-magazine.com The company formerly known as Yahoo has agreed to pay a $35m penalty to the Securities and Exchange Commission after failing to notify the market promptly about a breach of hundreds of millions of accounts.
$8.76 million: The average yearly cost of insider threats ... www.helpnetsecurity.com According to The Ponemon Institute’s report, “2018 Cost of Insider Threats: Global Organizations,” the average cost of an insider threat annually is $8.76 million.
Ransomware Attack On Ukraine’s Energy Ministry Website ... www.informationsecuritybuzz.com As part of our security experts comments series Andrea commented below on the news that malicious actors have used ransomware to take the website of Ukraine's
Atlanta's recovery highlights the costly mistake of being unpreparedDe www.csoonline.com The Samsam attack against the city of Atlanta in March was chaotic and crippling.
Orangeworm Mounts Espionage Campaign Against Healthcare ... threatpost.com A freshly minted attack group dubbed Orangeworm has been uncovered, deploying a custom backdoor in mostly healthcarerelated environments.
Cybersecurity – now a top boardroom priority - IT SECURITY ... www.itsecurityguru.org UK businesses are facing a series of regulatory demands, including the much talked about GDPR, which is now fewer than 65 days away.
Infosecurity-Magazine
Darkreading
Other Important News 'Stresspaint' Targets Facebook Credentials Yahoo to Pay SEC Fine of $35 Million 'Zero Login:' The Rise of Invisible Identity 12 Trends Shaping Identity Management Cloud Misconceptions Are Pervasive Across ... Coviello: Modern Security Threats are 'Less About ... Cybersecurity Buzz Phrase Bingo Deconstructing the Possibilities and Realities of ... Despite Risks, Nearly Half of IT Execs Don't ... Digital Identity Makes Headway Around the World Diversity: It's About Inclusion Europe and Asia Take on More DDoS Attacks Free New Tool for Building Blockchain Skills Golden Galleon Raids Maritime Shipping Firms Google Adds Security Features to Gmail Face-lift How Microsoft, Amazon, Alphabet Are Reshaping Security IDS & IPS: Two Essential Security Measures - Dark ... #BSidesScot: Understand the Move from Consultant to Client #RSAC: Infosecurity ‘Solutions’ Are Becoming the Problem A Quarter of UK Manufacturers Suffer Cyber-Attack Losses Alexa Turned Spy, Able to Snoop on Users Insider Breach Costs Rise to $8.7m+ DWP to Splash £15m on GDPR as Deadline Approaches EMEA Ransomware Attacks Soared Last Year Experts: Switch Off Wi-Fi and Ditch Paperless Voting Machines Facebook Cybersecurity University Graduates US Veterans Fight to Get SMBs PCI Compliant a Losing Battle GDPR Too Close, Half of Global Companies Not Ready Gmail Spam Campaign Annoying, Not a Hack Healthcare Targeted by Hacker Group Orangeworm Improved Security Standards for Electric Grids
It's Time to Take GitHub Threats Seriously Latest News from RSAC 2018 Low-Cost Crimeware Kit Gaining Popularity in ... MEDantex Healthcare Transcription Firm Accidentally ... MyEtherWallet DNS Attack Offers Opt-In Lessons New Phishing Attack Targets 550M Email Users Worldwide New Survey Shows Hybrid Cloud Confidence North Korea Ramps Up 'Operation GhostSecret' Cyber ... Reno Man Created 8,000 Fake Online Accounts via ... Routing Security Gets Boost with New Set of MANRS ... Threat Actors Turn to Blockchain Infrastructure to ... Threat Intel: Finding Balance in an Overcrowded Market Ukrainian Energy Ministry Website Suffers ... US Healthcare Firms Among Dozens Hit in ... Why Hackers Love Healthcare Why Information Integrity Attacks Pose New Security ... Introducing the New, Refined NIST Version 1.1 Isolated, Air-Gapped Cypto-Wallets Hacked Keep Hackers Locked Out of Hotel Rooms Major Takedown of Site Selling Cyberattacks PyRo Mine Malware Uses NSA Tool to Collect Monero Security Fears as TSB Customers Able to Access Others’ Accounts Security Pros Support Data Collection Regulations SunTrust Investigating Major Malicious Insider Breach Turning web traffic into sound reveals increases and decreases in traffic levels Two-fifths of UK Firms Suffered Attack or Security Breach in 2017 UK Financial Sector Must Improve Collaboration: Report UK SMBs Urged to Test Cyber-Resilience Ukrainian Energy Ministry Site Downed in Drupal Ransomware Attack US Child Identity Fraud Victims Lost $2.6bn Last Year
HelpNetSecurity InformationSecurityBuzz
Infrastructure of APT Group Crouching Yeti Uncovered Life Under GDPR and What It Means for Cybersecurity Whitepaper: DNS Threat Intelligence vs. AI Network Security Adoption of security ratings platforms is on the rise Apple device users, stay away from QR codes until you upgrade Better code won't save developers in the short run Can existing endpoint security controls prevent a significant attack? Cyber risk assessment and disclosure requirements: What’s important to you? Cybersecurity task force addresses medical device safety Effective intrusion detection for the Internet of Things Exfiltrating private keys from air-gapped cold wallets Expand vulnerability and risk management programs to eliminate security misconfigurations Former SunTrust employee stole data on 1.5 million clients Global AI business value to reach $1.2 trillion in 2018 Gmail users can now send self-destructing emails IT workforce increasingly overworked and stressed out 2018 DCMS Cyber Security Breaches Survey Release Check Point Researchers Discover Next Generation Phishing Kit Cyber Risks in the Manufacturing Industry Cyber-Attack Site Webstresser Taken Down FDA Majorly Concerned Over Cybersecurity Vulnerabilities In Medical Devices Five Network Security Pitfalls That Could Be Putting Your Organisation At Risk Five Reasons To Be Cheerful About GDPR Global Cybercrime Based Economy Generates Over $1.5 Trillion According To New Study
What Organizations Can Do to Strengthen Their Cybersecurity Stance Largest inhibitor of cyber insurance market growth? Silent cyber risk Most dangerous attack techniques, and what's coming next Most SAP systems vulnerable to critical security configuration risk MyEtherWallet users robbed after successful DNS hijacking attack New Drupal RCE vulnerability under active exploitation, patch ASAP! Not all malware is created equal Only half of CI/CD workflows include appsec testing elements Orangeworm hackers target healthcare corporations Researchers discover next generation phishing kit Small merchants are not effectively engaging with PCI programs SOCs require automation to avoid analyst fatigue for emerging threats Solving the dark endpoint problem with increased visibility and control Unsurprisingly, most won't be ready for GDPR on 25th May Hyperoptic Router At Risk Of Being Hacked LinkedIn Autfofill Plugin Flaw Allowed Hackers To Steal Users Personal Information One Month GDPR Countdown WinMagic Survey Finds Most Companies Won’t Be Ready For EU GDPR Legislation On 25th May Security In DevOps Is Lagging Despite Advantages And Opportunities, According To New Study by 451 Research And Synopsys Security Issues: New Amazon Service To Deliver Directly Into Car Boots Two Thirds Of Banking Apps Have Critical Vulnerabilities
5 signs you've been hit with an advanced persistent threat (APT)
Going through the 7 stages of GDPR
Another night at the information security museum
Hikvision flaw could be remotely exploited to hijack cameras, DVRs
CSOOnline
Threatpost
Global government surveillance: I'll spy for you, if you spy for me
How lean development improved software security at Fannie Mae
Aviation industry takes steps to mitigate insider threats
How to stop threats before they hit your network The best antivirus? Kaspersky leads in latest tests, but that's only part of the story
Data and privacy breach notification plans: What you need to know Doing security policies right Fireside Chat with Renesas Electronics: Talking Security & Threat Protection for Connected Cars Bezop Cryptocurrency Server Spills 25K in Private Investor, Promoter Data Europol Smacks Down World's Largest DDoS-for-Hire Market Exploit Targets Nvidia Tegra-Based Nintendo Systems Metamorfo Targets Brazilian Users with Banking Trojans Muhstik Botnet Exploits Highly Critical Drupal Bug
Securityweek
Itsecurityguru
Orangeworm Mounts Espionage Campaign Against Healthcare Podcast: Why Manufacturers Struggle To Secure IoT Amplification attacks and old botnets make a comeback Connectivity is driving the manufacturing boom, but beware of unwanted attention Cybersecurity strategies neglected in wake of the boardroom’s quest for digital Department for work and pensions spending nearly £15m on GDPR Ever wondered how to make malware visual...Enter Maltoons! Traditional security defences may prove inadequate for effective GDPR strategies, warns Aruba 13 Year-Old Configuration Flaw Impacts Most SAP Deployments Amazon Alexa Can Be Used for Snooping, Researchers Say Authorities Take Down Largest DDoS Services Marketplace Closing the Gaps that Result in Compromised Credentials Drupal to Release Second Drupalgeddon2 Patch as Attacks Continue Flexibility vs. Security - A False Choice
What is a Cybersecurity Technology Platform Anyway? Why data governance should be corporate policy PyRoMine Uses NSA Exploit for Monero Mining and Backdoors Researchers Hacked Amazon's Alexa to Spy On Users, Again Rubella Crimeware Kit: Cheap, Easy and Gaining Traction ThaiCERT Seizes Hidden Cobra Server Linked to GhostSecret, Sony Attacks Uber Tightens Bug Bounty Extortion Policies SamSam Ransomware Evolves Its Tactics Towards Targeting Whole Companies Kaspersky Lab identifies infrastructure of Crouching Yeti known for attacks on industrial companies New malware strain strikes X-ray and MRI systems – how can we cure the security sickness? Synopsys Survey Reveals Only Half of CI/CD Workflows Include Application Security Testing Elements Take back the initiative on DDoS protection – it’s time to be proactive The cyber intelligence landscape is evolving
Hotel Rooms Around the World Susceptible to Silent Breach Internet Exposure, Flaws Put Industrial Safety Controllers at Risk of Attacks New Advanced Phishing Kit Targets eCommerce Picture This. Now Protect It. Ransomware Hits Ukrainian Energy Ministry Website Researchers Dissect Tool Used by Infamous Russian Hacker Group
ComputerWeekly
Cyber fraud costs SMEs more than ÂŁ1,000 per case Employees still in the dark about data protection Google claims it is GDPR ready Government urges UK businesses to beef up cyber crime defences Major DDoS cyber crime website shut down
One month to GDPR compliance deadline Only 5% of charities are ready for GDPR, survey shows Orangeworm cyber attack group targets health sector Ransomware attack hit Ukraine energy ministry website Security Think Tank: Cryptojacking can be costly Most organisations unprepared for GDPR, survey finds
Security Think Tank: GDPR compliance one good reason to cut attacker dwell time
SCMagazine $152,000 in Ethereum stolen in Amazon DNS server attack CCleaner attackers gained access to app developer's network via TeamViewer Fact vs. Fiction: Understanding the Future of Connected Car Security New standard accepted by Federal Energy Regulatory Commission for critical infrastructure protection Newcomer cybergang Orangeworm targeting healthcare sector One month out: Top 6 steps for GDPR compliance Polymorphic Monero-Mining RETADUP Worm keeps threat detection on its toes PyRoMine uses NSA exploits to mine Monero and disable security features Study finds children hit worst by data breaches Massive phishing campaign targets half a billion users in the first quarter 2018 Insecure default configuration still endangering SAP users after 13 years
BankinfoSecurity Atlanta's Ransomware Cleanup Costs Hit $2.6 Million DDoS 2018: How IoT is Fueling Attacks SEC Fines Yahoo $35 Million Over 2014 Breach SunTrust: 1.5 Million Clients' Details Potentially Stolen Symantec: 'Orangeworm' Group Hits Healthcare Organizations Thailand Seizes 'Hidden Cobra' Command-and-Control Servers Toolkit Generates Malicious Office Macro Malware
ETCISO
Techrepublic 3 ways to minimize cyberattack threats by reducing attack surfaces Hackers' hotel 'master key' could be big risk for business travelers How companies with small budgets can still build a cyberdefense plan How to help employees realize their responsibility in keeping a company safe from data breaches IT must patch against Total Meltdown now: The source code is on GitHub Major DDoS attack lasts 297 hours, as botnets bombard businesses Managing a distributed workforce: How to maintain cybersecurity when everyone works remotely Russian hackers take down Amazon DNS, steal $160K in cryptocurrency
Securityintelligence Asking the Right Questions About Cybersecurity Risk Management Cybercrime Profits Soar to $1.5 Trillion Cybersecurity and the Interconnectedness of Infastructure Tops List of Emerging Risks Data Privacy Now a Top Public Priority FDA Rolls Out New Action Plan for Medical Device Cybersecurity
Thehackersnews
70% Global companies see security, immature technologies as barriers in cloud mutation Cyber-crime website behind 4 million attacks taken down Data Protection: Data: You should know it’s precious DNS security trends as next gateway to mitigate ransomware, trojan attacks: Report facebook: It's not over yet! Facebook warns of more data breaches
ScmagazineUK IoT botnet actively exploiting Drupal CMS bug Malicious calculator app adds up Bitvote coins in cryptomining scheme Ransomware up 350% says 2018 Global Threat Intelligence Report Two-thirds of online banking systems in 2017 contained high-risk vulnerabilities
Careerinfosecurity Does Good Privacy Equal Good Business? Recent Ransomware Incidents Serve Up Lessons Workforce Development: Reducing Barriers to Entry
Healthcareinfosecurity Cryptocurrency Heist: BGP Leak Masks Ether Theft Police Seize Webstresser.org, Bust 6 Suspected Admins Risk Analysis Requirement Survives ‘Meaningful Use’ Revamp
Krebsonsecurity DDoS-for-Hire Service Webstresser Dismantled Security Trade-Offs in the New EU Privacy Law Transcription Service Leaked Medical Records
Racounter ‘Time for the C-suite to take a fresh look at risk’ Calculating the cost of cyber-risk Predictive analytics power cyber-insurance industry
Cbronline Massive Phishing Attack Launched from "Legitimate" Infrastructure
Amazon Alexa Has Got Some Serious Skills—Spying On Users! Hackers build a 'Master Key' that unlocks millions of Hotel rooms Police Shut Down World's Biggest 'DDoS-for-Hire' Service–Admins Arrested Release of PoC Exploit for New Drupal Flaw Once Again Puts Sites Under Attack Third Critical Drupal Flaw Discovered—Patch Your Sites Immediately
Forbes A Lack Of Cybersecurity Funding And Expertise Threatens U.S. Infrastructure Advanced Hackers Infect X-Ray Machines In Healthcare Espionage Cybersecurity And The Human Element The AI Cybersecurity Arms-Race: The Bad Guys Are Way Ahead
Zdnet Atlanta projected to spend at least $2.6 million on ransomware recovery This cryptocurrency mining malware also disables your security services Amazon's Alexa could be tricked into snooping on users, say security researchers
Bleepingcomputer Orangeworm Hackers Infect X-Ray and MRI Machines In Their Quest for Patient Data Ransomware Hits HPE iLO Remote Management Interfaces World's Largest Spam Botnet Finds a New Way to Avoid Detection... For Now
Malwarebytes Please don't buy this: smart toys Securing financial data of the future: behavioral biometrics explained The Internet of Everything and digital privacy: what you need to know
Govtech Cybersecurity: Bridging the Gap between Technology and People How Hackers Could Cause Chaos on America's Roads and Railways
Tripwire Why We Believe Georgia's S.B. 315 Bill Will Increase Cybersecurity Risk
NHS Digital: “20 Cybersecurity Experts? We’re Fine”
Women in Information Security: Leanne Williams
Theregister
Thehill
Massive cyber attack targets mid-Atlantic nation 'Berylia' Medic! Orangeworm malware targets hospitals worldwide
New hacker group targets US health-care industry, researchers say DHS chief on unfilled cybersecurity positions: We’re working on it
Cyberscoop
CSOAU
Regulators tightening controls on devices connecting to utility company networks The ‘right’ security conference in the making
“Shocking” data-breach volumes only hint at the true magnitude of Australia’s data insecurity Industry, enterprises look to gamification as sides are drawn in cybersecurity’s infinity war
Simple News 10 Principles for Leading the Next Industrial Revolution 30 Days To Get Your Enterprise Plan In Place Before GDPR Goes Live May 25 5 steps to improve cybersecurity resilience Addressing Cybersecurity Risks through Effective Supply Chain Management AI And Machine Learning For Cybersecurity: Friend And Foe? Atlanta Spent $2.6M to Recover From a $52,000 Ransomware Scare BeyondCorp Run Zero Trust Security Like Google Build a Head-of-the-Class Information Security Team - EdTech Commvault Company formerly known as Yahoo to pay $35M over massive breach Cryptojacking on the Rise: Employees are Hijacking Company Servers Current forecast: Cloudy with a chance of exposed data - Data Security Blog Cyber Attacks: Protecting National Infrastructure Cyber Security Awareness Gap Hurting Enterprises Around The World? Cyber Security Breaches Survey 2018 Cyber Security: Whose Job is it Anyway? Cyber-attack website Webstresser taken down Cybersecurity defense starts in your office Cybersecurity starts with the weakest link – the user DDoS attacks in Q1 2018 Defending hospitals against life-threatening cyberattacks Emerging memory devices used to develop electronic circuits for cybersecurity applications -- ScienceDaily How Chief Privacy Officers Are Keeping Brands’ Hands Off Consumers’ Personal Data
www.strategy-business.com www.securityroundtable.org www.akuaroworld.com www.americanexpress.com minutehack.com www.wired.com www.beyondcorp.com edtechmagazine.com discover.commvault.com www.cnet.com btcmanager.com blog.thalesesecurity.com www.tobem.com www.cshub.com www.gov.uk www.hrtechnologist.com www.bbc.com www.bizjournals.com www.computerworld.co.nz securelist.com phys.org www.sciencedaily.com www.adweek.com
How Cyber Security Impacts Small Businesses How do you secure a cybersecurity company? Improving cybersecurity visibility and state and local government agencies InfoSec Handlers Diary Blog - Internet Storm Center Diary 2018-03-08 IOTA to Demonstrate IoT Applications at Industry Conference in Germany Tomorrow Know Your Cyber Security Reporting Obligations Machines and humans team up for cybersecurity Malicious Amazon Alexa Skills Can Record Everything a User Says Mitigate, Mitigate, Mitigate: There's More Than One Way To Respond To Security Risk Naval Academy sees big boost in cybersecurity majors Naval Academy Sees Big Boost in Cybersecurity Majors New Privacy International report reveals dangerous lack of oversight of secret global surveillance networks Orangeworm Hacking Group Targets Health Sectors in U.S, Europe, and Asia Privacy Protection Grabs The 2018 RSA Security Conference Limelight RSA Conference 2018 Closes 27th Year Bringing Top Information Security Experts Together to Debate Critical Cybersecurity Issues RSA Conference 2018 Takeaways - XM Cyber RSA Conference 2018: A secure internet starts with YOU, and it’s everyone’s responsibility - Security Boulevard The Facebook scandal could about to be eclipsed by claims affecting nearly 25 million UK citizens SecurityBrief Australia - Brisbane cybersecurity startup protects $1 billion worth of ICO funding from hackers Taking a precautionary approach to the cyber-risk from quantum computing Tech Stock Index Reverses As Dow's Apple, Intel Give Up Gains The future of IoT cybersecurity depends on how we react today They’re on the lookout for malware that can kill UK Teen Sentenced for 'Cyber Terrorizing' US Officials Wake Up Call: Your Hotel Room Key We don’t know what to do if a satellite gets hacked WebEx vulnerability could spread malware between colleagues What does a CISO actually do? What security concerns should your CIO be worried about? When should an organization report a data breach? Why Cryptocurrency Mining Malware is Targeting Corporate Networks—and Why You Should Care
www.insidesources.com news.sophos.com statescoop.com isc.sans.edu www.financemagnates.com www.myabt.com thebulletin.org www.eweek.com www.marketingmuses.com www.fifthdomain.com www.military.com privacyinternational.org securereading.com medium.com www.rsaconference.com xmcyber.com securityboulevard.com www.thecanary.co securitybrief.com.au techhq.com www.investors.com internetofthingsagenda.techtarget.com www.washingtonpost.com www.govinfosecurity.com mill-all.com theoutline.com www.welivesecurity.com thomlangford.com gadgetrio.us www.itgovernanceusa.com www.pivotpointsecurity.com
Why the future of cybersecurity is in the cloud - Cloud Tech News Nuclear Power Plants Have a 'Blind Spot' for Hackers. Here's How to Fix That. Hackers create ‘master key’ that unlocks millions of hotel room doors How to Keep Sensitive Data Safe from Business Email Compromise RSA 2018: Within the Golden Age of Cyber Crime we've a Individuals Drawback Careem hit by cyber attack, data of over 14 million customers and captains stolen by the hacker(s) Diversity: It’s About Inclusion
www.cloudcomputing-news.net motherboard.vice.com www.siliconrepublic.com resources.infosecinstitute.com system-projects.com www.menabytes.com irishinfosecnews.wordpress.com
Conversando con el CISO Pensando y trabajando por un Líder de Seguridad y Resiliencia Digital Diferente Pensando en la oportunidad de crecimiento de los Líderes de Seguridad y Resiliencia Digital, se han definido algunas temáticas para nuestras próximas conversaciones. Nos gustaría tener tu opinión para los siguientes temas
Marketing y ventas de un CISO Relaciones de un CISO Comunicaciones de un CISO Liderazgo y Gerencia de un CISO Inteligencia Emocional de un CISO Pensamiento Sistémico de un CISO
Por tanto nos gustaría escuchar tus opiniones al respecto. ¿Cuál consideras deba ser el orden para atender estas temáticas?, ¿En qué orden las pondrías ustedes?, ¿Consideras que deba existir un tema diferente? Escríbenos a nuestro correo electrónico, atento a tus comentarios.
Influenciador Juan Carlos Alvarez Mesa CEO at InterLAN, Inc.
Resumen del RSA Conference 2018 Ha finalizado la semana del RSA Conference, evento que sigue creciendo exponencialmente, este año reunió a más de 42.000 asistentes. Me permito compartirles las tendencias más importantes que dan forma al panorama actual de la seguridad de la información.
Fuga desde Storage en la nube Hoy en día el Software se construye de manera diferente y en muchas ocasiones el código se almacena en servicios de nube como GitHub, Amazon S3, Azure entre otros. Las mayores fugas de información se han presentado desde repositorios de nube mal asegurados. Código y Datos almacenados de manera insegura, repositorios privados que por accidente se marcan como públicos. Llaves y contraseñas almacenadas en los lugares equivocados Articulo original tomado de Linkedin
ASIS Juárez Asociacion de Profesionales de Seguridad ASIS International Capítulo 280 Juarez-Chihuahua
Infosecurity México 2018 alerta sobre riesgos para países en caso de sufrir ataques cibernéticos
Ciudad de México.- Infosecurity México 2018, el evento que presentará lo último en conocimiento, tendencias y soluciones para proteger la información corporativa e institucional, presentará dentro de su programa de conferencias a José Luis Bolaños, director de Seguridad de Gas Natural Fenosa, una compañía multinacional participante en el sector del gas y la electricidad con sede en España, pero con presencia en 24 países. Articulo original tomado de Linkedin
Top de noticias
Noticias de Seguridad y Ciberseguridad
Vulnerabilidad En Drupal Cms Utilizada Para Criptominado hackeandolared.com Drupal además de algunas cosas también es un sistema de administración de contenido (CMS) de código abierto como WordPress y es utilizado por más de un millón de sitios web en todo el mundo.
“Rebajas” Comprar Rubella kit de hacking de dark web noticiasseguridad.com “Rebajas” Comprar Rubella kit de hacking de dark web
Europol cierra la web de ciberataques por encargo más grande del mundo cso.computerworld.es WebStresser, la que hasta ahora era la web de ciberataques por encargo más grande del mundo, ha sido derribada por funcionarios de Europol este miércoles.
Hackers explotan vulnerabilidad para crear llaves maestras de hoteles www.entornointeligente.com Recientemente, se ha descubierto que millones de cerraduras electrónicas instaladas en habitaciones de hoteles en todo el mundo son vulnerables a un ataque.
El mayor catálogo de malware para entrenar a la IA contra los hackers www.technologyreview.es EMBER ofrece simulaciones de programas malignos y benignos para que las máquinas aprendan a distinguir el software malicioso sin riesgo de ser infectadas.
Problemas de ciberseguridad por falta de supervisión ... discoverthenew.ituser.es Una encuesta mundial entre desarrolladores de aplicaciones arroja luz sobre lo grande que ha sido el problema de seguridad cibernética
El profesional de ciberseguridad: claves para una profesión de futuro... www.europapress.es La Ciberseguridad esta cada vez mas extendida en nuestro día a día y tiene cada vez un mayor auge en todos los sectores profesionales e incluso en el ámbito personal
Otras noticias Maneras En Que Los Hackers Ganan Dinero Con Los Datos Robados El Programa De Recompensas De Errores Hyperledger Se Vuelve Público
hackeandolared.com
El Malware Stresspaint Roba Las Credenciales De Facebook Y Las Cookies De Sesión Los Hackers Ahora Están Usando Botnets Para Quitarle El Trabajo Duro De Irrumpir En Las Redes 150000 sitios web de Drupal fueron hackeados por esta nueva vulnerabilidad
noticiasseguridad.com
Hackear cualquier red inalámbrica usando una herramienta poderosa: En riesgo empresas mexicanas por falta de estrategias de ciberseguridad
www.informate.com.mx
Procuraduría y banqueros trabajan para blindar la seguridad informática EE. UU. y Reino Unido advierten de que Rusia está pirateando routers en ciberataques globales
cso.computerworld.es
Noticias de otros portales
Nueva regulación en materia de ciberseguridad
gerente.com
La información que usted publica en facebook debe ser veraz: corte constitucional
www.elespectador.com
Cazarrecompensas de ciberseguridad: cuando encontrar errores se convirtió en negocio
www.ticbeat.com
Xi traza proyecto para desarrollar poderío de china en el ciberespacio
spanish.peopledaily.com.cn
Exclusive networks: "la fragmentación de la ciberseguridad va en contra de la especialización"
www.muycanal.com
Comité de ciberseguridad de méxico sesiona por primera vez
www.elarsenal.net
Diez consejos para minimizar las vulnerabilidades de seguridad de iot
www.networkworld.es
Al 72% de los internautas les preocupa que les pidan tantos datos personales
www.ciospain.es
En riesgo empresas mexicanas por falta de estrategias de ciberseguridad
ladehoy.com.mx
Ciberseguridad en el proceso electoral
www.tecnopolitica.com.mx
Seguridad informática. Un fallo en linkedin podría permitir el robo de datos personales de los usuarios
inbiosys.wordpress.com
Advierte g-7 que amenaza a la ciberseguridad va en aumento
www.omnia.com.mx
El profesional de ciberseguridad: claves para una profesión de futuro
www.europapress.es
Por qué otra vez hackearon al gobierno: ¿qué paso, se puede evitar?
www.infotechnology.com
Ataque de trustjacking permite hackers para hackear dispositivos ios
iicybersecurity.wordpress.com
Routers, armas de ataque de los cibercriminales
www.ciberseguridadlatam.com
Reportes de la Semana Estos son algunos de los informes y reportes en materia de seguridad, y ciberseguridad publicados por reconocidas organizaciones.
Eventos Algunos de los eventos a ser realizados en Bogotá (Colombia), en los próximos días y meses
ISACA Bogotá Day | ISACA Bogotá Chapter www.isacabogota.org ISACA Bogotá Day, el congreso de los especialistas es el congreso de los especialistas en gestión de gobierno, auditoría, control, aseguramiento, seguridad y riesgos al nivel de las tecnologías de información.
LatamTour2018 - OWASP www.owasp.org Do you want to give a talk or a training session in Latin America? Please send your proposals to the corresponding chapter leader before March 1st 2018
Colomia - dcd.events dcd.events DCD>Colombia celebra la 9ª edición de su congreso en 2018, y lo hace en un nuevo espacio, Ágora Bogotá Centro de Convenciones. La cita será el próximo 20 de junio. Este congreso está pensado para los más 600 profesionales del diseño, construcción, administración y operación del data center que nos acompañarán para conocer de primera mano las novedades de un sector digitalizado, que ha incrementado su presupuesto en la nube y que busca en los datos una nueva fuente de ingresos para su negocio. Participación de CISOS.CLUB
XVIII Jornada Internacional de Seguridad Informática ACIS 2018 acis.org.co En un mundo digitalmente modificado los profesionales de seguridad de la información se encuentran inmersos en nuevos contextos, donde abundan las incertidumbres y escasean las certezas. Participación de CISOS.CLUB
Bolsa de Empleo
Líder De Seguridad Informática Oficial De Seguridad Especialista En Infraestructura Y Seguridad
Coordinador De Seguridad De La Informacion En Bogotá
Ingeniero Senior- Seguridad de la informacion
Analista Seguridad Informática Especialización En Seguridad Informática Oficial De Seguridad
Universidad del Rosario: Ofertas de Empleo y Trabajo en Universidad del Rosario