Security manager e Vigilanza Privata insieme a Milano per una giornata di studi: Il risk awareness, come si chiama in inglese, e’ la base del processo di analisi, conoscenza e comprensione profonda degli scenari, degli eventi, delle variabili umane,...
#AISeM #IlariaGaraffoni #EthosMediaGroup #riskawareness #securitymanagement http://dlvr.it/THwrZW

Our February meetup is sponsored by Wellington Management
We have John Kordis talk about #vulnerabilitymanagement. We also have David Hunt talk about #securitymanagement for small companies. Make sure to RSVP by Feb 18th at https://www.meetup.com/the-boston-security-meetup/events/305975780/ . We have limited spots available!

Our February meetup sponsored by Wellington Management has two great talks! First we have John Kordis talk about #vulnerabilitymanagement and next we have David Hunt talk about #securitymanagement for small companies. Make sure to RSVP by Feb 18th at https://www.meetup.com/the-boston-security-meetup/events/305975780/ . We have limited spots available!

🔢 Overwhelmed by the increasing complexity of #security systems? Don’t worry—let’s break it down in 5 key points!

Adopting integrated security systems allows for coordinated and intelligent management of #videosurveillance, #intrusiondetection, and #firesafety, simplifying operations for both end users and installers. Here’s what you need to know 👇
Link

#IntegratedSecurity #ComelitSolutions #SecurityManagement #SmartSecurity #TechSimplified #EfficientSecurity

FortiAppSec Cloud simplifies web application security management
https://www.helpnetsecurity.com/2024/12/04/fortiappsec-cloud/

#Infosec #Security #Cybersecurity #CeptBiro #FortiAppSecCloud #WebApplication #SecurityManagement

🚨 Did you know 37% of organizations struggle to detect threats hidden in encrypted traffic? 🚨 In today’s multi-cloud world, having the right Firewall Security Manager is essential for staying secure and compliant.

💡 A centralized firewall management tool can streamline security policies, automate compliance checks, and improve visibility across your cloud infrastructure.

🌐 How do you manage your network's security policies? Share your thoughts and tips!

Check out our full guide here: https://guardiansofcyber.com/solutions-best-practices/firewall-security-manager-how-to-choose-best-guide/

#Cybersecurity #FirewallSecurity #GuardiansOfCyber #DataProtection #CloudSecurity #ThreatDetection #Compliance #MultiCloud #SecurityManagement

Another, much less bad piece than the previous one, on infosec burnout (albeit 2 years old): "Burnout And Staffing Shortages: Looming Cybersecurity Crises That Need More Attention" (https://www.forbes.com/councils/forbestechcouncil/2022/12/02/burnout-and-staffing-shortages-looming-cybersecurity-crises-that-need-more-attention/ .) Sadly, the prescribed solutions are then usually pie in the sky. IME good corporate infosec people have experience working as at least two of (developer, support, network engineering.) It's really, really hard to substitute that with "training" or a three-year degree course. A good start would be for coalitions of enteprise-scale orgs to start cross-training people in those fields with an interest in security (and an eye to avoiding the relatively lower non-mgmt pay ceilings.) Accept that many of them will start job-hopping (which is why it needs lots of orgs to participate.) Provide copious, good quality training, plus regular rotations out of the trenches to go learn new tools, skills, etc. This in particular will be very expensive, especially when ppl take free training for a few years before pissing off to another employer for a fat pay rise; accept thst as a cost of doing infosec business. (They can save big bucks by stopping buying ludicrously expensive "solutions" as a expensive cargo cult substitute for investing in their ppl.) Give them work experience with the teams they'll need to work with, or at least stick them at desks among them - not just tech functions, but especially back office support (HR, payroll, risk, finance, legal.) It's amazing what a few months with open ears can pick up, not only in terms of Intel, but some appreciation for what the civilians do all day, what their problems are, what they grumble about (and of course how infosec intersects with all that.)

And so on and so forth. I could write a book, but I doubt anyone would pay any attention. Perhaps spend a few years first on a precursor blog... Meh, what's the point? So much easier for orgs to carry on running the few sec people they have, hot, and the bemoaning it when they end up sitting on the hard shoulder in a cloud of dirty smoke with terminally seized engines. And that's why I will shortly be turning my bedside light out and enjoying sleeping away half the morning, rather than flogging myself to get up and go back to corporate infosec hell :)

#infosec #securityManagement #fail #enterprise #burnout

Security Management Features di Defender for Endpoint per i Domain Controllers (in Preview)!

https://www.ictpower.it/sicurezza/security-management-features-di-defender-for-endpoint-per-domain-controllers-preview.htm

#CyberSecurity #DefenderForEndpoint #DomainControllers #SecurityManagement #ICTPower

🔒 Discover the Benefits of Access Control for Your Business 🔒 and take control of your assets by preventing data breaches and cyber attacks. A complete understanding of Access Control as well as comparison of:
🔐 DAC
🔒 MAC
🛡️ RBAC
🔍 ABAC
Learn here how Access Control can help! 👇

👉 https://neuronus.net/impact-of-ai-on-the-job-market/

#AccessControl #DAC #MAC #RBAC #ABAC #AccessContolSecurity #CyberSecurity #BusinessSecurity #FacilityManagement #SecurityManagement #Neuronus #NeuronusBlogs

#episode #0d113 des #zeroday #podcast ist eben #online gegangen.
Sven erklärt diesmal was es mit #asm (attack surface Management) als weiteres Tool im #security #management auf sich hat.
Zu hören wie immer in eurem #podcatcher eurer Wahl oder direkt auf der Seite:
https://0x0d.de/2024/03/0d113-kennt-ihr-eure-angriffsflaeche-attack-surface-management/

#podcast #zeroday #asm #0d113 #episode #attacksurfacemanagement #securitymanagement

👀 We asked AI to generate a picture of a "Lonely and Sad Security Awareness Manager in a Dog Pound". Here's the fascinating results... 😁

Plus, debunking AI powered scams and details on Apple's support of RCS all on this week's episode of the Shared Security Podcast!

Watch the full episode on YouTube:
https://youtu.be/uLX3vUyUMu0

Or listen to the audio version wherever you like to get your podcasts:
https://sharedsecurity.net/subscribe

#podcast #AI #securityawareness #securitymanagement #cybersecurity #cybersecurityawareness

Working in cyber security can wear you down. Even if you love the work.

The results of your good work rarely show as a big red, flashing sign that says "You succeeded". Sometimes you wonder if anyone even notices.

But when you can speak to others who are facing the same issues in other organizations, you realize that the work you are doing is really important.

One day, you'll likely see a news story where another organization just like yours fell victim to an attack, and you realize that what you've done makes it less likely to happen in your organization.

That's when you understand the value of what you are contributing.

Come and join the Cyber Security Awareness Forum live panel discussion today, and hear from others in the security awareness industry who have dealt with similar challenges to the ones you're facing.

https://us02web.zoom.us/webinar/register/6017000567129/WN_638kBM5tTzaVM-_oCT3soA

#csaf #cybersecurityawarenessforum #securityawareness #securitymanagement #riskmanagement #humanriskmanagement

There are some well-known reasons why gamification is considered to be a good tool for cyber security training and awareness programs.

There are also some misconceptions about gamification that tend to lead people to dismiss the approach.

In today's live Cyber Security Awareness Forum panel discussion, we'll dig into "The pros and cons of gamification in a security awareness program"

Joing us at 1pm EDT today (Wednesday, November 1), and bring your questions or comments...

https://us02web.zoom.us/webinar/register/4316988555351/WN_FQ_uqVfESBazpD2HYNlcWA

#csaf #cybersecurityawarenessforum #gamification #securityawareness #securitymanagement #riskmanagement #securitytraining

Hey #CloudAustin! Our monthly meetup is happening *tomorrow* at Q2 in Cedar Park. Come learn about #ai trust risk and #securitymanagement. Big thanks to this month's food sponsor, Temporal.io! Learn more and join us: https://www.meetup.com/cloudaustin/events/294866244/

Here are the stories in this week's Human Cyber Security Insights newsletter:

🎯 Why employees avoid awareness training
🎯 A high profile breach at Nansen may foreshadow new phishing attacks
🎯 Top security myths that all employees should know about
🎯 What should be in an annual security awareness program?
🎯 The risks from impersonating internal teams without their cooperation

https://www.linkedin.com/pulse/scotts-human-cyber-security-insights-october-03-2023-wright-cisa

#cybersecurity #securityawareness #humanriskmanagement #riskmanagement #securitymanagement #phishing

Over 225 security professionals have signed up for today's bi-weekly Cyber Security Awareness Forum.

Think of these sessions as: "The Best Part of Your Security Week"

Attendees love the casual atmosphere, the panel format and the variety of perspectives from CISOs and security awareness managers.

Why not join us today at 1pm EDT, to hear what other security professionals have to say about employee-related risks "beyond phishing links"?

https://us02web.zoom.us/webinar/register/5016940050066/WN_2F_JwTZCThKBK5L3aI4dfw

#csaf #cybersecurityawarenessforum #securityawareness #securityculture #securitymanagement #riskmanagement

Learn what really takes up security awareness managers' time in their jobs.

Join us for today's Live Cyber Security Awareness Forum panel session on:

"A day in the life of a security awareness manager (tasks and challenges)"

We have live audience Q&A with an industry expert panel, to share insights and lessons learned about managing security awareness programs.

https://us02web.zoom.us/webinar/register/7716927883621/WN_FuV5x9lyTj-8RfHItu0cVw

#csaf #cybersecurityawarenessforum #securityculture #securitymanagement #riskmanagement

Spent a few hours updating my #IOC collection on my #GitHub repositories. Added a long list of IOCs from #DocuSign #PhishingEmails here: https://github.com/Geekmaster-General/IOCs/blob/main/DocuSign%20IOCs

Also added a new section called "Phishing Email IOCs" which you can find here: https://github.com/Geekmaster-General/IOCs/blob/main/Phishing%20Email%20IOCs

This covers the infamous "Password Reset", "Microsoft Teams File", "Storage if Full", "Messages on Hold", and "SharePoint Document" phishing emails we all see from time to time.

#cyberdefense #cybersecurity #securitymanagement

If your organization has stories to share about how role-based security awareness is making a difference, others want to hear about it.

Too often, organizations miss the opportunity to provide quality security training to staff who have a common risk environment.

Attackers are focusing on roles now, so they can create more compelling pretexts for social engineering.

Soon, it won't be just gift card scams. There will be attacks targeting people like software librarians that give source code access to privileged access to remote attackers.

What ignored roles do you see that can receive value from more focused security training?

Join our live Cyber Security Awareness Forum today at 1pm EDT, where you can hear from an expert panel and learn from live audience Q&A.

https://us02web.zoom.us/webinar/register/4716891587055/WN_pPRjbM7OSJSvSKnOGgxPFQ

#csaf #cybersecurityawarenessforum #securitytraining #securityawareness #riskmanagement #securitymanagement #instructionaldesign

Take the CISSP on your coffee break! (Well, OK, a *LOT* of coffee breaks.) Or use it as a reference for particular infosec points.
https://fibrecookery.blogspot.com/2023/02/cissp-seminar-free.html
#cissp #isc2 #infosec #security #cissptraining #research #securitymanagement #informationsecurity #securitytraining