Security News

FISMA's a fizzer, says Cisco, and calls on Congress to get cyber security policy right – pronto
2021-08-13 06:16

A senior Chief Information Security Officer advisor at Cisco has penned a commentary on the state of US cybersecurity frameworks, criticizing current government infosec and advocating for more autonomy for CISOs and a better understanding of the task at hand from those creating policies. "After nearly two decades of federal cybersecurity and risk management as practiced under the rubric of the Federal Information Security Management Act of 2002 and the Federal Information Security Modernization Act of 2014, billions of dollars in appropriated federal cybersecurity funding have not appreciably improved the overall situation," wrote Bruce Brody.

(ISC)² announces keynote speakers for Security Congress 2021
2021-07-28 08:32

announced the keynote line-up for its eleventh annual² Security Congress held in-person in Orlando, Florida and online from October 18-20, 2021. Together, these² Security Congress 2021 keynote speakers tell a story of resilience, opportunity and inspiration in the face of unprecedented global, personal and security disruption.

(ISC)² announces registration opening for its 11th annual Security Congress
2021-05-26 00:00

announced that registration is now open for its 11th annual² Security Congress taking place online and at the Hyatt Regency Orlando in Orlando, FL from October 18-20. Focused on continuing education for security professionals, the three-day Security Congress will be held as a hybrid event, with online sessions accessible around the world as well as an engaging, in-person workshops, discussions, networking events and more.

(ISC)² 2021 Security Congress to focus on cybersecurity challenges across regions
2021-03-09 09:57

announced a global call for speakers for its 11th annual² Security Congress conference, which will take place this year from October 18-20. Submissions will be accepted until April 19 at 11:59 p.m. PST. Geared toward a global audience, the conference focuses on cybersecurity challenges across many regions and provides best-practice sharing, continuing education and networking opportunities for information security professionals.

Microsoft president asks Congress to force private-sector orgs to admit when they've been hacked
2021-02-24 00:53

The private sector should be legally obliged to disclose any major hacks of their systems, says Microsoft's president and top lawyer Brad Smith. While only Smith was willing to say categorically that it was Russia, FireEye's CEO Kevin Mandia noted that following an intensive investigation by his team, which included looking for clues in reams of decompiled code, they had concluded that the hack was "Not consistent with China, North Korea or Iran, and was most consistent with Russia."

Microsoft president asks Congress to force private-sector orgs to publicly admit when they've been hacked
2021-02-24 00:53

The private sector should be legally obliged to disclose any major hacks of their systems, says Microsoft's president and top lawyer Brad Smith. While only Smith was willing to say categorically that it was Russia, FireEye's CEO Kevin Mandia noted that following an intensive investigation by his team, which included looking for clues in reams of decompiled code, they had concluded that the hack was "Not consistent with China, North Korea or Iran, and was most consistent with Russia."

SolarWinds Hack Prompts Congress to Put NSA in Encryption Hot Seat
2021-02-01 21:12

"In 2015, Juniper revealed a security breach in which hackers modified the software the company delivered to its customers," a Wyden statement read. "Researchers subsequently discovered that Juniper had been using an NSA-designed encryption algorithm, which experts had long argued contained a backdoor, and that the hackers modified the key to this backdoor." "The American people have a right to know why NSA did not act after the Juniper hack to protect the government from the serious threat posed by supply chain hacks. A similar supply chain hack was used in the recent SolarWinds breach, in which several government agencies were compromised with malware snuck into the company's software updates," the members wrote.

United States Congress stormed by violent followers of defeated president, Biden win confirmation halted
2021-01-06 21:38

Supporters of defeated American president Donald Trump this morning stormed the capital's legislative halls, shutting down the process to confirm his replacement. Within minutes of the president speaking at a rally on the nearby Mall in Washington DC, in which he urged his followers to march to the Capitol and put a stop to Joe Biden being officially approved as the next national leader by lawmakers, fights broke out on the steps of the building as thousands attempted to force their way past the relatively few cops present and break into the building.

(ISC)² 2020 Security Congress to feature nearly 50 hours of expert-led sessions
2020-09-10 02:00

revealed the expert-led breakout session agenda for its 10th annual Security Congress, which will take place virtually November 16-18. The renowned three-day conference, focused on industry discussion and continuing education for security professionals of all levels, will feature three engaging keynotes from industry luminaries Bruce Schneier, Graham Cluley and Juliette Kayyem, as part of a program filled with 45 carefully selected sessions.

(ISC)² Security Congress 2020 transforms into virtual conference
2020-07-01 07:04

The 10th annual² Security Congress will take place as a virtual conference in recognition of the health concerns and many corporate travel restrictions this year associated with the COVID-19 pandemic. Recognizing that many training budgets have been reallocated due to the economic impact of COVID-19,² Security Congress 2020 is offering a heavily discounted Early Bird pricing to² members and associates of just $295 for an All-Access pass.