#securityprofessionals — Public Fediverse posts

Addressing the elephant in the cybersecurity room

https://skny.uk/posts/10-elephant-in-the-cybersecurity-room/

#cybersecurity #iam #iga #nonhumanidentities #accessgovernance #identitygovernance #infosec #SecurityTrends
#CyberRisk
#TechLeadership
#EnterpriseSecurity
#DigitalIdentity
#ZeroTrust
#SecurityProfessionals
#DevSecOps
#CloudSecurity
#ITGovernance

Addressing the elephant in the cybersecurity room

https://skny.uk/posts/10-elephant-in-the-cybersecurity-room/

#cybersecurity #iam #iga #nonhumanidentities #accessgovernance #identitygovernance #infosec #SecurityTrends
#CyberRisk
#TechLeadership
#EnterpriseSecurity
#DigitalIdentity
#ZeroTrust
#SecurityProfessionals
#DevSecOps
#CloudSecurity
#ITGovernance

Addressing the elephant in the cybersecurity room

https://skny.uk/posts/10-elephant-in-the-cybersecurity-room/

#cybersecurity #iam #iga #nonhumanidentities #accessgovernance #identitygovernance #infosec #SecurityTrends
#CyberRisk
#TechLeadership
#EnterpriseSecurity
#DigitalIdentity
#ZeroTrust
#SecurityProfessionals
#DevSecOps
#CloudSecurity
#ITGovernance

Addressing the elephant in the cybersecurity room

https://skny.uk/posts/10-elephant-in-the-cybersecurity-room/

#cybersecurity #iam #iga #nonhumanidentities #accessgovernance #identitygovernance #infosec #SecurityTrends
#CyberRisk
#TechLeadership
#EnterpriseSecurity
#DigitalIdentity
#ZeroTrust
#SecurityProfessionals
#DevSecOps
#CloudSecurity
#ITGovernance

The stress levels of cybersecurity professionals are on the rise due to the increasing complexity of threats. Organizations must provide adequate mental health support to ensure the well-being of their security teams. Read more about this issue here: https://www.helpnetsecurity.com/2024/10/02/cybersecurity-professionals-stress-levels-grow/ #Cybersecurity #MentalHealth #SecurityProfessionals

The stress levels of cybersecurity professionals are on the rise due to the increasing complexity of threats. Organizations must provide adequate mental health support to ensure the well-being of their security teams. Read more about this issue here: https://www.helpnetsecurity.com/2024/10/02/cybersecurity-professionals-stress-levels-grow/ #Cybersecurity #MentalHealth #SecurityProfessionals

The stress levels of cybersecurity professionals are on the rise due to the increasing complexity of threats. Organizations must provide adequate mental health support to ensure the well-being of their security teams. Read more about this issue here: https://www.helpnetsecurity.com/2024/10/02/cybersecurity-professionals-stress-levels-grow/ #Cybersecurity #MentalHealth #SecurityProfessionals

The stress levels of cybersecurity professionals are on the rise due to the increasing complexity of threats. Organizations must provide adequate mental health support to ensure the well-being of their security teams. Read more about this issue here: https://www.helpnetsecurity.com/2024/10/02/cybersecurity-professionals-stress-levels-grow/ #Cybersecurity #MentalHealth #SecurityProfessionals

Ransomware’s Impact Could Include Heart Attacks, Strokes & PTSD – Source: www.techrepublic.com https://ciso2ciso.com/ransomwares-impact-could-include-heart-attacks-strokes-ptsd-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #SecurityonTechRepublic #securityprofessionals #SecurityTechRepublic #CyberSecurityNews #DataEncryption #Cybersecurity #International #UnitedKingdom #ransomware #Dataloss #Security #BigData

Ransomware’s Impact Could Include Heart Attacks, Strokes & PTSD – Source: www.techrepublic.com https://ciso2ciso.com/ransomwares-impact-could-include-heart-attacks-strokes-ptsd-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #SecurityonTechRepublic #securityprofessionals #SecurityTechRepublic #CyberSecurityNews #DataEncryption #Cybersecurity #International #UnitedKingdom #ransomware #Dataloss #Security #BigData

"Revolutionizing Vulnerability Management: Introducing CVSS 4.0 🚀"

The cybersecurity realm takes a significant leap with the release of CVSS 4.0 by FIRST. This new framework enhances precision in vulnerability assessments, especially for OT/ICS/IoT environments, and introduces new metrics like Automatable and Recovery. A game-changer for security professionals! 🛡️💡

Common Vulnerability Scoring System Version 4.0 (CVSS v4.0) is an updated standard for assessing the severity of security vulnerabilities. Unlike its predecessor, CVSS v4.0 emphasizes that it comprises not only the Base score but also incorporates additional factors.

CVSS v4.0 introduces new terminology, such as CVSS-B, CVSS-BT, CVSS-BE, and CVSS-BTE, to represent various combinations of scores. It provides more precise details with the introduction of new Base metrics like Attack Requirements (AT) and User Interaction (UI) values (Passive and Active).

The impact assessment is refined, separating the impact on Vulnerable Systems and Subsequent Systems. Temporal metrics are now part of the Threat metric group, simplifying the assessment. Remediation Level (RL) and Report Confidence (RC) have been retired, replaced by clearer values in Exploit Maturity (E).

A new Supplemental Metric Group adds extrinsic attributes like Safety, Automatability, Recovery, Value Density, Vulnerability Response Effort, and Provider Urgency. CVSS v4.0 also places more emphasis on Operational Technology (OT), Industrial Control Systems (ICS), and Safety, with assessments for Consumer-assessed Safety and Provider-assessed Safety.

CVSS v4.0 enhances the precision and comprehensiveness of vulnerability assessments, making it a valuable tool for evaluating and prioritizing security risks.

Source: BleepingComputer

Tags: #CVSS4 #Cybersecurity #VulnerabilityManagement #FIRST #OT #ICS #IoT #SecurityProfessionals #InfoSec

Author: Sergiu Gatlan - Reach out on Twitter

"Revolutionizing Vulnerability Management: Introducing CVSS 4.0 🚀"

The cybersecurity realm takes a significant leap with the release of CVSS 4.0 by FIRST. This new framework enhances precision in vulnerability assessments, especially for OT/ICS/IoT environments, and introduces new metrics like Automatable and Recovery. A game-changer for security professionals! 🛡️💡

Common Vulnerability Scoring System Version 4.0 (CVSS v4.0) is an updated standard for assessing the severity of security vulnerabilities. Unlike its predecessor, CVSS v4.0 emphasizes that it comprises not only the Base score but also incorporates additional factors.

CVSS v4.0 introduces new terminology, such as CVSS-B, CVSS-BT, CVSS-BE, and CVSS-BTE, to represent various combinations of scores. It provides more precise details with the introduction of new Base metrics like Attack Requirements (AT) and User Interaction (UI) values (Passive and Active).

The impact assessment is refined, separating the impact on Vulnerable Systems and Subsequent Systems. Temporal metrics are now part of the Threat metric group, simplifying the assessment. Remediation Level (RL) and Report Confidence (RC) have been retired, replaced by clearer values in Exploit Maturity (E).

A new Supplemental Metric Group adds extrinsic attributes like Safety, Automatability, Recovery, Value Density, Vulnerability Response Effort, and Provider Urgency. CVSS v4.0 also places more emphasis on Operational Technology (OT), Industrial Control Systems (ICS), and Safety, with assessments for Consumer-assessed Safety and Provider-assessed Safety.

CVSS v4.0 enhances the precision and comprehensiveness of vulnerability assessments, making it a valuable tool for evaluating and prioritizing security risks.

Source: BleepingComputer

Tags: #CVSS4 #Cybersecurity #VulnerabilityManagement #FIRST #OT #ICS #IoT #SecurityProfessionals #InfoSec

Author: Sergiu Gatlan - Reach out on Twitter

"Revolutionizing Vulnerability Management: Introducing CVSS 4.0 🚀"

The cybersecurity realm takes a significant leap with the release of CVSS 4.0 by FIRST. This new framework enhances precision in vulnerability assessments, especially for OT/ICS/IoT environments, and introduces new metrics like Automatable and Recovery. A game-changer for security professionals! 🛡️💡

Common Vulnerability Scoring System Version 4.0 (CVSS v4.0) is an updated standard for assessing the severity of security vulnerabilities. Unlike its predecessor, CVSS v4.0 emphasizes that it comprises not only the Base score but also incorporates additional factors.

CVSS v4.0 introduces new terminology, such as CVSS-B, CVSS-BT, CVSS-BE, and CVSS-BTE, to represent various combinations of scores. It provides more precise details with the introduction of new Base metrics like Attack Requirements (AT) and User Interaction (UI) values (Passive and Active).

The impact assessment is refined, separating the impact on Vulnerable Systems and Subsequent Systems. Temporal metrics are now part of the Threat metric group, simplifying the assessment. Remediation Level (RL) and Report Confidence (RC) have been retired, replaced by clearer values in Exploit Maturity (E).

A new Supplemental Metric Group adds extrinsic attributes like Safety, Automatability, Recovery, Value Density, Vulnerability Response Effort, and Provider Urgency. CVSS v4.0 also places more emphasis on Operational Technology (OT), Industrial Control Systems (ICS), and Safety, with assessments for Consumer-assessed Safety and Provider-assessed Safety.

CVSS v4.0 enhances the precision and comprehensiveness of vulnerability assessments, making it a valuable tool for evaluating and prioritizing security risks.

Source: BleepingComputer

Tags: #CVSS4 #Cybersecurity #VulnerabilityManagement #FIRST #OT #ICS #IoT #SecurityProfessionals #InfoSec

Author: Sergiu Gatlan - Reach out on Twitter

"Revolutionizing Vulnerability Management: Introducing CVSS 4.0 🚀"

The cybersecurity realm takes a significant leap with the release of CVSS 4.0 by FIRST. This new framework enhances precision in vulnerability assessments, especially for OT/ICS/IoT environments, and introduces new metrics like Automatable and Recovery. A game-changer for security professionals! 🛡️💡

Common Vulnerability Scoring System Version 4.0 (CVSS v4.0) is an updated standard for assessing the severity of security vulnerabilities. Unlike its predecessor, CVSS v4.0 emphasizes that it comprises not only the Base score but also incorporates additional factors.

CVSS v4.0 introduces new terminology, such as CVSS-B, CVSS-BT, CVSS-BE, and CVSS-BTE, to represent various combinations of scores. It provides more precise details with the introduction of new Base metrics like Attack Requirements (AT) and User Interaction (UI) values (Passive and Active).

The impact assessment is refined, separating the impact on Vulnerable Systems and Subsequent Systems. Temporal metrics are now part of the Threat metric group, simplifying the assessment. Remediation Level (RL) and Report Confidence (RC) have been retired, replaced by clearer values in Exploit Maturity (E).

A new Supplemental Metric Group adds extrinsic attributes like Safety, Automatability, Recovery, Value Density, Vulnerability Response Effort, and Provider Urgency. CVSS v4.0 also places more emphasis on Operational Technology (OT), Industrial Control Systems (ICS), and Safety, with assessments for Consumer-assessed Safety and Provider-assessed Safety.

CVSS v4.0 enhances the precision and comprehensiveness of vulnerability assessments, making it a valuable tool for evaluating and prioritizing security risks.

Source: BleepingComputer

Tags: #CVSS4 #Cybersecurity #VulnerabilityManagement #FIRST #OT #ICS #IoT #SecurityProfessionals #InfoSec

Author: Sergiu Gatlan - Reach out on Twitter

"Revolutionizing Vulnerability Management: Introducing CVSS 4.0 🚀"

The cybersecurity realm takes a significant leap with the release of CVSS 4.0 by FIRST. This new framework enhances precision in vulnerability assessments, especially for OT/ICS/IoT environments, and introduces new metrics like Automatable and Recovery. A game-changer for security professionals! 🛡️💡

Common Vulnerability Scoring System Version 4.0 (CVSS v4.0) is an updated standard for assessing the severity of security vulnerabilities. Unlike its predecessor, CVSS v4.0 emphasizes that it comprises not only the Base score but also incorporates additional factors.

CVSS v4.0 introduces new terminology, such as CVSS-B, CVSS-BT, CVSS-BE, and CVSS-BTE, to represent various combinations of scores. It provides more precise details with the introduction of new Base metrics like Attack Requirements (AT) and User Interaction (UI) values (Passive and Active).

The impact assessment is refined, separating the impact on Vulnerable Systems and Subsequent Systems. Temporal metrics are now part of the Threat metric group, simplifying the assessment. Remediation Level (RL) and Report Confidence (RC) have been retired, replaced by clearer values in Exploit Maturity (E).

A new Supplemental Metric Group adds extrinsic attributes like Safety, Automatability, Recovery, Value Density, Vulnerability Response Effort, and Provider Urgency. CVSS v4.0 also places more emphasis on Operational Technology (OT), Industrial Control Systems (ICS), and Safety, with assessments for Consumer-assessed Safety and Provider-assessed Safety.

CVSS v4.0 enhances the precision and comprehensiveness of vulnerability assessments, making it a valuable tool for evaluating and prioritizing security risks.

Source: BleepingComputer

Tags: #CVSS4 #Cybersecurity #VulnerabilityManagement #FIRST #OT #ICS #IoT #SecurityProfessionals #InfoSec

Author: Sergiu Gatlan - Reach out on Twitter

👩🏻‍💻 India's digital landscape is evolving at an unprecedented pace, and Nandini Tandon (co-founder and CPO, Indusface) underlines the pivotal role that cybersecurity professionals play in fortifying the nation's online future.

In yesterday's national edition of Financial Express (India), she shared her perspective on why the demand for cybersecurity experts and advanced tools has become critical to sculpting a resilient digital ecosystem for #India.

#security #cybersecurity #cybersecuritynews #securitynews #securitytraining #securityprofessionals #securityexperts #applicationsecurity #traininganddevelopment #indusface #apptrana

👩🏻‍💻 India's digital landscape is evolving at an unprecedented pace, and Nandini Tandon (co-founder and CPO, Indusface) underlines the pivotal role that cybersecurity professionals play in fortifying the nation's online future.

In yesterday's national edition of Financial Express (India), she shared her perspective on why the demand for cybersecurity experts and advanced tools has become critical to sculpting a resilient digital ecosystem for #India.

#security #cybersecurity #cybersecuritynews #securitynews #securitytraining #securityprofessionals #securityexperts #applicationsecurity #traininganddevelopment #indusface #apptrana

👩🏻‍💻 India's digital landscape is evolving at an unprecedented pace, and Nandini Tandon (co-founder and CPO, Indusface) underlines the pivotal role that cybersecurity professionals play in fortifying the nation's online future.

In yesterday's national edition of Financial Express (India), she shared her perspective on why the demand for cybersecurity experts and advanced tools has become critical to sculpting a resilient digital ecosystem for #India.

#security #cybersecurity #cybersecuritynews #securitynews #securitytraining #securityprofessionals #securityexperts #applicationsecurity #traininganddevelopment #indusface #apptrana

If you're in the position to - ask at tabletops and DR recovery practice what the policy should be or is for talking about breaches at your company. I asked the question of my leadership, and it took them by surprise. They were curious to know why I was asking, and it gave me a chance to talk to them about why keeping it under wraps does not necessarily help in the grand scheme.

You may get nowhere, you may get over ridden, they may ultimately tell you in the moment of crisis not to say anything... but it may also be that they simply don't know why it's important to speak up, especially in a small business setting - don't underestimate your subject matter expertise.

It's worth the conversation.

https://www.infosecurity-magazine.com/news/twofifths-it-pros-told-keep/

#securityprofessionals #informationsecurity #cybersecurity #cybersecurityprofessional

If you're in the position to - ask at tabletops and DR recovery practice what the policy should be or is for talking about breaches at your company. I asked the question of my leadership, and it took them by surprise. They were curious to know why I was asking, and it gave me a chance to talk to them about why keeping it under wraps does not necessarily help in the grand scheme.

You may get nowhere, you may get over ridden, they may ultimately tell you in the moment of crisis not to say anything... but it may also be that they simply don't know why it's important to speak up, especially in a small business setting - don't underestimate your subject matter expertise.

It's worth the conversation.

https://www.infosecurity-magazine.com/news/twofifths-it-pros-told-keep/

#securityprofessionals #informationsecurity #cybersecurity #cybersecurityprofessional

If you're in the position to - ask at tabletops and DR recovery practice what the policy should be or is for talking about breaches at your company. I asked the question of my leadership, and it took them by surprise. They were curious to know why I was asking, and it gave me a chance to talk to them about why keeping it under wraps does not necessarily help in the grand scheme.

You may get nowhere, you may get over ridden, they may ultimately tell you in the moment of crisis not to say anything... but it may also be that they simply don't know why it's important to speak up, especially in a small business setting - don't underestimate your subject matter expertise.

It's worth the conversation.

https://www.infosecurity-magazine.com/news/twofifths-it-pros-told-keep/

#securityprofessionals #informationsecurity #cybersecurity #cybersecurityprofessional

If you're in the position to - ask at tabletops and DR recovery practice what the policy should be or is for talking about breaches at your company. I asked the question of my leadership, and it took them by surprise. They were curious to know why I was asking, and it gave me a chance to talk to them about why keeping it under wraps does not necessarily help in the grand scheme.

You may get nowhere, you may get over ridden, they may ultimately tell you in the moment of crisis not to say anything... but it may also be that they simply don't know why it's important to speak up, especially in a small business setting - don't underestimate your subject matter expertise.

It's worth the conversation.

https://www.infosecurity-magazine.com/news/twofifths-it-pros-told-keep/

#securityprofessionals #informationsecurity #cybersecurity #cybersecurityprofessional

If you're in the position to - ask at tabletops and DR recovery practice what the policy should be or is for talking about breaches at your company. I asked the question of my leadership, and it took them by surprise. They were curious to know why I was asking, and it gave me a chance to talk to them about why keeping it under wraps does not necessarily help in the grand scheme.

You may get nowhere, you may get over ridden, they may ultimately tell you in the moment of crisis not to say anything... but it may also be that they simply don't know why it's important to speak up, especially in a small business setting - don't underestimate your subject matter expertise.

It's worth the conversation.

https://www.infosecurity-magazine.com/news/twofifths-it-pros-told-keep/

#securityprofessionals #informationsecurity #cybersecurity #cybersecurityprofessional

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals. Read more: https://cybersec.ermetic.com/s/ibm-cost-of-a-data-breach-2022-highlights-for-cloud-security-professionals-5794 #IBM #securityprofessionals #data #cloud

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals. Read more: https://cybersec.ermetic.com/s/ibm-cost-of-a-data-breach-2022-highlights-for-cloud-security-professionals-5794 #IBM #securityprofessionals #data #cloud

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals. Read more: https://cybersec.ermetic.com/s/ibm-cost-of-a-data-breach-2022-highlights-for-cloud-security-professionals-5794 #IBM #securityprofessionals #data #cloud

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals. Read more: https://cybersec.ermetic.com/s/ibm-cost-of-a-data-breach-2022-highlights-for-cloud-security-professionals-5794 #IBM #securityprofessionals #data #cloud

IBM Cost of a Data Breach 2022 – Highlights for Cloud Security Professionals. Read more: https://cybersec.ermetic.com/s/ibm-cost-of-a-data-breach-2022-highlights-for-cloud-security-professionals-5794 #IBM #securityprofessionals #data #cloud

Get a cybersecurity job 🧑🏾‍💻👨‍💻 or your money back 💰🤑 -> https://bit.ly/infosecspringboard (sponsored) #infosec #infosecjobs #cybersecurity #informationsecurity #cybersecurity #cybercareer #careerdevelopment #bootcamp #ethicalhacking #jobhunting #comptia #learntohack #learntocode #cybercoaching #coaching #1on1 #computersecurity #securityprofessionals #money #job #networksecurity

Exonerated: Charges dropped against pentesters paid to break into Iowa courthouse - Enlarge / The Dallas County Courthouse in Adel, Iowa. (credit: Stephen Matthew Milligan)
Prosecut... more: https://arstechnica.com/?p=1650247 #securityprofessionals #penetrationtesting #pentesting #biz&it #courts