home.social

#securitystandards — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #securitystandards, aggregated by home.social.

  1. Makes you wonder if #McDonalds even has a #VendorManagement program or hell an #InfoSec program for that matter.

    Do they even conduct
    #SecurityAudits of their vendors? Do they have an #ArchitectureReviewBoard for new projects and initiatives?

    Why aren't baseline/ minimum
    #SecurityStandards spelled out in their SOWs?

    None of this is rocket-science, or even that costly, but you have to be willing to put forth the effort.

    https://yro.slashdot.org/story/25/07/09/2014234/mcdonalds-ai-hiring-bot-exposed-millions-of-applicants-data-to-hackers

  2. Makes you wonder if #McDonalds even has a #VendorManagement program or hell an #InfoSec program for that matter.

    Do they even conduct
    #SecurityAudits of their vendors? Do they have an #ArchitectureReviewBoard for new projects and initiatives?

    Why aren't baseline/ minimum
    #SecurityStandards spelled out in their SOWs?

    None of this is rocket-science, or even that costly, but you have to be willing to put forth the effort.

    https://yro.slashdot.org/story/25/07/09/2014234/mcdonalds-ai-hiring-bot-exposed-millions-of-applicants-data-to-hackers

  3. Makes you wonder if #McDonalds even has a #VendorManagement program or hell an #InfoSec program for that matter.

    Do they even conduct
    #SecurityAudits of their vendors? Do they have an #ArchitectureReviewBoard for new projects and initiatives?

    Why aren't baseline/ minimum
    #SecurityStandards spelled out in their SOWs?

    None of this is rocket-science, or even that costly, but you have to be willing to put forth the effort.

    https://yro.slashdot.org/story/25/07/09/2014234/mcdonalds-ai-hiring-bot-exposed-millions-of-applicants-data-to-hackers

  4. Makes you wonder if #McDonalds even has a #VendorManagement program or hell an #InfoSec program for that matter.

    Do they even conduct
    #SecurityAudits of their vendors? Do they have an #ArchitectureReviewBoard for new projects and initiatives?

    Why aren't baseline/ minimum
    #SecurityStandards spelled out in their SOWs?

    None of this is rocket-science, or even that costly, but you have to be willing to put forth the effort.

    https://yro.slashdot.org/story/25/07/09/2014234/mcdonalds-ai-hiring-bot-exposed-millions-of-applicants-data-to-hackers

  5. NIST Releases First Post-Quantum Encryption Algorithms

    From the Federal Register:
    After three rounds of evaluation and analysis, NIST selected four algorithms it will standardize as a result of the PQ... schneier.com/blog/archives/202

    #nationalsecuritypolicy #securitystandards #quantumcomputing #Uncategorized #NIST

  6. Data Wallets Using the Solid Protocol

    I am the Chief of Security Architecture at Inrupt, Inc., the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownersh... schneier.com/blog/archives/202

    #securitystandards #dataprotection #Uncategorized #dataprivacy #Inrupt

  7. 🔒 Check our latest Knowledge Base article on SOC 2 compliance! Learn how embracing SOC 2 can fortify your organization's security posture and build client trust. 💼
    relianoid.com/resources/knowle

  8. Apple Announces Post-Quantum Encryption Algorithms for iMessage

    Apple announced PQ3, its post-quantum encryption standard based on the Kyber secure key-encapsulation protocol, one of the post-quantum algori... schneier.com/blog/archives/202

    #securitystandards #quantumcomputing #academicpapers #Apple

  9. You Can’t Rush Post-Quantum-Computing Cryptography Standards

    I just read an article complaining that NIST is taking too long in finalizing its post-quantum-computing cryptography standards.
    This process has be... schneier.com/blog/archives/202

    #nationalsecuritypolicy #securitystandards #quantumcomputing #Uncategorized #NIST

  10. Data Wallets Using the Solid Protocol

    I am the Chief of Security Architecture at Inrupt, Inc., the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownersh... schneier.com/blog/archives/202

    #securitystandards #dataprotection #Uncategorized #dataprivacy #Inrupt

  11. Data Wallets Using the Solid Protocol

    I am the Chief of Security Architecture at Inrupt, Inc., the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownersh... schneier.com/blog/archives/202

    #securitystandards #dataprotection #Uncategorized #dataprivacy #Inrupt

  12. Data Wallets Using the Solid Protocol

    I am the Chief of Security Architecture at Inrupt, Inc., the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownersh... schneier.com/blog/archives/202

    #securitystandards #dataprotection #Uncategorized #dataprivacy #Inrupt

  13. Data Wallets Using the Solid Protocol

    I am the Chief of Security Architecture at Inrupt, Inc., the company that is commercializing Tim Berners-Lee’s Solid open W3C standard for distributed data ownersh... schneier.com/blog/archives/202

    #securitystandards #dataprotection #Uncategorized #dataprivacy #Inrupt