framework

Securing software repositories leads to better OSS security

CISA, Don't miss, framework, GitHub, Hot stuff, Malware, News, open source, OpenSSF, PyPI /

Securing software repositories leads to better OSS security 2024-03-04 at 14:03 By Zeljka Zorz Malicious software packages are found on public software repositories such as GitHub, PyPI and the npm registry seemingly every day. Attackers use a number of tricks to fool developers or systems into downloading them, or they simply compromise the package developer’s […]

React to this headline:

Loading spinner

Securing software repositories leads to better OSS security Read More »

Integrating software supply chain security in DevSecOps CI/CD pipelines

cybersecurity, DevSecOps, Don't miss, Endor Labs, framework, guidelines, Hot stuff, NIST, supply chain, Video /

Integrating software supply chain security in DevSecOps CI/CD pipelines 2024-03-04 at 07:01 By Help Net Security NIST released its final guidelines for integrating software supply chain security in DevSecOps CI/CD pipelines (SP 800-204D). In this Help Net Security video, Henrik Plate, Security Researcher at Endor Labs, talks about this report, which provides actionable measures to

React to this headline:

Loading spinner

Integrating software supply chain security in DevSecOps CI/CD pipelines Read More »

Industry Reactions to NIST Cybersecurity Framework 2.0: Feedback Friday

CSF, Feedback Friday, framework, Management & Strategy, NIST, Risk Management, Security Architecture /

Industry Reactions to NIST Cybersecurity Framework 2.0: Feedback Friday 2024-03-01 at 14:16 By Eduard Kovacs Industry professionals comment on the official release of the NIST Cybersecurity Framework 2.0.  The post Industry Reactions to NIST Cybersecurity Framework 2.0: Feedback Friday appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source

React to this headline:

Loading spinner

Industry Reactions to NIST Cybersecurity Framework 2.0: Feedback Friday Read More »

Key areas that will define the intersection of AI and DevOps

Artificial Intelligence, Compliance, cybersecurity, DevOps, Don't miss, Eficode, framework, generative AI, Hot stuff, policy, regulation, Video /

Key areas that will define the intersection of AI and DevOps 2024-03-01 at 07:33 By Help Net Security Eficode research indicates that 96% of developers use AI tools, with most coders bypassing security policies to use them. With no standardized AI tool regulations, researchers advocate for stronger governance frameworks and AI security policies in organizations’

React to this headline:

Loading spinner

Key areas that will define the intersection of AI and DevOps Read More »

NIST Cybersecurity Framework 2.0 Officially Released

CSF, Featured, framework, Government, Management & Strategy, NIST /

NIST Cybersecurity Framework 2.0 Officially Released 2024-02-27 at 13:53 By Eduard Kovacs NIST releases Cybersecurity Framework 2.0, the first major update since the creation of the CSF a decade ago. The post NIST Cybersecurity Framework 2.0 Officially Released appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

NIST Cybersecurity Framework 2.0 Officially Released Read More »

NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure

Aspen Cybersecurity Group, CISO, Don't miss, framework, Government, Hot stuff, News, NIST, regulation, ReversingLabs, Risk Management /

NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure 2024-02-27 at 08:20 By Help Net Security The National Institute of Standards and Technology (NIST) has updated its widely utilized Cybersecurity Framework (CSF), a key document for mitigating cybersecurity risks. The latest version, 2.0, is tailored to cater to a broad

React to this headline:

Loading spinner

NIST CSF 2.0 released, to help all organizations, not just those in critical infrastructure Read More »

Fabric: Open-source framework for augmenting humans using AI

Artificial Intelligence, Don't miss, framework, generative AI, GitHub, Hot stuff, News, open source /

Fabric: Open-source framework for augmenting humans using AI 2024-02-14 at 07:31 By Mirko Zorz Fabric is an open-source framework, created to enable users to granularly apply AI to everyday challenges. Key features “I created it to enable humans to easily augment themselves with AI. I believe it’s currently too difficult for people to use AI.

React to this headline:

Loading spinner

Fabric: Open-source framework for augmenting humans using AI Read More »

How CISOs navigate policies and access across enterprises

access management, Check Point, cloud security, cybersecurity, Data Protection, Don't miss, Features, framework, Hot stuff, identity management, News, opinion, strategy, zero trust /

How CISOs navigate policies and access across enterprises 2024-02-06 at 08:01 By Mirko Zorz In this Help Net Security interview, Marco Eggerling, Global CISO at Check Point, discusses the challenge of balancing data protection with diverse policies, devices, and access controls in a distributed enterprise. He also highlights the significance of security validations, especially internal

React to this headline:

Loading spinner

How CISOs navigate policies and access across enterprises Read More »

Exploring NIST Cybersecurity Framework 2.0

Don't miss, framework, SeeMetrics, Video /

Exploring NIST Cybersecurity Framework 2.0 2024-02-06 at 06:31 By Help Net Security In this Help Net Security video, Dan Erel, VP of Security at SeeMetrics, discusses NIST Cybersecurity Framework (CSF) 2.0. NIST CSF is based on existing standards, guidelines, and practices for organizations to manage and reduce cybersecurity risk better. It was designed to foster

React to this headline:

Loading spinner

Exploring NIST Cybersecurity Framework 2.0 Read More »

NIS2 Directive raises stakes for security leaders

cyber hygiene, cyber resilience, cyberattacks, cybersecurity, Don't miss, EU, Features, framework, Hot stuff, News, opinion, regulation, Risk Management, standards, Sumo Logic /

NIS2 Directive raises stakes for security leaders 2024-02-02 at 08:01 By Mirko Zorz In this Help Net Security interview, Roland Palmer, VP Global Operations Center at Sumo Logic, discusses key challenges and innovations of the NIS2 Directive, aiming to standardize cybersecurity practices across sectors. NIS2 mandates minimal cybersecurity requirements for member companies, encompassing policies on

React to this headline:

Loading spinner

NIS2 Directive raises stakes for security leaders Read More »

EU adopts first cybersecurity certification scheme for safer tech

certification, cybersecurity, ENISA, EU, Europe, framework, News /

EU adopts first cybersecurity certification scheme for safer tech 2024-02-02 at 06:33 By Help Net Security The European Commission adopted the implementing regulation concerning the EU cybersecurity certification scheme on Common Criteria (EUCC). The outcome aligns with the candidate cybersecurity certification scheme on EUCC that ENISA drafted in response to a request issued by the

React to this headline:

Loading spinner

EU adopts first cybersecurity certification scheme for safer tech Read More »

Prioritizing CIS Controls for effective cybersecurity across organizations

Center for Internet Security, CISO, cybersecurity, Don't miss, Features, framework, GRC, Hot stuff, News, opinion, standards, strategy, tips, Virginia Tech /

Prioritizing CIS Controls for effective cybersecurity across organizations 2024-01-24 at 07:32 By Mirko Zorz In this Help Net Security interview, Randy Marchany, CISO at Virginia Tech, discusses the challenges and strategies associated with implementing CIS Controls in organizations of varying sizes. Marchany explores the importance of securing top-level management support, breaking down data silos, and

React to this headline:

Loading spinner

Prioritizing CIS Controls for effective cybersecurity across organizations Read More »

10 cybersecurity frameworks you need to know about

CISO, cybersecurity, Don't miss, framework, Hot stuff, ISO 27001, News, security standard, standards, strategy, tips /

10 cybersecurity frameworks you need to know about 2024-01-16 at 07:01 By Help Net Security As cyber threats grow more sophisticated, understanding and implementing robust cybersecurity frameworks is crucial for organizations of all sizes. This article lists the most essential cybersecurity frameworks developed to guide businesses and governments in safeguarding their digital assets. From the

React to this headline:

Loading spinner

10 cybersecurity frameworks you need to know about Read More »

Laptop Maker Framework Says Customer Data Stolen in Third-Party Breach

data breach, Data Breaches, framework, Fraud & Identity Theft, Ransomware /

Laptop Maker Framework Says Customer Data Stolen in Third-Party Breach 2024-01-12 at 17:31 By Ionut Arghire Device maker Framework is notifying users that their personal information was stolen in a data breach at its external accounting partner. The post Laptop Maker Framework Says Customer Data Stolen in Third-Party Breach appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

Laptop Maker Framework Says Customer Data Stolen in Third-Party Breach Read More »

How executives adapt to rising cybersecurity concerns in mobile networks

cyber resilience, cybersecurity, Don't miss, Enea, framework, Hot stuff, mobile, threat, Video /

How executives adapt to rising cybersecurity concerns in mobile networks 21/12/2023 at 08:13 By Help Net Security In this Help Net Security video, Rowland Corr, VP & Head of Government Relations at Enea, discusses the implications of burner phones and the crisis of confidence in network operators as they struggle to protect consumers from sophisticated

React to this headline:

Loading spinner

How executives adapt to rising cybersecurity concerns in mobile networks Read More »

Creating a formula for effective vulnerability prioritization

Compliance, CVE, CVSS, cybersecurity, Don't miss, Features, framework, Hot stuff, Morphisec, News, opinion, vulnerability management /

Creating a formula for effective vulnerability prioritization 18/12/2023 at 08:01 By Mirko Zorz In this Help Net Security interview, Michael Gorelik, CTO and Head of Malware Research at Morphisec, provides insights into the business impact of vulnerabilities. Gorelik discusses challenges posed by regulatory frameworks, incomplete asset inventories, and manual methods, while also exploring the role

React to this headline:

Loading spinner

Creating a formula for effective vulnerability prioritization Read More »

MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure

framework, ICS/OT, IoT, IoT Security, MITRE, Security Architecture /

MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure 13/12/2023 at 19:02 By Eduard Kovacs MITRE and partners unveil EMB3D, a new threat model designed for critical infrastructure embedded devices. The post MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure appeared first on SecurityWeek. This article is an

React to this headline:

Loading spinner

MITRE Unveils EMB3D Threat Model for Embedded Devices Used in Critical Infrastructure Read More »

Shifting data protection regulations show why businesses must put privacy at their core

Compliance, cybersecurity, data, Don't miss, EU, Expert analysis, Expert corner, framework, Hot stuff, InfoSum, News, opinion, Privacy, USA /

Shifting data protection regulations show why businesses must put privacy at their core 13/12/2023 at 08:31 By Help Net Security Like it or not, data protection will be one of the biggest issues organizations face in 2024. Knowing where to focus compliance efforts will be tricky, with more and more state-level privacy laws becoming effective

React to this headline:

Loading spinner

Shifting data protection regulations show why businesses must put privacy at their core Read More »

eIDAS: EU’s internet reforms will undermine a decade of advances in online security

authentication, certificates, cybersecurity, Don't miss, EU, Expert analysis, Expert corner, framework, hide.me, Hot stuff, News, opinion, Privacy, regulation /

eIDAS: EU’s internet reforms will undermine a decade of advances in online security 12/12/2023 at 08:32 By Help Net Security The European Union’s attempt to reform its electronic identification and trust services – a package of laws better known as eIDAS 2.0 – contains legislation that poses a grave threat to online privacy and security.

React to this headline:

Loading spinner

eIDAS: EU’s internet reforms will undermine a decade of advances in online security Read More »

AI disinformation campaigns pose major threat to 2024 elections

Artificial Intelligence, cybersecurity, data analysis, digital transformation, Encryption, framework, IoT, Malware, News, NTT, NTT Research, NTT Security, phishing, Ransomware, report, strategy, zero trust /

AI disinformation campaigns pose major threat to 2024 elections 17/11/2023 at 08:32 By Help Net Security AI, post-quantum cryptography, zero trust, cryptography research, and election security will shape cybersecurity strategies in the present and for 2024, according to NTT. As the world emerged from the pandemic and continued to adapt to the rapid implementation of

React to this headline:

Loading spinner

AI disinformation campaigns pose major threat to 2024 elections Read More »

Scroll to Top