Cloud computing giant AWS, tipped off by Ukrainian security experts, seized domains that were being used by Russian threat group APT29 to send phishing emails to government officials and enterprises that contained malicious files that would grants the hackers access to the victims' systems.
The post AWS Seizes Domains Used by Russian Threat Group APT29 appeared first on Security Boulevard.
When it comes to proactive API security, there are three critical pillars: API Discovery, API Security Testing, and API Oversight.
The post The Three Pillars of Shift-Left API Security appeared first on Security Boulevard.
Not cute: $UNH’s Change Healthcare unit paid a big ransom—its IT was as weak as a kitten.
The post 100 MILLION Americans in UnitedHealth PII Breach appeared first on Security Boulevard.
Authors/Presenters:Michelle Eggers
Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their timely DEF CON 32 erudite content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – AppSec Village – The Immortal Retrofuturism of Mainframes and How to Keep Them Safe appeared first on Security Boulevard.
Keep your organization safe and drive real business impact with better situational awareness, threat monitoring, and communication As a student of protection history and former counter-terrorism special agent who investigated countless embassy bombings, kidnappings, hijackings, and assassinations, I know all too well that the threat landscape has always been dynamic. It ebbs and flows, primarily…
The post How to Elevate Your GSOC’s Impact in a World of Rising Threats appeared first on Ontic.
The post How to Elevate Your GSOC’s Impact in a World of Rising Threats appeared first on Security Boulevard.
Looking for help with shadow AI? Want to boost your software updates’ safety? New publications offer valuable tips. Plus, learn why GenAI and data security have become top drivers of cyber strategies. And get the latest on the top “no-nos” for software security; the EU’s new cyber law; and CISOs’ communications with boards.
Dive into six things that are top of mind for the week ending Oct. 25.
1 - CSA: How to prevent “shadow AI”As organizations scale up their AI adoption, they must closely track their AI assets to secure them and mitigate their cyber risk. This includes monitoring the usage of unapproved AI tools by employees — an issue known as “shadow AI.”
So how do you identify, manage and prevent shadow AI? You may find useful ideas in the Cloud Security Alliance’s new “AI Organizational Responsibilities: Governance, Risk Management, Compliance and Cultural Aspects” white paper.
The white paper covers shadow AI topics including:
“By focusing on these key areas, organizations can significantly reduce the risks associated with shadow AI, ensuring that all AI systems align with organizational policies, security standards, and regulatory requirements,” the white paper reads.
For example, to create an inventory that offers the required visibility into AI assets, the document explains different elements each record should have, such as:
Shadow AI is one of four topics covered in the publication, which also unpacks risk management; governance and compliance; and safety culture and training.
To get more details, read:
For more information about AI security issues, including shadow AI, check out these Tenable blogs:
The security and reliability of software updates took center stage in July when an errant update caused massive and unprecedented tech outages globally.
To help prevent such episodes, U.S. and Australian cyber agencies have published “Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers.”
“It is critical for all software manufacturers to implement a safe software deployment program supported by verified processes, including robust testing and measurements,” reads the 12-page document.
Although the guide is aimed primarily at commercial software vendors, its recommendations can be useful for any organization with software development teams that deploy updates internally.
The guide outlines key steps for a secure software development process, including planning; development and testing; internal rollout; and controlled rollout. It also addresses errors and emergency protocols.
“A safe software deployment process should be integrated with the organization’s SDLC, quality program, risk tolerance, and understanding of the customer’s environment and operations,” reads the guide, authored by the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the FBI and the Australian Cyber Security Centre.
To get more details, read:
For more information about secure software updates:
What issues act as catalysts for organizations’ cybersecurity actions today? Hint: They’re fairly recent concerns. The promise and peril of generative AI ranks first. It’s closely followed by the ever growing variety of cyberattacks; and by the intensifying urgency to protect data.
That’s according to CompTIA’s “State of Cybersecurity 2025” report, based on a survey of almost 1,200 business and IT pros in North America and in parts of Europe and Asia.
These three key factors, along with others like the scale of attacks, play a critical role in how organizations currently outline their cybersecurity game plans.
“Understanding these drivers is essential for organizations to develop proactive and adaptive cybersecurity strategies that address the evolving threat landscape and safeguard their digital assets,” reads a CompTIA blog about the report.
Organizations are eagerly trying to understand both how generative AI can help their cybersecurity programs and how this technology is being used by malicious actors to make cyberattacks harder to detect and prevent.
Meanwhile, concern about data protection has ballooned in the past couple of years. “As organizations become more data-driven, the need to protect sensitive information has never been more crucial,” reads the blog.
Not only are organizations focused on securing data at rest, in transit and in use, but they’re also creating foundational data-management practices, according to the report.
“The rise of AI has accelerated the need for robust data practices in order to properly train AI algorithms, and the demand for data science continues to be strong as businesses seek competitive differentiation,” the report reads.
To get more details, read:
For more information about data security posture management (DSPM) and preventing AI-powered attacks, check out these Tenable resources:
Recommended best practices abound in the cybersecurity world. However, CISA and the FBI are taking the opposite tack in their quest to improve the security of software products: They just released a list of the worst security practices that software manufacturers ought to avoid.
Titled “Product Security Bad Practices,” the document groups the “no-nos” into three main categories: product properties; security features; and organizational processes and policies.
“It’s 2024, and basic, preventable software defects continue to enable crippling attacks against hospitals, schools, and other critical infrastructure. This has to stop,” CISA Director Jen Easterly said in a statement.
“These product security bad practices pose unacceptable risks in this day and age, and yet are all too common,” she added.
Here are some of the worst practices detailed in the document, which is part of CISA’s “Secure by Design” effort:
Although the guidance is aimed primarily at software makers whose products are used by critical infrastructure organizations, the recommendations apply to all software manufacturers.
If you’re interested in sharing your feedback with CISA and the FBI, you can submit comments about the document until December 16, 2024 on the Federal Register.
To get more details, check out:
For more information about how to develop secure software:
Makers of digital products — both software and hardware — that directly or indirectly connect to networks and to other devices will have to comply with specific cybersecurity safeguards in the European Union.
A newly adopted law known as the “Cyber Resilience Act” outlines cybersecurity requirements for the design, development, production and lifecycle maintenance of these types of products, including IoT wares such as connected cars.
For example, it specifies a number of “essential cybersecurity requirements” for these products, including that they:
“The new regulation aims to fill the gaps, clarify the links, and make the existing cybersecurity legislative framework more coherent, ensuring that products with digital components (...) are made secure throughout the supply chain and throughout their lifecycle,” reads a statement from the EU’s European Council.
The law will “enter into force” after its publication in the EU’s official journal and will apply and be enforceable 36 months later, so most likely in October 2027 or November 2027. However, some of its provisions will be enforceable a year prior.
For more information and analysis about the EU’s Cyber Resilience Act:
VIDEO
The EU Cyber Resilience Act: A New Era for Business Engagement in Open Source Software (Linux Foundation)
6 - UK cyber agency: CISOs must communicate better with boards
CISOs and boards of directors are struggling to understand each other, and this is increasing their organizations’ cyber risk, new research from the U.K.’s cyber agency has found.
For example, in one alarming finding, 80% of respondents, which included board members, CISOs and other cyber leaders in medium and large enterprises, confessed to being unsure of who is ultimately accountable for cybersecurity in their organizations.
“We found that in many organisations, the CISO (or equivalent role) thought that the Board was accountable, whilst the Board thought it was the CISO,” reads a blog about the research titled “How to talk to board members about cyber.”
As a result, the U.K. National Cyber Security Centre (NCSC) has released new guidance aimed at helping CISOs better communicate with their organizations’ boards titled “Engaging with Boards to improve the management of cyber security risk.”
“Cyber security is a strategic issue, which means you must engage with Boards on their terms and in their language to ensure the cyber risk is understood, managed and mitigated,” the document reads.
Here’s a small sampling of the advice:
The post Cybersecurity Snapshot: New Guides Offer Best Practices for Preventing Shadow AI and for Deploying Secure Software Updates appeared first on Security Boulevard.
To achieve a strong security posture, CISOs must avoid a "checkbox mentality" that prioritizes compliance over actual risk management and instead cultivate a security culture that is demonstrated in practice.
Insight #2: CISOs, stop drowning in the tsunami of alerts
CISOs are overwhelmed by threat detections from numerous security tools, yet they still lack visibility into data breaches, especially in hybrid cloud environments. They should prioritize consolidation and optimization of current tools and increase visibility into data-in-motion to improve security posture.
Insight #3: Tool sprawl is flattening SOCs; ADR & AI to the rescue!Security operations center (SOC) teams are overwhelmed by the sheer number of threat detection tools they manage, leading to alert fatigue and hindering their ability to respond effectively to real threats. To combat this, they should consolidate their security stack and prioritize tools that leverage AI and machine learning to filter out false positives, to streamline workflows, and utilize techniques like Attack Detection and Response (ADR) to better understand and complete the exploit chain for more accurate threat assessment.
The post Cybersecurity Insights with Contrast CISO David Lindner | 10/25/24 appeared first on Security Boulevard.
By placing IAM strategy and enforcement under the CISO’s purview, enterprises can ensure that it is treated as a critical component of the overall security strategy.
The post CISOs Should Be Directing IAM Strategy — Here’s Why appeared first on Security Boulevard.
By merging EDRs with defense-in-depth technologies such as AMTD, businesses can detect and respond to known threats, as well as those lurking in the cracks.
The post EDR Dependency: Ensuring Uninterrupted and Comprehensive Security Coverage appeared first on Security Boulevard.
The amount of data being collected and shared online before and during large sporting events is low-hanging fruit for attackers.
The post Cyberattacks Against Sporting Events are Growing More Calculated appeared first on Security Boulevard.
As businesses gear up for another risky fall holiday season, visibility, control and security hygiene remain paramount for success and stability.
The post 3 Tips for Organizations to Shore Up Their Cyber Resilience Strategies This Fall appeared first on Security Boulevard.
ISO 27001 audit can be a challenging yet rewarding journey for any organization. This international standard outlines the requirements for an Information Security Management System (ISMS), enabling organizations to protect their sensitive information. However, many businesses encounter common pitfalls during implementation that can impede their progress and effectiveness. One significant issue is neglecting the vital […]
The post Common Mistakes to Avoid During ISO 27001 Audit appeared first on Kratikal Blogs.
The post Common Mistakes to Avoid During ISO 27001 Audit appeared first on Security Boulevard.
A report published this week by Sysdig predicts global cyberattacks will cost over $100 billion in 2025 based om the fact that the average cost of a public cloud breach alone has eclipsed $5 million, with the number of attacks having increased 154% year over year.
The post Sysdig Predicts Global Cyberattacks Costs Will Exceed $100B in 2025 appeared first on Security Boulevard.
New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024
madhav
Fri, 10/25/2024 - 06:09
The next major deadline for compliance with the updated cybersecurity rules from the New York State Department of Financial Services (NYDFS) is November 1, 2024.
These new rules date back to March 1, 2017, when the NYDFS implemented comprehensive cybersecurity regulations for financial services companies and other covered entities. The regulations were most recently updated on November 1, 2023, with phased effective dates starting on December 1, 2023. Several key provisions of the amended regulations will take effect on November 1, 2024, with additional measures rolling out in 2025.
The cybersecurity regulations apply to entities overseen by the NYDFS, such as financial institutions, insurance companies, agents, and brokers, as well as banks, trusts, mortgage lenders and brokers, money transmitters, check cashers, and other related businesses. Under the revised regulations, larger entities classified as Class A companies face additional obligations, while smaller businesses are exempt from some specific requirements.
The RequirementsBy November 1, banks and other firms under the department's jurisdiction must demonstrate, among other requirements, that they must:
NYDFS-regulated companies should review their cybersecurity policies, practices, and training to ensure they comply with the amended regulations by November 1, 2024.
The Data Security ChallengeThales recently released the 2024 Thales Data Threat Report – Financial Services Edition which highlights the latest data security challenges and threats to financial services organizations. Some of the key findings from the report include:
Thales’ solutions can help Financial Institutions comply with NYDFS by simplifying compliance and automating security, reducing the burden on security and compliance teams. We help address essential cybersecurity requirements under NYDFS Part 500, including:
Download a copy of the 2024 Thales Data Threat Report – Financial Services Edition, and learn more about Thales solutions for NYDFS Compliance.
Data Security Compliance Regulation and compliance Encryption Kevin Williams | VP, Americas Sales
More About This Author >
Schema
{
"@context": "https://schema.org",
"@type": "BlogPosting",
"headline": "New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024",
"description": "Understand the new cybersecurity regulations for financial institutions in New York State, effective November 1, 2024, including requirements for encryption, incident response plans, and business continuity measures.",
"datePublished": "2024-10-25",
"author": {
"@type": "Person",
"name": "Kevin Williams",
"url": "https://cpl.thalesgroup.com/blog/author/kwilliams",
"sameAs": "https://www.linkedin.com/in/kevin-williams-a24ba91a/"
},
"publisher": {
"@type": "Organization",
"name": "Thales Group",
"description": "The world relies on Thales to protect and secure access to your most sensitive data and software wherever it is created, shared, or stored. Whether building an encryption strategy, licensing software, providing trusted access to the cloud, or meeting compliance mandates, you can rely on Thales to secure your digital transformation.",
"url": "https://cpl.thalesgroup.com",
"logo": "https://cpl.thalesgroup.com/sites/default/files/content/footer/thaleslogo-white.png",
"sameAs": [
"https://www.facebook.com/ThalesCloudSec",
"https://www.twitter.com/ThalesCloudSec",
"https://www.linkedin.com/company/thalescloudsec",
"https://www.youtube.com/ThalesCloudSec"
]
},
"mainEntityOfPage": "https://cpl.thalesgroup.com/blog/data-security/new-cybersecurity-rules-ny"
}
The post New Cybersecurity Rules for Financial Institutions in New York State Take Effect November 1, 2024 appeared first on Security Boulevard.
5 min read Balancing non-human IAM for access – and governance for oversight – is key to ensuring security, compliance, and accountability in managing these next-generation systems.
The post 5 Security Considerations for Managing AI Agents and Their Identities appeared first on Aembit.
The post 5 Security Considerations for Managing AI Agents and Their Identities appeared first on Security Boulevard.
A national security memo released by the Biden Administration is order government agencies to ensure the development and use of AI enables the United States to keep its edge in AI over global adversaries while continuing to align with the countries values.
The post White House Memo Puts the Focus of AI on National Security appeared first on Security Boulevard.
The business case for a modern test data generation platform—designed with the enterprise and the developer in mind—is clear. By streamlining the de-identification process and allowing for efficient scaling across teams and environments, Tonic boosts engineering team productivity so you can maximize your investment in valuable team members.
The post De-identifying Data for Software Development and Testing at Enterprise Scale appeared first on Security Boulevard.
The post How is AI Used in Cybersecurity? 7 AI Use Cases appeared first on AI-enhanced Security Automation.
The post How is AI Used in Cybersecurity? 7 AI Use Cases appeared first on Security Boulevard.
Authors/Presenters:Wang Zhilong, Xinzhi Luo
Our sincere appreciation to DEF CON, and the Presenters/Authors for publishing their timely DEF CON 32 erudite content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel.
The post DEF CON 32 – AppSec Village – Defeating Secure Code Review GPT Hallucinations appeared first on Security Boulevard.
The post How we managed Aurora Serverless V2 Idle connections in RDS Proxy and saved RDS costs by 50% appeared first on Strobes Security.
The post How we managed Aurora Serverless V2 Idle connections in RDS Proxy and saved RDS costs by 50% appeared first on Security Boulevard.
