With everyone willing to abandon Zoom for several pretty serious security mistakes, it seems the future of our digital world will hopefully now better see the benefits of stringent security requirements for technology we are both using and building for others to use.
How long has it been since you have revisited or reviewed your company disaster recovery document? Have you conducted any table-top exercises this year or have any lined up on the company schedule of events? Odds are, depending on when you are reading this article, you may be in a real scenario, not an exercise, as part of the COVID-19 pandemic. You may even be asking, “what is a disaster recovery document?” Considering the impact of COVID-19, there is probably no better time create or review those incident, continuity, disaster and recovery documents for your cybersecurity library. You will want to make sure they include all your business needs to be successful when the worst of times are upon you, including a pandemic.
How my daughter got catfished and almost took down the entire family finances.
A tale of near misses by Lauro Chavez.
Penetration testing is now a permanent requirement in most governance frameworks from NIST to PCI DSS, making it a mandatory step in the annual budgets and operations. While most understand a penetration test is necessary in order to meet their client and regulatory requirements for the year, there is little knowledge on what these tests actually accomplish for the organization and how they are conducted. In addition, an industry-wide consensus of what defines a true penetration test does not exist, creating further confusion.