Don't wait until you decide to leave your current job to update your LinkedIn profile. Take a few minutes now to make sure your profile showcases your accomplishments and skills. Here are some common mistakes to avoid, as well.
The US National Institute of Standards and Technology (NIST) is planning to sponsor a federally funded research and development center (FFRDC), a nonprofit organization that will act in support the National Cybersecurity Center of Excellence (NCCoE).
NIST announced that this is the first FFRDC solely dedicated to enhancing the security of the nation's information systems. It will work in conjunction with NCCoE, a public-private information-sharing collaboration that brings together experts from industry, government and academia – it was established in partnership with the state of Maryland and Montgomery County in February 2012.
IT has gone from managing a highly controlled base of tools to trying to manage a far more heterogeneous mix of devices (smartphones, tablet computers, 3G/4G data cards, netbooks, tablets) running on any number of operating systems. Trying to control all these tools is becoming unnecessary: Cloud services and applications make most data accessible from any device running any OS. The mandate for IT? Shifting from old-school device management to the far more critical and strategic discipline of user management.
This new mandate — managing, enabling, and securing users’ mobile behavior — is now beginning to require its own suite of tools. However, as young and fractured as the market still is, most vendors still offer products and features that address just one part of a company’s mobile needs, rather than all of them. This à la carte approach to managing mobility means IT managers must piece together a complete stack that works for their company.
It’s a complex undertaking, given that no two companies manage mobility the same way. Companies may embrace bring-your-own-device programs, for instance, in a spectrum of ways — or not at all. Each company has its own unique approach to acquiring, distributing, funding, managing, and outfitting its employees’ mobile devices. And every company needs different apps and levels of security.
I have three children: twins Rachel and Abby, both age 16 and Jacob, age 14. While in my second year at Eli Lilly and Company nearly a decade ago, my wife, Melisa, had a medical procedure. Jake and I drove Melisa to the doctor’s office for the colonoscopy (although HIPAA does not apply, rules of matrimonial harmony do, so I have received a verbal consent for this disclosure).
At that moment, Melisa, herself an Indiana University Law graduate, looked at me from the front passenger seat and said to me, the CPO of a major multi-national corporation, “Well, at least someone knows something about privacy.”
And that’s the point, isn’t it? Even a five year old has the basic wisdom to understand the idea of human dignity and those things that should be held privately. The concept of privacy is intuitive. It is pure.
Researchers from U.C. Berkeley say brain scan authentication is reliable enough to replace traditional passwords.
Rather than a using a password to gain access, a user would submit a “passthought,” generating a unique signal from brainwaves that may or may not prove difficult to duplicate by a hacker, Phys.org reported. The recent commercialization of external electroencephalogram (EEG) devices -- the researchers used a Neurosky MindSet, which connects wirelessly via bluetooth and costs about $100 -- makes this technology plausible.
Shodan is an Internet search engine capable of finding just about every connected thing imaginable.
"When people don't see stuff on Google, they think no one can find it. That's not true." That's according to John Matherly, creator of Shodan, the scariest search engine on the Internet.
Unlike Google, which crawls the Web looking for websites, Shodan navigates the Internet's back channels. It's a kind of "dark" Google, looking for the servers, webcams, printers, routers and all the other stuff that is connected to and makes up the Internet.
It is a type of software sometimes described as “absolute power” or “God”. Small wonder its sales are growing. Packets of computer code, known as “exploits”, allow hackers to infiltrate or even control computers running software in which a design flaw, called a “vulnerability”, has been discovered. Criminal and, to a lesser extent, terror groups purchase exploits on more than two dozen illicit online forums or through at least a dozen clandestine brokers, says Venkatramana Subrahmanian, a University of Maryland expert in these black markets. He likens the transactions to “selling a gun to a criminal”.
Just a dozen years ago the buying and selling of illicit exploits was so rare that India’s Central Bureau of Investigation had not yet identified any criminal syndicates involved in the trade, says R.K. Raghavan, a former director of the bureau. Underground markets are now widespread, he says. Exploits empower criminals to steal data and money. Worse still, they provide cyber-firepower to hostile governments that would otherwise lack the expertise to attack an advanced country’s computer systems, worries Colonel John Adams, head of the Marine Corps’ Intelligence Integration Division in Quantico, Virginia.
HP says it now has a free service called "Fortify My App" that lets anyone building mobile or Web applications upload code to the Fortify software-as-a-service and get a limited analysis about whether the code has specific vulnerabilities or design flaws.
A hacker created a worldwide map of more than 100,000 vulnerable devices after “playing around” with a scripting tool. The “Carna” botnet was named after the Roman goddess that protected inner organs because it was “a good choice for a bot that runs mostly on embedded routers.” Carna ran from June to October last year and was allegedly never detected.
Phishing attacks on enterprises can be calamitous in terms of compromised networks or damaged brand names, and the Anti-Phishing Working Group (APWG), which aggregates and analyzes phishing trends data worldwide, offers some of the best insight from industry into what's occurring globally in terms of this cybercrime. The following list of frequently asked questions about phishing is derived from the APWG's April report that covers the period July-December 2012 worldwide.
Indiana University Vice President and CIO Brad Wheeler and Internet2 President and CEO David Lambert today announced a $2 million initiative to stimulate collaboration in cybersecurity efforts by higher education institutions and to provide thought leadership on strategic cybersecurity issues nationally and globally.
Speaking at the Internet2 Annual Meeting in Arlington, Virginia, Lambert and Wheeler invited the presidents and CIOs of other colleges and universities to join as investors and sponsors of this initiative. They noted that the higher education sector is unique in having significant cyber activities in research, education, and operations. This initiative is intended to stimulate more collaboration among these activities to enable the higher education sector to make further contributions to the national efforts. This new collaboration will immediately launch a national search for an executive director with significant operational experience in cybersecurity in the higher education community.
Nine winners of the 5th Annual Information Security Awareness Video and Poster Contest have been selected. The winning videos and posters are now available for colleges and universities to use in campus security awareness campaigns during National Cyber Security Awareness Month in October, student orientations, and throughout the year.
This year's sponsors and supporters include: CyberWatch, the National Cyber Security Alliance, and Google.
Visit the Information Security Guide's Cybersecurity Awareness Resource Library for more campus education, awareness, and training materials.
Online security, privacy, and safety are often top concerns for policymakers. Microsoft is committed to addressing these concerns by sharing information, technology, and guidance. (Want to learn more about mobile devices & youth safety?
The economy will improve in 2013, with investors eager to deploy capital, but overvalued, overhyped companies are going to struggle to raise capital.
#3: Consumerization of IT leads to New Security Concerns, with Resulting Business Opportunities. As people live more and more in the cloud, security will take on a more personal bent—and become more important.
The Analogies will be a source of content to enable those in private enterprise, academia and government to better communicate and understand the contribution of information security to the success and prosperity of nation states, organisations and citizens in the information economy. The content will be delivered through a variety of initiatives. Each initiative exploring alternative communication techniques, media and partners.
The Analogies Book is a series of analogies, based in fact, illustrating the relationship between life, information and information security. The Text will be the primary source of almost all the Project’s activities.
The work of several authors, unified by a single editorial voice, The Analogies Book ranges the world and the centuries finding Analogies which have stories to tell that resonate and have lessons to teach us. The book will draw on the personal careers, lives, interests and knowledge of 20 successful and recognised individuals from outside of the information security domain across business, academia, entertainment, sport and government. They will draft stories, drawn from the past and present, and a small team of information security specialists will highlight the information security risks and draw the parallels with recognised best practise.
Higher Ed InfoSec Council's insight:
The mission of The Analogies Project is an interesting, and challenging, one. We look forward to seeing how this project develops over time.
The Analogies Project has a clear mission. To tackle the unintelligibility of information security and to secure the interest, understanding and support of a broader audience across society, private enterprise, government and academia.
The Analogies Project will bridge the chasm and demolish the barrier between the users, stakeholders and beneficiaries of information security and those responsible for securing the information upon which our prosperity – and maybe even our lives – depend.
It will do this through a series of initiatives. Each will explore different communication techniques and platforms, as yet untried, in the pursuit of better awareness and understanding of the relationship between information security and prosperity within the information economy.
The CISO role in many enterprises is expanding beyond security risk mitigation to risk management, privacy and regulations, and compliance.
"If you have worked in information security for the past 15 years, you have witnessed a maturation in the mission of security that is quite remarkable. In its infancy, security was oftentimes viewed as the troglodytes at the end of the corridor, who focused on analyzing packet streams, firewall logs and anti-virus anomalies...
Fast forward to the current day, and you will see a new view of security in many enterprises: security is evolving towards a broader focus in risk management. The responsibility of traditional information security has not decreased in importance or duty, but the mindset and role has certainly become more risk-based in nature for security leaders and many current CISOs. And this is appropriate, as information security management at its core is the mitigation, transference, reduction and elimination of risk to the enterprise."
Securing yourself from a world of hackers: How to avoid the most common and dangerous passwords.
In a recent survey conducted by ZoneAlarm, 79% of consumers were found to use risky password construction practices, such as using personal information and common words. Here are examples of these in order from the number one most commonly used password of all time.
When smartphone users upload files to cloud-based services, remnants of those files often remain on their handheld device, even if the data is meant to be stored only in the cloud, researchers have found.
The consequence is that hackers could potentially access files stored in the cloud, or get access to cloud accounts, using leftover data stored on your Android device, iPhone or other smartphone.
The tracing of leftover data on smartphones is not for the layperson, Kothari says, but could be looked at as the modern-day equivalent of Dumpster-diving for personal information.
A squabble between a group battling spam and a Dutch company that hosts Web sites said to be sending it has escalated into an attack clogging up key online infrastructure worldwide.
Millions of ordinary Internet users have experienced delays in services like Netflix or could not reach a particular Web site for a short time.
However, for the Internet engineers who run the global network the problem is more worrisome. The attacks are becoming increasingly powerful, and computer security experts worry that if they continue to escalate people may not be able to reach basic Internet services, like e-mail and online banking.
Sharing your scoops to your social media accounts is a must to distribute your curated content. Not only will it drive traffic and leads through your content, but it will help show your expertise with your followers.
How to integrate my topics' content to my website?
Integrating your curated content to your website or blog will allow you to increase your website visitors’ engagement, boost SEO and acquire new visitors. By redirecting your social media traffic to your website, Scoop.it will also help you generate more qualified traffic and leads from your curation work.
Distributing your curated content through a newsletter is a great way to nurture and engage your email subscribers will developing your traffic and visibility.
Creating engaging newsletters with your curated content is really easy.