Tag: resilience

Die wertvollsten Security-Zertifizierungen

May 28, 2025 6:54 AM

Tags: access, ai, blockchain, china, cisa, cisco, cloud, compliance, control, cyberattack, cybersecurity, data, DSGVO, endpoint, framework, germany, governance, hacker, hacking, identity, incident response, injection, international, jobs, kali, linux, monitoring, network, password, penetration-testing, privacy, resilience, risk, risk-management, sans, security-incident, service, siem, skills, social-engineering, sql, threat, usa, vulnerability, windows

Zertifizierte IT-Sicherheitsprofis sind (unter anderem) gefragter und verdienen besser.(Cybersecurity-)Zertifizierungen können eine aktienähnliche Volatilität entfalten: Ihre Popularität kann steigen oder auch fallen und sie können an Relevanz verlieren, wenn sie nicht mit den aktuellen Branchenentwicklungen Schritt halten. Allerdings sind davon nicht alle Zertifizierungen gleichermaßen betroffen: Sogenannte “Blue Chips” haben sich über den Lauf der Zeit bewährt…
Code security in the AI era: Balancing speed and safety under new EU regulations

May 27, 2025 8:54 PM

Tags: ai, compliance, cyber, finance, government, open-source, programming, regulation, resilience, risk, software, technology, tool, update, vulnerability, windows

The regulatory response: EU Cyber Resilience Act European regulators have taken notice of these emerging risks. The EU Cyber Resilience Act is set to take full effect in December 2027, and it imposes comprehensive security requirements on manufacturers of any product that contains digital elements.Specifically, the act mandates security considerations at every stage of the…
CVE Uncertainty Underlines Importance of Cyber Resilience

May 27, 2025 4:54 PM

Tags: cve, cyber, network, resilience, strategy, vulnerability

Organizations need to broaden their strategy to manage vulnerabilities more effectively and strengthen network cyber resilience. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/cve-uncertainty-underlines-importance-cyber-resilience
Barrierefreiheit trifft Cybersicherheit: Warum Unternehmen 2025 beides denken müssen

May 27, 2025 7:54 AM

Tags: compliance, cyersecurity, resilience

Das Barrierefreiheitsstärkungsgesetz ist mehr als nur eine Pflicht es ist ein Hebel für digitale Resilienz und strategische Sicherheit. Ab dem 28. Juni 2025 gilt: Digitale Produkte und Dienstleistungen müssen auch für Menschen mit Behinderungen zugänglich sein. Mit dem Inkrafttreten des Barrierefreiheitsstärkungsgesetzes (BFSG) beginnt eine neue Ära der digitalen Verantwortung. Was als Compliance-Thema beginnt,… First seen…
Understanding cyber resilience in the age of AI

May 23, 2025 10:55 PM

Tags: cyber, resilience

First seen on scworld.com Jump to article: www.scworld.com/perspective/understanding-cyber-resilience-in-the-age-of-ai
Resilience vs. risk: Rethinking cyber strategy for the AI-driven threat landscape

May 23, 2025 10:55 PM

Tags: ai, cyber, resilience, risk, strategy, threat

First seen on scworld.com Jump to article: www.scworld.com/resource/resilience-vs-risk-rethinking-cyber-strategy-for-the-ai-driven-threat-landscape
3 Critical Pillars of Cyber-Resilience

May 23, 2025 7:55 PM

Tags: ai, cyber, encryption, resilience

Encryption, collaboration, and AI can help organizations build up essential protection against ransomware. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/three-critical-pillars-of-cyber-resilience
Fundament für Europas Digitale Resilienz: Ein souveränes Schwachstellen-Register

May 23, 2025 12:54 AM

Tags: resilience, vulnerability

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/europa-resilienz-schwachstellen-register
Lünendonk-Studie – Security-Resilienz wichtiger Antrieb für Managed-Services-Einsatz

May 22, 2025 4:55 PM

Tags: resilience, service

First seen on security-insider.de Jump to article: www.security-insider.de/managed-security-services-cybersicherheit-fachkraeftemangel-a-94301ec8b8907ef0e809e66185b5b57a/
#Infosec2025: NCC Group Expert Warns UK Firms to Prepare for Cyber Security and Resilience Bill

May 22, 2025 10:55 AM

Tags: cyber, cybersecurity, group, resilience

UK businesses should start to plan for required changes to their cybersecurity programs ahead of the Cyber Security and Resilience Bill First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infosec2025-ncc-uk-cybersecurity/
Schluss mit schlechter Software

May 22, 2025 6:55 AM

Tags: cisa, ciso, cyber, cyberattack, infrastructure, nis-2, resilience, risk, software, update, vulnerability

Softwaresicherheit beginnt beim Hersteller nicht beim Nutzer.Die Aussagen von Jen Easterly, bis Januar 2025 Direktorin der US-Bundesbehörde CISA (Cybersecurity and Infrastructure Security Agency), bringen es auf den Punkt: ‘Sichere Software ist nicht billig oder einfach umzusetzen aber es ist der einzig gangbare Weg, um IT-Systeme nachhaltig zu schützen.”Easterly zog in der Vergangenheit auch immer wieder…
Cloud Data Protection: How DSPM Helps You Discover, Classify and Secure All Your Data Assets

May 21, 2025 6:54 PM

Tags: access, ai, attack, best-practice, breach, cloud, compliance, control, credentials, cyber, data, data-breach, exploit, framework, group, ibm, identity, infrastructure, law, mitigation, organized, privacy, regulation, resilience, risk, service, strategy, threat, tool, unauthorized, vulnerability

In this fourth installment of Tenable’s “Stronger Cloud Security in Five” blog series, we turn our attention to securing cloud data, a complex endeavor as data grows exponentially and threats become more sophisticated. Check out five DSPM best practices to sharpen your cloud data security and compliance. As the volume of data stored and processed…
Ransomware Simulation Playbook- Build Real-World Cyber Resilience Without Paying the Price

May 20, 2025 1:54 PM

Tags: cyber, email, ransomware, resilience

It started like any other Monday morning. Coffee cups steamed beside keyboards, servers hummed gently in climate-controlled rooms, and email inboxes pinged with weekend catch-up. But within minutes, that ordinary… The post Ransomware Simulation Playbook- Build Real-World Cyber Resilience Without Paying the Price appeared first on Strobes Security. First seen on securityboulevard.com Jump to article:…
Rubrik und Rackspace bündeln Kräfte für mehr Cyber-Resilienz

May 20, 2025 8:54 AM

Tags: cloud, cyber, resilience

Mit der Rackspace Cyber Recovery Cloud lassen sich geschäftskritische Systeme hingegen innerhalb weniger Stunden in einer sauberen, isolierten Umgebung wieder hochfahren sicher vor weiteren Angriffen und unabhängig vom restlichen IT-Betrieb. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/rubrik-und-rackspace-buendeln-kraefte-fuer-mehr-cyber-resilienz/a40838/
Commvault Adds Support for Red Hat OpenShift Virtualization to Strengthen Hybrid Cloud Resilience

May 19, 2025 10:54 PM

Tags: cloud, resilience

First seen on scworld.com Jump to article: www.scworld.com/news/commvault-adds-support-for-red-hat-openshift-virtualization-to-strengthen-hybrid-cloud-resilience
Open MPIC: The open-source path to secure Multi-Perspective Issuance Corroboration

May 19, 2025 2:54 PM

Tags: framework, open-source, resilience, risk

Open MPIC is an open-source framework designed to help Certificate Authorities (CAs) meet new Multi-Perspective Issuance Corroboration (MPIC) requirements from the CA/Browser Forum. Developed with contributions from Princeton and Sectigo, it helps mitigate BGP hijack risks through globally distributed validation, quorum logic, and flexible deployment options. Open MPIC is a practical, evolving solution that advances…
âš¡ Weekly Recap: Zero-Day Exploits, Insider Threats, APT Targeting, Botnets and More

May 19, 2025 1:54 PM

Tags: apt, botnet, cybersecurity, exploit, resilience, threat, tool, zero-day

Cybersecurity leaders aren’t just dealing with attacks”, they’re also protecting trust, keeping systems running, and maintaining their organization’s reputation. This week’s developments highlight a bigger issue: as we rely more on digital tools, hidden weaknesses can quietly grow. Just fixing problems isn’t enough anymore”, resilience needs to be built into everything from the ground up.…
NHS asks suppliers to sign up to cyber covenant

May 17, 2025 12:54 AM

Tags: cyber, resilience, service, threat

NHS digital and security leaders call on their suppliers to commit to a cyber security charter as the health service works to improve its resilience in the face of growing threat levels First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366623930/NHS-asks-suppliers-to-sign-up-to-cyber-covenant
Cyber Gangsta’s Paradise: THA-Professor für IT-Sicherheit macht mit Musikvideo auf den Cyber Resilience Act (CRA) aufmerksam

May 16, 2025 9:54 PM

Tags: cyber, resilience

First seen on datensicherheit.de Jump to article: www.datensicherheit.de/cyber-gangstas-paradise-tha-prof-cra-video
RSA 2025: AI’s Promise vs. Security’s Past”Š”, “ŠA Reality Check”

May 16, 2025 6:54 AM

Tags: ai, automation, cloud, conference, cyberattack, cybersecurity, data, detection, edr, endpoint, infrastructure, mobile, resilience, soar, tool, update, windows, zero-trust

RSA 2025: AI’s Promise vs. Security’s Past”Š”, “ŠA Reality Check Ah, RSA. That yearly theater (Carnival? Circus? Orgy? Got any better synonyms, Gemini?) of 44,000 people vaguely (hi salespeople!) related to cybersecurity “¦ where the air is thick with buzzwords and the vendor halls echo with promises of a massive revolution”Š”, “Ševery year. Gemini imagines RSA 2025 (very tame!)…
After helping Russia on the ground North Korea targets Ukraine with cyberespionage

May 16, 2025 12:54 AM

Tags: credentials, cyber, cyberespionage, email, government, hacker, identity, intelligence, korea, microsoft, north-korea, phishing, resilience, risk, russia, ukraine

Credential harvesting: Before the phishing emails, the same Ukrainian government entities were targeted with email alerts impersonating Microsoft and claiming unusual sign-in activity was detected on their accounts. The victims were asked to perform identity verification by clicking on a button, which took them to credential harvesting pages.The Proofpoint researchers didn’t manage to obtain any…
Cyber-Risk Calculator Takes the Guesswork Out of Assessment

May 15, 2025 10:54 PM

Tags: cyber, resilience, risk, tool

Resilience’s new tool aims to help organizations better understand their risk profiles and make more informed decisions about improving their security posture. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/calculator-guesswork-measure-cyber-risk
Using a Calculator to Take Guesswork Out of Measuring Cyber-Risk

May 15, 2025 3:54 PM

Tags: cyber, resilience, risk, tool

Organizations face the complex challenge of accurately measuring their cyber-risk across multiple variables. Resilience’s risk calculator tool can help organizations measure their cyber-risk based on their own factors so that they can make informed decisions about their security posture. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/calculator-guesswork-measure-cyber-risk
ENISA Launches European Vulnerability Database to Bolster EU Cyber Resilience

May 14, 2025 1:38 PM

Tags: computer, cyber, cybersecurity, data, incident response, resilience, security-incident, vulnerability

The European Union Agency for Cybersecurity (ENISA) has unveiled the European Vulnerability Database (EUVD), a strategic move designed to enhance digital security across the bloc and reduce reliance on U.S.-centric cybersecurity infrastructure. The EUVD, now live for consultation, aggregates vulnerability data from a wide range of sources, including national Computer Security Incident Response Teams (CSIRTs),…
Patch Tuesday for May: Five zero day vulnerabilities CISOs should focus on

May 14, 2025 5:41 AM

Tags: access, ai, authentication, awareness, business, ciso, cloud, control, cve, cvss, data, deep-fake, detection, dns, docker, email, exploit, flaw, injection, intelligence, Internet, malicious, microsoft, monitoring, network, office, phishing, ransomware, remote-code-execution, resilience, risk, sans, sap, service, software, theft, unauthorized, update, virus, vulnerability, vulnerability-management, windows, zero-day

A scripting engine memory corruption vulnerability (CVE-2025-30397) is a zero day being actively exploited. It enables remote code execution via type confusion in the Microsoft Scripting Engine. It affects Internet Explorer mode in Microsoft Edge, which is still widely used for legacy compatibility.”While user interaction is required, delivery through phishing links or emails remains a…
Fostering Resilience in Cybersecurity: Prevent Burnout and Enhance Sec Ops

May 13, 2025 10:38 PM

Tags: cybersecurity, resilience

First seen on scworld.com Jump to article: www.scworld.com/perspective/fostering-resilience-in-cybersecurity-prevent-burnout-and-enhance-sec-ops
The Security Gap JPMorgan Chase’s CISO Didn’t Mention”Š”, “ŠAnd Why It’s in Your Browser

May 13, 2025 10:38 PM

Tags: access, adobe, api, apple, attack, browser, business, chrome, ciso, cloud, compliance, conference, control, credentials, crypto, cyber, data, detection, dora, endpoint, exploit, finance, gartner, google, grc, identity, infrastructure, microsoft, monitoring, nis-2, open-source, password, phishing, ransomware, regulation, resilience, risk, risk-assessment, saas, sbom, software, technology, theft, threat, tool, unauthorized, update, vulnerability

The Security Gap JPMorgan Chase’s CISO Didn’t Mention”Š”, “ŠAnd Why It’s in Your Browser When the CISO of JPMorgan Chase issues a public letter to all technology vendors, the industry pays attention”Š”, “Šand rightfully so. In his open letter, Rohan Amin lays out a firm, urgent call: prioritize secure-by-design practices, patch faster, and take full accountability…
IAM 2025: Diese 10 Trends entscheiden über Ihre Sicherheitsstrategie

May 13, 2025 1:38 PM

Tags: access, ai, api, authentication, best-practice, cio, ciso, cloud, compliance, conference, credentials, crypto, cryptography, detection, dora, framework, governance, iam, identity, iot, kritis, login, mfa, nis-2, resilience, risk, risk-analysis, service, strategy, threat, tool, zero-trust

Die Kernaussage der EIC Conference 2025: IAM ist ein ganzheitlicher Architekturansatz und kein Toolset. Identity & Access Management (IAM) ist nicht länger eine Frage der Tool-Auswahl, sondern der Architektur. Diese Kernaussage prägte die European Identity and Cloud Conference 2025, die vom 6. bis 9. Mai in Berlin stattfand. Mit über 1.500 Teilnehmern, 300 Rednern und…
Drei Tipps, wie Unternehmen ihre Cyber-Resilienz stärken können

May 13, 2025 11:38 AM

Tags: ai, cyber, resilience

Die überwältigende Mehrheit der Unternehmen (92 Prozent) wird in den kommenden Monaten verstärkt Projekte mit KI oder generativer KI durchführen. Diese Entwicklung bringt einige neue Herausforderungen in der Cyber-Security mit sich First seen on infopoint-security.de Jump to article: www.infopoint-security.de/drei-tipps-wie-unternehmen-ihre-cyber-resilienz-staerken-koennen/a40763/
Finanzdienstleister: Nachholbedarf bei TLPT

May 13, 2025 10:38 AM

Tags: dora, penetration-testing, resilience, threat

Seit dem 17. Januar 2025 ist DORA (Digital Operational Resilience Act) in Kraft. DORA verpflichtet Finanzinstitute in der EU verpflichtet, regelmäßig Threat-Led Penetration Testing (TLPT) durchzuführen. Experte Dennis Weyel von Horizon3.ai hat mir seine Einschätzung dazu zukommen lassen und meint: … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/05/13/finanzdienstleister-nachholbedarf-bei-tlpt/