Wednesday, September 29, 2021

Another “At least” list.

https://www.makeuseof.com/identify-employee-data-theft/

5 Ways to Identify Employee Data Theft

When a company holds a lot of sensitive info, it can feel overwhelming keeping track of who is accessing it. Here's how to monitor for data theft.



At least, the basis for your own guide.

https://www.bespacific.com/nsa-cisa-publish-guide-for-securing-vpn-servers/

NSA, CISA publish guide for securing VPN servers

The Record: “The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published today technical guidance on properly securing VPN servers used by organizations to allow employees remote access to internal networks. The NSA said it put together the nine-page guide [PDF ] after “multiple nation-state advanced persistent threat (APT) actors” weaponized vulnerabilities in common VPN servers as a way to breach organizations. “Exploitation of these CVEs [vulnerabilities] can enable a malicious actor to steal credentials, remotely execute code, weaken encrypted traffic’s cryptography, hijack encrypted traffic sessions, and read sensitive data from the device,” the NSA said today in a press release announcing the guide’s publication. “If successful, these effects usually lead to further malicious access and could result in a large-scale compromise to the corporate network,” the agency added. For example, Chinese, Iranian, and Russian state-sponsored groups have been spotted abusing vulnerabilities in Pulse Secure and Fortinet VPNs in campaigns that have taken place between 2019 and 2021…”



Another resource to milk for anything useful.

https://thehackernews.com/2021/09/ebook-your-first-90-days-as-ciso-9.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+%28The+Hackers+News+-+Cyber+Security+Blog%29

[eBook] Your First 90 Days as CISO — 9 Steps to Success

Chief Information Security Officers (CISOs) are an essential pillar of an organization’s defense, and they must account for a lot. Especially for new CISOs, this can be a daunting task. The first 90 days for a new CISO are crucial in setting up their security team, so there is little time to waste, and much to accomplish.

Fortunately. A new guide by XDR provider Cynet (download here ) looks to give new and veteran CISOs a durable foundation to build a successful security organization. The challenges faced by new CISOs aren’t just logistical.

They include securing their environment from both known and unknown threats, dealing with stakeholders with unique needs and demands, and interfacing with management to show the value of strong security.



Ethics to merge into your own?

https://www.weforum.org/agenda/2021/09/case-study-on-ibm-ethical-use-of-artificial-intelligence-technology/

3 lessons from IBM on designing responsible, ethical AI

Over the past two years, the World Economic Forum has been working with a multi-stakeholder group to advance ethics in technology under a project titled Responsible Use of Technology. This group has identified a need to highlight and share best practices in the responsible design, development, deployment and use of technology. To this end, we have embarked on publishing a series of case studies that feature organizations that have made meaningful contributions and progress in technology ethics. Earlier this year, we began this series with a deep dive into Microsoft’s approach to responsible innovation.

In the second edition of this series, we focus on IBM’s journey towards ethical AI technology. The insights from this effort are detailed in a report titled Responsible Use of Technology: The IBM Case Study, which is jointly authored by the World Economic Forum and the Markkula Center for Applied Ethics at Santa Clara University. Below are the key lessons learned from our research, along with a brief overview of IBM's historical journey towards ethical technology.



This does not seem logical. Has Australia lost its voice?

https://www.wsj.com/articles/cnn-restricts-access-to-facebook-pages-in-australia-11632868267?mod=djemalertNEWS

CNN Restricts Access to Facebook Pages in Australia

CNN said it has restricted access to its Facebook Inc. pages in Australia following a ruling from that country’s high court that makes news organizations legally liable for comments on their Facebook posts.

The court ruled that media companies facilitated and encouraged comments from users by creating public Facebook pages and posting content on them. According to the court, media companies are responsible for any defamatory content that appears on them because they are considered publishers of the comments.



Perspective. (Yeah, it’s an article for geeks.)

https://www.efinancialcareers.com/news/2021/09/banks-python-vs-r

R is better than Python. Try telling that to banks

"R is much more of a tool for professional statisticians, meaning people who are interested in inference about data, rather than computer scientists who are people interested in code." As the computer scientists in banks have gained traction, Giller says banks have "replaced quants with IT professionals or with quants who deep down want to be IT professionals," and they've brought Python with them.



Resources.

https://www.makeuseof.com/tag/public-domain-movies-sites/

The 5 Best Sites for Free Public Domain Movies


No comments: