Collaborate Disseminate
New draft guidelines have been issued by NIST are recommending that users should not be forced to periodically change their passwords.
Guest contributor Bob Covello reports.
Continue reading New NIST guidelines banish periodic password changes
The college year is rapidly coming to a close, and for many students who are in their early college years, an internship is usually part of the summer plans. With the growing interest in cyber security and infosec, as well as the increased availability of cyber security programs in many higher education establishments, some students […]… Read More
The post An InfoSec Intern Roadmap appeared first on The State of Security.
In part one of this series, I posited that additional integrity on a resume as well as in interview situations can benefit the entire information security profession by highlighting the specific disciplines in our industry. This, in turn, could serve to stop the perception of a cyber skills-gap by driving awareness that the InfoSec field […]… Read More
The post Graduating in Information Security: Part Two appeared first on The State of Security.
Continue reading Graduating in Information Security: Part Two
There has been a lot of news recently about the cybersecurity skills shortage. While there is a lot to be concerned about with all of the news about insecure devices and unsecured networks, I am confident that the shortage alarms are more headline-grabbing sensationalism than actual fact. In this two-part article, I will explore the […]… Read More
The post Graduating in Information Security: Part One appeared first on The State of Security.
Continue reading Graduating in Information Security: Part One
In part 1 and part 2 of this series, I reviewed some of the administrative and technical evolution of the cybersecurity legislation that has been proposed for all financial entities in New York State. As I started to write this, the final regulation was adopted. The good news is that most of the changes that […]… Read More
The post The New York State Department of Financial Services: The Evolution of a Regulation – Part 3 appeared first on The State of Security.
In part 1 of this series about the proposed regulation promulgated by the New York State Department of Financial Services, the evolution of some of the administrative requirements were explored. The exemptions, appointment of a CISO and the utilization of cyber security personnel all changed from the originally proposed regulation. In this part, some of […]… Read More
The post The New York State Department of Financial Services: The Evolution of a Regulation – Part 2 appeared first on The State of Security.
In part 1 of this series about the proposed regulation promulgated by the New York State Department of Financial Services, the evolution of some of the administrative requirements were explored. The exemptions, appointment of a CISO and the utilization of cyber security personnel all changed from the originally proposed regulation. In this part, some of […]… Read More
The post The New York State Department of Financial Services: The Evolution of a Regulation – Part 2 appeared first on The State of Security.
The New York State Department of Financial Services has proposed a cyber security regulation that is unique in its breadth. The original proposed regulation underwent a 45-day review period, after which it was changed. It is currently under another 45-day review period pending further changes and should be published in the next few weeks. The […]… Read More
The post The New York State Department of Financial Services: The Evolution of a Regulation – Part 1 appeared first on The State of Security.
In the early days of computer viruses, there were different classifications of viruses based on their behavior. Worms had the ability to self-replicate, while polymorphic viruses had the ability to change their appearance to avoid eradication. Additionally, multipartite viruses consisted of a combination of viral techniques. There are, of course, other virus types in the […]… Read More
The post Now Ransomware Can Be a Breach Event appeared first on The State of Security.
Just because you have two factor authentication doesn’t mean you can afford to be sloppy with password security, explains guest contributor Bob Covello.
Continue reading Why your password is still important – even if you use multi-factor authentication