Cybersecurity and Privacy Certification from the Ground Up

The European Cybersecurity Act, proposed in 2017 by the European Commission, is the most recent of several policy documents adopted and/or proposed by governments around the world, each with the intent (among other objectives) to bring clarity to cybersecurity certifications for various products and services. The reason why cybersecurity, and most recently privacy, certifications are [...]

Cloud Security Alliance Issues Code of Conduct Self-Assessment and Certification Tools for GDPR Compliance

SEATTLE, WA and LONDON – JUNE 5, 2018 – InfoSecurity Europe Conference – The Cloud Security Alliance (CSA), the world’s leading organization dedicated to defining standards, certifications and best practices to help ensure a secure cloud computing environment, today released the CSA Code of Conduct (CoC) Self-Assessment. An essential tool for those charged with General Data Privacy Requirements (GDPR) [...]

Cyber Threat Landscape: The More Things Change …

Many analyses of cybersecurity include consideration of the field’s constant state of flux and change. As the battlefield of the internet evolves, typically, so do the attack strategies, weapons, defense mechanisms and actors. However, according to ISACA’s 2018 State of Cybersecurity research, two elements that remain relatively constant are the types of attackers and the type [...]

Sofacy Group’s Parallel Attacks

Summary The Sofacy group remains a persistent global threat. Unit 42 and others have shown in the first half of 2018 how this threat actor group continues to target multiple organizations throughout the world with a strong emphasis on government, diplomatic and other strategic organizations primarily in North America and Europe. Following up our most [...]