Smashing Security podcast #056: Peeping Toms, prison hacks, and parliamentary passwords

Why you should check your Airbnb for hidden cameras, a hacker attempts a different kind of jailbreak, and British MPs prove that they really are clueless when it comes to cybersecurity.
All this and much much more is discussed in the latest edition of the “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, who are joined this week by special guest Ian Whalley.
Show notes:
Please check out the show notes for this episode of the podcast on the Smashing Security webpage.
网络安全法动漫宣传片 002 国家网络安全的现状与重要性概述

Your browser does not support this audio element.
Subscribe: Apple Podcasts | Google Play | Overcast | Stitcher | RSS for you nerds.
Hosts:
Graham Cluley – @gcluley
Carole Theriault – @caroletheriault
Guest:
Ian Whalley
Thanks to our sponsors Netsparker and OneLogin:
申请信息安全管理体系认证的公司应按国家及监管部门要求,加强信息安全管理体系认证安全管理。
Netsparker is a web application security scanner that can automatically find security flaws in your website and fix them before hackers can exploit them.
If you want to automatically check your web applications for cross site scripting, SQL Injection & other vulnerabilities and coding errors that can leave you and your business exposed to malicious hacker attacks, then you need NetSparker.
Try it out now by downloading a demo from www.netsparker.com/smashing
OneLogin provides Single Sign On for customers like Airbus, Royal Mail, BSI, and Dun and Bradstreet. With hundreds of apps being used in the typical workplace, and the average user having to remember about 40 different passwords, we all know that if we don’t have a product to remember passwords they end up in spreadsheets, stored in emails, or left on post-it notes. And that is a security nightmare. OneLogin allows IT to say which users have access to which applications at what time and also enforce two factor authentication. So even if credentials are compromised, hackers can’t get access to those corporate services. And, by connecting to Active Directory, access to all of these services is de-provisioned as soon as someone leaves the organisation.
Learn more, and download a free guide to identity access management, at www.smashingsecurity.com/onelogin
Follow the show:
Follow the show on Twitter at @SmashinSecurity, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
全国信息安全标准化技术委员会组织制定和批准发布了多项信息安全技术标准,这批标准的发布实施,对于完善我国信息安全标准体系,规范和指导我国信息安全保障体系建设具有重要意义。

猜您喜欢

长沙消防全面加强易燃易爆场所安全整治工作
未来的企业安全重点在大数据分析
网络安全法普法宣传 004《网络安全法》的突出亮点
泰国副总理戴钻戒和200万元名表惹争议 https://news.qq.com/a/20171207/003229.htm#p=1
JEFFREESTARCOSMETICS MANUCURE-PAS-CHERE
网络信息安全好歌曲

Why Security Priorities Need to Shift to Safety Issues

Joshua Corman, co-founder, I Am The Cavalry

The healthcare sector’s cybersecurity efforts need to shift from a focus on protecting patient information confidentiality to protecting patient safety, says Joshua Corman, co-founder of I Am The Cavalry, a grassroots, not-for-profit cyber safety organization. He’s also chief security officer at software developer PTC and a fellow at the Atlantic Council.
See Also: Ransomware: The Look at Future Trends
“We make a joke in the Cavalry: I love my privacy; I’d like to be alive to enjoy it,” he says in a video interview at Information Security Media Group’s recent Healthcare Security Summit in New York.
The top security priority of most healthcare sector entities has long been protecting the privacy of patient information, Corman notes. But as ambitious new efforts, such as the national Precision Medicine Initiative, take shape, organizations also need to “focus on patient safety and the availability of critical resources,” he says.
“It’s not that privacy doesn’t matter – we’re failing miserably at it – and in a lot of ways, the toothpaste is out of the tube. But if you just design for privacy, you might encrypt things, but if you design for privacy and safety, maybe you design things differently,” he says. “The threat models are more comprehensive. So there’s significant work to do, and right now, if a hospital has to choose between protecting a patient record or protecting the patient … there’s no incentive to protect the patient, really. This is unchartered territory and we’re out of time.”
In the interview, Corman also discusses:
The serious threats to patient safety posed by ransomware and other cyberattacks on the healthcare sector;
博山区交通运输局举行安全生产活动考试
Recent hacking simulations conducted by I Am the Cavalry involving emergency room physicians to study the potential safety impact on patients;
The cybersecurity challenges facing especially small, midsized and rural healthcare providers.
In addition to his work at I Am the Cavalry, Corman is also chief security officer at software developer PTC, a fellow at the Atlantic Council, and a member of the Department of Health and Human Services’ Cybersecurity Task Force. Corman formerly served as chief technology officer for Sonatype, director of security intelligence for Akamai and in senior research and strategy roles for The 451 Group and IBM Internet Security Systems.
找出系统和信息之后,需要给它们分安全级别,分级的目的以便有轻重地对待,即制定保护战略。
在开放、充满诱惑但又极不安全的网络环境中,如何有效保护好他们的个人信息、宝贵数据,摆脱各种网络诱惑、树立良好的上网心态,使他们安全地使用网络和各类信息设备已经成为人们生活和工作中不得不面临的问题.

猜您喜欢

斩断黑客窃取私人信息数据之黑手
大部分智能移动终端中含有敏感数据
网络安全法实施宣传
广东致3死枪杀案嫌犯被抓捕画面
AUTISMOMADRID WWWLIBERTYFRIENDS
保障移动设备安全的三大热点问题