Join us for a panel discussion on advancing cloud security where we’ll explore how agencies are strengthening their cybersecurity posture through advanced monitoring, compliance and automation strategies. Our panel of government and industry experts will delve into the importance of continuous monitoring, security in application development and the move toward continuous authorization.
Federal News Network’s Risk & Compliance Exchange 2024
Nov 18, 2024 1:00 p.m. ET
Type: Webinar
A lot of preparation and planning is underway in response to the new Cybersecurity Maturity Model Certification rule. But CMMC is but one in a growing number of compliance requirements that agencies must implement to drive consistent, secure mission delivery and that government contractors must adhere to.
LastPass warns of fake support centers trying to steal customer data
LastPass is warning about an ongoing campaign where scammers are writing reviews for its Chrome extension to promote a fake customer support phone number. However, this phone number is part of a much larger campaign to trick callers into giving scammers remote access to their computers, as discovered by BleepingComputer.
LastPass is a popular password manager that utilizes a LastPass Chrome extension to generate, save, manage, and autofill website passwords.
Cloud-enabled government: Seamless & secure data access
Join us for a webinar on enterprise cloud adoption in federal agencies, where we’ll explore the factors driving cloud adoption and the challenges agencies face in successfully leveraging cloud technologies.
Key topics include:
- Factors influencing cloud adoption decisions from an enterprise perspective
- Key challenges affecting successful cloud adoption
- The progress and challenges federal agencies face in adopting zero trust solutions
- How cloud adoption is accelerating agency missions
- Key industry changes in the cloud landscape
- Support agencies need to integrate cloud with physical enterprise data centers and sensitive workloads
Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems
Cybersecurity researchers have found that entry points could be abused across multiple programming ecosystems like PyPI, npm, Ruby Gems, NuGet, Dart Pub, and Rust Crates to stage software supply chain attacks.
“Attackers can leverage these entry points to execute malicious code when specific commands are run, posing a widespread risk in the open-source landscape,” Checkmarx researchers Yehuda Gelb and Elad Rapaport said in a report shared with The Hacker News.
14 Million Patients Impacted by US Healthcare Data Breaches in 2024
Over 14 million patients have been affected by data breaches caused by malware attacks on US healthcare organizations so far in 2024, according to a new analysis by SonicWall.
Most (91%) of these breaches have leveraged ransomware, with the report highlighting that attackers see the threat of exposing sensitive information held by healthcare organizations as an effective method for extorting ransom payments.
Managing supply chain resilience assessment model-relevant factors and activities using an FCM-FBWM approach
Supply chain resilience is essential for companies to survive in today’s competitive market, as they face environmental and unforeseeable challenges in their supply chain. This paper aims to model and manage the factors and activities that influence supply chain resilience and how they relate to each other. This will help us devise plans for enhancing the resilience of a supply chain.
SPACE ISAC HOSTS FIFTH ANNUAL VALUE OF SPACE SUMMIT, CO-HOSTED BY THE AEROSPACE CORPORATION
Slated for September 24-25, in Colorado Springs, the summit will focus on geopolitical, economic, and cybersecurity impacts on global space. VOSS V will cover the future of space threats, potential solutions, and the innovative ideas that come from collaborative conversations.
VOSS V is expected to have an immediate impact on the global space community as the event convenes a variety of perspectives from across the space enterprise. The summit’s audience includes stakeholders from industry, academia, the nonprofit research and development community, and collaborators from the United States government, its allies, and partners.
Same destination, different roadmaps: the journey to zero trust architecture
While all federal agencies are striving to reach the same place, no two agencies are taking the same path to get there. Hear from cyber leaders at the Cybersecurity and Infrastructure Security Agency, the Interior Department, the Secret Service and Verizon:
- Louis Eichenbaum, zero trust program manager at Interior
- Sean Connelly, former director of CISA’s Zero Trust Initiative
- Roy Luongo, CISO for the Secret Service
- Wes Withrow, senior client executive for cybersecurity at Verizon
Incident Response Triage Series: Cyber Threat Intelligence Development (IR117)
Monday, October 7, 2024
Time: 11:00 AM EDT – 12:00 PM EDT
Location type: Virtual/Online
Delivery: Live
Format: Webinar
This webinar is intended for those responsible for cybersecurity operations, incident response, and cyber threat intelligence functions within an organization’s IT and cybersecurity teams.
Cyber adversaries are on the move. Their tactics, techniques, and procedures (TTP) evolve rapidly. The defenses in place today, even when good, may not be good enough tomorrow. This webinar equips individuals with the foundational knowledge necessary to establish or improve upon a CTI capability within organizational cybersecurity operations.