(Panel Discussion) Shadow IT: You Cannot Protect What You Can’t See
04 Aug
Posted in Shadow IT No comments

(Panel Discussion) Shadow IT: You Cannot Protect What You Can’t See

This is a summary of the panel discussion at Security Symposium & Cyber Sentinel Award by Infocon global. The panel discussion was moderated by Jitendra Chauhan (Head of Engineering at FireCompass) along with Balaram (CISO, Manthan), Anath Kumar Ms (Head-IT Assurance & Security, Janalaxmi Financial Services), Sumanth Naropanth and Ramakrishna Roy. Points Covered were: WhatRead more about (Panel Discussion) Shadow IT: You Cannot Protect What You Can’t See[…]

Marriott Hacked : Why It Happened & What Can You Learn?
11 Jul
Posted in Cyber Security Breach No comments

Marriott Hacked : Why It Happened & What Can You Learn?

Why It Happened ? Marriott faces a fine of $124 million proposed by UK regulators under the EU’s new privacy rules. Before being discovered, the breach persisted for 4 years, dated back to 2014 but was not discovered until November 2018. Marriott said the long-running breach exposed such information as names, email addresses, phone numbers,Read more about Marriott Hacked : Why It Happened & What Can You Learn?[…]

British Airways Hacked : Why It Happened & What Can You Learn?
11 Jul
Posted in Cyber Security Breach No comments

British Airways Hacked : Why It Happened & What Can You Learn?

$230m fine proposed as penalty to British Airways from the Information Commissioner’s Office for the data breach that is believed to have affected thousands of their customers between April and June 2018. The breach was disclosed in September.  (Free Demo) Discover Your Attack Surface Now Why It Happened ? This attack involved user traffic from British AirwaysRead more about British Airways Hacked : Why It Happened & What Can You Learn?[…]

NASA Hacked : Why It Happened & What Can You Learn?
03 Jul
Posted in Cyber Security Breach No comments

NASA Hacked : Why It Happened & What Can You Learn?

(NASA Hacked) On 21 June, 2019 major news channels disclosed a major hack on NASA. Hackers were able to gain unauthorized access using Raspberry Pi and stole ‘Mars Mission Data’ and breached ‘NASA’s satellite dish network’. This happened around April 2018 and went unnoticed for for almost a year. It is advisable to do anRead more about NASA Hacked : Why It Happened & What Can You Learn?[…]

Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more
28 Jun
Posted in Cyber Security Breach No comments

Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more

In recent past there have been some major breaches and some key reasons responsible for the breach were Shadow IT, Leaked Credentials, 3rd Party/Vendor Risks. Major breaches like American Express, Uber, Dropbox, Dunkin Donuts, British Airways & many more. This research was in line with this to continuosly monitor the web (surface,deep,dark) to understand the leaked credentials,Read more about Shocking Results From Hidden Internet – Exposed Database,Leaked Passwords, Code Leaks & more[…]

Free 3rd Party Information Security Assessment Guideline
27 Jun
Posted in Third Party Risk No comments

Free 3rd Party Information Security Assessment Guideline

This free document is on Free 3rd Party Information Security Assessment Guideline (Courtesy Cybersecurity Malaysia). Cybersecurity Malaysia has made this great document with authors Nor’azuwa Muhamad Pahri and Noor Aida Idris Third Party Information Assessment Guideline Includes –  Pre-Assessment Roles & Responsibilities for Organisations Develop Assessment Requirements Plan and Allocate Resources Evaluate 3rd Party AssessorRead more about Free 3rd Party Information Security Assessment Guideline[…]

Free Supplier Security Assessment Questionnaire
27 Jun
Posted in Third Party Risk Management No comments

Free Supplier Security Assessment Questionnaire

This document is on Supplier Security Assessment Questionnaire (SSAQ) (Security self-Assessment and Reporting) (Courtesy Halkyn Consulting).  This includes the following sections –  Document Control Supplier Name & Address Assessment Completed by Date of assessment Additional Documents ProvidedRelevant Network Diagram Relevant Security Diagram Relevant System Architecture Technical Interface Design Relevant 3rd Party Security Assessment(s) (e.g. SASRead more about Free Supplier Security Assessment Questionnaire[…]

Free Third Party Data Security Assurance Questionnaire
27 Jun
Posted in Third Party Risk Management No comments

Free Third Party Data Security Assurance Questionnaire

This free document is on 3rd party data security assurance (Courtesy UCF,  Information Security Office, VR Program).  The document is made in a way such that vendors must answer the questions in a yes/no. Third Party/ Vendor Data Security Assurance Questionnaire (SAQ)Document covers questions from various sections –  Policies & Procedures  Disaster Recovery & Business Continuity  PhysicalRead more about Free Third Party Data Security Assurance Questionnaire[…]

Free 3rd Party Outsourcing Information Security Assessment Questionnaire
27 Jun
Posted in Third Party Risk Management No comments

Free 3rd Party Outsourcing Information Security Assessment Questionnaire

This free document is on 3rd party Outsourcing Information Security Assessment Questionnaire (Courtesy UBC IT). This questionnaire document has various information section on :  Company Information Policies, Standards and Procedures Architecture Configurations Product Design Compliance Access Controls Monitoring Physical Security Contingency Vendor’s Business Associates Download Document The document can be viewed below and downloaded fromRead more about Free 3rd Party Outsourcing Information Security Assessment Questionnaire[…]