News CI Security News

Cyber Security News

RSS Center For Internet Security News
  • CIS Podcast Episode 22: CIS Behind the Veil: Log4j
    In early January, the cybersecurity world was introduced to a new foe when researchers discovered a vulnerability in the code of a software library called Log4j. The library is built on Java, the popular coding language used in other software and applications around the world. Because of its ubiquity, the vulnerability was estimated to be […]
    Danielle Koonce
  • CIS Risk Assessment Method (RAM) v2.1 for Implementation Group 2 (IG2)
    Laws, regulations, and information security standards all tell us to demonstrate “reasonable” security. However, a breach should not be the first time we try to define “reasonableness.” If you are breached and your case goes to litigation, you will be asked to demonstrate “due care.” This is the language judges use to describe “reasonableness.” Enterprises […]
    Danielle Koonce
  • CIS Risk Assessment Method (RAM) v2.1 for CIS Controls v8
    CIS recently released the CIS Risk Assessment Method (RAM) v2.1, a risk assessment method designed to help enterprises justify investments for implementing the CIS Critical Security Controls (CIS Controls). This version supersedes CIS RAM v2.0, which was first released in October 2021. CIS RAM helps enterprises define their acceptable level of risk, and then manage […]
    Danielle Koonce
  • CIS Controls v8 Introductory Course Available on Salesforce’s Trailhead
    Version 8 of the CIS Critical Security Controls (CIS Controls) helps organizations keep up with modern systems and software, and can ultimately help improve your cybersecurity posture. The  CIS Controls team recently worked with Trailhead – Salesforce’s online training platform – to create an introductory course on CIS Controls v8 Implementation Group 1 (IG1), also […]
    Danielle Koonce
  • End-of-Support Software Report List
    The importance of replacing software before its End-of-Support (EOS) is critical. EOS occurs when software updates, patches, and other forms of support are no longer offered, resulting in software becoming prone to future security vulnerabilities. Using unsupported software and firmware/hardware, puts organizations at risk in the following ways: Subsequent vulnerability disclosures place your organization at […]
  • 2022 Cybersecurity Predictions to Watch Out For
    As eventful as 2020 was – with the world of work turned upside down, thanks to COVID-19 – 2021 was equal to its predecessor. It was a year that bounced from hope to cautious optimism, then back to disquiet. While some of our cybersecurity predictions for 2021 were accurate, like the importance of securing the […]
    Danielle Koonce
  • CIS Benchmarks January 2022 Update
    The following CIS Benchmarks have been updated or released. We’ve highlighted the major updates below. Each Benchmark includes a full changelog that can be referenced to see all changes made. CIS macOS 12.0 Monterey Benchmark v1.0.0 A new Benchmark and corresponding Build Kit are available for this technology, using Apple’s mobile configuration profiles. The Benchmark […]
    Danielle Koonce
  • New Hardened macOS 11 & 10.15 VMs in AWS Marketplace
    Apple users rejoice! CIS Hardened Images for macOS Big Sur (11) and Catalina (10.15) are now available in Amazon Web Services (AWS) Marketplace. These CIS Hardened Images are the first independently-developed offering for macOS Amazon machine images (AMIs) in AWS Marketplace. CIS Hardened Images, pre-configured virtual machine images, provide an additional layer of security to […]
    Mia LaVada
  • NSA Guidance: Zero Trust Applied to 5G Cloud Infrastructure contd: Parts 3 and 4
    Part 2 of a 2-part series By: Kathleen M. Moriarty, CIS Chief Technology Officer and active participant in the Critical Infrastructure Partnership Advisory Council (CIPAC) Cross Sector Enduring Security Framework (ESF) Working Group “Security Guidance for 5G Cloud Infrastructures” is a series of four documents intended to help secure cloud environments. It’s been created as […]
    Danielle Koonce
  • CIS Podcast Episode 21: Year In Review; A List of our Favorite Episodes
    In this edition of Cybersecurity Where You Are, CIS CISO, Sean Atkinson, and CIS Senior VP and Chief Evangelist, Tony Sager are joined by two members of the CIS podcast production team, Jason Forget, VP of Communications, and Chad Rogers, Digital Media Program Manager. Together they discuss this past year in cybersecurity, creating this podcast, […]
    Danielle Koonce
WordPress Appliance - Powered by TurnKey Linux