“Estonia is a cyber country of excellence with a robust cyber defensive system in terms of technology and people. Given their deep expertise, I believe they will have substantial lessons to share, which will be enormously helpful in finding efficiencies in our science and technology efforts while understanding how best to defend against cyber warfare,” said Robert Kimball, the C5ISR Center’s senior research scientist for cyber security. Kimball also noted Estonia is home to the NATO Cyber Defense Center and Cyber Range.
According to the recently published EDPB guidelines on the targeting of social media users, the term “targeter” is used to designate natural or legal persons that use social media services in order to direct specific messages at a set of social media users on the basis of specific parameters or criteria. What sets targeters apart from other social media users is that they select their messages and/or their intended audience according to the perceived characteristics, interests, or preferences of the individuals concerned, a practice which is sometimes also referred to as “micro-targeting.” Targeters can engage in targeting to advance commercial, political, or other interests.
According to NIST in its recently published paper on forensic science challenges and the cloud, “Cloud computing has revolutionized the methods by which digital data is stored, processed, and transmitted.” The paper goes on to highlight that, “One of the most daunting new challenges is how to perform digital forensics in various types of cloud computing environments. The challenges associated with conducting forensics in different cloud deployment models, which may cross geographic or legal boundaries, have become an issue.” The complete paper, NIST Cloud Computing Forensic Science Challenges, published in August of 2020, aggregates, categorizes, and discusses the forensics challenges faced by experts when responding to incidents that have occurred in a cloud-computing ecosystem.
As highlighted in NIST Special Publication 800-207, no enterprise can eliminate cybersecurity risk. However, when complemented with existing cybersecurity policies and guidance, identity and access management, continuous monitoring, and general cyber hygiene, a properly implemented and maintained Zero Trust Architecture (ZTA) can reduce overall risk and protect against common threats.
According to Wikipedia, malware analysis is the study or process of determining the functionality, origin, and potential impact of a given malware sample. In this new handbook from the NATO Cooperative Cyber Defence Centre of Excellence, the authors share concise insight and general techniques for analyzing the most common malware types for the Windows OS.
According to the European Securities and Market Authority (ESMA) Chair, Steven Maijoor, cloud outsourcing can bring benefits to firms and their customers, for example, reduced costs and enhanced operational efficiency and flexibility. Cloud outsourcing also raises important challenges and risks that need to be properly addressed, particularly in relation to data protection and information security. Financial markets participants should be careful that they do not become overly reliant on their cloud services providers. They also need to closely monitor the performance and the security measures of their cloud service provider and make sure that they are able to exit cloud outsourcing arrangements as and when necessary.
According to the European Data Protection Supervisor (EDPS) in his recent opinion on the European Data Strategy, the predominant business model of the digital economy is characterized by an unprecedented concentration of data in the hands of a handful of powerful players, based outside the EU, and wide-scale pervasive tracking. The EDPS goes on to share that he strongly believes that one of the most important objectives of the European Data Strategy should be to prove the viability and sustainability of an alternative data economy model – open, fair, and democratic.
According to the recently published Cyberspace Solarium Commission report “Cybersecurity Lessons from the Pandemic,” the COVID-19 pandemic illustrates the challenge of ensuring resilience and continuity in a connected world. Many of the effects of this new breed of crisis can be significantly ameliorated through advance preparations that yield resilience, coherence, and focus as it spreads rapidly through the entire system, stressing everything from emergency services and supply chains to basic human needs and mental health. The pandemic produces cascading effects and high levels of uncertainty. It has undermined normal policymaking processes and, in the absence of the requisite preparedness, has forced decision-makers to craft hasty and ad hoc emergency responses.
According to the publishers, this paper is an aid to quickly checking your own security with regard to the availability of your own data processing within the meaning of Article 32 GDPR. The scope includes both the non-public as well as the public area. The work was created in a collaboration between the Bavarian State Office for Data Protection Supervision (BayLDA) and the Bavarian State Commissioner for Data Protection (BayLfD).
The expected disruptive developments collectively referred to as the Internet of Things (IoT) have drawn significant attention in many industries, disciplines, and organizations. While the concrete benefits and requirements are still not sufficiently clear, the general agreement on its relevance and impact is undeniable. As a result, a large number of initiatives and consortia from industry and research have been formed to all set the de facto standards and best practices. This work contributes to the state of the art by providing a structured analysis of existing reference frameworks, their classifications, and the concerns they target.