ISSA Journal Giugno 2020

ISSA Journal Giugno 2020 - La rivista mensile riservata ai Soci AIPSI

Indice e contenuti dei principali articoli nell'edizione di Giugno 2020:

• Ethical Hacking from Vulnerability Scanning to Adversary Emulation, by Jorge Orchilles - ISSA Fellow, South Florida Chapter.One continually hears "ethical hacking" or "offensive security" terminology used incorrectly by regulators, customers, etc. This article attempts to clarify the definition so that we can all speak and push the industry to use the correct terminology.
• Why Top Management Must Now Stop the Drift to Chaos and Disorder, by Charles Cresson Wood - ISSA member, San Francisco Chapter and Perry Carpenter.Entropy is a law of nature which specifies that, over time, unless work is undertaken to reverse the trend, things will wind-down, become disorganized, and move into what appears to us to be chaos. This article discusses the need for the new management techniques that must be adopted to reverse the drift into entropy.
• Sophisticated Tools Alone Cannot Prevent Advanced Persistent Threats: What's Next?, by Srinivasulu Vuggumudi - ISSA member, Silicon Valley Chapter and Yong Wang.This article introduces different groups of cybersecurity tools, discusses challenges with them, identifies the possible reasons why they are not enough to defend against advanced persistent threats, and discusses the research in progress to complement existing cybersecurity tools.
• Python Programming: Processing NVD Data, by Constantinos Doskas - ISSA Senior Member, Northern Virginia Chapter.This article continues our discussion on database programming by exploring methods of downloading data from websites, loading them on databases, and analyzing them. In past articles we had an overview of NVD database data and the data was downloaded in local storage. In this article we will be loading some of the data on a table and present ways of creating visualizations from it.

Inoltre in questo numero:

• From the President
• Sabett's Brief
  • Inside the Lawyer's Infosec Toolbox
• Herding Cats
  • Contain This
• Open Forum
  • Mindlessly Following "Best Practices"
• Women in Cybersecurity
  • Orchestrating a Communication Cadence in Hybrid Environments
• The Cryptic Curmudgeon
  • Thoughts on Disasters, Planning, and Training
• Open Forum
  • Can You Handle a Nation-State Cyber Attack?
• Crypto Corner
  • Asteroids
• Security in the News
• 2020 International Election
• Career Center