ISSA Journal - La rivista mensile riservata ai Soci AIPSI
Indice e contenuti dei principali articoli nell'edizione di Settembre 2020:
-
Managing IoT Platforms with a Focus on Security, by Dale E. Drummond. With the continued explosive growth of the Internet of things in both the residential and commercial markets, the need for both platform and application security continues to increase as well. This article will review the current growth trends, threat landscape, and security options available for those devices.
-
The MITRE ATT&CK Framework: Where Do You Start?, by Dylan Williams - ISSA member, National Capital Chapter. This article describes the value in using the MITRE ATT&CK framework to measure the effectiveness of your organizationÕs ability to identify, detect, and prevent cyber intrusions.
- Third-Party Risk and Threat Hunting, by Gregory Rasner - ISSA member, Raleigh Chapter. This article describes cyber third-party risk steps and best practices and expands into a new mind-set: third-party threat hunting. This new approach to how firms manage their cyber risk with vendors moves from a compliance, check-box type activity to an ongoing and engaging method to improve the security and stability of both vendor and company.
- Creating Value for Information Security in Company Culture, by Rachel A. Cessna. This article examines the psychology of compliance, environmental compliance factors, and common themes in the literature for successfully improving security culture and value in an organization.
-
Python Programming: Processing NVD Data, by Constantinos Doskas - ISSA Senior Member, Northern Virginia Chapter. This article continues the discussion on processing NVD data using the SQL programming language and Python visualizations and reports. We will be processing common platform enumeration (CPE) data as it relates to common weakness enumeration (CWE) and common vulnerabilities and exposures (CVE). We will also present some statistics on vulnerabilities of recent years.
Inoltre in questo numero:
- From the President
- Sabett's Brief
- The Cloud Tanked My Deal
- Women in Cybersecurity
- Women Making It Count
- The Cryptic Curmudgeon
- A Paradigm That Should Shift: The Bastion Model
- Privacy
- Lessons Will Be Learned
- Security in the News
- Career Center