June 7, 2024 at 11:15AM Webinar on managing cyber risk for cyber physical systems (CPS) and critical national infrastructure (CNI). Scheduled for June 10, 2024, it will cover NIS2 regulations’ impact on CPS risk management, the importance of exposure management over vulnerability management, and utilizing Claroty xDome to measure, manage, and reduce risk. Join to … Read more
February 26, 2024 at 03:01PM The National Institute for Standards and Technology (NIST) released Cybersecurity Framework 2.0 after years of deliberation. This update expands its recommendations beyond critical infrastructure, now including a sixth function, Govern, and addressing supply chain risks. The framework provides guidance, a searchable catalog, and references to aid organizations in cybersecurity risk … Read more
January 25, 2024 at 11:55AM A loophole in Google Kubernetes Engine (GKE) authentication allows external attackers with Google accounts to access private Kubernetes clusters, posing serious security risks. Orca Security discovered the issue, named Sys:All, which grants unauthorized access by mistakenly binding overly permissive roles to the “system:authenticated” group. Google has taken steps to mitigate … Read more
January 17, 2024 at 12:52PM TAG.Global now mandates all employees to take a cybersecurity fluency assessment to enhance awareness and responsibility for information security. The test, covering various security subjects, aims to build a strong cybersecurity culture. Tawfiq Talhouni plans to extend the program outside the company, contributing to cybersecurity awareness in the Middle East. … Read more