Tag Archive for: discuss
Hayward City Council to discuss ransomware attack
/in Internet Security
Bay City News and Michael Thomas
(BCN) — The Hayward City Council will hold a special meeting Thursday night to ratify a proclamation of a local emergency made Sunday after a ransomware attack breached the city’s computer systems and networks over the weekend.
Hayward is continuing to “assess and recover” from the cybersecurity event that occurred early Sunday morning in which “intruders attempted to disrupt and hold hostage aspects and components of our computer systems and networks,” the city said.
A ransomware attack occurs when someone encrypts files and demands ransom to decrypt them. The encryption makes the files and the systems that rely on them unusable, according to the U.S. Cybersecurity and Infrastructure Security Agency.
Thursday’s meeting is at 7 p.m. and will be in-person only at council chambers, located in Hayward City Hall, 777 B Street, conference room 2A.
By declaring an emergency, the city has greater flexibility in executive decision-making and deployment of city employees, and can access and acquire equipment, supplies and other resources needed, the city said Wednesday. The declaration also can “be a prerequisite to and streamline” reimbursement of certain costs associated with the response, according to the city manager.
Public access to the City of Hayward’s website was mostly restored Tuesday, but aspects of the city’s site are still being gradually restored, the city said, and visitors to the site who encounter non-functioning links are encouraged to report them at [email protected].
Hayward’s emergency numbers and systems were never affected, the city said, nor were water, sewer, or other municipal operations.
“To date, we have found no evidence of a breach or theft of private personal or confidential information related to any current or former City employee, community member or other member of the public,” said the city. “If that were to change, the City will contact the affected individual or individuals directly.”
KRON On is streaming news live…
CISO Conversations: HP and Dell CISOs Discuss the Role of the Multi-National Security Chief
/in Computer Security
HP and Dell Technologies are two of the world’s largest international computer manufacturers. Their CISOs, Joanna Burkey (HP) and Kevin Cross (Dell), both manage security teams comprising many hundreds of people, and are responsible for corporate security across multiple jurisdictions. The role of CISO is different for a multinational corporation compared to a national company.
Reporting and budget
Historically, the CISO reports to the CIO, and this remains the most common reporting structure. Not all CISOs agree with this because of the inherent conflict of interest between IT and security. Both Burkey and Cross believe it is right for some companies, but wrong for others.
There’s no one size fits all solution to the hierarchy issue, says Burkey. “Every company has a different culture and different value prop; and it is these that determine the right location for the CISO.”
Cross has a very similar view. “There is no right or wrong answer to this,” he says. “It is dependent on the company culture and the business landscape how things should best be structured.” Supporting this, he notes that Dell’s structure is slightly unusual. “I report to a chief security officer who reports to general counsel, who reports to the CEO.” A stronger than usual integration with Legal could be considered important for a firm working across multiple jurisdictions with different privacy and data security requirements.
Budget is always an issue for any CISO – getting sufficient funds to do what is important. One of the weaknesses in having the CISO report to the CIO is that it is still common for the security budget to be taken as a percentage of the IT budget. But security has grown beyond IT alone.
“Cybersecurity is a strategic horizontal in most enterprises,” comments Burkey. “Cyber is important everywhere and it is really important that the funding model and the financial partnerships for cyber span the enterprise.”
Achieving this is complex and governed by the individual business landscape. “I’ve seen different models that can work,” she continued. “Budget could be received from a single source, such as the CFO or CTO, but…
Over 1,500 cybersecurity experts will discuss challenges and trends at DefCamp
/in Computer Security
After two years of exclusive online activity, the most important annual hacking and cybersecurity conference in Central and Eastern Europe returns onsite in Bucharest, on 10th-11th November 2022, to bring together the infosec expert community in the region.
In recent years, companies have focused heavily on the rapid adoption of digitization to enable them to continue working remotely as a result of the pandemic. This has opened the door for cybercriminals to launch their attacks more easily given the increased number of vulnerabilities in company infrastructures. In addition, recent geopolitical events have also put pressure on companies’ capabilities to defend themselves against cyber attacks. Attack methods are becoming more sophisticated and the need for security solutions and strategies is growing. DefCamp will be the right environment to discuss today’s cybersecurity challenges, and experts on stage will address topics such as critical infrastructure security, building a company-wide security strategy and incident management, ransomware, malware, device tracking threats in 5G networks and more.
„Cybersecurity is undoubtedly the biggest challenge of the digital age. For this reason, companies, regardless of their employee numbers or industry, must prioritize defense solutions for their business. The pandemic has increased the need for digitization, which has brought both opportunities for growth and risks for users and companies with low security. In addition, the conflict in Ukraine has exposed technological vulnerabilities behind some large companies and, along with online misinformation, it has increased distrust in storing personal data on the internet“, said Andrei Avădănei, founder of DefCamp.
Since its first edition in 2011, DefCamp has brought together the region’s community of security experts to showcase current solutions for effective and lasting protection against increasingly agile cybercriminals. This year’s edition will focus on creating opportunities to reconnect and develop members’ skills, after two years of being exclusively online. The event is physically expected to attract more than 1500 participants from around the world,…