Tag Archive for: recommendations

India: Government should promptly adopt and act on the recommendations made at UN Rights Review

/in


Member States Seek Protection of Minority Rights, Free Speech, Peaceful Assembly

The Indian government should promptly adopt and act on the recommendations that United Nations member states made at the UN Human Rights Council’s Universal Periodic Review process on November 10, 2022, six international human rights groups said today. The recommendations cover a range of key concerns including the protection of minority communities and vulnerable groups, tackling gender-based violence, upholding civil society freedoms, protecting human rights defenders, and ending torture in custody.

The groups are the International Federation for Human Rights (FIDH), World Organisation Against Torture (OMCT), CSW, International Dalit Solidarity Network, Amnesty International, and Human Rights Watch.

All UN member states participate in the Universal Periodic Review (UPR) process, which examines their human rights record and proposes action to improve the human rights situations in their countries. In its report submitted to the UN ahead of its review, the Indian government claimed, “it is firmly committed to the promotion and protection of human rights.” However, in the past UPR cycles, India has ignored important recommendations, including to address increasing violence against religious minorities, ensure accountability of its security forces, and protect freedom of expression and peaceful assembly.

During the periodic review, India’s fourth, 130 member states made 339 recommendations highlighting some of the most urgent human rights concerns in the country.

Since its last review in 2017, India has undergone a serious regression in human rights under the Hindu nationalist Bharatiya Janata Party (BJP)-led government of Prime Minister Narendra Modi. The government has escalated its crackdown on independent and democratic institutions, and is using draconian counterterrorism and national security laws to prosecute and harass human rights activists, journalists, students, government critics, and peaceful protesters. Attacks, discrimination, and incitement against religious minorities are increasing. The traditionally marginalized Dalit and Adivasi communities have been denied justice and…

Source…

Cybersecurity Defense: Recommendations for Companies Impacted by the Biden Administration Executive Order | Lighthouse

/in


Thus, while on its face, many of the new requirements within the Order are aimed at federal agencies and government subcontractors, the ultimate goal appears to be to create a more unified national cybersecurity defense across all sectors. In this installment of our blog series, I will outline recommended steps for private sector organizations to prepare for compliance with the Order, as well as general best-practice tips for adopting a more preemptive approach to cybersecurity.

1. Conduct a Third-Party Assessment

First and foremost, organizations must understand their current cybersecurity posture. Given the severity and volume of recent cyberattacks, third-party in-depth or red-team assessments should be done that would include not only the organization’s IT assets, but also include solutions providers, vendors, and suppliers. Red teaming is the process of providing a fact-driven adversary perspective as an input to solving or addressing a problem. In the cybersecurity space, it has become a best practice wherein the cyber resilience of an organization is challenged by an adversary or a threat actor’s perspective.[1] Red-team testing is very useful to test organizational policies, procedures, and reactions against defined, intended standards.

A third-party assessment must include a comprehensive remote network scan and a comprehensive internal scan with internal access provided or gained with the intent to detect and expose potential vulnerabilities, exploits, and attack vectors for red-team testing. Internal comprehensive discovery includes scanning and running tools with the intent to detect deeper levels of vulnerabilities and areas of compromise. Physical intrusion tests during red-team testing should be conducted on the facility, networks, and systems to test readiness, defined policies, and procedures.

The assessment will evaluate the ability to preserve the confidentiality, integrity, and availability of the information maintained and used by the organization and will test the use of security controls and procedures used to secure sensitive data.

2. Integrate Solution Providers and IT Service Companies into Plans to Address Above Executive Order Steps

To…

Source…

A Ransomware Task Force Has Released Extensive Recommendations – Prepare Your Company Now! | Newmeyer Dillion

/in


In 2020, ransomware caused businesses an estimated $20 billion in losses worldwide. Those losses were a substantial increase from 2019 when ransomware caused $11.5 billion in business losses. Not only is the ransomware scourge growing, but cybercriminals are also increasingly attacking smaller and smaller companies, often because they have less security in place.

Last week, a multi-industry Ransomware Task Force issued a long anticipated, extensive report regarding how to deal with the ever-increasing threat that ransomware is posing to businesses, and in turn, the global economy. Due to the broad composition of the task force, the report recommends addressing ransomware holistically and from a number of different angles; below you will find several highlights from this report. All companies, regardless of size, are strongly encouraged to work with outside counsel and forensic consultants to prepare for the ransomware threat.

The Payment Problem

The biggest challenge with ransomware is that victims are making the problem worse. That is, the more payments that the criminals receive, the more resources they can afford to contribute to their operations. While the report does not recommend making ransom payments illegal, it recommends that they be discouraged, if possible. For example, it recommends requiring companies to assess all options before paying ransom and creating a fund to help those companies who choose not to pay. It also recommends that the payments be discouraged by enacting laws that impose stricter regulations on cryptocurrency.

In addition, it urges insurers who end up paying ransom to aggressively assert their subrogation rights and pursue the cybercriminals. One suggestion is for the insurance companies to collectively create a subrogation fund to evaluate and develop strategies to recoup their ransomware losses and to work with law enforcement. That could prove crucial as cybercriminals are increasingly attacking companies that they know have cyber insurance. Those efforts, as well as insurance companies more frequently requiring their insureds to stronger protections and protocols, should help curb the ransomware epidemic.

The Safe Havens

As ransomware has…

Source…

The 11 Best Cyber Security Books — Recommendations from the Experts – Hashed Out by The SSL Store™ – Hashed Out by The SSL Store™

/in

The 11 Best Cyber Security Books — Recommendations from the Experts – Hashed Out by The SSL Store™  Hashed Out by The SSL Store™
“computer security news” – read more