Education and Exercises - Information Management Today

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

Hunton Privacy

NOVEMBER 7, 2022

On November 2, 2022, the ICO issued to the UK Department for Education (“ DfE ”) a formal reprimand following an investigation into the sharing of personal data stored on the Learning Records Service (“ LRS ”), a database which provides a record of pupils’ qualifications that the DfE has overall responsibility for.

Education

Education Personal data Access IT

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Security Affairs

FEBRUARY 24, 2023

Defence Cyber Marvel 2 (DCM2) is the largest Western Europe-led cyber exercise that took place in Tallinn with 34 teams from 11 countries. This year, 750 cyber specialists have participated in the military cyberwarfare exercise. ” reads the press release published by the UK Ministry of Defence. .

Military

Military Education Government IT

National Cybersecurity Alliance advocates ‘shared responsibility’ for securing the Internet

The Last Watchdog

AUGUST 2, 2018

NCSA operates the StaySafeOnline website that provides a variety of cybersecurity educational resources and programs. We also have a lot of educational programs that reach far beyond the insular, cybersecurity expert areas. We have a lot of programs geared toward education at a lot of different levels. Schrade r: Absolutely.

Cybersecurity

Cybersecurity Security Cleanup Education

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

The Last Watchdog

FEBRUARY 21, 2022

Educate employees. Many security programs focus on employee education (creating a strong password, being aware of phishing, etc.). military exercise their plans often – it builds human muscle memory and increases comfort and resiliency in the people working through these crises. There is a reason organizations like the U.S.

Passwords

Passwords Cybersecurity Education Phishing

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

The Last Watchdog

AUGUST 23, 2021

Similarly, different nations exercise varying amounts of authority over internet traffic. While she enjoys tackling topics across the technology space, she’s most passionate about educating readers on cybersecurity and Big Data. Government Monitoring. About the essayist: April Miller is a staff writer at ReHack Magazine.

Communications

Communications Cybersecurity GDPR Risk

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

Merit is an acronym for the Michigan Educational Research Information Triad. The early Cyber Range hubs were mainly used to help educate and certify military technicians and cybersecurity professionals at selected companies. Merit has a fascinating heritage. But the program has steadily morphed.

Cybersecurity

Cybersecurity Military Education Government

News Alert: Guardz uncovers new macOS malware – Hidden Virtual Network Computing (hVNC)

The Last Watchdog

AUGUST 1, 2023

SMEs, who once considered macOS as the safer option, should exercise caution and prepare themselves for the impacts of this changing threat landscape. This discovery, as well as the growing talk of macOS tools within underground cybercrime forums, suggests an imminent surge in cyberattacks against macOS users.

Insurance

Insurance Cybersecurity Risk Education

Half a million of us want to donate our data to British science, but it’s languishing unused because of privacy fears | Polly Toynbee

The Guardian Data Protection

OCTOBER 17, 2023

They took blood, saliva and urine, measured bone density and made notes on exercise, alcohol and family history, with social class, ethnicity, education, employment and income included. Back in 2006, with half a million others aged between 40 and 69, I signed up to this magnificent project, the world’s most advanced genetic database.

Sales

Sales Education Privacy IT

White hat hackers showed how to take over a European Space Agency satellite

Security Affairs

APRIL 30, 2023

Credit: ESA – European Space Agency The offensive cybersecurity team at Thales demonstrated how to take control of the ESA satellite, the is considered the world’s first ethical satellite hacking exercise. The exercise aims at assessing the resilience of satellites to cyber attacks. According to classified U.S.

Cybersecurity

Cybersecurity Military Access Education

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

Security Affairs

AUGUST 31, 2023

On its digital platform, NSC provides online resources for its nearly 55,000 members spread across different businesses, agencies, and educational institutions. It’s advisable for them to externally verify the information contained in emails and exercise caution when clicking links or opening attachments.

Passwords

Passwords Healthcare Manufacturing Access

How to Keep Your Information Safe for Data Privacy Day 2020

Thales Cloud Protection & Licensing

JANUARY 28, 2020

An extension of the celebration for Data Protection Day in Europe, Data Privacy Day functions as the signature event of the National Cyber Security Centre’s ongoing education and awareness efforts surrounding online privacy. Fortunately, organizations can minimize the risk of these types of attacks by exercising key management.

Data Privacy

Data Privacy Privacy Encryption Unstructured data

Ransomware realities in 2023: one employee mistake can cost a company millions

Security Affairs

OCTOBER 17, 2023

With 85% of campaigns targeting victims with phishing emails containing malicious links, another form of a social engineering attack, education and cyber vigiliance remain a high priority. Why should employers educate employees about cyber security? Use 2FA authentication for better protection.

Ransomware

Ransomware Phishing Passwords Education

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Hunton Privacy

JULY 5, 2022

Under the Cyber Workforce Program Act, the Office of Personal Management (“OPM”) must create a rotational work force development program across federal agencies, including the development of relevant procedures, prerequisites for participation, performance measures and requirements with respect to training, education and career development.

Cybersecurity

Cybersecurity Government Education Communications

Beyond FERPA: The California Consumer Privacy Act’s New Rules for Privacy in the Education Sector

HL Chronicle of Data Protection

APRIL 8, 2019

The CCPA will become effective January of 2020 and may impact companies in the education sector, including the larger education technology companies. If an educational entity meets the threshold requirements below or it processes information on behalf of such an entity, it should prepare for CCPA implementation by January 2020.

Education

Education Privacy Sales Passwords

CIPL Submits White Paper on Data Subject Rights

Hunton Privacy

JULY 14, 2020

In addition, the Paper emphasizes the important educational role that the EDPB has to play, with respect to the public, on the purpose and limitations of DSRs. The EDPB Guidelines should describe the applicable grounds to exercise DSRs and provide a common assessment matrix for their handling.

Paper

Paper GDPR Education Access

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Exercise Caution with Emails The first two items on this list could be lumped together with a single warning: Don’t click. Watch File Extensions: Exercise caution with file extensions; avoid files with suspicious extensions like.exe or.bat, especially from unfamiliar sources.

Passwords

Passwords Encryption Authentication Phishing

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

The Last Watchdog

MARCH 21, 2022

Once you know where the data is, how it got there, and its worth (and risk) to your organization, take the time to create a catalog so that your investment in these exercises can immediately generate value for those who need the data to do their job. Educate employees. •Create a data catalog. Conduct risk analysis.

Encryption

Encryption Cloud Privacy GDPR

Everything you want to know about integrating Student Information Systems + Apple

Jamf

MARCH 10, 2023

Managing sensitive student data shouldn’t be an exercise in reinventing the wheel or a security incident waiting to happen.

Education

Education Security

News Alert: INE Security lays out strategies for optimizing security teams to mitigate AI risks

The Last Watchdog

JUNE 21, 2024

To effectively leverage cyber ranges for building an AI-ready cybersecurity team, consider implementing the following strategies: •Regular tabletop exercise : Incorporate regular sessions within the cyber range into the team’s training schedule. This variety helps prepare the team for a wide range of potential real-world situations.

Risk

Risk Security Cybersecurity Education

The U.S. Chamber of Commerce Foundation and IBM explore generative AI’s applications for skills-based hiring

IBM Big Data Hub

OCTOBER 2, 2023

If proven possible, then future use cases of AI models could be explored, like matching users to potential employment and education opportunities based on their skill profiles. Building off of the use cases developed by the U.S. Developing and deploying trustworthy in AI is not a technical problem with a technical solution.

Artificial Intelligence

Artificial Intelligence Education Risk Data Privacy

Knowledge Sharing: 5 Strategies to Share Knowledge In the Workplace

AIIM

JANUARY 14, 2021

This can comprise increased interactions, team-building exercises, quizzes, and collaborations. Once everyone opens up, it will become natural to educate each other and share knowledge, ultimately helping the team grow professionally and personally. For this, you can include different activities in your day-to-day office tasks.

Communications

Communications Access Libraries Education

How to create a cyber incident response plan when you have a hybrid workforce

IT Governance

SEPTEMBER 8, 2021

Educate employees on their responsibilities. So how should organisations approach employee education? As such, “conducting tabletop and disaster recovery exercises with everyone remote may be an adaptation, but it isn’t an insurmountable one”.

Communications

Communications Risk Education Compliance

Intro to phishing: simulating attacks to build resiliency

Security Affairs

APRIL 21, 2023

This article will provide some insights into current phishing methods cyber-criminals leverage to exploit human behavior, performance metrics useful for measuring organizational resiliency to phishing, and examples of free tools that can be leveraged to conduct internal simulated phishing exercises.

Phishing

Phishing Security awareness Passwords Education

Indiana Likely to Become Seventh State to Enact a Comprehensive State Privacy Law

Hunton Privacy

APRIL 18, 2023

The bill also contains a number of exemptions, including exceptions for financial institutions, affiliates, and data subject to Title V of the Gramm-Leach-Bliley Act, covered entities and business associates under the Health Insurance Portability and Accountability Act of 1996, nonprofit organizations and institutions of higher education.

Privacy

Privacy Personal data Sales Insurance

The Customer Journey Digital Transformation Workbook

Bill Schmarzo - Dell EMC

APRIL 4, 2018

To support this training, we created a methodology that guided the students through a digital transformation exercise. What Does “Taking a Vacation” Success Look or Feel Like (a surprisingly interesting and effective exercise). For our classroom exercise, we came up with the following “Taking a Vacation” stages: Plan Vacation.

Digital transformation

Digital transformation Big data Marketing Artificial Intelligence

Microsoft 365 SharePoint Records Management Training Course on May 15th 9am-1pm CST via ARMA International

IG Guru

MAY 3, 2023

This four-day interactive program is designed by records managers for records managers, giving you an overview of Microsoft's compliance features from a standards perspective, how to assess information risk, and hands-on experience with practical exercises. Book now for their next session starting May 15th, 9 AM-1 PM

Records Management

Records Management Compliance Risk Education

Tips for Gamifying Your Cybersecurity Awareness Training Program

Security Affairs

NOVEMBER 29, 2022

In today’s technological world, educating people about cybersecurity awareness is an absolute necessity. It is important when developing and implementing these programs to be aware of what methods of education work best. Team Exercises. In service of that end, gamification is a highly effective tactic.

Cybersecurity

Cybersecurity Data breaches Education Security

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

The SEABORGIUM group primarily focuses operations on defense and intelligence consulting companies, non-governmental organizations (NGOs) and intergovernmental organizations (IGOs), think tanks, and higher education. The group also targets former intelligence officials, experts in Russian affairs, and Russian citizens abroad.

Phishing

Phishing Education Passwords Authentication

Top 12 Firewall Best Practices to Optimize Network Security

eSecurity Planet

DECEMBER 10, 2023

By offering insights into previous traffic, this technique improves threat detection, troubleshooting, and overall security by enabling for educated decision-making and proactive optimization of firewall configurations. Vigilant monitoring, frequent testing, and user education all contribute to a proactive protection plan.

Security

Security Education Access Risk

Weekly Update 360

Troy Hunt

AUGUST 11, 2023

😊 The new subscription model launched this week and as many of you know from your own past experiences, pushing major new code live is always a bit of a nail-biting exercise. Get started with Aura today. It's almost all about the domain searches today (I'm really happy about how this has been received!)

Education

Education Security IT

France: The CNIL publishes a practical guide on Data Protection Officers

DLA Piper Privacy Matters

NOVEMBER 29, 2021

Among the organizations that have designated a DPO, the most represented sectors are, unsurprisingly, the public administration, education and health sectors. Such figures evidence the success of “mutualized” DPOs designated by two or more organizations. The Guide is composed of four main Parts : I. Provide information and advice.

GDPR

GDPR Compliance Personal data Communications

California Legislature Passes Bill to Establish the Genetic Information Privacy Act, Pending Governor’s Signature

Hunton Privacy

SEPTEMBER 1, 2020

Not disclosing, subject to specified exceptions, a consumer’s genetic data to certain entities ( e.g. , those responsible for making decisions regarding health insurance, life insurance or employment).

Privacy

Privacy Insurance Marketing Information governance

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

Security Affairs

APRIL 26, 2023

The Alloy Taurus APT group targeted South Africa because in February 2023, the African state joined Russia and China to participate in combined naval exercises. Alloy Taurus is known for leveraging the SoftEther VPN service to facilitate access and maintain persistence to their targeted network.

Communications

Communications Military Government Libraries

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

Hunton Privacy

OCTOBER 14, 2021

4) non-discrimination for exercising the above rights (including denial of goods or services, charging different prices for goods and services, providing (or suggesting) a different level or quality of goods or services or considering the exercise of consumer rights as a basis for suspicion of criminal wrongdoing or unlawful conduct).

Privacy

Privacy Insurance Security Data breaches

EU Parliament Approves the Proposal for Cybersecurity Act

Hunton Privacy

MARCH 28, 2019

Operational cooperation at EU level: ENISA will support cooperation at the EU level by promoting the exchange of know-how and best practices, by providing advice and guidelines, and by organizing cybersecurity exercises at the EU level.

Cybersecurity

Cybersecurity Communications Education Marketing

What Role Government?

John Battelle's Searchblog

NOVEMBER 4, 2011

I focus on the US for this exercise, as I am writing from my own experience. Once almost entirely the realm of the government, we’ve watched our public education system crumble, and we’re still not really sure what to replace it with. I’d be very interested in responses from those living in other countries).

Government

Government Education Military Communications

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

These projects include tools, training programs, and a red team platform for exercising various types of offensive cyber operations, including cyber espionage, IO, and operational technology (OT) attacks.” ” reads the report published by Mandiant.

Energy and Utilities

Energy and Utilities Education Ransomware IT

How to prepare for the California Consumer Privacy Act

Thales Cloud Protection & Licensing

AUGUST 15, 2019

Also, entities under the CCPA must post a “Do Not Sell My Personal Information” link on their websites allowing consumers to easily exercise their right of opting-out. (4) 5) The right of Californians to equal service and price, even if they exercise their privacy rights. Personal Information excluded by the CCPA.

Privacy

Privacy GDPR Digital transformation Sales

CPPA Board Holds Meeting on Revised Draft Regulations for Risk Assessment and Automated Decisionmaking Technology

Hunton Privacy

MARCH 15, 2024

Notice Requirements Require the business to provide information to consumers about how the business proposes to use the ADMT, to enable them to decide whether to opt-out or proceed, and whether to exercise their access right. Recognize an exception from access requests for using ADMT solely for training purposes.

Risk

Risk Artificial Intelligence Compliance Privacy

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

The Last Watchdog

NOVEMBER 28, 2018

State-of-the-art telepresence gear, supplied by Merit Network , funnels everything from capture-the-flag exercises to full course work and certification testing to earn 42 different professional designations. They’d come into our hub to get educated and attain excellent cybersecurity skills, including leadership development programs.

Cybersecurity

Cybersecurity Systems administration Military Manufacturing

China Issues Draft of Personal Information Protection Law

Hunton Privacy

OCTOBER 27, 2020

Departments Exercising Personal Information Protection. The data processor shall establish the mechanism for the data subject to exercise his or her rights. The definition includes information that can identify data subjects as well as information that is related to the data subjects. Obligations of Data Processor.

Cybersecurity

Cybersecurity Data breaches Personal data Government

Texas enacts comprehensive privacy law

Data Protection Report

JUNE 21, 2023

The new law has exclusions for Gramm-Leach-Bliley-covered financial institutions, HIPAA-covered covered entities and business associates, non-profits, institutes of higher education, and electric utilities, power generation companies, and retail electric providers. A similar requirement applies with respect to the sale of biometric data.

Privacy

Privacy Personal data Sales Retail

PIPL: A Game Changer for Companies in China

Data Protection Report

AUGUST 24, 2021

the methods and procedures for exercising the rights provided in the PIPL with the overseas recipient. The close relatives of a natural person can exercise these rights for their own legitimate and justifiable interests after the natural person is deceased, unless the deceased has made other arrangements when she or he were alive.

GDPR

GDPR Compliance Analytics Security

Here’s a Terrific Listing of eDiscovery Workstream Processes and Tasks: eDiscovery Best Practices

eDiscovery Daily

FEBRUARY 25, 2020

Based on an aggregation of research from leading eDiscovery educators, developers, and providers, the following eDiscovery Processes and Tasks listing may be helpful as a planning tool for guiding business and technology discussions and decisions related to the conduct of eDiscovery projects.

Education

Education Analytics IT

The Information Commissioner’s Office Issues UK Department for Education with Formal Reprimand

UK won the Military Cyberwarfare exercise Defence Cyber Marvel 2 (DCM2)

Trending Sources

National Cybersecurity Alliance advocates ‘shared responsibility’ for securing the Internet

GUEST ESSAY: 6 steps any healthcare organization can take to help mitigate inevitable cyber attacks

GUEST ESSAY: Top 5 cyber exposures tied to the rising use of international remote workforces

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

News Alert: Guardz uncovers new macOS malware – Hidden Virtual Network Computing (hVNC)

Half a million of us want to donate our data to British science, but it’s languishing unused because of privacy fears | Polly Toynbee

White hat hackers showed how to take over a European Space Agency satellite

National Safety Council data leak: Credentials of NASA, Tesla, DoJ, Verizon, and 2K others leaked by workplace safety organization

How to Keep Your Information Safe for Data Privacy Day 2020

Ransomware realities in 2023: one employee mistake can cost a company millions

President Biden Signs Two Bills Aimed at Enhancing Government Cybersecurity

Beyond FERPA: The California Consumer Privacy Act’s New Rules for Privacy in the Education Sector

CIPL Submits White Paper on Data Subject Rights

How to Prevent Malware: 15 Best Practices for Malware Prevention

GUEST ESSAY: Leveraging best practices and an open standard to protect corporate data

Everything you want to know about integrating Student Information Systems + Apple

News Alert: INE Security lays out strategies for optimizing security teams to mitigate AI risks

The U.S. Chamber of Commerce Foundation and IBM explore generative AI’s applications for skills-based hiring

Knowledge Sharing: 5 Strategies to Share Knowledge In the Workplace

How to create a cyber incident response plan when you have a hybrid workforce

Intro to phishing: simulating attacks to build resiliency

Indiana Likely to Become Seventh State to Enact a Comprehensive State Privacy Law

The Customer Journey Digital Transformation Workbook

Microsoft 365 SharePoint Records Management Training Course on May 15th 9am-1pm CST via ARMA International

Tips for Gamifying Your Cybersecurity Awareness Training Program

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Top 12 Firewall Best Practices to Optimize Network Security

Weekly Update 360

France: The CNIL publishes a practical guide on Data Protection Officers

California Legislature Passes Bill to Establish the Genetic Information Privacy Act, Pending Governor’s Signature

China-linked Alloy Taurus APT uses a Linux variant of PingPull malware

California Governor Signs into Law Bills Updating the CPRA and Bills Addressing the Privacy and Security of Genetic and Medical Data, Among Others

EU Parliament Approves the Proposal for Cybersecurity Act

What Role Government?

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

How to prepare for the California Consumer Privacy Act

CPPA Board Holds Meeting on Revised Draft Regulations for Risk Assessment and Automated Decisionmaking Technology

MY TAKE: Michigan’s Cyber Range hubs provide career paths to high-schoolers, underutilized adults

China Issues Draft of Personal Information Protection Law

Texas enacts comprehensive privacy law

PIPL: A Game Changer for Companies in China

Here’s a Terrific Listing of eDiscovery Workstream Processes and Tasks: eDiscovery Best Practices

Stay Connected