Monday, September 21, 2020

 GDPR

General Data Protection Regulation is the most comprehensive data privacy law ever passed. It was designed to strengthen and unify data protection for all individuals within the European Union. Anyone involved in processing personal data about individuals in the EU must apply whether or not they’re located in the EU, the U.S., or anywhere else in the world. 

at No comments:

Saturday, September 19, 2020

 How to exit 'END' in GIT list or other commands



Type 'q' to exit the program


 

at No comments:

Friday, February 8, 2019

One stop RACI Categories Definitions


Responsible: person who performs an activity or does the work.
Accountable: person who is ultimately accountable and has Yes/No/Veto.
Consulted: person that needs to feedback and contribute to the activity.
Informed: person that needs to know of the decision or action.
at No comments:
Labels:

Thursday, January 24, 2019

Most commonly used methods of Cyber-Attack


1. Spear-phishing attack: By email to install malware
2. Zero-day Exploits: Security hole unknown to vendor during product release.
3. Customized Malware: Malicious software that avoids the detection by traditional security technologies
4. Drive-by-Download: Infects the computer while visiting website running malicious code
5. Social Engineering: By manipulating people
at No comments:
Labels:

Privileged Account Management- What is a Targeted Cyber Attacks


Any cyber-attack carried out for stealing information or business disruption that satisfies the following criterion:
  1. Specific target (organization or person)
  2. Persistent (coordinated effort by Hacker)
  3. Considerable Effort

at No comments:
Labels: , ,

Privileged Account Management- Mitigate Insider Threat


How to mitigate Insider Threat

  1. Practice Least Privileged Access principle.
  2. Secure privilege accounts.
  3. Apply Segregation of Duties principle.
  4. Educate Users
  5. Monitor and Audit Usage

at No comments:
Labels: , ,

Privileged Account Management- Insider Threat


What is Insider Threat

An insider threat is a malicious threat to an organization that comes from people within the organization, such as employees, former employees, contractors or business associates. The insider threat can  be categorized as:
  1. Malicious Insider: A user with a malicious intent
  2. Unintentional Insider: Stupid user, falling victim to phishing emails.
  3. Exploited Insider: Exploiting high value users, spear phishing.
  4. External Insider: Third party vendor, partner or contractor.

at No comments:
Labels: , ,
Subscribe to: Comments (Atom)