Sumit Dhawan

The countdown is on! 🕒 Heading to the Cybersecurity and Privacy Professionals Conference on May 1–3 in Minneapolis. Ready to dive into dynamic discussions with industry leaders and peers about safeguarding higher education institutions. Don't let this opportunity pass – register now!  https://lnkd.in/dT9Fq8Jq #CybersecPrivacy24

68

5 Comments

In a world where cybercriminals are leveraging AI to breach defenses, it’s time we turn the tables. Let’s empower your cybersecurity with cutting-edge AI solutions. Together, we can outsmart the threats and safeguard your digital realm.

1

The SoCal CISO Summit is only 3 weeks away! Don't miss this all-star lineup with Emily O'Carroll, Jonathan Chow, and Arthur Lessard, discussing "The Imperatives of PAM" on May 21st. Organizations have suffered relentlessly from cyberattacks, each week it seems there are new headlines highlighting ransomware attacks or data breaches. With the sensitivity of privileged accounts, unpatched vulnerabilities, and an extensive remote workforce, privileged access management (PAM) is essential to securing your most critical systems and data. Join this panel session to discuss: -Why PAM plays a crucial role in mitigating cyberattacks -Gaining executive buy-in on effective solutions -Having a proactive approach to implementation and configuration Qualified InfoSec leaders, register below! #evantaciso #socalciso #informationsecurity

54

4 Comments

In just one week, the SoCal CISO Community will assemble for their Evanta CISO Summit on May 21st! One of the many exciting sessions next week will be led by Todd Friedman, Sunil Agarwal, and Trina Ford, focused on "The CISO as a Savvy Board Communicator." Translating the organization's cybersecurity posture to the board can be a catalyst in improving organizational resilience and building strong rapport. How do you communicate security initiatives clearly when the stakes are high? Join this session to discuss: -Leveraging your expertise to build trust -Demystifying cybersecurity spending -Translating cybersecurity into actionable language Qualified InfoSec professionals, apply to join below! #socalciso #evantaciso #informationsecurity

19

2 Comments

🔒 7 Ways for Critical Infrastructure to Thwart State-Sponsored Attacks State-sponsored hackers targeting critical infrastructure is an escalating concern, highlighted by recent advisories from CISA and other security-focused government bodies. In our latest blog, Shawn Taylor, Senior Director of Solutions Engineering at Xage Security, explores seven foundational protections that can significantly mitigate these threats. 👉 Read the blog to understand how to fortify our critical infrastructure against state-sponsored attacks. #Cybersecurity #CriticalInfrastructure #ZeroTrust #StateSponsoredAttacks

7

Had an incredible experience today supporting the ITDRC team at a CISA/FEMA/DoHS preparedness workshop in Denver. If you're interested in joining me and volunteering your expertise during times of crisis, check out https://lnkd.in/dYVhMReM. By leveraging your IT experience and joining a team of skilled professionals, you can make a dramatic immediate difference for hundreds or thousands of people during a crisis by getting communities reconnected and providing first responders with the critical infrastructure needed to support their missions. There are many roles available from networking to logistics, planning and coordination, so even if you can't deploy on site for a disaster, there are still ways to help. And the more volunteers there are, the more flexible we can be in our response. In terms of what you can expect to get out of it, satisfaction from helping your fellow citizens, hands-on exposure to a variety of current comms technologies, experience operating in crisis modes, and exposure to a wide range of corporate, NGO and governmental agencies are all likely outcomes. So if you're looking for a way to make a difference during a crisis, please reach out to me or sign up directly at https://lnkd.in/dYVhMReM. Let's work together to provide our biggest impact when our communities need us the most. #volunteer #IT #disasterresponse #communityimpact #ITDRC

21

3 Comments

💡 Do I need to report PKI maturity level? Reporting your PKI maturity level isn’t just a checkbox! 🛠️ While not mandated by the PKI Consortium, documenting your PKI maturity level can: 📈 Highlight your current PKI status to stakeholders 🚀 Pinpoint key areas for improvement 📊 Track progress over time effectively Depending on your organization's needs, regulatory requirements, or improvement goals, reporting might be essential. Learn more about PKI Maturity Model: https://pkic.org/pkimm/ #pki #pkimm #pkic #maturity #improvement #assessment #benchmark #guidance PKI Consortium Paul van Brouwershaven Leigh Bailey

9

1 Comment

Okta signed the Cybersecurity and Infrastructure Security Agency’s Secure by Design pledge at #RSAC to take meaningful steps in adopting #secure by design principles in the coming year. I am excited that we are accompanying our peers in the industry to take the steps needed to prioritize application security. Identity-based #attacks have become a top method for cybercriminals, and according to the Open Worldwide Application Security Project, broken access control is the number one most common web application security risk. It’s putting companies building their applications at risk. This is a priority for Okta. There’s never been a more critical time for us to come together and implement secure design principles to keep the #identity #secure. Learn more about this pledge https://bit.ly/3UQNLbz. Tomorrow is also Okta Showcase! I am excited to join Todd McKinnon, Sagnik Nandy , and others to share the latest product innovations & commitments Okta is making to secure identity. You can tune in here: https://bit.ly/4cLldaI

184

Varonis Shined brightly this year in the Gartner Peer Reviews. Reach out for a complimentary Copilot Risk Assessment as well as for complimentary Data Risk Assessment!

12

1 Comment

Pssssst-NISsssssT - are you ready for the future because it is here now? #NIST is close to making one of their most #monumental announcements in decades. #Cybersecurity is at the precipice of a global game changing moment. A critically relevant #quantum computer (#CRQC) is nearly upon us and QuSecure is the leading company that can help #protect you and your #data. Reach out to QuSecure to learn more about how you can be prepared with our QuProtect #PQC #crypto agile software today. https://lnkd.in/gpdXmmBJ.

12

Come meet Danielle M. Gagnon at Health-ISAC Spring Americas Summit at Booth 35 and learn about a new approach that unifies your cloud environments (IaaS, PaaS, SaaS, CI-CD, IdP) and cloud security controls so you can easily and confidently detect/ respond/ contain to real threats and risky behavior at run-time and identify the exact human or machine identity that did it. Not going? Send me a DM to learn about our approach to cloud threats

1

Do you need to be CMMC Level 2 compliant, but are having trouble translating the cybersecurity gobbligook into real actions that your IT team can take? We are having a live webinar on June 27, 2024 at 2pm EST to demonstrate the Kieri Compliance Documentation. This is a full-featured program for CMMC Level 2 and NIST SP 800-171 compliance which includes policies, procedures, system security plan, user agreements, record-keeping databases, account request form, self-assessment form, and other vital resources needed to be compliant. Monthly Q&As and over 50 hours of video training included. Kieri Solutions uses this program to efficiently manage our CMMC Level 2 compliance. We passed a DoD assessment for CMMC Level 2 and NIST SP 800-171 compliance with a perfect 110 score using this governance program. We have over a hundred clients using the KCD to manage their compliance and prepare for CMMC Level 2 assessment themselves. 𝐃𝐨𝐞𝐬 𝐭𝐡𝐢𝐬 𝐬𝐨𝐮𝐧𝐝 𝐥𝐢𝐤𝐞 𝐲𝐨𝐮? 🔸 You are frustrated with your policies and procedures… 🔸 You don’t know how to perform some CMMC requirements, or how to answer assessment objectives like “define non-essential functions”… 🔸 Your documentation is out of date… 🔸 You bought compliance templates elsewhere and they are too complex to get through… 🔸 You are paying a huge monthly fee to a GRC website and you’re still stuck filling in blanks… 🔸 You don’t have a record keeping system that makes it easy to gather the info you need for assessment… 🔸 Your users are asking how to mark CUI and you don’t know how to help them… If so, please join us for this webinar. We will be showing the program that we use to reach and maintain a "110" score. https://lnkd.in/eRjbVFrD Kieri Solutions - Authorized C3PAO

35

6 Comments

Struggling to understand the NIST CSF 2.0 framework? Download your copy of this guide to access an in-depth mapping of BeyondTrust solutions to the categories and sub-categories outlined in the NIST CSF 2.0 guidance, the CSF Reference Tool, and more! In this comprehensive free guide, you'll learn: 💡 The true impact of NIST CSF 2.0 across the cybersecurity landscape 💡 A breakdown of what's new and what’s changed in version 2.0 💡 How to increase your alignment to the framework Download now and strengthen your security posture. https://lnkd.in/gswu89pR #NIST #NISTFramework #Compliance #Cybersecurity #BeyondTrust

9

Transcending CVEs and Leveraging Environmental Variables - part three of my seven-part series on optimizing your vulnerability and exposure management strategy. https://lnkd.in/g5dRkKwz Sevco Security #VulnerabilityManagement #ExposureManagement #CAASM

14

Holy Smokes! I have never answered SO many questions in a webinar before!!! If you are trying to navigate the Entrust CA distrust challenges, you can watch the recording and all the very rich Q&A covered here. https://lnkd.in/gaqbup7w

99

6 Comments

Looking forward to speaking with Joel Jacobs, Matthew Ebben, and Marc Woolward at 11:00am EDT this morning, about navigating Cyber Resilience -- touching on contemporary Trends, Challenges, & the Role of Dependencies. Thanks to our host, vArmour. Hope you can join us, or register and catch the recording later. #cyberthreat #cyberentropy #complexity #cyberdependency #vulnerability #cyberrisk #situationalawareness #riskawareness #riskmitigation #cyberresilience #ciso #cio #coo #boardofdirectors #bia #businessimpactanalyses

12

2 Comments

A Data Breach at LA County Health Services 🏥 , shows that Phishing continues to be a huge threat should businesses stop using email internally? 2023 Was the Worst Year for Phishing on Record, we need to think of future solutions and this breach highlights very publically the risks Hackers gained access to LA County Health Services employee emails through a phishing campaign, potentially compromising patients' personal and health information.  23 employees had their credentials stolen in a February attack. Documents and e-mails in the compromised mailboxes included patients' personal and health information, including a combination of: • first and last name, date of birth, home address, phone number(s), e-mail address, medical record number, client identification number, dates of service • medical information (e.g., diagnosis/condition, treatment, test results, medications), • and/or health plan information. After discovering the breach, L.A. County Health Services disabled the impacted e-mail accounts, reset and re-imaged the compromised employees' devices, and quarantined all suspicious incoming e-mails. It also circulated awareness notifications to all employees, reminding them to always be vigilant when reviewing e-mails, especially those with attachments or links. ✔ A sensible approach showing they had a strategy to deal with incidents like these, which is great! This incident reminds everyone of the importance of robust cybersecurity measures, especially for organizations handling sensitive data. But how do we stop phishing attacks? 🤔 The obvious thing to do is to: • Educate employees on identifying phishing attempts. • Implement multi-factor authentication. • Regularly update and patch systems. • Have a clear communication strategy for employees when they suspect a Phishing attack. But what else is working? do you think the future for businesses is not using email for internal communications? If you are concerned and want to learn more here is the data breach notice: https://lnkd.in/epBfDvSm Some great analysis on Phishing here https://lnkd.in/eiRaJBMJ #cybersecurity #security #StopPhishing

5