Podcasts about nist

Das undurchdringliche Dickicht einer Weißdornhecke ist auch Nist- und Brutraum für viele Vogelarten, außerdem dienen die Früchte als ergiebige Futterquelle. - Sendung vom 27.09.2023

Spojené státy si připomněly výročí teroristických útoků z 11. září 2001. Jak Američané na tragickou událost s odstupem 22 let vzpomínají? Jak pokračuje identifikace obětí? Amerikanista Jiří Pondělíček v audiozáznamu ještě přiblíží debaty kolem věkového průměru amerických zákonodárců a vysvětlí, které obvinění Donalda Trumpa by mohlo hrát nejvážnější roli.

Richard Gage, RichardGage911.org, joins with a wealth of evidence that contradicts the official story used to justify wars abroad and surveillance at homeFind out more about the show and where you can watch it at TheDavidKnightShow.comIf you would like to support the show and our family please consider subscribing monthly here: SubscribeStar https://www.subscribestar.com/the-david-knight-showOr you can send a donation throughMail: David Knight POB 994 Kodak, TN 37764Zelle: @DavidKnightShow@protonmail.comCash App at: $davidknightshowBTC to: bc1qkuec29hkuye4xse9unh7nptvu3y9qmv24vanh7Money is only what YOU hold: Go to DavidKnight.gold for great deals on physical gold/silverFor 10% off Gerald Celente's prescient Trends Journal, go to TrendsJournal.com and enter the code KNIGHT

Today's 22nd anniversary of 9/11, begins with a LIVE interview from NYC with Richard Gage, RichardGage911.org. Richard shares a wealth of evidence that contradicts the official story:Government's extraordinary hypothesisSudden free fall, including Building 7Molten metal spheres, nano-thermitePulverizationMissing bodiesLateral ejectionsProblems with NIST reportAnd more…Two more 9/11 bodies identified just before the 22nd anniversary but most have been disappeared. Why? CIA wants to "get into your underwear"….here's howJFK Secret Service Agent finally comes to terms with what he saw 60 years ago, drawing more attention to the absurd "magic bullet" theory so central to the "lone shooter" government narrative NM Governor Grisham goes full tyrant, pretending her so-called "public health emergency" can be used to suspend the Constitution and NM law. Where did she get THAT idea? If, as she said "rights are NOT absolute", then government becomes an absolutist monarchy or dictatorship. We look at the resistance and the nullification of what she's trying to do and how it will likely backfire. Fauci called out on his absurd lies about masks by the person who lead the study exposing Fauci as a liarFind out more about the show and where you can watch it at TheDavidKnightShow.comIf you would like to support the show and our family please consider subscribing monthly here: SubscribeStar https://www.subscribestar.com/the-david-knight-showOr you can send a donation throughMail: David Knight POB 994 Kodak, TN 37764Zelle: @DavidKnightShow@protonmail.comCash App at: $davidknightshowBTC to: bc1qkuec29hkuye4xse9unh7nptvu3y9qmv24vanh7Money is only what YOU hold: Go to DavidKnight.gold for great deals on physical gold/silverFor 10% off Gerald Celente's prescient Trends Journal, go to TrendsJournal.com and enter the code KNIGHT

Richard Gage, RichardGage911.org, joins with a wealth of evidence that contradicts the official story used to justify wars abroad and surveillance at homeFind out more about the show and where you can watch it at TheDavidKnightShow.comIf you would like to support the show and our family please consider subscribing monthly here: SubscribeStar https://www.subscribestar.com/the-david-knight-showOr you can send a donation throughMail: David Knight POB 994 Kodak, TN 37764Zelle: @DavidKnightShow@protonmail.comCash App at: $davidknightshowBTC to: bc1qkuec29hkuye4xse9unh7nptvu3y9qmv24vanh7Money is only what YOU hold: Go to DavidKnight.gold for great deals on physical gold/silverFor 10% off Gerald Celente's prescient Trends Journal, go to TrendsJournal.com and enter the code KNIGHT

Today's 22nd anniversary of 9/11, begins with a LIVE interview from NYC with Richard Gage, RichardGage911.org. Richard shares a wealth of evidence that contradicts the official story:Government's extraordinary hypothesisSudden free fall, including Building 7Molten metal spheres, nano-thermitePulverizationMissing bodiesLateral ejectionsProblems with NIST reportAnd more…Two more 9/11 bodies identified just before the 22nd anniversary but most have been disappeared. Why? CIA wants to "get into your underwear"….here's howJFK Secret Service Agent finally comes to terms with what he saw 60 years ago, drawing more attention to the absurd "magic bullet" theory so central to the "lone shooter" government narrative NM Governor Grisham goes full tyrant, pretending her so-called "public health emergency" can be used to suspend the Constitution and NM law. Where did she get THAT idea? If, as she said "rights are NOT absolute", then government becomes an absolutist monarchy or dictatorship. We look at the resistance and the nullification of what she's trying to do and how it will likely backfire. Fauci called out on his absurd lies about masks by the person who lead the study exposing Fauci as a liarFind out more about the show and where you can watch it at TheDavidKnightShow.comIf you would like to support the show and our family please consider subscribing monthly here: SubscribeStar https://www.subscribestar.com/the-david-knight-showOr you can send a donation throughMail: David Knight POB 994 Kodak, TN 37764Zelle: @DavidKnightShow@protonmail.comCash App at: $davidknightshowBTC to: bc1qkuec29hkuye4xse9unh7nptvu3y9qmv24vanh7Money is only what YOU hold: Go to DavidKnight.gold for great deals on physical gold/silverFor 10% off Gerald Celente's prescient Trends Journal, go to TrendsJournal.com and enter the code KNIGHT

Summary: In this month's Digital Health Roundup, Medtech Insight's Marion Webb highlights VR, AI and other high tech trends in rehabilitation and gait training. Hannah Daniel discusses cybersecurity updates such as the new NIST published draft for an updated version of the Cybersecurity Framework, a recent report by Health-ISAC, and an interview with MedCrypt's Naomi Schwartz about the upcoming FDA cybersecurity regulations for premarket approvals. Medtech Insight articles addressing topics discussed in this episode: GaitBetter On Mission To Bring VR, AI-Based Solution To Gait Training; Will Physical Therapists Pay For It? ReWalk Robotics' Planned Acquisition Of Anti-Gravity Maker AlterG For $19M Paves Way To Profitability NIST Cybersecurity Framework 2.0 Expands Guidance's Scope, Introduces ‘Govern' Function Vulnerabilities Up 59%: The State Of Healthcare Cybersecurity In 2023 Cybersecurity Expert Says eSTAR Requirement Will Push FDA, Industry In Positive Direction

The CyberMaryland Conference is an annual event presented by the CyberMaryland Advisory Board in conjunction with academia, government and private industry organizations. In this episode, Bill Newhouse, Cybersecurity Engineer at the National Institute of Standards and Technology (NIST), joins host Steve Morgan to discuss his background and why events such as the CyberMaryland conference are so valuable to the cybersecurity community. Learn more about the CyberMaryland Conference, and our sponsor, the Federal Business Council, at https://cybermarylandconference.com.

An international operation takes down Qakbot. Chinese threat actors anticipated Barracuda remediations. A look at adversary-in-the-middle attacks, making phishbait more effective and the emergence of a new ransomware threat. Narrative themes in Russian influence operations. My conversation with Natasha Eastman from (CISA), Bill Newhouse from (NIST), and Troy Lange from (NSA) to discuss their recent joint advisory on post-quantum readiness. Microsoft's Ann Johnson from Afternoon Cyber Tea speaks with Cyber Threat Alliance President and CEO Michael Daniel about the current state of cybercrime. And when toilet bowls are outlawed, only outlaws will have toilet bowls. Listen to the full conversation with Natasha Eastman, Bill Newhouse, and Troy Lange here: A joint advisory on post-quantum readiness. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/165 Selected reading. Operation Duck Hunt bags Qakbot. (CyberWire) FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown (Federal Bureau of Investigation) Qakbot Malware Disrupted in International Cyber Takedown (US Department of Justice) Law Enforcement Takes Down Qakbot (Secureworks) Qakbot: Takedown Operation Dismantles Botnet Infrastructure (Symantec)  Chinese APT Was Prepared for Remediation Efforts in Barracuda ESG Zero-Day Attack (SecurityWeek)  Phishing-as-a-Service Gets Smarter: Microsoft Sounds Alarm on AiTM Attacks (The Hacker News) The Lure of Subject Lines in Phishing Emails - How Threat Actors Utilize Dates to Trick Victims (Cofense) The Emergence of Ransomed: An Uncertain Cyber Threat in the Making (Flashpoint) Cancelled flights: Air traffic disruption caused by flight data issue (BBC News) Russian Offensive Campaign Assessment, August 29, 2023 (Institute for the Study of War) Learn more about your ad choices. Visit megaphone.fm/adchoices

This week Kali Fencl, Tim Helming, and Taylor Wilkes-Pierce discuss telekopye and online marketplace scams along with NIST's publication of the first draft standards for post-quantum cryptography. Listen here:

Compliance, maturity levels, edge computing Some people think the television phrase, “Set it and forget it” applies to Zero Trust. Today's discussion throws that notion out the window. The interview takes a deep dive into how an agency can move to a Zero Trust Architecture.  Three experts discuss compliance, maturity levels, and the role of edge computing. The conclusion is obvious: Zero Trust is a serious, constantly evolving methodology and federal leaders must take advantage of every resource possible to gain a thorough understanding of the process. Jennifer Franks from the GAO points out that Zero Trust is not a new concept and the federal government has all kinds of reference materials to support leaders. She lists information from DISA, NIST, the DoD as well as the OMB. She reminds listeners that there is a maturity model associated with Zero Trust change --  and leaders must be aware of revisions to these documents.  Jennifer reminds the audience of the recent upgrade to the DISA model that adds more maturity levels. Guidance is nice, but where to start? During the interview, Wayne Rogers talks about looking at your respective agency's situation and doing a gap analysis. Once that is complete, then one can set priorities.  For example, when he used this process, his agency identified a weakness in their VPN system.  He prototyped a transition to Secure Access Service Edge and then deployed it across the agency. Probably the best quote from this interview was provided by Akamai's Tony Lauro. He said, “Security has to work despite users.”  He is referring to the base concept behind Zero Trust – an automated system that can identify threats and provision resources with appropriate access levels that can have nothing to do with end users acting themselves.  Ron Popeil's catchphrase may work on television, but not in today's federal government.    Twitter:  @FedInsider LinkedIn:    https://www.linkedin.com/company/fedinsider/ Facebook:   https://www.facebook.com/FedInsiderNews

I know what you are thinking.... yes we have done an episode on WTC Building 7, but I don't think we did a great episode on it...until now. Back when we did the episode we were only a few episodes in and I don't think the show was as polished as it is now. This version of Building 7 is much more in depth. For anyone who doesn't know about Building 7 on September 11th, it was the third building that collapsed in Manhattan on September 11th (I know about Building 6, before you guys start messaging me on Instagram!). The official story is the building collapsed because of fires. Many skeptics believe it was a demolition including many in the scientific community. There are witnesses that claimed they heard explosions in the building, but that was left out of the official September 11th report done by NIST. Check out our newest version of World Trade Center Building 7 I think you are really going to enjoy this rabbit hole. Do us all a favor and please help us out by leaving a 5 star review on iTunes and Spotify if you can. It really helps us in the algorithm and one 1 star review totally screws us. Leave a review and if I see I will post it on Instagram or X. Thank you.-------------This episode is brought to you by Chemical Free Body. Go to ChemicalFreeBody.com and use promo code ConMen all one word.--------------We also just started a Cash app, just search for us $conmenpodcastHelp support the show on Patreon for just $3 a month. This is the best way to support the show. Go to Patreon.com/commenpodcast ------------------------You can find us on Rumble.com/conmenpodcast----------------------Follow us:Instagram @Con_Men_Podcast,Twitter- @Conmenpodcast1email- conmenpod@gmail.com-------------------Check out the new cooking show on Youtube called MK UltrEATS. .Youtube.com/mkultreats-----------------We are also streaming on all podcast platformshttps://linktr.ee/conmenpodcast----------------CHECK OUT THE NEW SEPTEMBER 11TH T-SHIRTS AT THE MERCH STOREhttps://conmenmerch.myshopify.com--------------Check out Adam Hesters Podcast: Skeleton Factory Podcast. You can find it here https://linktr.ee/skeletonfactoryPatreon.com/SkeletonfactoryInstagram:@Skeleton_Factory--------------Special Thanks to Mr. Charles Elliott for allowing us to use his song for the intro. Check out his music here on Spotifyhttps://open.spotify.com/album/79LJ4cbLYlMarMq5YydyrO

When Ah-in-nist Sipes decided to really find out if The Church of Jesus Christ of Latter-day Saints was true, he came with three questions. First, what is the real doctrine--if any--about the color of skin? Second, how does being a believing Cheyenne work with the teachings of the Church? Third, who really is Jesus Christ? Ah-in-nist describes how he found the answers to each of these questions. I love his journey. And he calls it that: a journey. He didn't just happen to stumble on the answers all in one day. He sought them out carefully, prayerfully, and diligently. Now he knows that being Cheyenne is exactly who he's supposed to be, who our Creator intended him to be, and who can do good in the world because he is. I love the way he talks about his parents, his siblings, his grandparents, his tribe, and his ancestors with great love and respect. This conversation is amazing. Could I Honor My Heritage as a Descendant of Lehi? (churchofjesuschrist.org)

The concept of IT risk management can be applied to all of life.  http://convocourses.net

In this Brand Story podcast episode, host Sean Martin is joined by guest Marc Manzano from SandboxAQ. They explore the importance of future-proofing cryptography and the emerging field of quantum-resistant cryptography.The conversation revolves around the challenges of migrating to new cryptographic algorithms and the unknowns surrounding this process. They discuss how NIST is leading the way in defining new standards and the need for organizations to prepare for the upcoming changes. Marc introduces Sandwich, a meta library developed by SandboxAQ, which provides cryptographic agility and an easy-to-use API for secure application development with cryptography capabilities built-in. Marc explains how developers can download and build Sandwich, customize it with specific ingredients or features, and integrate it into their application development environment.In addition to Sandwich, the Security Suite by SandboxAQ is highlighted as a tool to help organizations modernize cryptography management. It provides visibility into where and how cryptography is used, along with modules for observability, compliance, and remediation. The Security Suite also offers optimization of cryptographic operations to reduce resource consumption and improve performance.Sean and Marc also touch on the challenges organizations face in understanding and implementing encryption and the collaboration between developers and security teams in managing encryption within the broader engineering and security operating environment. They discuss how Sandwich can help overcome hurdles and elevate security posture, allowing developers to focus on application development while the framework takes care of security.Overall, this episode provides insights into the evolving field of quantum-resistant cryptography, the importance of secure application development with cryptography at its core, and the role of tools like Sandwich and the Security Suite in enhancing cybersecurity practices, all aiming to educate listeners on the challenges and solutions in cryptography management.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Marc Manzano, Senior Director - Quantum Security, SandboxAQ [@SandboxAQ]On Linkedin | https://www.linkedin.com/in/marcmanzano/On Twitter | https://twitter.com/marcmanzanoResourcesLearn more about SandboxAQ and their offering: https://itspm.ag/sandboxaq-j2enRead the Sandwich Press Release: https://itspm.ag/sandbonpdaSandwich on Github: https://itspm.ag/sandbo3zq1Learn more about Sandwich: https://itspm.ag/sandboqao6Try SandboxAQ Security Suite: https://itspm.ag/sandbob3gyRead the Security Suite Press Release: https://itspm.ag/sandboxb3e744For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

WWV Station sign at WWV in Fort Collins, Colorado Many thanks to SRAA contributor, Myke Dodge Weiskopf, who shares the following recording and notes:BROADCASTER: WWVDATE OF RECORDING: December 08, 1991STARTING TIME: 0218FREQUENCY: 5000 kHzRECEPTION LOCATION: Rockford, Illinois, USARECEIVER AND ANTENNA: Unidentified boomboxNOTES:NIST Radio Station WWV as it sounded on 8 December 1991 at 0218 UTC.Due to the high cost of maintaining the aging drum-based voice announcement machines, NIST implemented a digital voice announcement system in 1991. The new male voice, belonging to Eric Smith, started at WWV on 13 August. The voice of WWVH belonged to Johanna Stahl. The voices were sorely lacking in high EQ at first, but were sharpened with an audio filter on 27 August. The modification did not help, and after months of equipment failures and complaints about the poor quality, NIST retired both voices on 11 August 1992.An excerpted version of this recording is found on "At the Tone: A Little History of NIST Radio Stations WWV & WWVH." This unedited version is being shared by special arrangement for the Shortwave Archive.

In this episode of Serious Privacy, Paul Breitbarth of Catawiki and Dr. K Royal share a healthy serving of privacy popcorn featuring India's new law, Georgia's new law, Meta news, Argentina and Kenya and Worldcoin, China, NIST Cybersecurity Framework call for comments, and more, including California's adequacy decision from the Dubai International Financial Center. If you have comments or questions, find us on LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us! Proudly sponsored by TrustArc. Learn more about the TRUSTe Data Privacy Framework verification. upcoming webinars.#heartofprivacy #europaulb #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO #CISO

Two things to know today00:00 NIST Releases Draft Update to Cybersecurity Framework, Adding a 'Govern' Pillar03:41 SaaS Companies Face Growth Challenges as Net Retention Rate SlipsAdvertiser: https://www.cynomi.com/how-to-add-vciso-services/https://partnerhero.com/businessoftech/Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Support the show on Patreon: https://patreon.com/mspradio/Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.comFollow us on:Facebook: https://www.facebook.com/mspradionews/Twitter: https://twitter.com/mspradionews/Instagram: https://www.instagram.com/mspradio/LinkedIn: https://www.linkedin.com/company/28908079/

The second thing I did for overcoming impostor syndrome was just adopting this 1% better mindset that you're not seeking perfection. Every month or every year, you're going to improve yourself a little bit. The third thing is to just say yes to opportunity, even if you don't feel like you're 100% fit. And I think that goes more for applying for roles if you're looking for jobs, if you don't meet 100% of the job description, that's okay, you should still apply. Privacy is such an emerging field, and people encourage diversity, so you never know what your unique skill set would bring to the organisation, and maybe that's what they're looking for. So just say yes to job opportunities. Apply to speak at different conferences. Even if you don't think you have a very compelling story, you are judging yourself more harshly than others are.Attention Privacy Professionals, this episode is tailor-made for YOU! Join us as Jamal and Nandita dive deep into the strategies that will skyrocket your career.In this episode, we discuss:Practical tips to continue upskill and stay ahead of the curve.How to position yourself effectively and switch roles without starting from scratchHow to step out of your comfort zone and develop your personal brand with confidence Uncover the secrets to supercharge your privacy career!Nandita Rao Narla is the Head of Technical Privacy and Governance at DoorDash, where she leads the privacy engineering, privacy assurance and privacy operations teams. Previously, she was part of the founding team of NVISIONx.ai, a data profiling startup that classifies enterprise data to optimize security controls and solve privacy compliance challenges. As an advisory manager at EY, she focused on leveraging data governance to enhance privacy programs, scaling risk management functions, and driving data protection initiatives for Fortune 500 companies. Nandita currently serves on the Advisory Boards and committees for privacy and cybersecurity focused non-profits such as Extended Reality Safety Initiative (XRSI), Institute of Operational Privacy by Design, NIST, Techno Security & Digital Forensics Conference, and IAPP - Privacy Engineering. Nandita holds an MS in Information Security from Carnegie Mellon University, a BTech in Computer Science from JNT University, and privacy and security certifications such as FIP, CIPP/US, CIPT, CIPM, CDPSE, CISM, CRISC, and CISA.If you're ready to transform your career and become the go-to GDPR expert, download the first chapter of 'The Easy Peasy Guide To The GDPR' here: https://www.bestgdprbook.com/Follow Jamal on LinkedIn: https://www.linkedin.com/in/kmjahmed/Follow Nandita on LinkedIn: https://www.linkedin.com/in/nandita-narla/Get Exclusive Insights, Secret Expert Tips & Actionable Resources For A Thriving Privacy Career That We Only Share With Email Subscribers► https://newsletter.privacypros.academy/sign-upSubscribe to the Privacy Pros Academy YouTube Channel► https://www.youtube.com/c/PrivacyProsJoin the Privacy Pros Academy Private Facebook Group for:Free LIVE TrainingFree Easy Peasy Data Privacy GuidesData Protection Updates and so much...

How is Revision 3 of NIST Special Publication 800-171 and the Cybersecurity Maturity Model Certification (CMMC) related to each other? Let's find out with our guest Jacob Horne. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

This week I'm talking about The NIST (National Institute of Standards and Technology) investigation lifecycle. The NIST investigation lifecycle encompasses a series of well-defined steps, starting from problem identification and scoping, through data collection and analysis, to the formulation of conclusions and recommendations. This comprehensive framework ensures that investigations conducted by NIST are rigorous, unbiased, and provide reliable results that can be used to inform decision-making, improve practices, and promote innovation across a wide range of disciplines. More about it...

Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of Distributed Denial of Service (DDOS) prevention with CyberWire Hash Table guests Steve Winterfeld, Akamai's Field CSO, and Jim Gilbert, Akamai's Director Product Management, and Rick Doten, the CISO for Healthcare Enterprises and Centene. Howard, R., 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Wiley. URL: https://www.amazon.com/Cybersecurity-First-Principles-Strategy-Tactics/dp/1394173083.   Azure Network Security Team, 2023. 2022 in review: DDoS attack trends and insights [Website]. Microsoft Security Blog. URL https://www.microsoft.com/en-us/security/blog/2023/02/21/2022-in-review-ddos-attack-trends-and-insights/ Howard, R., 2014. Fatal System Error [Book Review]. Cybersecurity Canon Project. URL https://icdt.osu.edu/fatal-system-error Mashable, 2019. The World's First Cyber Crime: The Morris Worm [KERNEL PANIC] [Video]. YouTube. URL https://www.youtube.com/watch?v=o2dj2gnxjtU (accessed 8.8.23). Montgomery, D., Sriram, K., Santay, D.J., 2022. Advanced DDoS Mitigation Techniques [Website]. NIST. URL https://www.nist.gov/programs-projects/advanced-ddos-mitigation-techniques. Schomp, K., Bhardwaj, O., Kurdoglu, E., Muhaimen, M., Sitaraman, R.K., 2020. Akamai DNS: Providing Authoritative Answers to theWorld's Queries [Conference Paper]. Proceedings of the Annual conference of the ACM Special Interest Group on Data Communication on the applications, technologies, architectures, and protocols for computer communication. URL https://groups.cs.umass.edu/ramesh/wp-content/uploads/sites/3/2020/07/sigcomm2020-final289.pdf Sparling, C., Gebhardt, M., 2022. The Relentless Evolution of DDoS Attacks [Blog]. Akamai Technologies. URL https://www.akamai.com/blog/security/relentless-evolution-of-ddos-attacks. Staff, January 2023. The Evolution of DDoS: Return of the Hacktivist [Akamai White Paper]. FS-ISAC. URL https://www.fsisac.com/akamai-ddos-report. Staff , 2023. 2023 The Edge Ecosystem [White Paper]. AT&T Cybersecurity. URL https://cybersecurity.att.com/resource-center/infographics/2023-securing-the-edge. Winterfeld, S., 2023. Ransomware on the Move: Evolving Exploitation Techniques and the Active Pursuit of Zero-Days [Website]. Akamai Technologies. URL https://www.akamai.com/blog/security/ransomware-on-the-move-evolving-exploitation-techniques Radware, 2012. DNS Amplification Attack [Video. YouTube. URL https://www.youtube.com/watch?v=xTKjHWkDwP0  Chickowski, E., 2020. Types of DDoS attacks explained [Website]. AT&T Cybersecurity. URL https://cybersecurity.att.com/blogs/security-essentials/types-of-ddos-attacks-explained Nilsson, J., 2010. The Book of Numbers: A History of the Telephone Book [Website]. The Saturday Evening Post. URL https://www.saturdayeveningpost.com/2010/02/book-numbers

Standardization is something we take for granted in classical information technology. But when it comes to quantum computing, are we all speaking the same language? In addition to making neutral-atom quantum systems, Pasqal is trying to ensure all aspects of QIS will interoperate going forward. Standardization has always helped businesses adopt new technologies because they are more consistent and reliable as a result. Join host Konstantinos Karagiannis for a chat with Catherine Lefebvre from Pasqal and learn how they're doing more than making room-temperature quantum computers.For more on Pasqal, visit www.pasqal.com/.Visit Protiviti at www.protiviti.com/postquantum to learn more about how Protiviti is helping organizations get post-quantum ready.         Follow host Konstantinos Karagiannis on Twitter and Instagram: @KonstantHacker and follow Protiviti Technology on LinkedIn and Twitter: @ProtivitiTech.          Contact Konstantinos at konstantinos.karagiannis@protiviti.com.          Questions and comments are welcome!      Theme song by David Schwartz, copyright 2021. The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries. None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.

In this episode, Tom welcomes back Travis Howerton and they explore the importance of NIST 800-53 Rev. 5, the latest version of the National Institute of Standards and Technology's security guidance for organizations. With new controls to address privacy and a heightened focus on supply chain and third-party risk, this version of the NIST standard is essential for organizations to access government contracts and revenue and is increasingly important to protect organizations from cyberattacks. Automation is also becoming increasingly necessary to help organizations meet these standards, highlighting the need for continuous improvement of security measures. This episode goes in-depth on NIST 853 Rev Five, making it a must-listen for organizations looking to stay secure and compliant. The US government is increasingly turning to automation and AI to meet its security and compliance standards. With the transition of FedRAMP from guidance to law, companies are now required to use it and meet certain cybersecurity standards to do business with the US government. NIST 800-53 Rev. 5 addresses regulatory change around privacy with GDPR and other things and includes new control families and changes to existing ones. As the government continues to revise its standards, the need for automation is becoming increasingly important. The National Institute of Standards and Technology (NIST), a standards body within the federal government, is working with the Open Security Controls Assessment language (OSCAL) team to develop standards. NIST has interacted closely with the OSCAL team, creating an open-source repo on GitHub and building communities of interest. Additionally, NIST works with other government agencies, tool providers, and industry to develop standards. FedRAMP provides clarity of goal for vendors and customers but is expensive and time consuming to achieve. Cybersecurity is no longer a cost center, but a requirement to do business with the US government. The Department of Defense requires companies to meet certain cybersecurity standards to do business with them. Other agencies are taking similar stances in regard to cybersecurity. Companies are now required to have a compliance program to do business with them. Cybersecurity is now seen as one of the top risks to businesses, causing legal risk, revenue loss, and embarrassment. Key Highlights ·      NIST 800-53 Rev. Five ·      NIST and FedRAMP ·      Cybersecurity Requirements ·      Cybersecurity Regulations ·      Continuous Improvement of Standards  Resources  Travis Howerton on LinkedIn RegScale Tom Fox Instagram Facebook YouTube Twitter LinkedIn

- First off, for those unfamiliar with this problem and situation, what exactly is the challenge here, and why should more people be paying attention to this?- What do you say to those who may say this is just something occurring in the digital realm, and not a physical or real threat, given the ubiquity of software, this seems short sighted, no?- In the book, you touch on malicious actors using U.S. based infrastructure to attack U.S. targets, a topic that was touched on in the NCS, can you expand on that and the challenges with addressing it, particularly in the cloud?- There's fears that these adversaries are looking to persist in U.S. based systems and infrastructure in advance of future conflicts. What could be some of the ramifications of this in the future, and how do we go about rooting out these threats in the here and now?- The Defense Industrial Base (DIB) is often called the "soft under belly" of the DoD. We've seen increased targeting of the DIB by malicious actors and nation states and the emergence of efforts such as NIST 800-171 and now CMMC. How do we go about ensuring improved security posture of the DIB while balancing the cost and burden on SMB's and further constraining the diversity and resiliency of a DIB supplier base?- On the flip side, we see the DoD, IC and Federal Government with deep dependencies on a small handful of technology companies, some, even despite continued exploitation and vulnerabilities impacting these agencies. How do we go about addressing this elephant in the room and demand stronger security outcomes and performance from these critical suppliers, especially with their massive financial and political clout?- Much of these activities occur below the threshold of traditional "declarations or acts of war". How do we get our leadership to realize we're already at war, but in a new paradigm?- You guys talk about how everyone with an internet connection is essentially on the battlefield. How do we address that reality while balancing aspects of our society that are unique, such as freedom and privacy. Citizens continue to use software and applications that expose their data, that of their employers, and in some cases, even of the DoD and national security. How do go about better informing and engaging the citizenry on this front?- Another aspect you touch on, is that this isn't just a technical issue, but there's efforts such as misinformation and such to degrade trust in our institutions, sow resentment and stoke flames of divisiveness in our society. These threats are likely even more concerning, as we tear ourselves apart internally. What are your thoughts on this front?

How can we progress when much of what we do is rooted in tradition? Hello Smart Firefighting Community! Welcome to another episode of covering real world innovations via interviews with fire service and technology industry experts that empower YOU to develop your very own Smart Firefighting strategy! In this episode: Debunking the perceptions around tradition in fire service The evolving impact of the NIST & NFPA Roadmap to the Future of Smart Firefighting Report Developments at the TEEX Testing & Innovation Center Get the scoop from Paul Siebert! Since 1991, Paul has been in progressive positions within the Frisco Fire Department, retiring in 2017. He's now working for the Texas A&M Engineering Extension Service Emergency Services Training Institute as the Public Sector Program Director. Prior to that, he managed response technology development for the TEEX Product Development Center. So hit that play button to hear more! Head to www.smartfirefighting.com to discover how SFF accelerates innovation for emergency responders, to find out when our next event is, or review our curated resources! Facebook | Instagram | Twitter | LinkedIn

As a “born digital” technology, additive manufacturing intrinsically relies on data, more so than any other manufacturing process. That data reliance potentially exposes AM users to data security and cybersecurity issues; efforts are underway to help these users protect designs, print parameters, machines and even 3D printed parts. But beyond the dark side of data, figuring out secure ways of storing and sharing data also opens the door to more freely distributing manufacturing, sharing material and print profiles, and flexible, secure supply chains. Stephanie Hendrixson and Dr. Tim Simpson discuss all things AM data on AM Radio. This episode of AM Radio is brought to you by Formnext Forum: Austin. Mentioned in this episode: Episode 37 on sustainability CyManII and its efforts to protect an additive manufacturing company NIST introduces a new “dictionary” for data definitions in AM VeriTX's Fortis platform for data assurance  Senvol industrial AM machine and material database TRACEam program from Mike Vasquez 3DOS decentralized manufacturing marketplace model Xometry distributed manufacturing network | episode from sister podcast Made in the USA featuring Randy Altschuler, CEO Dr0wned hacked drone video Chris Williams and the Design, Research, and Education for Additive Manufacturing Systems (DREAMS) Lab at Virginia Tech (VT is now also a managing member of CyManII) ANSI manufacturing standards for anticounterfeiting Work with InfraTrac and Sharon Flank to embed different materials via DED for authentication Shape Matrix system created by Shape Operating Systems The Cool Parts Showcase 2021 featuring a 3D printed barcode in the Bespoke category (Meet the 2023 finalists and VOTE) Subscribe to The BuildUp, Additive Manufacturing Media's newsletter on 3D printing for industrial production   

Z troch slovenských futbalových tímov postúpili do 2. predkola európskych súťaží dva - Slovan a Žilina. Dunajská Streda vypadla. Slovan vyradil v Lige majstrov luxemburský Swift, Žilina v Konferenčnej lige estónsku Levadiu Talinn a Dunajská Streda v tej istej súťaži nestačila na gruzínsky tím Dila Gori. Viac si povieme v našom dnešnom podcaste.

Ever wonder how scientists measure the intensity of a fire? Join us on this episode as we invite Dr. Matt Bundy from NIST. We discuss the intricacies of heat release rate, calorimetry, and how NIST is championing open data with their astonishing database.You can learn more about the database here: https://www.nist.gov/blogs/taking-measure/new-nist-fire-calorimetry-database-available-answer-your-burning-questionsAnd find the database here: https://www.nist.gov/el/fcdI've tried to make this conversation for everyone. If you never saw a calorimeter or have no idea how to measure fire, from this episode you will learn probably all you need to know. If you know everything about calorimetry, there is a ton of golden nuggets on how NIST runs their experiments, that are absolutely worth listening too.In the podcast episode, we start deciphering the art of measuring fire characteristics - from using heat flux gauges, oxygen and mass loss calorimetry and what are the challenges to each of them.  We then explore the NIST Fire Calorimetry Database, unveiling its evolution from a humble set of data to an open-access resource. Dr. Bundy shares invaluable insights into the development of this enriching database, which has metamorphosed into an extensive video collection system that records fire experiments. He also whets our curiosity about the potential expansion and collaborations lying on the horizon for this unique database. Rounding off our discussion, we delve into the inner workings of the hosting process of the NIST Calorimetry Database, its data storage methods, and how it facilitates easy access to experiments. We also glimpse the future of fire studies as Dr. Bundy calls on the Fire Science Show community to suggest objects to burn for their calorimetry. Cover image: frame extracted from this calorimetry supercut video credit to NIST and Matt BundyThis podcast episode is sponsored by OFR Consultants.

This week on Off the Shelf, Tom Voshell, vice president, Federal Program Office at Coupa Software provides his insights and analysis regarding data management and cyber security with a focus on the Department of Defense's upcoming release and implementation of an updated version of its Cybersecurity Maturity Model Certification (CMMC 2.0). Voshell discusses the underlying DFARs provisions and NIST 800-171 standard and controlled unclassified information (CUI). He lays out the process, applicability and management considerations for contractors and subcontractors who will be subject to CMMC. Voshell also gives his thoughts on the new software attestation form, the recently released DHS cybersecurity regulations, and FedRAMP.

In this podcast episode, host Samantha Mabey talks to Brian LaMacchia, President of FARCASTER Consulting Group and former Distinguised Engineer for Cryptography at Microsoft, about the decades of research that's gone into Post Quantum Cryptography (PQC), and how the pace and intensity of academic PQ research compares with previous eras of cryptography. They also discuss the standardization process of PQC, including the algorithms under review in the NIST competition today, and how PQC standards are likely to evolve in the future.

NIST recently released the initial draft of a major update to its cybersecurity guidelines for protecting sensitive unclassified information. The update is intended to help federal agencies and government contractors implement cybersecurity requirements more consistently. The revised draft guidelines, Protecting Controlled Unclassified Information in Nonfederal Systems and Organizations (NIST Special Publication [SP] 800-171 Revision 3), will be of particular interest to the many thousands of businesses that contract with the federal government. Federal rules that govern the protection of controlled unclassified information (CUI), which includes such sensitive data as health information, critical energy infrastructure information and intellectual property, reference the SP 800-171 security requirements. Systems that store CUI often support government programs containing critical assets, such as design specifications for weapons systems, communications systems, and space systems. The changes are intended in part to help these businesses better understand how to implement the specific cybersecurity safeguards provided in a closely related NIST publication, SP 800-53 Rev. 5. The authors have aligned the language of the two publications, so that businesses can more readily apply SP 800-53's catalog of technical tools, or “controls,” to achieve SP 800-171's cybersecurity outcomes. The update is designed to help maintain consistent defenses against high-level threats to information security. Many of the newly added requirements specifically address threats to CUI, which recently has been a target of state-level espionage. NIST wants to implement and maintain state-of-the-practice defenses because the threat space of hostile adversaries is changing constantly. Protecting CUI is critical to the national and economic security interests of the United States. This segment is sponsored by Google. Visit https://securityweekly.com/chrome to learn more about them! Visit https://securityweekly.com/csp for all the latest episodes! Follow us on Twitter: https://www.twitter.com/cyberleaders Follow us on LinkedIn: https://www.linkedin.com/company/cybersecuritycollaborative/ Visit https://securityweekly.com/csp for all the latest episodes!  Show Notes: https://securityweekly.com/csp-131

Contractors will, somehow, be living under it, and there's still time to comment on it: The revision to NIST special publication 800-171 on protection of controlled, unclassified information. That's not the only cyber policy affecting contractors. For more, Federal Drive Host Tom Temin spoke with the Executive Vice President for Policy at the Professional Services Council, Stephanie Kostro. Learn more about your ad choices. Visit megaphone.fm/adchoices

If the runaway success of tools like ChatGPT have taught us anything, it's that the world is ready to embrace AI. But are the policies and regulations ready to tackle the risks? Continuing our series on generative AI, this week host Elisa is joined by Matthew Ferraro, emerging technology expert and Counsel at Wilmer Hale. Matthew dives in, demystifying the terminology surrounding these tools while delving into the laws and notable cases that may shape the future of AI policy in the U.S. Matthew Ferraro is Counsel at Wilmer Hale: https://www.wilmerhale.com/en/people/matthew-ferraro References: S.1356, ASSESS AI Act: https://www.congress.gov/bill/118th-congress/senate-bill/1356/text S.1671, Digital Platform Commission Act of 2023: https://www.congress.gov/bill/118th-congress/senate-bill/1671/text?s=1&r=6 National Defense Authorization Act for 2021: https://www.congress.gov/bill/116th-congress/senate-bill/4049/text H.R.4521, America COMPETES Act: https://www.congress.gov/bill/117th-congress/house-bill/4521/text National Institute for Standards and Technology Artificial Intelligence Risk Management Framework: https://nvlpubs.nist.gov/nistpubs/ai/NIST.AI.100-1.pdf Young v. NeoCortex: https://dockets.justia.com/docket/california/cacdce/2:2023cv02496/880323 The Digital Millennium Copyright Act: https://www.copyright.gov/legislation/dmca.pdf Nominate National Security Law Today on People's Choice Podcast Awards through this link: https://www.podcastawards.com 1. Click the blue “Click Here to Vote” button 2. On the sign up site, check the box that says “Please consider me as one of the listeners that will be randomly selected to vote on the final slate in August” and enter “National Security Law Today” in the Biggest Podcast Influencer box 3. On the nomination site, nominate “National Security Law Today” for The Adam Curry People's Choice Award, Government & Organizations, and The Majority Report Politics & News Category

US and Canadian agencies warn of Truebot. A look at "Operation Brainleaches." Jumpcloud resets API keys. An update on the MOVEit vulnerability exploitation. Andrea Little Limbago from Interos shares insights on rising geopolitical instability. Our guest is Mike Hamilton from Critical Insight discussing what you need to know about NIST 2.0. OSCE trains Ukrainian students in cybersecurity. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/128 Selected reading. CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants (Cybersecurity and Infrastructure Security Agency CISA) Increased Truebot Activity Infects U.S. and Canada Based Networks | CISA (Cybersecurity and Infrastructure Security Agency CISA)  Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks (ReversingLabs) Mandatory JumpCloud API Key Rotation (JumpCloud) JumpCloud resets admin API keys amid ‘ongoing incident' (BleepingComputer) JumpCloud Says All API Keys Invalidated to Protect Customers (SecurityWeek) More organizations confirm MOVEit-related breaches as hackers claim to publish stolen data (TechCrunch) Important information about MOVEit Transfer cyber security incident | Shell Global (Shell Global) Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data (SecurityWeek) OSCE helps future generation of Ukraine's law enforcers and emergency personnel build skills for safe work in cyberspace (OSCE)

In January of 2021, Executive Order 13985 titled Advancing Racial Equity and Support for Underserved Communities Through the Federal Government was released. Today's discussion shows how agencies are responding to that mandate around identity management. It would seem there should not be a problem. The goal here is to make sure everyone has access to benefits, loans, and even FEMA support. In an ideal world, a citizen accesses a federal website, gets identified, and continues through the process. However, we have people get frustrated with the digital process of identification to the point where they abandon their requests. Today's discussion looks at the NIST's special Publication 800-63 and its fourth draft revision, which mentions advancing the equity of identity management. David Temoshok is one of the experts at NIST who drafted the document. He explains some of his thoughts about how to manage large numbers of people trying to get identified. He explains some of the challenges in digital credentials and some advances made, referencing login.gov. From a broader perspective, he thinks that a federated approach to identity management may be the solution. The 2017 NIST 800-63 included multi-factor identification, the current draft tries to take this concept to the next level. It suggests ways to make MFA phishing resistant. One of the weaknesses of making identification “frictionless” is the risk of overprovisioning. Bryan Rosensteel from Ping brings a good perspective to the challenges of digital identification, he thinks that it is an exciting time to be involved in the world of identification, especially in one new aspect like automation and identity lifecycle management. He mentions topics like military systems that are disconnected, yet still must maintain credentials. Twitter:  @FedInsider LinkedIn:    https://www.linkedin.com/company/fedinsider/ Facebook:   https://www.facebook.com/FedInsiderNews    

Welcome to the newest episode of The Cloud Pod podcast - where the forecast is always cloudy! Today your hosts are Jonathan and Matt as we discuss all things cloud and AI, including Temporary Elevated Access Management (or TEAM, since we REALLY like acronyms today)  FTP servers, SQL servers and all the other servers, as well as pipelines, whether or not the government should regulate AI (spoiler alert: the AI companies don't think so) and some updates to security at Amazon and Google.  Titles we almost went with this week: The Cloud Pod's FTP server now with post-quantum keys support The CloudPod can now Team into your account, but only temporarily  The CloudPod dusts off their old floppy drive  The CloudPod dusts off their old SQL server disks The CloudPod is feeling temporarily elevated to do a podcast The CloudPod promise that AI will not take over the world The CloudPod duals with keys The CloudPod is feeling temporarily elevated. A big thanks to this week's sponsor: Foghorn Consulting, provides top-notch cloud and DevOps engineers to the world's most innovative companies. Initiatives stalled because you have trouble hiring?  Foghorn can be burning down your DevOps and Cloud backlogs as soon as next week.

If you ever wondered how to capture fires in photographs and videos so it is a real science, not just pretty pictures, this episode is for you. With dr Matt Hoehler we explore the world of visualization in fires - from just shooting the pictures, through composition and what is your target, to fancy techniques - water-cooling, blue light illumination and 360-degree shoots. We also discuss the role of audio in the further use of these pictures.To watch for yourself how the magic works, check this NIST website:https://www.nist.gov/news-events/news/2018/07/nist-unblinded-me-science-new-application-blue-light-sees-through-fireAnd to see how BOB was applied, check it here:https://www.nist.gov/el/fire-research-division-73300/national-fire-research-laboratory-73306/360-degree-video-fireIf you would like to learn more, here are some resources:Developing 360 camera setupsImaging through flames with narrow-spectrum lightUse of narrow-spectrum in the char studyAnd one of our own:Measuring fire HRR with cameras

Imagine a world where your organization is constantly at the risk of a cyber-attack, yet no solution seems fully secure. In this episode of Innovation In Compliance, host Tom Fox and guest Steve Horvath explore the complex landscape of supply chain cyber risk management. They explore the high-profile breaches of Home Depot and Target, as well as the critical importance of frameworks like the NIST Cybersecurity Framework. Steve delves into the challenges faced by organizations, the need for effective risk management strategies, and the evolving landscape of cybersecurity in public and private sectors.  Steve Horvath is a seasoned cybersecurity expert who has spent nearly two decades at Telos, a prominent cybersecurity firm focused on protecting government and industry networks. Since joining Telos in 2006, Steve has been instrumental in developing cybersecurity strategies and services for various elements of the U.S. federal government, including the intelligence community and the Department of Defense. Today, he leads the way in driving compliance and risk management initiatives with a focus on innovative solutions like Xacta. You'll hear Tom and Steve discuss: Telos' platform, Xacta, began as a web-based application focused on facilitating the rigorous compliance activities of federal standards, and has since evolved into a sophisticated platform for managing cybersecurity risks. Cybersecurity risk is unique and highly challenging, and unlike other forms of risk, it doesn't lend itself to transference. Insurance policies won't save an organization from a devastating cyber attack. Many organizations, particularly public ones, need to shift their mentality from accepting some level of risk to striving for robust cybersecurity operations that minimize risk as much as possible. Education at the board level about the threats and implications of cybersecurity is a crucial yet often overlooked factor. The conversation around this is gaining traction, with initiatives such as the SEC's rule about having a board member with a cybersecurity background. The Home Depot and Target hacks brought widespread attention to cybersecurity risks, highlighting the need for organizations to be proactive in managing threats and vulnerabilities. The NIST Cybersecurity Framework provides a practical and easily understood framework for organizations to assess and improve their cybersecurity posture. It enables effective communication between security operators and the board, fostering a common language and understanding. Supply chain cybersecurity is a critical concern, particularly for software and IT hardware sourcing. Having a software bill of materials and understanding the ingredients within the software helps organizations assess their exposure and potential vulnerabilities. Network attack services refer to understanding an organization's attack surface and identifying potential points of ingress or exfiltration of data. Mitigating risks, such as phishing attacks, requires robust security education programs for users. Creating an actionable cyber intelligence strategy involves having the right stakeholders and roles within the organization, selecting a suitable framework (such as NIST or ISO standards), and ensuring continuous validation and improvement of cybersecurity measures. KEY QUOTE: “You really have to do exceptional cybersecurity operations, and the best way to influence cybersecurity operations… is having some teeth behind a set of conditions and compliance requirements that guide you toward making the best decision…" - Steve Horvath Resources: Steve Horvath on LinkedIn | Twitter Telos | Telos Corporation on Twitter

News: More BeiDou satellites launched U.S. NIST announces Ultra-Precise Timing Links to Geosynchronous Satellites Saildrones!   Web Corner:  Arctic Indigenous Peoples languages and revitalization map project released   Topic: Story, narrative, vignettes, story boarding…narrative design for geoviz https://www.khanacademy.org/computing/pixar/storytelling   Events:  2023 NSGIC Annual Conference and first annual National Geospatial Golf Classic: September 24-29, New Orleans, LA NYGeoCon 2023: September 25-27,  Albany, NY INTERGEO 2023:  October 10th - 12th, Berlin, Germany

Today Kevin and Laura talk with Chris Roberts, Boom Supersonic's CISO, about aviation technology, the Concorde, hacking all the things (including the Mars Rover!), building planes, epic beards, DefCon, Back to the Future, hover boards and flying cars!  Chris also casually confessed to breaking into prison, money laundering and robbing banks.   Chris is the CISO for Boom Supersonic and works as an advisor for several entities and organizations around the globe.  His most recent projects are focused within the aerospace, deception, identity, cryptography, Artificial Intelligence, and services sectors. Over the years, he's founded or worked with several folks specializing in OSINT/SIGINT/HUMINT research, intelligence gathering, cryptography, and deception technologies. These days he's working on spreading the risk, maturity, collaboration, and communication word across the industry. Since the late 90's Chris has been deeply involved with security R&D, consulting, and advisory services in his quest to protect and defend businesses and individuals against various types of attack. Prior to that he jumped out of planes for a living, visiting all sorts of interesting countries and cultures while doing his best to avoid getting shot at too often. He's considered one of the world's foremost experts on counter threat intelligence and vulnerability research within the Information Security industry. He's also gotten a name for himself in the transportation arena, basically anything with wings, wheels, tracks, tyres, fins, props or paddles has been the target for research for the last 15 years.Chris has led or been involved in information security assessments and engagements for the better part of 25 years and has a wealth of experience with regulations such as GLBA, GDPR, HIPAA, HITECH, FISMA, and NERC/FERC.  He has also worked with government, state, and federal authorities on standards such as CMS, ISO, CMMC, and NIST.Chris has been credentialed in many of the top IT and information security disciplines and as a CyberSecurity advocate and passionate industry voice, he is regularly featured in national newspapers, television news, industry publications and several documentaries. And worst case, to jog the memory, Chris was the researcher who gained global attention in 2015 for demonstrating the linkage between various aviation systems, both on the ground and while in the air that allowed the exploitation of attacks against flight control system.

When it comes to cybersecurity, It is important to understand who your audience is and how to communicate effectively with them. Today, we discuss an article on the cybersecurity pitfalls written by Julie Haney, Usable Cybersecurity Program Lead at NIST, and the importance of involving everyone in a team approach to protecting patients' information.  More info at HelpMeWithHIPAA.com/411

In this episode of Serious Privacy, Dr. K Royal connects with R. Jason Cronk, infamous privacy professional extraordinaire. Topics include a brief weekly update on privacy events, The Rise of Privacy Tech (TROPT) and its summit, led by Lourdes Turrecha, privacy frameworks, such as NIST privacy and 800-53, ISO27001, appendix A, ISO 27701, his new podcast with the BBB, privacy abbreviated with Donna Fraser, his book with IAPP strategic Privacy by Design, his non-profit the Institute of Operational Privacy Design, and much more. In fact, no surprise, our friend Ralph O'Brien's name came up in conversation as well as Deirdre Mulligan, new Deputy Chief Technology Officer for policy for the United States and privacy engineering a la Michelle Dennedy. We also touched on the Privacy Law Scholars conference along with one of our favorite young law scholars, Wayne Unger. In addition, Jason covers many of his activities, such as speaking at CERN. As always, if you have comments or questions, let us know - LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy  and email podcast@seriousprivacy.eu. Please do like and write comments on your favorite podcast app so other professionals can find us easier.  As always, if you have comments or questions, find us on LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy and email podcast@seriousprivacy.eu. Rate and Review us! #heartofprivacy #seriousprivacy #privacy #dataprotection #cybersecuritylaw #CPO #DPO

Cracking RSA in web traffic is primarily what people think of when they hear about the quantum threat to cryptography. But there are lots of protocols in peril, especially in a typical corporate environment. Join host Konstantinos Karagiannis for a chat with Suvi Lampila from SSH to find out how the security giant is working on securing data flows you may not have considered. For more on SSH communications security, visit www.ssh.com/. Visit Protiviti at www.protiviti.com/postquantum to learn more about how Protiviti is helping organizations get post-quantum ready.           Follow host Konstantinos Karagiannis on Twitter and Instagram: @KonstantHacker and follow Protiviti Technology on LinkedIn and Twitter: @ProtivitiTech.       Questions and comments are welcome! Theme song by David Schwartz, copyright 2021. The views expressed by the participants of this program are their own and do not represent the views of, nor are they endorsed by, Protiviti Inc., The Post-Quantum World, or their respective officers, directors, employees, agents, representatives, shareholders, or subsidiaries. None of the content should be considered investment advice, as an offer or solicitation of an offer to buy or sell, or as an endorsement of any company, security, fund, or other securities or non-securities offering. Thanks for listening to this podcast. Protiviti Inc. is an equal opportunity employer, including minorities, females, people with disabilities, and veterans.

Cybersecurity is a big challenge for all businesses these days. Regardless of the size of the business or industry it's in, hackers are continuously trying to exploit weaknesses to gain access to networks and data. NIST and CISA have some new resources and guides that can help small and medium size businesses face the growing cyber threat. More info at HelpMeWithHIPAA.com/410

In this episode, Niko O'Hara, the Head of Engineering at AVANT, and Derek Siler, the Solutions Architect at Flexential, dive into the NIST cybersecurity framework, focusing specifically on how we can use it to protect critical IT workloads. They talk through the details of the framework itself, as well as each individual category. Lastly, they hit on how you can use this as the foundation for a complete cybersecurity strategy. Click the “play” button to get started!

The Cognitive Crucible is a forum that presents different perspectives and emerging thought leadership related to the information environment. The opinions expressed by guests are their own, and do not necessarily reflect the views of or endorsement by the Information Professionals Association. During this episode, Dan Runde of CSIS discusses various ways China deploys soft power strategies in pursuit of geopolitical goals. Dan touches upon vaccine diplomacy, World Intellectual Property Organization (WIPO) Elections, and other multilateral organizations such as the International Telecommunications Union (ITU), the International Monetary Fund (IMF), World Bank, Food and Agricultural Organization (FAO), and the State Department's Bureau for International Organizations (DOS IO). Research Question: Dan Runde suggests interested students read Invisible China: How the Urban-Rural Divide Threatens China's Rise by Scott Rozelle and Natalie Hell, which upacks human capital and demographics challenges in China. Resources: Cognitive Crucible Podcast Episodes Mentioned #74 Elham Tabassi on NIST, Technology Standards, and Trust #130 Teasel Muir-Harmony on Spaceflight, Foreign Policy, and Soft Power #144 Nick Eberstadt on Demographics Dan Runde's CSIS Webpage The American Imperative: Reclaiming Global Leadership through Soft Power by Daniel Runde United Nations International Telecommunications Union US State Department Bureau of International Organization Affairs Soft Power Invisible China: How the Urban-Rural Divide Threatens China's Rise by Scott Rozelle and Natalie Hell Link to full show notes and resources https://information-professionals.org/episode/cognitive-crucible-episode-151 Guest Bio: Daniel F. Runde is a senior vice president, director of the Project on Prosperity and Development (PPD), and holds the William A. Schreyer Chair in Global Analysis at the Center for Strategic and International Studies (CSIS), a leading global think tank. Mr. Runde also served as the acting director for the CSIS Americas Program from 2020-2022. His work is oriented around U.S. leadership in building a more democratic and prosperous world. Among his many other contributions, Mr. Runde was an architect of the BUILD Act, contributed to the reauthorization of the U.S. EXIM Bank in 2018, and was an architect of Prosper Africa, a U.S. government initiative to deepen the United States' commercial and development engagement in Africa. He has been a leading voice on the role and future of the World Bank Group and U.S. leadership in the multilateral system. Prior to CSIS, Mr. Runde held leadership roles at the U.S. Agency for International Development (USAID) and the World Bank Group. Earlier in his career, Mr. Runde worked in commercial banking at Citibank in Argentina and in investment banking at Alex. Brown & Sons. Mr. Runde was granted the Officer's Cross in the Order of Isabel la Católica, a Spanish civil order. Currently, he serves on the board of the International Foundation for Electoral Systems (IFES), the Western NIS Enterprise Fund (WNISEF), Spirit of America, and the Ashesi University Foundation. Mr. Runde is a member of the Council on Foreign Relations and the Bretton Woods Committee. He is also a columnist for The Hill and hosts a CSIS podcast series, Building the Future: Freedom, Prosperity, & Foreign Policy with Dan Runde. Mr. Runde is also the author of the book The American Imperative: Reclaiming Global Leadership through Soft Power (Bombardier Books, 2022). He previously chaired two U.S. government advisory committees: the Advisory Committee on Voluntary Foreign Aid at USAID and the Sub-Saharan Africa Advisory Committee at the U.S. EXIM Bank. Fluent in Spanish, he graduated cum laude from Dartmouth College and holds a master's in public policy from Harvard University. About: The Information Professionals Association (IPA) is a non-profit organization dedicated to exploring the role of information activities, such as influence and cognitive security, within the national security sector and helping to bridge the divide between operations and research. Its goal is to increase interdisciplinary collaboration between scholars and practitioners and policymakers with an interest in this domain. For more information, please contact us at communications@information-professionals.org. Or, connect directly with The Cognitive Crucible podcast host, John Bicknell, on LinkedIn. Disclosure: As an Amazon Associate, 1) IPA earns from qualifying purchases, 2) IPA gets commissions for purchases made through links in this post.

Sean was joined by Elliot Golding of McDermott Will & Emery to discuss all things HIPAA Privacy and Security, Information Blocking, and a few more critical aspects of cybersecurity! This episode is a must for all medical practices, hospitals and health systems to ensure your compliance with the ever-changing landscape! Elliot is Sean's go-to when it comes to Data Privacy and Cybersecurity! About Elliot Golding: Elliot Golding (CIPP/US) is a partner in McDermott Will & Emery's Data Privacy and Cybersecurity Practice. Elliot provides business-oriented privacy and cybersecurity advice to a wide range of clients, with a focus on health care/life sciences, technology (including "digital health"), ecommerce, financial, and other sectors that frequently handle personal information. His practical approach helps clients balance legal risk with business needs, particularly relating to innovative issues such as “digital health” technologies, the Internet of Things, data monetization, online advertising technology, big data and Artificial Intelligence/Machine Learning tools (particularly in the health research context). He has extensive experience helping clients navigate the patchwork of evolving legal standards and best practices, including:--Federal laws, such as HIPAA/HITECH, Information Blocking and Interoperability Rules, 42 CFR Part 2, GLBA, COPPA, health research rules, marketing rules (TCPA, CANSPAM, etc.), --US state laws, such as CCPA (and for coming laws in CA, CO, VA, CT, and UH), CMIA, CalFIPA, laws governing sensitive health and financial information, and state laws governing security and breach notification--industry standards (such as DAA/NAI self-regulatory principles, PCI-DSS, and security standards (such as NIST and ISO). Elliot has also handled hundreds of breaches and security incidents through all aspects of investigation, notification, remediation and engagement with regulators. He has received awards for his expertise from numerous publications, including Bloomberg and Global Data Review. Elliot also chairs several American Bar Association committees including the Privacy, Security and Emerging Technology Division; E-Privacy Law Committee, and Biotechnology, Healthcare Technology, and Medical Device Committee.

AI Security Podcast -  ChatGPT and other Generative AI use Large Language Model (LLM) but can these AI systems be attacked? ☠