Keep your digital workplace safe by taking four simple steps. Encourage employees to do the same. #SecureOurWorld has broken down each one into simple steps. Learn more here ->https://go.dhs.gov/3P8
Those are essential and make sense steps. Some companies train employees to recognize phishing attacks by occasionally introducing fake phishing e-mails. Employees get recognized for reporting these e-mails to IT.
Thanks for sharing👍☺️
The NEW #PSA has launched! “WE CAN SECURE OUR WORLD” teaches 4 easy ways to stay safe online. Check it out and share with your team.
“After retiring from the military, I was ready for a new chapter, but wanted to continue my service to the Nation. With CISA, I found a premier organization that gives me the opportunity to continue to serve, albeit in a different capacity. “What I like most about CISA is having a supervisor who supports work/life balance and encourages professional development. I also enjoy working with team members whose knowledge and expertise motivates me to learn more, as well as the daily challenges to build our organization with talented personnel.” Rich Brumfield, Administrative Specialist
With the Federal Bureau of Investigation (FBI), we published a Secure by Design Alert, Eliminating OS Command Injection Vulnerabilities to Compromise Systems, urging software manufacturers to design and develop software that ensures proper validation or sanitization of user input. In recent incidents, unauthenticated threat actors compromised users and remotely executed code by exploiting command injection defects in network edge devices (CVE-2024-20399, CVE-2024-3400, CVE-2024-21887). Technology manufacturer leaders should develop products that are secure by design which can reasonably protect against malicious cyber actors exploiting the most common and dangerous classes of product defects. Software manufacturers and customers are encouraged to read the alert and implement recommended actions. https://go.dhs.gov/3ex
Security risks from memory unsafe languages are the most dangerous class of vulnerabilities in software today, according to a report on Memory Safety in Critical Open Source Projects – Learn how more than half of critical open source projects contain code written in a memory-unsafe language: https://lnkd.in/gSe7Gkf6
Don’t miss out on the next Implementing the National Emergency Communications Plan (NECP) Webinar on Wednesday, July 24th at 1 PM ET. 🔍 Join us to explore how leveraging insights from large national surveys like the SAFECOM Nationwide Survey #SNS help #PublicSafety and #EmergencyCommunications entities better understand the changing dynamics of emergency communications and align their strategies with broader national goals. Don't miss out on this informative event. For more information, visit: cisa.gov/necp-webinars 🌐🔒
We are nearing our all-time record for registrations for one of our #chemicalsecuirity events. Register now to help push us over the top and join us tomorrow at 10 am ET (7 am PT) as we kick off the 2024 Chemical Security Seminars: https://lnkd.in/gJXSTnB9.
Kevin can’t relax with his family until he makes sure things are secure at the office. His first item of business is requiring his staff to use strong passwords on all their apps—and a password manager to remember them by. Fortunately, everything he needs to know is on our website at https://lnkd.in/g-nq6NB3
Now is the time to make sure that AI is built #SecureByDesign. Thanks EDGE24 for hosting us today! Learn more about our AI work at cisa.gov/ai
Exciting panel discussion on security and operationalized AI featuring Sunil Madhugiri, CTO, Office of the Assistant Commisioner, U.S. Customs and Border Protection and Brandon Wales, Executive Director Cybersecurity and Infrastructure Security Agency in. The session was expertly moderated by Jay Meil , Chief Data Scientist and Director of Strategy, Artificial Intelligence at SAIC #AI #Security #OperationalAI #TechLeadership #Innovation #DataScience #CyberSecurity #AIinGovernment
With Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other U.S. and international partners, we published a joint advisory that outlines activity and tradecraft of a state-sponsored cyber group associated with the PRC Ministry of State Security. It is based on current, shared understanding of advanced persistent threat group, APT 40, and recent ASD’s ACSC incident response investigations. https://go.dhs.gov/3mu APT 40 demonstrates agility in quickly using public exploit proofs of concept (POCs) to target networks of interest, conducts regular reconnaissance against networks of interest, and exploits rapidly new public vulnerabilities in widely used software. To help cybersecurity practitioners identify, prevent and remediate APT 40 intrusions against their own networks, the advisory provides a couple significant case studies of this adversary’s malicious activity against victim network. Recommended mitigations to reduce risk to being compromised by similar activity include comprehensive and historical logging information, prioritize patching for all internet exposed devices and services, and segment networks to limit or block lateral movement. https://go.dhs.gov/3mu
Tune into our next CISA Live! to hear CISA Deputy Director Natarajan, HHS Deputy Director of ASPR’s Office of Preparedness Brian Mazanec, and HHS Director of ASPR’s Critical Infrastructure Protection Office Commander TJ Christl discuss current cyber threats to the healthcare and public health sector and tools and resources available to help prevent, mitigate, and recover from cyber incidents. They will also answer live audience questions Wednesday, July 17 at 11:30 AM EDT. Register here: https://lnkd.in/ga99TRD2
A timely reminder! Scammers never take a break. Implementing these four simple steps can significantly boost your digital workplace safety. Encourage your team to stay vigilant and secure.