Southern Risk Council - Cybersecurity Update 10-9-13

•Download as PPTX, PDF•

2 likes•1,311 views

The document summarizes recent cybersecurity activities and initiatives from the federal government and private sector. It discusses the Cybersecurity Framework being developed by NIST, the Executive Order on cybersecurity critical infrastructure signed by the President, and incentives for voluntary adoption of the framework. It also provides an overview of the communications and other critical infrastructure sectors and a timeline of upcoming cybersecurity events.

Technology Economy & Finance

CYBERSECURITY
UPDATE
October 9, 2013
Southern Risk Council

The Cybersecurity Activity in Washington
• Cybersecurity Framework
• DHS Integrated Task Force
• Regulators (e.g. FCC CSRIC)
• Possible Legislation

DHS Critical Infrastructure Sectors
Communications Sub-sectors:
• Cable
• Wireless
• Wireline
• Satellite
• Broadcast

Executive Order on Cybersecurity
• President signed an Executive Order and Presidential Policy Directive on
February 12, 2013 to Improve Critical Infrastructure Cybersecurity
• “Critical Infrastructure” is defined as “systems and assets, whether
physical or virtual, so vital to the US” that their incapacity or destruction
would have debilitating impact on:
• Security,
• National economic security,
• Public health or safety
• Key Parts
• Cybersecurity Information Sharing (AG, DHS, and DNI, section 4)
• Privacy and Civil Liberties Protections (DHS, section 5)
• Develop Baseline Framework to Reduce Cyber Risk to Critical Infrastructure
(NIST, section 7)
• Voluntary program to support adoption (DHS, section 8)
• “Procurement requirements related to cybersecurity”
• Identification of Critical Infrastructure at Greatest Risk (DHS, section 9)
• Agency review and report on existing regulatory requirements and authority to
establish new framework-based requirements (section 10)

How the Framework has been Developed
5th Framework Workshop – November 14-15
EO 13,636 and PPD-21 – February 12, 2013

The Cybersecurity Framework
Cybersecurity
Risk
Management
Identify
Protect
DetectRespond
Recover
Prioritized Flexible Repeatable Performance
based
Cost
Effective
Basic Cyber Hygiene

DHS Voluntary Cybersecurity Program
Voluntary
Adoption
ProgramIncentives
Implementation
Guidance
Promote
Participation
Adopters

White House on Cybersecurity Incentives
The departments of Homeland Security, Commerce and Treasury identified
8 incentives the federal government could use to encourage the nation's critical
infrastructure owners to adopt voluntarily the cybersecurity framework being
developed under the auspices of the National Institute of Standards and Technology.
The eight incentives are:
1. Cybersecurity insurance,
2. Grants,
3. Process preferences,
4. Liability limitation,
5. Streamlined regulations,
6. Public recognition,
7. Rate recovery for price-regulated industries and
8. Cybersecurity research.
Incentives would help nation's critical infrastructure operators adopt voluntary
framework.

Cybersecurity Timeline
Publication
of
Preliminary
Framework
5th NIST
Workshop
End of 45 Day
Comment
Period on
Preliminary
Framework
Publication of
Final
Framework
FCC CSRIC IV
Commences
Regulatory
Requirements
Sufficiency
Analysis
Framework
Effectiveness
Assessment

Thanks
Phil Agcaoili
Chief Information Security Officer, Cox Communications, Inc.
Co-Chair, Communications Sector Coordinating Council (CSCC),
Cybersecurity Committee – Technical Sub-Committee
Member, Communications Information Sharing and Analysis Center (ISAC)
Co-Chair, FCC CSRIC IV, WG 4 (Cybersecurity Best Practices)
Co-Founder & Board Member, Southern CISO Security Council
Distinguished Fellow and Fellows Chairman, Ponemon Institute
Founding Member, Cloud Security Alliance (CSA)
Inventor & Co-Author, CSA Cloud Controls Matrix, GRC Stack,
Security, Trust and Assurance Registry (STAR), and
CSA Open Certification Framework (OCF)
@hacksec
https://www.linkedin.com/in/philA

Short description: In this webinar, we will be exploring the current trends, predictions and other things of relevance to GDPR enforcement. Further, we will touch on the big fines such as Facebook, Google, Experian as well as guide you how to stay out of trouble with the regulation. Main points covered: • A summary of ICO enforcement action in the UK over the past 12 months • What organizations got wrong? • The big fines – Facebook and Experian • Trends and predictions • How to keep out of trouble with the regulator Presenter: Our presenter for this webinar, James Castro-Edwards is a partner and Head of Data Protection at Wedlake Bell LLP. James advises domestic and multinational organizations on data protection issues. His experience includes managing global data protection compliance projects for multinationals and advising domestic companies on complex data protection issues. He has also developed and delivered innovative data protection training programs for multinational clients, including a data protection officers’ training course which was accredited by a European government. James leads the firm’s outsourced data protection officer service, ProDPO. James frequently speaks on data protection and cybersecurity issues and is widely published, having written articles for a wide variety of titles including The Times and The Guardian, and wrote The Law Society textbook on the General Data Protection Regulation (GDPR). Recorded Webinar: https://youtu.be/QAF1XXTBFyg

mit data vr jan17Patrick McCormick

Capstone Final PresentationKartik Uppal

www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-thatAnthony Heywood

The Data Privacy Paradox

Mick Yates

A presentation for the XTEND Network London, February 7th, 2017 http://www.theexecutivenetwork.org.uk/event-tuesday-7th-february-2017/ We are all skeptical of how businesses and Government use our personal data. Yet, every one of us demands personalised services, which can only be provided if we relinquish our hold over our data. You call a customer service helpline, you expect the agent to know you and the details of your account. If you get offers from retailers, you expect them to be relevant. This is the ‘Data Privacy Paradox’. The talk is for anyone with an interest in the pervasive use of personal information today, in business, government and socially – and who wants to know what to do. The audience will get a clear view of what Big Data is, how it is used, and how to think about data privacy issues. Mick will then provide very practical thoughts on dealing positively with the Privacy Paradox, to help get better business results

Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™

Intralinks

Why shaWHY SHARE CYBER THREAT INFORMATIONre cyber threat information

mikeecholscyber

Cyber threat information sharing is essential to thwarting successful hacks and minimizing consequences should a breach occur. For many years large organizations have had opportunities to work with the Department of Homeland Security (DHS) to share indicators of compromise to ensure the protection of critical infrastructure and major business entities. https://mikeechols.com/why-share-cyber-threat-information

Internet Society (ISOC Uk England) Webinar on User Trust

Ansgar Koene

PIPL - Steady Growth & Asset Monetization

Dr. Sanjeev B Ahuja

Building A Cloud-Ready Security Program

NetIQ

NIST Updates Federal Supply Chain Risk Management Practices Guide

childlikeegg1000

NIST Updates Federal Supply Chain Risk Management Practices Guide

unevendock6891

Internet of Things and Governance

Kate Carruthers

Industrial Control Cybersecurity USA Cyber Senate conference

James Nesbitt

SARoNGS project (Jens Jensen)

JISC.AM

"Legal implementation barriers of privacy-preserving technologies" eLAW prese...

e-SIDES.eu

CWIN17 New-York / earning the currency of trust

Capgemini

Digital Marketing and your startup

Kate Carruthers

Is 2014 the year for Cyber Militias ?

David Sweigert

Is 2014 the year for Cyber Militias ? Examination of the Congressional mandate for the Pentagon to address the use of cyber militias in responding to cyber warfare. Is a network breach and act of war? Cybersecurity Description: Protecting against damage to, unauthorized use of, and/or malicious exploitation of (and, if needed, the restoration of) electronic communications systems and services (and the information contained therein). Cybersecurity activities ensure the security, reliability, integrity, and availability of critical information, records, and communications systems and services through collaborative cybersecurity initiatives and efforts. These activities also include procedures to detect malicious activity and to conduct technical and investigative-based countermeasures, mitigation activities, and operations against malicious actors to counter existing and emerging cyber-based threats, consistent with established protocols.

International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...

APNIC

Infowarcon 2014 ME Cyber wars v13

Jorge Sebastiao

What's hot

The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...

Sonia Usih, PMP, MCPM, BSc.

How to keep out of trouble with GDPR: The case of Facebook, Google and Experian

PECB

mit data vr jan17Patrick McCormick

Capstone Final PresentationKartik Uppal

www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-thatAnthony Heywood

The Data Privacy Paradox

Mick Yates

Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™

Intralinks

Why shaWHY SHARE CYBER THREAT INFORMATIONre cyber threat information

mikeecholscyber

Internet Society (ISOC Uk England) Webinar on User Trust

Ansgar Koene

PIPL - Steady Growth & Asset Monetization

Dr. Sanjeev B Ahuja

Building A Cloud-Ready Security Program

NetIQ

NIST Updates Federal Supply Chain Risk Management Practices Guide

childlikeegg1000

NIST Updates Federal Supply Chain Risk Management Practices Guide

unevendock6891

Internet of Things and Governance

Kate Carruthers

Industrial Control Cybersecurity USA Cyber Senate conference

James Nesbitt

SARoNGS project (Jens Jensen)

JISC.AM

"Legal implementation barriers of privacy-preserving technologies" eLAW prese...

e-SIDES.eu

CWIN17 New-York / earning the currency of trust

Capgemini

Digital Marketing and your startup

Kate Carruthers

Is 2014 the year for Cyber Militias ?

David Sweigert

What's hot (20)

The National Security Agency (NSA) -- PRISM Surveillance System _Not a Surpri...

How to keep out of trouble with GDPR: The case of Facebook, Google and Experian

mit data vr jan17

Capstone Final Presentation

www_infosecurity-magazine_com_news_rhode-island-sets-up-cybersecurity-team-that

The Data Privacy Paradox

Direct Edge and BATS Global Markets Trusts Intralinks Dealspace™

Why shaWHY SHARE CYBER THREAT INFORMATIONre cyber threat information

Internet Society (ISOC Uk England) Webinar on User Trust

PIPL - Steady Growth & Asset Monetization

Building A Cloud-Ready Security Program

NIST Updates Federal Supply Chain Risk Management Practices Guide

Internet of Things and Governance

Industrial Control Cybersecurity USA Cyber Senate conference

SARoNGS project (Jens Jensen)

"Legal implementation barriers of privacy-preserving technologies" eLAW prese...

CWIN17 New-York / earning the currency of trust

Digital Marketing and your startup

Is 2014 the year for Cyber Militias ?

Viewers also liked

International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...

APNIC

Infowarcon 2014 ME Cyber wars v13

Jorge Sebastiao

2.5 use of ict in publishingMomina Mateen

Critical Infrastructure and Cyber Sec in Transportation Sector

European Services Institute

ICT Roles in Media Print Industry

Richardus Indrajit

Why EA's must drive cloud strategyMike Walker

Takaful Presentation Full

Mohd Shahrulnizam Hamid

DHS ICS Security Presentation

guest85a34f

Viewers also liked (8)

International Collaboration for Regional Cybersecurity Risk, by Yurie Ito [AP...

Infowarcon 2014 ME Cyber wars v13

2.5 use of ict in publishing

Critical Infrastructure and Cyber Sec in Transportation Sector

ICT Roles in Media Print Industry

Why EA's must drive cloud strategy

Takaful Presentation Full

DHS ICS Security Presentation

Similar to Southern Risk Council - Cybersecurity Update 10-9-13

Open Source and Cyber Security: Open Source Software's Role in Government Cyb...

Great Wide Open

Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...

Government Technology and Services Coalition

Government Technology & Services Coalition & InfraGard NCR's Program: Cyber Security: Securing the Federal Cyber Domain by Strengthening Public-Private Partnership Presentation: How do we Strengthen the Public-Private Partnership to Mitigate and Minimize the Damage: Improving Cybersecurity and Resilience Through Acquisition Presenter: Emile Monette, Senior Advisor for Cybersecurity, GSA, Office of Mission Assurance Description: How do we approach deliberate attacks against Federal contractors who handle and have access to massive amounts of sensitive and confidential data and information? From the increasing Insider threat to state-sponsored attacks, how can the Federal government partner more effectively with the private sector to detect and mitigate these attacks?

NIST article I wroteLisa LaForge, JD, CIPP/E, CIPM

Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...

John Hamilton, DAHC,EHC,CFDAI, CPP, PSPO

Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA

GovCloud Network

When the government purchases products or services with inadequate in-built “cybersecurity,” the risks created persist throughout the lifespan of the item purchased. The lasting effect of inadequate cybersecurity in acquired items is part of what makes acquisition reform so important to achieving cybersecurity and resiliency. Currently, government and contractors use varied and nonstandard practices, which make it difficult to consistently manage and measure acquisition cyber risks across different organizations. Meanwhile, due to the growing sophistication and complexity of ICT and the global ICT supply chains, federal agency information systems are increasingly at risk of compromise, and agencies need guidance to help manage ICT supply chain risks

TALK Public Policy 2022

Dawn Yankeelov

The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...

Cohesive Networks

Comprehensive U.S. Cyber Framework Final Report

Landon Harrell

This project is a product of the Class of 2019 Bush School of Government and Public Service, Texas A&M University Capstone Program. The project lasted one academic year and involved eight second-year master students. It intends to synthesize and provide clarity in the realm of issues pertaining to U.S. Internet Protocol Space by demonstrating natural partnerships and recommendations for existing cyber incident response. The project was produced at the request of PointStream Inc., a private cybersecurity contractor.

Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM

Hector Del Castillo, CPM, CPMM

I want to thank everyone who attended this presentation at AFCOM Data Center World Fall 2011 in Orlando, FL. Studies show the number of data centers deploying virtual cloud computing will rapidly increase in the next five years. Other studies show that the number of Internet attacks and their level of sophistication will also grow significantly. This session identifies approaches to reduce the risk of business disruptions resulting from inadequate virtual security controls in a data center. It will cover utilizing best practices for security configurations, measuring information security status, and making rational decisions about security investments. Connect with me if you have any questions or need additional information. Please favorite this if you like it. I look forward to seeing you again soon. Regards, Hector Del Castillo http://linkd.in/hdelcastillo

Key Cyber Security Issues for Government Contractors

Government Technology and Services Coalition

Dickstein Shapiro LLP and the Government Technology & Services Coalition (GTSC) held a webcast, “Key Cybersecurity Issues for Government Contractors” on Thursday, October 3, 2013. This interactive program, of particular interest to government contractor compliance officers, CIOs, CISOs, General Counsel, and any other C-suite members, discussed how the federal government is planning on fundamentally altering its acquisition policies to make the cybersecurity of its contractors a top priority. The discussion included: - Proposed Federal Acquisitions Regulation (FAR) changes relating to President Obama’s Cybersecurity Executive Order; - Planned changes to procurement requirements based on independent agency actions; - Congressionally mandated cybersecurity requirements; and Ways contractors can prepare for these changes. To view the webinar, visit:

OEB Cyber Security Framework

Norbi Hegedus

CSO Magazine Confab 2013 Atlanta - Cyber Security

Phil Agcaoili

DFARS & CMMC Overview

Ignyte Assurance Platform

Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...

DaveNjoga1

Cybersecurity and Data Privacy Update

WilmerHale

From the FinTech Webinar Series. Explores: 1. Recent Federal Cybersecurity Developments: Executive Order, NIST Standards, Information-Sharing, Legislation 2. Privacy and Security Issues in Cloud Computing Contracts 3. International Privacy and Transferring Data Across Borders 4. Mobile Devices and Mobile Apps 5. Workplace and Corporate Governance Developments 6. The FTC’s New Rules Concerning Children’s Privacy

The Cybersecurity Executive Order

Booz Allen Hamilton

We are optimistic that the United States can strengthen critical infrastructure cybersecurity through a government-industry partnership that builds a robust Cybersecurity Framework, shares threat data, and collaborates on achieving national cyber goals. Although we don’t discount the challenges of bringing together such large and diverse groups of stakeholders, we believe that emerging cyber technologies and capabilities have created opportunities for success that did not exist 15 years ago when government first initiated "whole of government" efforts similar to the Executive Order.

Cyber-insurance and liability caps proposed as incentives by Department of Co...

David Sweigert

It is important to note that while the incentives study was required within 120 days of the date of EO 13636, the preliminary version of the Framework is required within 240 days of the date of EO 13636. In addition, DHS will be establishing a voluntary program to support Framework adoption within 365 days of the signing of EO 13636. This report is limited by the current understanding of what the Framework will entail and would benefit from more specifics to inform the analysis and recommendation of the incentives designed for promoting its adoption. For example, knowledge of the Framework would allow the cost of Framework adoption to be quantified. Since the Framework is still under development, this was not possible, and so the incentives considered were evaluated at a more general level with the understanding that the analysis would be updated as needed as the Framework is developed. Since the Framework is still in development at the time of this writing, the incentives that are intended to promote its adoption were assessed prospectively, in terms of the likelihood that they will motivate organizations to adopt the Framework in the future. It is expected that the most effective incentives will not only promote adoption of the Framework.

Securing Fintech: Threats, Challenges & Best Practices

Ulf Mattsson

Cyber attacks have increased in frequency and severity, and financial institutions are particularly interesting targets to cyber criminals. Join this presentation to learn the latest cybersecurity threats and challenges plaguing the financial industry, and the policies and solutions your organization needs to have in place to protect against them. Viewers will learn: • Current trends in Cyber attacks • FFIEC Cyber Assessment Toolkit • NIST Cybersecurity Framework principles • Security Metrics • Oversight of third parties • How to measure cybersecurity preparedness • Automated approaches to integrate Security into DevOps About the Presenter: Ulf Mattsson is the Chief Technology Officer of Security Solutions at Atlantic BT, and earlier at Compliance Engineering. Ulf was the Chief Technology Officer and a founder of Protegrity, He invented the Protegrity Vaultless Tokenization, Data Type Preservation (DTP2) and created the initial architecture of Protegrity's database security technology. Prior to Protegrity, Ulf worked 20 years at IBM in software development and in IBM's Research organization, in the areas of IT Architecture and Security, and received a US Green Card of class ‘EB 11 – Individual of Extraordinary Ability’ after endorsement by IBM. Ulf is the inventor of more than 45 patents in the areas of Encryption, Policy Driven Data Encryption, Internal Threat Protection, Data Usage Control and Intrusion Prevention

070614F-ISOAPresentation.ppt

vikramjeet57

FED GOV CON - Cybersecurity Compliance Under The FAR

JSchaus & Associates

Similar to Southern Risk Council - Cybersecurity Update 10-9-13 (20)

Open Source and Cyber Security: Open Source Software's Role in Government Cyb...

Emile Monette: How do we Strengthen the Public-Private Partnership to Mitigat...

NIST article I wrote

Ncma saguaro cyber security 2016 law & regulations asis phoenix dely fina...

Improving Cybersecurity and Resilience Through Acquisition Emile Monette GSA

TALK Public Policy 2022

The Chicago School of Cybersecurity: A Pragmatic Look at the NIST Cybersecuri...

Comprehensive U.S. Cyber Framework Final Report

Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM

Key Cyber Security Issues for Government Contractors

OEB Cyber Security Framework

CSO Magazine Confab 2013 Atlanta - Cyber Security

DFARS & CMMC Overview

Critical Information Infrastructure Cyberspace Situational Awareness_Measure ...

Cybersecurity and Data Privacy Update

The Cybersecurity Executive Order

Cyber-insurance and liability caps proposed as incentives by Department of Co...

Securing Fintech: Threats, Challenges & Best Practices

070614F-ISOAPresentation.ppt

FED GOV CON - Cybersecurity Compliance Under The FAR

Recently uploaded

Knowledge engineering: from people to machines and back

Elena Simperl

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Sri Ambati

Connector Corner: Automate dynamic content and events by pushing a button

DianaGray10

Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to: Create a campaign using Mailchimp with merge tags/fields Send an interactive Slack channel message (using buttons) Have the message received by managers and peers along with a test email for review But there’s more: In a second workflow supporting the same use case, you’ll see: Your campaign sent to target colleagues for approval If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team But—if the “Reject” button is pushed, colleagues will be alerted via Slack message Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors. And... Speakers: Akshay Agnihotri, Product Manager Charlie Greenberg, Host

JMeter webinar - integration with InfluxDB and Grafana

RTTS

Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application. In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics. Length: 30 minutes Session Overview ------------------------------------------- During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana: - What out-of-the-box solutions are available for real-time monitoring JMeter tests? - What are the benefits of integrating InfluxDB and Grafana into the load testing stack? - Which features are provided by Grafana? - Demonstration of InfluxDB and Grafana using a practice web application To view the webinar recording, go to: https://www.rttsweb.com/jmeter-integration-webinar

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Thierry Lestable

Generating a custom Ruby SDK for your web service or Rails API using Smithy

g2nightmarescribd

Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.

When stars align: studies in data quality, knowledge graphs, and machine lear...

Elena Simperl

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

FIDO Alliance

The Future of Platform Engineering

Jemma Hussein Allen

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

Jeffrey Haguewood

Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows. We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases. This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams. Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.

GraphRAG is All You need? LLM & Knowledge Graph

Guy Korland

Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs. 1. Unifying Large Language Models and Knowledge Graphs: A Roadmap. https://arxiv.org/abs/2306.08302 2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs: https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Ramesh Iyer

In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.

Accelerate your Kubernetes clusters with Varnish Caching

Thijs Feryn

UiPath Test Automation using UiPath Test Suite series, part 4

DianaGray10

Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap. The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies. Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques What will you get from this session? 1. Insights into SAP testing best practices 2. Heatmap utilization for testing 3. Optimization of testing processes 4. Demo Topics covered: Execution from the test manager Orchestrator execution result Defect reporting SAP heatmap example with demo Speaker: Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

Inflectra

In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring. Learn about: • The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks. • Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective. • Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification. • Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process. Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

FIDO Alliance

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

BookNet Canada

The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more. Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/ Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

Paul Groth

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

James Anderson

Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management. The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM). Speakers: Bob Boule Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle. Gopinath Rebala Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Product School

Recently uploaded (20)

Knowledge engineering: from people to machines and back

GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...

Connector Corner: Automate dynamic content and events by pushing a button

JMeter webinar - integration with InfluxDB and Grafana

Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...

Generating a custom Ruby SDK for your web service or Rails API using Smithy

When stars align: studies in data quality, knowledge graphs, and machine lear...

FIDO Alliance Osaka Seminar: FIDO Security Aspects.pdf

The Future of Platform Engineering

Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...

GraphRAG is All You need? LLM & Knowledge Graph

Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...

Accelerate your Kubernetes clusters with Varnish Caching

UiPath Test Automation using UiPath Test Suite series, part 4

Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered Quality

FIDO Alliance Osaka Seminar: The WebAuthn API and Discoverable Credentials.pdf

Transcript: Selling digital books in 2024: Insights from industry leaders - T...

To Graph or Not to Graph Knowledge Graph Architectures and LLMs

GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...

Mission to Decommission: Importance of Decommissioning Products to Increase E...

Southern Risk Council - Cybersecurity Update 10-9-13

1. CYBERSECURITY UPDATE October 9, 2013 Southern Risk Council

2. The Cybersecurity Activity in Washington • Cybersecurity Framework • DHS Integrated Task Force • Regulators (e.g. FCC CSRIC) • Possible Legislation

3. DHS Critical Infrastructure Sectors Communications Sub-sectors: • Cable • Wireless • Wireline • Satellite • Broadcast

4. Executive Order on Cybersecurity • President signed an Executive Order and Presidential Policy Directive on February 12, 2013 to Improve Critical Infrastructure Cybersecurity • “Critical Infrastructure” is defined as “systems and assets, whether physical or virtual, so vital to the US” that their incapacity or destruction would have debilitating impact on: • Security, • National economic security, • Public health or safety • Key Parts • Cybersecurity Information Sharing (AG, DHS, and DNI, section 4) • Privacy and Civil Liberties Protections (DHS, section 5) • Develop Baseline Framework to Reduce Cyber Risk to Critical Infrastructure (NIST, section 7) • Voluntary program to support adoption (DHS, section 8) • “Procurement requirements related to cybersecurity” • Identification of Critical Infrastructure at Greatest Risk (DHS, section 9) • Agency review and report on existing regulatory requirements and authority to establish new framework-based requirements (section 10)

5. How the Framework has been Developed 5th Framework Workshop – November 14-15 EO 13,636 and PPD-21 – February 12, 2013

6. The Cybersecurity Framework Cybersecurity Risk Management Identify Protect DetectRespond Recover Prioritized Flexible Repeatable Performance based Cost Effective Basic Cyber Hygiene

7. DHS Voluntary Cybersecurity Program Voluntary Adoption ProgramIncentives Implementation Guidance Promote Participation Adopters

8. White House on Cybersecurity Incentives The departments of Homeland Security, Commerce and Treasury identified 8 incentives the federal government could use to encourage the nation's critical infrastructure owners to adopt voluntarily the cybersecurity framework being developed under the auspices of the National Institute of Standards and Technology. The eight incentives are: 1. Cybersecurity insurance, 2. Grants, 3. Process preferences, 4. Liability limitation, 5. Streamlined regulations, 6. Public recognition, 7. Rate recovery for price-regulated industries and 8. Cybersecurity research. Incentives would help nation's critical infrastructure operators adopt voluntary framework.

9. Cybersecurity Timeline Publication of Preliminary Framework 5th NIST Workshop End of 45 Day Comment Period on Preliminary Framework Publication of Final Framework FCC CSRIC IV Commences Regulatory Requirements Sufficiency Analysis Framework Effectiveness Assessment

10. Thanks Phil Agcaoili Chief Information Security Officer, Cox Communications, Inc. Co-Chair, Communications Sector Coordinating Council (CSCC), Cybersecurity Committee – Technical Sub-Committee Member, Communications Information Sharing and Analysis Center (ISAC) Co-Chair, FCC CSRIC IV, WG 4 (Cybersecurity Best Practices) Co-Founder & Board Member, Southern CISO Security Council Distinguished Fellow and Fellows Chairman, Ponemon Institute Founding Member, Cloud Security Alliance (CSA) Inventor & Co-Author, CSA Cloud Controls Matrix, GRC Stack, Security, Trust and Assurance Registry (STAR), and CSA Open Certification Framework (OCF) @hacksec https://www.linkedin.com/in/philA

11. CYBER INSURANCE Section 2

Southern Risk Council - Cybersecurity Update 10-9-13

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (8)

Similar to Southern Risk Council - Cybersecurity Update 10-9-13

Similar to Southern Risk Council - Cybersecurity Update 10-9-13 (20)

More from Phil Agcaoili

More from Phil Agcaoili (20)

Recently uploaded

Recently uploaded (20)

Southern Risk Council - Cybersecurity Update 10-9-13