[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]<\/p>\n
* Breaking down the walls between IT and physical security
\n* How to Prepare for a DDOS attack
\n* What Is Data Minimization? And Why It Matters In The Age Of Big Data
\n* Taking the pulse of your information security culture
\n* How to review and test backup procedures to ensure data restoration
\n* Imperva Hacker Intelligence Initiative Report Finds Insider Threats In 100 Percent of Studied Environments
\n* Good morning. Thank you for inviting me to be the first speaker at the inaugural Incident Response Forum of the Cybersecurity Docket. I want to take a moment to underscore the importance of what you are launching here today, and that is to sponsor an event that focuses exclusively on response and re
\n* Beyond Technology: Managing the Blind Spots of Database Security
\n* Infosys : \u200bACM and Infosys Foundation Honor Innovator in Network Security Research
\n* Neustar : Security Report Shows Increased Use of Dangerous Multi-Vector DDoS Attacks Targeting Companies
\n* Healthcare industry seeks to reform its position as hacking target
\n* Ransomware: Time for a HIPAA Update?
\n* Cyber insurance rates fall with lull in major hacks
\n* Chubb adds cyber bullying coverage to U.S. home insurance policies
\n* New Portal Launched For ICS\/SCADA Threat Intelligence-Sharing Among Nations
\n* Vulnerability Spotlight: Lhasa Integer Underflow Exploit
\n* Risk and compliance largest information management drivers
\n* Machine Learning In Security: Good & Bad News About Signatures
\n* SecureWorld Boston highlights value of partnerships<\/p>\n
Breaking down the walls between IT and physical security
\nAccording to Kelsey, one of the systemic problems is that each side \u2013 physical security and cybersecurity \u2013 has been seen as less important by the other and the biggest consequence for that way thinking is increased security exposure for organizations.
\nIn their ambition to realize all of the benefits that connected technology provides, Kelsey believes there has been \u201cblindness\u201d on the part of organizations and even security professionals when it comes to attaching mission critical systems to the Internet.
\nGiven the threats organizations face today, Rosenquist believes that physical and IT security need to find common ground upon which they can both work together more efficiently to improve the overall security posture of the businesses for which they work.
\n\u201cWhat I\u2019m starting to see is the budgets are merging,\u201d Kelsey said. \u201cA lot of the fighting within organizations is because they perceive they\u2019re fighting for the same budget dollar, but as you merge those budgets\u2026 those walls start to come down.
\nI think if you push the money together, you end up getting better results.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=dfd3e3e1b1&e=20056c7556<\/p>\n
How to Prepare for a DDOS attack
\nVisibility is critical when preparing for issues in your network.
\nSNMP graphing platforms will tell you an extraordinary amount of information on volumetric attacks.
\nYou\u2019ll be able to see and (depending on the platform) sometimes even alert on anomalous bandwidth events.
\nYou\u2019ll be able to track at which port it entered your network, if it\u2019s saturating any links, and even where the attack is headed.
\nIt\u2019s surprising how many companies I\u2019ve worked with over the years that do not deploy this because it\u2019s such an easy and basic thing to implement.
\nPrimarily, you need devices that can speak SNMP, such as managed switches, routers, etc., and then you need a platform to query them.
\nSNMP certainly won\u2019t catch everything, even when the attack is volumetric.
\nWait, what.
\nYes, it\u2019s true, they\u2019re good at monitoring traffic levels, but the downside is that they only poll devices on preconfigured intervals.
\nThe most recent Global Network & Application Security Report found that 57% of cyber attacks lasted less than one hour.
\nCapacity is a tricky one, though, because how do you plan for enough capacity for a volumetric attack.
\nDo you buy another 1G link.
\nMore 10G links.
\nThere\u2019s a point where that doesn\u2019t become cost effective, and I\u2019ll discuss Radware\u2019s solutions for that at the end, but capacity is a tool that you can use to help alleviate bottlenecks.
\nYou need a tool that can detect and mitigate instantly.
\nTraditional firewalls can\u2019t do this and they can even cause an outage, as I\u2019ve shown in a previous post.
\nTo truly have complete coverage, you need a purpose-built DDoS mitigation appliance that can handle these complex attacks and can begin mitigating instantly.
\nOur award-winning DefensePro product can help you do just that.
\nThere are several ways to test your network and the attack vector doesn\u2019t necessarily matter for this.
\nEssentially, you want to go through the steps of a mock attack to see how your plan works.
\nPersonally, I believe that the best approach is to begin with detection and mitigation at the perimeter of the network.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=4047e96946&e=20056c7556<\/p>\n
What Is Data Minimization? And Why It Matters In The Age Of Big Data
\nthe European Union has recently included this in new laws of the Data Protection Act that will come into effect soon.
\nThe act says, \u201cPersonal data shall be adequate, relevant and not excessive in relation to the purpose or purposes for which they are processed.\u201d
\nThe Act doesn\u2019t define \u201cadequate, relevant and not excessive,\u201d but in effect it means collecting and holding only the minimum amount of personal data needed to fulfil your purpose.
\nThis is part of the practice known as \u201cdata minimization.\u201d
\nInstead of a \u201csave everything\u201d approach, smart data managers are now embracing a data minimization policy, keeping only what\u2019s relevant and necessary.
\nEven Walmart only relies on the previous 4 weeks of data for its day-to-day merchandising strategies.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2389c7438c&e=20056c7556<\/p>\n
Taking the pulse of your information security culture
\nSecurity culture begins at the top, with the CEO or head of the company.
\nThis person must model good security practices themselves, and speak sincerely about it at every opportunity.
\nI have been involved in many an all-hands meeting where the CEO attempted to speak sincerely on a topic while reading to a script created by marketing.
\nIt is pretty easy for the employees to see right through this.
\nThe company head must understand enough about security to really speak about it.
\nAs with the CEO, every manager must live and model good security practice.
\nTheir involvement must go deeper, however.
\nSurvey the workforce
\nTrain the workforce
\nMake security a campaign
\nReward good practices
\nBottom line — follow the right steps, and your security culture will form on its own.
\nThe reward will be a workforce focused on keeping the organization safe.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ff09593585&e=20056c7556<\/p>\n
How to review and test backup procedures to ensure data restoration
\nIn this third approach to improving information security incident response, CSO maps your route to successful backup procedure tests and reviews.
\nBy properly testing and ensuring that your backups are existent and recoverable when data disaster rears its gruesome head, you can rest in the knowledge that information security incidents that could rob your data and interrupt its use will not also leave you without your data altogether.
\nMicrosoft Technet publishes tips for testing backup and restore procedures under the heading \u201cDeveloping Backup and Restore Procedures\u201d at \u201cTesting Backup and Restore Procedures\u201d.
\nIt\u2019s important to test often enough as well as to test in a quality sort of fashion.
\nyou need a formal change management system.
\nSuch a system will ensure an awareness of change, its potential affects and consequences, and the need to prepare for these ahead of time since something could go wrong during even planned change, according to Gordon.
\nYou should use commonly occurring real life data disaster scenarios to simulate what your backups will and won\u2019t do in a crisis.
\nou need to account for instances where you might test backups and restores differently than you typically would.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=8c8a95a067&e=20056c7556<\/p>\n
Imperva Hacker Intelligence Initiative Report Finds Insider Threats In 100 Percent of Studied Environments
\nREDWOOD SHORES, Calif., March 31, 2016 (GLOBE NEWSWIRE) — Imperva, Inc. (NYSE:IMPV), committed to protecting business-critical data and applications in the cloud and on-premises, today unveiled the March Hacker Intelligence Initiative Report: \u201cInsiders: The Threat is Already Within.\u201d This new report, published by the Imperva Defense Center and based on primary research conducted by Imperva, shows that insider threat events were found in 100 percent of the studied environments and went undetected by in-place security measures.
\nBased on the studied environments and follow-on analysis, the researchers found:
\nInsider threat events were present in 100 percent of the studied environments, confirming suspicions that insider abuse of data is routinely undetected.
\nDeception technology, deployed to complement behavioral analysis, positively identified insider threats.
\nInsider threat incidents were not identified by any existing in-place security infrastructure.
\nIdentified insider threats spanned malicious, compromised and careless insiders.
\nIn most cases, insiders took advantage of granted, trusted access to data, rather than trying to directly hack in to databases and file shares.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e6646ca3a5&e=20056c7556<\/p>\n
Good morning. Thank you for inviting me to be the first speaker at the inaugural Incident Response Forum of the Cybersecurity Docket. I want to take a moment to underscore the importance of what you are launching here today, and that is to sponsor an event that focuses exclusively on response and re
\nGood morning.
\nThank you for inviting me to be the first speaker at the inaugural Incident Response Forum of the Cybersecurity Docket.
\nI want to take a moment to underscore the importance of what you are launching here today, and that is to sponsor an event that focuses exclusively on response and recovery in the event of a cyberattack.
\nSo far, the global economy and our financial infrastructure have been spared a cyber attack with far-reaching consequences to our financial system and our nation\u2019s economy.
\nHand in hand with the financial sector, as many of you know, we have discussed creating a cyber-resilient financial structure by focusing on three imperatives: First, we have discussed at length the importance of information sharing, which we emphasize is a necessary shield to attacks coming from the same IP addresses, from the same malware, from the same vectors.
\nSecond, we have discussed\u2014at length\u2014baseline protections.[2] We stay apprised of attack methods and vectors that are actually being deployed and with this forensic analysis, we derive a constantly updated set of baseline protections that we recommend that firms deploy.
\nThe third imperative is the subject of today\u2019s conference.
\nToday, under your leadership, we\u2019re going to discuss together what we can do once attacked, once intruded upon, once we are forced to perhaps shut down, to respond to the incident and then to recover from it in a way that minimizes both the short-term and long-term costs and damage.
\nThe variable that we want to minimize is time.
\nThe longer we take to respond and recover, the greater the damage to the firm, to the firm\u2019s customers, to the entire financial sector, and ultimately and possibly to the nation\u2019s economy and the global economy.
\nHow to minimize the variable of time, in the age of internet speed, is the challenge of effective response and recovery.
\nGiven the increasing number and morphing nature of cyber assaults, we must prepare for the eventuality of significant cyber incidents.
\nBy deploying the tools of preparation, coordination, and practice, the government, the financial sector, and their advisors can exponentially accelerate cyber response and can recover in a way that does not prolong the opportunity for damage\u2014damage not only to the firms that compose our nation\u2019s financial infrastructure, but also damage to the people of our country who rely on this financial infrastructure.
\nWith this preparation, if and when a significant cyber incident occurs, we will be better equipped to respond and recover with level heads, and carry on with the business of returning to normal functioning.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=86a0d44f04&e=20056c7556<\/p>\n
Beyond Technology: Managing the Blind Spots of Database Security
\nA truly effective database security program must incorporate people, process, and policy into a holistic approach customized for every company’s needs, and then be reinforced with robust security technologies.
\nThe technology is not a cure-all on its own, and the human element plays a major role in creating an effective, security program.
\nOnly when done thoroughly and effectively does this strategy provide a solid security framework for a business.
\nContinuous assessment is the first step to creating an effective database security plan.
\nYou need to know where your data resides in order for you to protect it.
\nOnce you know where your data resides, you can work to monitor it, and protect it from intruders.
\nOnce all baselines\u2014asset and human behavior alike\u2014are created, businesses can begin effectively monitoring for anomalies to enter the database.
\nEffective database security should be accurate and intuitive, scalable for a distributed architecture, customizable in its policies, comprehensive in its reports and helpful in the prioritization of issues to be addressed.
\nIt should also be layered with existing security efforts and solutions in order to provide a holistic approach to security.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=fe41e96352&e=20056c7556<\/p>\n
Infosys : \u200bACM and Infosys Foundation Honor Innovator in Network Security Research
\nNEW YORK and BANGALORE, March 30, 2016 – ACM, the Association for Computing Machinery, (www.acm.org) and the Infosys Foundation announced today that Stefan Savage from the University of California, San Diego is the recipient of the 2015 ACM-Infosys Foundation Award in the Computing Sciences.
\nHe was cited for innovative research in network security, privacy and reliability that has taught us to view attacks and attackers as elements of an integrated technological, societal and economic system.
\nSavage’s impact on the field of network security stems from the systematic approach he takes to assessing problems and combating adversaries ranging from malicious software and computer worms to distributed attacks.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d2a335d49f&e=20056c7556<\/p>\n
Neustar : Security Report Shows Increased Use of Dangerous Multi-Vector DDoS Attacks Targeting Companies
\nNeustar, Inc. (NYSE: NSR), a trusted, neutral provider of real-time information services, today released its first report from the Neustar Security Operations Center (SOC) that shares technical insights gained from the distributed denial of service (DDoS) attacks mitigated by the company in 2015.
\nOne of the most alarming trends noted in the findings is the rise of multi-vector attacks.
\nRather than just use one style of method to breach a company’s infrastructure, attackers are increasingly turning to multi-vector attacks to exhaust defenses.
\nStatistics from Neustar’sSecurity Operations Center uncovered:
\n\u2022 47 percent of all multi-vector attacks occurred in the fourth quarter
\n\u2022 17 percent of attacks involved multiple vectors
\n\u2022 57 percent of all multi-vector attacks involved reflection attacks
\nFoster calls out the following five key takeaways for CIOs:
\nDeath by a Thousand Cuts.
\nNot every attack is intended to cause an outage
\n\u2022 They Are the Most Dangerous Times of the Year.
\n\u2022 Attackers chose high-volume transaction periods \u2013 such as the tax return period and Q4 for some of their most vicious strikes.
\n\u2022 Defend your DNS.
\n\u2022 The Combat Continues.
\nDDoS attacks are inevitable.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=27b328e4c4&e=20056c7556<\/p>\n
Healthcare industry seeks to reform its position as hacking target
\nIn a heavily regulated industry like healthcare, IT security officers are not only expected to have data-security chops but also a solid background in compliance \u2014 including specific experience with HIPAA, HITECH, and PCI DSS \u2014 which isn’t easy to come by in an employment market where even newbie cybersecurity pros are being offered comfortable starting salaries.
\n\u201cWhat has changed in the past couple of years is that most entities are asking what their partners are doing to protect information,\u201d Wilkinson says.
\nTo that end, more large healthcare organizations are giving their chief information security officer a seat at the table in vendor evaluations.
\nPlus, they’re conducting more frequent and more thorough security audits and demanding that vendors and subcontractors do the same.
\nFinally, many healthcare organizations have adopted a data-centric approach to their security practices by locating and classifying their protected healthcare data and applying security controls based on those classifications.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=410bff37dd&e=20056c7556<\/p>\n
Ransomware: Time for a HIPAA Update?
\n“New cyber threats require Congress to vigilantly review and update the laws already on the books,” says Rep.
\nTed Lieu, D-Calif, in a statement provided to Information Security Media Group. “As ransomware attacks against hospitals become more frequent, it is critical for patients to know when their records are being held hostage and for the government to understand the scope of the problem.
\nI am actively exploring legislation to achieve that transparency.”
\nBut a spokesman for the Department of Health and Human Services’ Office for Civil Rights says in a statement provided to ISMG that some such attacks already are reportable under HIPAA.
\nMeanwhile, Sen.
\nLamar Alexander, R-Tenn., chairman of the Senate Committee on Health, Education, Labor and Pensions, said the attack on MedStar Health shows the need for the Department of Health and Human Services to immediately implement provisions of the Cybersecurity Information Sharing Act of 2015.
\nThe cyber legislation, the senator notes, calls for HHS to “give hospitals and doctors clear information on the best ways to prevent a hack in the first place …
\nYesterday’s attack, which, unfortunately, is not unique, shows the need for HHS to implement the law with the urgency patients and hospitals deserve.”
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b55ba7dc6b&e=20056c7556<\/p>\n
Cyber insurance rates fall with lull in major hacks
\nA lull in high-profile data breaches prompted insurers to cut cyber insurance rates for high-risk businesses such as retailers and healthcare companies during the first three months of this year, according to insurance industry brokers.
\nThe dip comes after sudden rate hikes for many firms last year in the wake of a spate of attacks on Home Depot Inc, Target Corp, Anthem Inc and others.
\nThe average price companies in high-risk industries paid for $1 million in cyber insurance coverage fell 13 percent to $18,756 in the first three months of 2016, according to broker Marsh, a unit of Marsh & McLennan Cos Inc.
\nIt said the average premium rose 28 percent last year to $21,642 for comparable buyers in industries such as retail and healthcare.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=582584d5c7&e=20056c7556<\/p>\n
Chubb adds cyber bullying coverage to U.S. home insurance policies
\nInsurer Chubb Ltd said on Wednesday it has added coverage to help U.S. victims of cyber bullying pay for costs, including mental health treatment, legal expenses and lost wages.
\nThe company said it added $60,000 of cyber bullying coverage to its U.S.
\nMasterpiece Family Protection policy, a $70-a-year add-on.
\nThe insurance already covers threats including stalking, carjacking, home invasion, air rage, hijacking and child abduction.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=5e672e01d0&e=20056c7556<\/p>\n
New Portal Launched For ICS\/SCADA Threat Intelligence-Sharing Among Nations
\nThe EWI Information Sharing Community portal is based on the Facebook At Work collaboration platform, and initially is being used for sharing threat information, best practices, lessons learned, and other information.
\nIt ultimately will be built out to share more sensitive threat intel including indicators of compromise such as malware markers or malicious IP addresses associated with an attack suffered by a power plant, for example.
\nBlask says while groups such as the ICS-ISAC are open to international members, it\u2019s still a US-based entity, so the new portal backed by EWI provides a more global connection for ICS\/SCADA operators and interests. \u201cThey are using this platform for building [online] groups and communities,\u201d he says, and ultimately, it will be built out for real-time, machine-readable threat intel feeds via the STIX (Structured Threat Information Expression) and TAXII (Trusted Automation Exchange of Indicator Information) protocols, he says.
\nPatterson, who is vice president and global security leader for Unisys, says the EWI Information Sharing Community is not technically a global ISAC or ISAO for ICS\/SCADA, but more of a place for public and private sector operators of critical infrastructure, different nations’ ISACs, and government agencies to collaborate.
\nThe ICS-ISAC has set up a registration page for the new portal.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=c52efed1ba&e=20056c7556<\/p>\n
Vulnerability Spotlight: Lhasa Integer Underflow Exploit
\nTalos is disclosing the discovery of vulnerability TALOS-2016-0095 \/ CVE-2016-2347 in the Lhasa LZH\/LHA decompression tool and library.
\nThis vulnerability is due to an integer underflow condition.
\nThe software verifies that header values are not too large, but does not check for a too small header length.
\nDecompressing a LHA or LZH file containing an under-value header size leads to the decompression software allocating a pointer to point to released memory on the heap.
\nAn attacker controlling the length and content of such a file can use the vulnerability to overwrite the heap with arbitrary code.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=2463c0712b&e=20056c7556<\/p>\n
Risk and compliance largest information management drivers
\nWhile smaller businesses use Information Management (IM) to save money and improve productivity, large businesses (44 per cent of them) do it mostly out of fear of risks and compliance.
\nThose are the results of a new study conducted by AIIM, which says that the number of large companies citing risk and compliance as the main factors behind IM rose from 38 per cent to 59 per cent in a year.
\nThe report, entitled Information Management: State of the Industry 2016, says IM \/ Enterprise Content Management (ECM) systems and Information Governance are not aligned.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d5071da6eb&e=20056c7556<\/p>\n
Machine Learning In Security: Good & Bad News About Signatures
\nWhy security teams that rely solely on signature-based detection are overwhelmed by a high number of alerts.
\nFirst in a series of two articles about the history of signature-based detections, and how the methodology has evolved to identify different types of cybersecurity threats.
\nOver the years, signature-based systems have changed and advanced, but the core concepts still lie at the heart of all modern detection systems \u2013 and will continue to be integral for the foreseeable future.
\nTo understand what a \u201csignature system\u201d is in reality, we need to understand the evolution of the detection path as directed and discovered by human intervention.
\nHistorically, the linear progression and sophistication of signature-based detection systems have been dependent upon human signature writers.
\nFor each new threat, a unique signature or signature artifact is created by a skilled engineer or security researcher.
\nThis pairing between signature and its human creator means that as the number of threats have increased, so too have the number of skilled personnel needed to develop and support the signatures that detect them.
\nFor obvious reasons, this is not a scalable business proposition \u2013 for neither the vendor or customer.
\nNew developments in machine learning \u2013 in particular supervised and unsupervised learning algorithms \u2013 are now being applied to information security and are paving the way to a new class of signature systems capable of economically scaling to the threat.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=4e3ce4b4ef&e=20056c7556<\/p>\n
SecureWorld Boston highlights value of partnerships
\nThe conference dived into cloud, IoT, network and mobile security as well as supply chain risk management and tips for defending against nearly all types of cyberthreats, but if there\u2019s one big takeaway from all the sessions at the conference, it\u2019s the importance of partnerships \u2014 both internal and external \u2014 in helping keep one\u2019s company secure and compliant in today\u2019s threat-laden enterprise.
\nIn her keynote presentation, Dawn-Marie Hutchinson stressed the importance of partnerships in incident response, explaining that forming (and nurturing) key relationships before a breach occurs is the best form of incident response.
\nShe broke down her list of important partnerships into three categories:
\nData inventory is a key component of any compliance initiative, according to Michael Corby, Executive Consultant at CGI.
\nIt helps companies stay within regulation boundaries and avoid costly investigations into their companies\u2019 data management.
\nBut a good data inventory project needs a solid team.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=918342bb54&e=20056c7556<\/p>\n
============================================================
\nFeedback, questions? Our mailing address is: dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)<\/p>\n
If you know someone else who would be interested in this Newsalert, please forwarded this email.
\nIf you want to be added to the distribution list, please click this: Subscribe to this list (http:\/\/paulgdavis.us3.list-manage.com\/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)<\/p>\n
Unsubscribe from this list (http:\/\/paulgdavis.us3.list-manage.com\/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=44a4b28800)<\/p>\n
Update subscription preferences (http:\/\/paulgdavis.us3.list-manage.com\/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] * Breaking down the walls between IT and physical security * How to Prepare for a DDOS attack * What Is Data Minimization? And Why It Matters In The Age Of Big…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-1213","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1213","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=1213"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1213\/revisions"}],"predecessor-version":[{"id":3700,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/1213\/revisions\/3700"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=1213"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=1213"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=1213"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}