Now is a really good time to think about what information your company should have connected to the Internet.
Yesterday was a better time. Last year was better still. But, now is a really good time.
#CallMeIfYouNeedMe #FIFONetworks
#DataClassification #InformationPolicy #PrivateNetworks #AI
Cybersecurity - Networks - Wireless – Telecom – VoIP
Drawing attention to just one good quote in the article: “And it also taught many of them the importance of segmenting their networks as much as possible to contain possible damage from malware infection.”
Sadly, there’s still a long ways to go before all organizations understand the importance of not only network segmentation, but also data segmentation.
About a year ago I was at a state government industry forum (I won’t name the state) where they boasted about their ambitious goal of moving everything to the cloud and centralizing all departments’ data. In one of the breakout sessions during the Q&A period, I stood up and asked, “How are you planning to address the security risks you’re creating by total centralization?” The person on the panel who took my question said that one system they could control completely was more secure than ten or twenty systems that might have varying degrees of security. I refrained from telling them that they just admitted they sucked at project management.
#CallMeIfYouNeedMe #FIFONetworks
Spring 2017 featured a pair of major enterprise and industrial malware attacks that kept me really busy, and many cybersecurity practitioners even busier. I had just started to get noticed for my cybersecurity news blogging.
My #PowerShell Summit talk with Danny Stutz is live. What's cool about our talk is that it's the first time PowerShell has been used for #datascience - at least as far as my research has shown! We analyze free text data in a zero-shot (untrained) way using #OpenAI embeddings and K-means clustering. If you don't know what that means, don't worry - we didn't either 😂 (we're not data scientists!). But we did a decent job explaining it, and the demo gods were with us that day!
https://youtu.be/XJXtxXtMIbE?si=JuuvTUxkiKkKJWev
If you're a PowerShell enthusiast, we also have many "goodies" in our code, such as wrapper functions to make installing and using #NuGet packages easier or automatically handling retries to hashtag#API calls. Check it out: https://github.com/franklesniak/AutoCategorizerPS.
If you give the talk a watch or check out our code, let us know your thoughts in the comments.
𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐁𝐞𝐬𝐭 𝐏𝐫𝐚𝐜𝐭𝐢𝐜𝐞𝐬 𝐟𝐨𝐫 𝐆𝐞𝐧𝐀𝐈 𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧𝐬 (𝐎𝐩𝐞𝐧𝐀𝐈) 𝐢𝐧 𝐀𝐳𝐮𝐫𝐞
LLM apps pose significant security challenges that need to be addressed by developers and administrators of GenAI applications. These challenges include:
➡ Protecting the confidentiality and integrity of the data used to train and query the LLMs
➡Ensuring the availability and reliability of the LLMs and their services
➡Preventing the misuse or abuse of the LLMs by malicious actors or unintended users
➡Monitoring and auditing the LLMs' outputs and behaviors for quality, accuracy, and compliance
➡Managing the ethical and social implications of the LLMs' outputs and impacts
Learn Best Practices of Security for GenAI Applications in Azure:
✔ 𝐃𝐚𝐭𝐚 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
✔𝐍𝐞𝐭𝐰𝐨𝐫𝐤 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
✔𝐀𝐜𝐜𝐞𝐬𝐬 𝐚𝐧𝐝 𝐈𝐝𝐞𝐧𝐭𝐢𝐭𝐲 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
✔𝐀𝐩𝐩𝐥𝐢𝐜𝐚𝐭𝐢𝐨𝐧 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
✔𝐆𝐨𝐯𝐞𝐫𝐧𝐚𝐧𝐜𝐞 𝐒𝐞𝐜𝐮𝐫𝐢𝐭𝐲
#llm #azure #openai #ai #azureopenai #privacy #security #api #data #network #access #identity #application #security #cybersecurity #soc #rbac #mfa #ids #monitoring #firewall #dataclassification #encryption
The Microsoft podcast "Three Steps to Master Information Governance in Your Hybrid Work Environment" discusses steps for successfully managing information in a hybrid work environment.
The three steps are
▶️data classification
▶️policy creation and enforcement
▶️compliance monitoring and reporting.
#Microsoft #InformationGovernance #DataClassification #PolicyEnforcement
This month's episode of Uncovering Hidden Risks will discuss Information Governance and the industry trends we are seeing in this space. Information governance is the overall strategy for managing information at an organization. It is a discipline that spans several markets, including data governanc...
Using the Graph API to Extract Sensitivity Labels
This article is about the use of sensitivity labels in SharePoint Online. Sensitivity Labels provide a way to classify and protect documents. By using Sensitivity Labels in SharePoint Online, organizations can improve the protection of sensitive data on their intranet and meet compliance requirements. https://bit.ly/41UHc8E
#SharePointOnline #Compliance #DataClassification #Office365 #Microsoft #CloudSecurity #Security #Practical365
A Graph API is available to extract details of the sensitivity labels assigned to SharePoint Online documents. This article explores how to extract the information from files in a document library and use it to create a report. The nice thing is that once you have the data, you can slice and dice it any way you wish in Excel, Power BI, or whatever tool you prefer.
Data protection is a critical role for security and compliance teams, and it is essential to make sure that data is secure at all times, including when it is at rest, in use, and when it leaves the organization's control. In this blog post, we will go through the three main components of a data prot...
Bob Young
Frank Lesniak
Coach Sankhavaram ®
Paco Hope
F0rm4t
Hans Brender, Mr.OneDrive
OPSEC Cybersecurity News Live
Gareth Emslie 🇿🇦 🇪🇦 🇨🇭