Latest news with #informationsecurity

Passwork Strengthens Commitment to Security With ISO/IEC 27001:2022 Certification

Associated Press

2 days ago

Business
Associated Press

Passwork Strengthens Commitment to Security With ISO/IEC 27001:2022 Certification

BARCELONA, Spain--(BUSINESS WIRE)--Jun 19, 2025-- Passwork, a leading provider of secure password management solutions for businesses, today announced it has been awarded ISO/IEC 27001:2022 certification. This milestone affirms Passwork's robust information security management system and ongoing commitment to safeguarding sensitive data for its customers worldwide. What does ISO/IEC 27001:2022 mean for businesses ISO/IEC 27001:2022 isn't just a certificate — it's the gold standard for information security management. By earning this certification, Passwork has demonstrated that its policies, processes, and controls meet strict international requirements for: The rigorous evaluation process covered every aspect of Passwork's operations, including advanced encryption protocols, stringent access controls, regular security audits, and comprehensive employee training programs. Why it is important For IT professionals, security officers, and business leaders, this certification is more than a badge — it's a promise. It assures that Passwork adheres to the highest benchmarks for security, reliability, and transparency. With ISO/IEC 27001:2022, you can confidently trust Passwork to: Quote from leadership 'Obtaining ISO 27001 certification is a significant achievement for Passwork and a clear demonstration of our long-standing commitment to information security,' said CEO at Passwork Alex Muntyan. 'Our customers trust us to safeguard their most critical data, and this certification underscores our dedication to maintaining the highest standards in everything we do.' Certification details The ISO/IEC 27001:2022 certification is effective immediately. To view the certificate, visit this link. About Passwork Passwork provides secure, user-friendly password management solutions designed for businesses of all sizes. With a focus on data protection, usability, and seamless integration, Passwork helps organizations simplify credential management and enhance security across their operations. ISO 27001, Information Security, Certification, Passwork, Data Protection, Compliance, Risk Management, Password Management, Business Security, IT Compliance View source version on CONTACT: Gleb Smiryagin [email protected] KEYWORD: SPAIN SWITZERLAND EUROPE GERMANY AUSTRIA INDUSTRY KEYWORD: APPS/APPLICATIONS ONLINE PRIVACY TECHNOLOGY SECURITY PROFESSIONAL SERVICES BUSINESS SOFTWARE NETWORKS INTERNET DATA MANAGEMENT SOURCE: Passwork Copyright Business Wire 2025. PUB: 06/19/2025 10:28 AM/DISC: 06/19/2025 10:27 AM

RNZ News

4 days ago

RNZ News

What a 'rapid review' of police after Jevon McSkimming case will look at

Former Deputy Police Commissioner Jevon McSkimming. Photo: Getty Images An investigation into the former deputy police commissioner led to concerns that staff could bypass internal controls and "exploit vulnerabilities to access inappropriate content," documents reveal. The concerns prompted the Police Commissioner to order a "rapid review" of police's information security (INFOSEC) controls. Former deputy commissioner Jevon McSkimming resigned as the country's second most powerful cop last month amid a four-month investigation by the Independent Police Conduct Authority and police. His resignation came after Police Minister Mark Mitchell said he was recently informed of allegations of a "very serious nature", separate to the investigation that led to him being suspended. RNZ earlier revealed pornography found on McSkimming's work computer is being investigated as alleged objectionable material. He declined to comment on the allegations through his lawyer. A High Court judge earlier reserved her decision on whether the media should be allowed to report the nature of the allegedly objectionable material found. Do you know more? Email Police Commissioner Richard Chambers earlier announced he ordered a review on the day of McSkimming's resignation to ensure police had sufficiently strong controls to prevent or detect the misuse of police technology and equipment for non-work-related purposes. : Police Commissioner Richard Chambers Photo: RNZ / Nick Monro RNZ was released a copy of the terms of reference of the rapid review under the Official Information Act. The document said there were "clear expectations" that all users of Police IT systems and devices must do so appropriately. INFOSEC controls were configured to block visits to certain sites or online content which there was "generally no legitimate work-related reason to be accessing". "Recent concerns have arisen that INFOSEC controls applying to Police systems and devices could be bypassed by individuals who are able to exploit vulnerabilities to access inappropriate content, in breach of Police's acceptable use policy and our Code of Conduct. "Urgent reassurance is required that Police has sufficiently strong controls in place to prevent misuse of Police technology and equipment for non-work related purposes." Chambers had asked for a "rapid, independent assessment" of the strength of police's INFOSEC controls to "prevent police systems and devices being used to access inappropriate content". The document lists three objectives of the review, including assessing the strength and vulnerabilities of the current INFOSEC controls, identify opportunities for "new or enhanced controls", and providing advice on how to implement proactive scanning of police systems to detect potential misuse. The review would include desktop analysis of specific INFOSEC controls, control testing to identify potential "work arounds" or other weaknesses, and discussions with counterparts in other agencies such as the New Zealand Security Intelligence Service and Public Service Commission. "Although it has been commissioned against the backdrop of recent concerns prompted by an ongoing investigation, the rapid review will be conducted as a self-contained exercise and *will not* require the sharing of information about any specifics relating to the ongoing investigation." The review work would be independently conducted by a "suitably qualified and experienced provider". The rapid review was expected to be completed within two weeks with an expected 10-15 page report to be classified restricted, with a shorter 2-3 unclassified summary document also produced. Chambers told RNZ police's Executive Leadership Team (ELT) considered the findings of the rapid review at their meeting on Monday 16 June. "One of the decisions made by ELT was to task Police's Chief Information Officer to develop an action plan to respond to the review's findings, and to bring that back to ELT for further consideration. It is expected the action plan will be completed within the next month. "Police intend to make a summary of the review's findings publicly available once there has been an opportunity to brief key stakeholders." In announcing McSkimming's resignation, Police Minister Mark Mitchell said McSkimming resigned before he could be dismissed. He did not say what the allegations were. Mitchell said the Policing Act was "very clear". "A deputy commissioner of police must be a 'fit and proper' person. They are rightly held to the highest standards of conduct and this new information called into serious question Mr McSkimming's fitness for office. "When Mr McSkimming was invited to respond to these allegations he chose to resign. Mr McSkimming's resignation has confirmed my view that his continuation in the role was untenable."

Tahawul Tech

12-06-2025

Business
Tahawul Tech

CISO 50 & Future Security Awards 2025

CISO 50 Forum & Awards 2025 In today's digital landscape, the role of the Chief Information Security Officer (CISO) has evolved dramatically. No longer confined to traditional security functions, the modern-day CISO must balance business and technology demands while navigating an ever-evolving threat landscape. Understanding the new responsibilities they must undertake and stepping up to ever-growing challenges are fundamental to their success. Typically, a CISO oversees four key security pillars: security architecture and engineering, operations, cyber resilience, and regulatory and IT compliance. However, their role has expanded to include responsibilities such as risk and governance, business continuity, identity and access management (IAM), fraud prevention, and more. This broadening of scope underscores the fact that being a CISO isn't just about security—it's about integrating security within the fabric of business operations and strategy. The CISO 50 Forum & Awards brings together top enterprise IT security leaders and decision makers to recognize and celebrate outstanding achievements in cybersecurity. The 2025 edition of this prestigious forum and awards ceremony will honour those who have not only demonstrated excellence in protecting their organizations but have also driven transformative security initiatives that shape the future of cybersecurity. This is not just an event—it's a celebration of the efforts and achievements of the cybersecurity community. Join us at the CISO 50 Forum & Awards 2025 and be part of the shift towards a more secure digital world. Future Security Awards 2025 Celebrating excellence and innovation in the security industry! The security industry has always been in a never-ending race against its adversaries, but in the last few years in particular, the rate of change has accelerated. While companies continue to invest in emerging technologies such as AI and Automation to support digital transformation, adversaries have been leveraging powerful, integrated tools and capabilities with these very same technologies to cause irrevocable loss of critical data and information. The scope of the threat is growing, and no organisation is immune from catastrophic outcomes. In fact, the unfortunate reality is that even today's most sophisticated cyber controls, no matter how effective, will soon be obsolete. The Future Security Awards have been introduced keeping in mind this dynamic threat-security scenario. These awards recognise individuals, businesses, vendors distributors and resellers that have risen above challenges and delivered ground-breaking business value through innovative application of security technologies. The 2025 edition is not just an awards ceremony; it is a celebration of the relentless pursuit of excellence in cybersecurity. As threats continue to evolve and become more sophisticated, it is crucial to recognize and support the innovators who are shaping the future of digital security. Join us in celebrating the achievements and advancements that are paving the way for a safer, more secure world.

Finextra

02-06-2025

Business
Finextra

DTCC appoints Laura Deaner as chief information security officer

The Depository Trust & Clearing Corporation (DTCC), the premier post-trade market infrastructure for the global financial services industry, today announced the appointment of Laura Deaner as Chief Information Security Officer (CISO), reporting to Lynn Bishop, Chief Information Officer. 6 Deaner will be responsible for managing DTCC's enterprise-wide cyber strategies to protect the firm's information and systems as well as designing and enhancing the organization's information and cybersecurity programs and roadmaps to support DTCC business and resiliency efforts. In addition, she will continue to ensure that cyber resilience is incorporated into strategic firm initiatives, including product and technology deployments, AI-fueled innovation and cloud adoption. Deaner brings more than 25 years of leadership and expertise in information security management to DTCC, including serving the last 12 years as CISO at Northwestern Mutual, S&P Global and, before that, PR Newswire. In each of these endeavors, Deaner led major cybersecurity transformation initiatives, bringing innovative approaches, new security practices and novel security architecture and governing practices, which produced measurable increases in program maturity. Prior to that, Deaner served in roles of increasing responsibility at Morgan Stanley, JP Morgan Chase and Citigroup. Deaner has served as a Board Member with the Financial Services Information Sharing Analysis Center (FS-ISAC) since 2022 and is a NYU Tandon Cyber Fellows Advisory Council member. 'As we continue to strengthen our technology infrastructure to protect against cyber-threats, Laura's expertise and leadership will enable us to drive a more holistic program to further upgrade our defense capabilities,' said Bishop. 'Her deep experience as a CISO will be critical as we continue to implement innovative strategies and leverage new technologies to enhance our security operations and safeguard the global markets and our clients.' Deaner said, 'DTCC plays a vital role in safeguarding the global financial system, and I'm proud to contribute to that mission by advancing a resilient, adaptive and risk-aligned cybersecurity posture. This work is deeply collaborative, and I'm looking forward to partnering closely across teams to protect what matters most: trust, stability and market integrity.'

In-House Counsel File Practical Law The Journal

Reuters

01-06-2025

Business
Reuters

In-House Counsel File Practical Law The Journal

Career in Brief Experience: 2014–present: Verizon Communications Inc. (2017–present: Associate General Counsel & Director, Policy, Corporate Social Responsibility, Information Security, Legal and Security Department; 2014–2017: Assistant General Counsel & Director, Public Policy, Law and Security Department); 2011–2013: Ferring Pharmaceuticals Inc., Assistant General Counsel; 2010–2011: Mylan Specialty L.P. (formerly Dey Pharma, L.P.), Associate Counsel; 2009–2010: Biomet, Inc., Corporate Counsel, Commercial Transactions; 2002–2008: Schering-Plough Corporation, Senior Counsel; 2000–2002: Update Legal, Inc., Attorney. Education: 2000: J.D., Thurgood Marshall School of Law; 1997: Comparative Law studies, University of Oxford; 1993: H.B.A. (Industrial Relations and Economics), University of Toronto. Location of Company HQ: New York City. Primary Industry Sector: Technology and Telecommunications. Revenues in the Last Financial Year: $134.8 billion. Number of Attorneys Worldwide: 410 attorneys. Legal Department Locations: Basking Ridge, New Jersey; Alpharetta, Georgia; Irving, Texas; Washington, DC; Dublin, Ireland; Readington, England. How is the legal function structured? The legal function is structured by practice area, such as litigation, regulatory, compliance, employment, information technology, and security, as well as by business area, such as procurement, marketing, and sales. What is the top area of focus for the legal department? We are focused on delivering quality, ethical support to the business units to realize company-wide goals while remaining compliant with the Verizon Code of Conduct and industry regulations. It is imperative to remain apprised and aware of changing legal requirements. The legal department is agile, knowledgeable, and conscientious about being compliant. For example, any changes to employment laws are reviewed and implemented in compliance with industry requirements. What role do you play in Verizon's compliance program given the ever-changing regulatory environment? I make sure to stay up to date on the various regulatory requirements to effectively advise the different groups I support, including by taking training courses on the latest developments affecting our organization. How do you manage privilege and confidentiality concerns when communicating with employees? Employees in certain key areas sign non-disclosure agreements with respect to material, non-public information. Any privileged communications are marked as such when communicating with employees. Verizon maintains strict controls over the privacy of its information when disseminating the same, whether internally or externally with partners. What are some approaches that Verizon has taken to prioritize diversity? Verizon hires employees from various communities and geographies that reflect its customer base. There are several employee resource groups (ERGs) for different groups of employees, such as veterans, disabled or neurodivergent individuals, women, Latin Americans, South and East Asians, and African Americans, so that employees feel valued, appreciated, and heard. Each one of these ERGs is sponsored by a senior executive. As law departments' responsibilities evolve, what skills or competencies should in-house counsel develop to support the company's legal and operational needs? In-house counsel should develop a solid understanding of how businesses operate in specific industries, as well as an in-depth knowledge of financial principles and regulatory requirements and guidelines. What role do you see AI playing in the legal field over the next few years? Even now, I see AI becoming prevalent in the legal field, including in facilitating daily work operations such as accessing, analyzing, and utilizing information efficiently. AI cannot be avoided, but controls and parameters need to be established to prevent the unlawful dissemination of information and protect the privacy of customer information. What three things does a law firm need to do to impress you? A law firm needs to: What advice would you give to a prospective in-house counsel? Be responsive and communicative. Additionally, complete tasks thoroughly and on time in compliance with business needs and goals. What is a challenge you have faced in your role and what did you learn from it? One challenge I faced was learning to reconcile urgent business requests with established processes and protocols to remain compliant with the Verizon Code of Conduct. I learned that consistent compliance establishes known standards and this, in turn, makes legal review more efficient. If not an attorney, what would you wish to be? A motivational speaker. What are your hobbies? Traveling, fundraising for non-profits, and mentoring youth. What is your favorite book? Ruth Bader Ginsburg: A Life by Jane Sherron de Hart.