<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>security policies &#8211; Noise</title>
	<atom:link href="https://noise.getoto.net/tag/security-policies/feed/" rel="self" type="application/rss+xml" />
	<link>https://noise.getoto.net</link>
	<description>The collective thoughts of the interwebz</description>
	<lastBuildDate>Wed, 09 Feb 2022 21:30:41 +0000</lastBuildDate>
	<language>en-US</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.8.2</generator>
	<item>
		<title>On the Irish Health Services Executive Hack</title>
		<link>https://noise.getoto.net/2022/02/11/on-the-irish-health-services-executive-hack/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 11 Feb 2022 12:17:53 +0000</pubDate>
				<category><![CDATA[hacking]]></category>
		<category><![CDATA[ireland]]></category>
		<category><![CDATA[ransomware]]></category>
		<category><![CDATA[reports]]></category>
		<category><![CDATA[security policies]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=65035</guid>

					<description><![CDATA[<p>A detailed <a href="https://www.hse.ie/eng/services/publications/conti-cyber-attack-on-the-hse-full-report.pdf">report</a> of the 2021 ransomware attack against Ireland’s Health Services Executive lists some <a href="https://thestack.technology/pwc-hse-hack-post-incident-report/">really bad security practices</a>:</p>
<blockquote><p>The report notes that:</p>
<ul>
<li>The HSE did not have a Chief Information Security Officer (CISO) or a “single responsible owner for cybersecurity at either senior executive or management level to provide leadership and direction.
</li><li>It had no documented cyber incident response runbooks or IT recovery plans (apart from documented AD recovery plans) for recovering from a wide-scale ransomware event.
</li><li>Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system. Antivirus software triggered numerous alerts after detecting Cobalt Strike activity but these were not escalated. (The antivirus server was later encrypted in the attack).
...</li></ul></blockquote>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
		<item>
		<title>Security Risks of Client-Side Scanning</title>
		<link>https://noise.getoto.net/2021/10/15/security-risks-of-client-side-scanning/</link>
		
		<dc:creator><![CDATA[Bruce Schneier]]></dc:creator>
		<pubDate>Fri, 15 Oct 2021 14:30:10 +0000</pubDate>
				<category><![CDATA[academic papers]]></category>
		<category><![CDATA[Apple]]></category>
		<category><![CDATA[backdoors]]></category>
		<category><![CDATA[national security policy]]></category>
		<category><![CDATA[Schneier news]]></category>
		<category><![CDATA[security policies]]></category>
		<category><![CDATA[Uncategorized]]></category>
		<guid isPermaLink="false">https://www.schneier.com/?p=63769</guid>

					<description><![CDATA[<p>Even before Apple made <a href="https://www.apple.com/child-safety/">its announcement</a>, law enforcement shifted their battle for backdoors to client-side scanning. The idea is that they wouldn’t touch the cryptography, but instead eavesdrop on communications and systems before encryption or after decryption. It’s not a cryptographic backdoor, but it’s still a backdoor — and brings with it all the insecurities of a backdoor.</p>
<p>I’m part of a group of cryptographers that has just published a <a href="https://arxiv.org/abs/2110.07450">paper</a> discussing the security risks of such a system. (It’s substantially the same group that wrote a similar paper about ...</p>]]></description>
		
		
		<enclosure url="" length="0" type="" />

			</item>
	</channel>
</rss>

<!--
Performance optimized by W3 Total Cache. Learn more: https://www.boldgrid.com/w3-total-cache/

Object Caching 26/81 objects using Memcached
Page Caching using Disk: Enhanced 
Lazy Loading (feed)
Database Caching using Memcached

Served from: noise.getoto.net @ 2025-12-09 12:37:39 by W3 Total Cache
-->