Cyber Security Through Technology Risk Management

What is PAC File? Proxy Auto Configuration file is text file having a single function containing various rules coded in JavaScript that instructs web browser to forward traffic to a proxy server or directly to the destination server. Along with proxy server details there are optional and additional parameter that specify when and under what circumstances a browser forwards traffic to proxy server. Example: function FindProxyForURL(url, host) { if (shExpMatch(url, "*.google.com/*"))        return 10.10.10.1:8080;        return DIRECT' } Advantage of PAC file: PAC file can be hosted on a centralized place such as workstation, internal web server, or server outside the corporate network. Perform Load distribution Handle proxy failover. Supported by all browsers. Exceptions rules can be configured for internal or external sites. Provides critical security, ensuring that traffic is always proxied when it should be. History Originally developed by Netscape in 19

SANS Institute and Center for Internet Security (CIS) together with other organizations, developed the 20 Critical Security Controls (CSC) for Effective Cyber Defense. CIS Controls are not a replacement for any existing compliance framework such ISMS, NIST, CSF, PCI etc, rather it’s core building block toward any GRC journey.

In remote management, upstream or downstream interfaces of a network device are configured to accept the console connection such Telnet or SSH. The management traffic flows along with other transiting data traffic thru same interface.

Lets have a brief look at data security terms, also it becomes interestingly necessary to understand the different between those terms such as, their objectives, algorithm and applications. Once we have clear distinction then we know where to apply these data security provisions.

Summarised list of Chapter and Articles from EU General Data Protection Regulation (GDPR), this is useful for quick reference and can be used a cheat sheet.

"You can't amend the model clauses!" I always hear this people saying that  you cannot amend the model clauses, even the lawyer make such statement when I approached them for consultation during singing model contractual clauses.  We absolutely can amend the model clauses, provided your terms are purely commercial in nature and do not impact the protection of the data, nor the rights of data subjects or supervisory authorities.