OT/ICS Security Training

This article is inspired by a recent article on the Computerworld site for Denmark, where one of the CISO’s for a big energy company lamented the lack of formal skills in the cybersecurity community on the security requirements for Operational Technology (OT) and Industrial Control Systems (ICS). This triggered light research from me on the options out there for relevant trainings and certifications.

Read more

It’s Time to Secure the Water Sector from Cyber Threats

he Biden administration is reportedly considering a first-ever integrated action plan for global water security, linking global access to clean, reliable water to U.S. national security for the first time. At home, the linkage between national security and security of the water and wastewater sector is self-evident by its very definition as critical infrastructure. Yet decades of chronic underinvestment and under-resourcing of federal support to the industry has left this life-supporting and life-sustaining infrastructure vulnerable to cyber threats.

Read more

Pain-Free Cloud Security Transformation? There’s No Such Thing

Seemingly all companies today prioritize cloud security as part of a comprehensive cybersecurity strategy, and for good reason. The proliferation and sophistication of cyberattacks bring endless possibilities for hackers to steal and misuse data at a pace previously unimaginable. Ransomware alone rose more than 100 percent in volume globally in 2021, and the expectation is that with such “success,” the rate of attacks will only grow in 2022.
Yet, too many enterprises and smaller companies still struggle with the transformation to the cloud because of the variables that come along with choosing the best product. Lack of awareness about the complexities with the switch, namely technology-related issues and typical adjustments needed to workflows and processes, also contributes to the confusion. Adding to the quandary is the existence of very few companies that are dedicated to cloud security as opposed to general cybersecurity products.

Read more

Closing the Cybersecurity Communications Gap: What Every CISO Needs the C-Suite to Know

The role of the Chief Information Security Officer (CISO) has evolved considerably in recent years. So much so that in many organisations CISOs now regularly consult with the CFO, CTO and CEO on security strategy, cyber risk, and how to approach digital transformation. However, while some CISOs have been given a seat at the table on many executive boards, this hasn’t been the case everywhere.
In the past, digital security was a high priority for highly regulated industries such as banks, insurance companies as well as utilities and public sector organisations. But the recent and rapid escalation of online channels in the wake of the global pandemic has made companies in every industry sector a potential target for cyber criminals. This means C-Suite executives need to be fully informed and educated on the preventative steps that need to be taken – and why.

Read more

Ethics of the 0-day trade

This is an opinion piece, and an opinion that I am fully aware of, can be controversial in some sectors of the cybersecurity industry. Still, selling the state of the cybersecurity of customers, that most of us are doing our outmost to protect from the nefarious underbelly of the Internet, is actively undermining the security. And yes, I feel that it is actively undermining the security, to sell 0-days to brokers, on the darknet or companies on the Internet, instead of disclosing them to the vendors for patching.

Read more

Not-For-Profits and Cybersecurity Breaches: What Are The Risks?

For those working for or with charities, it’s incredibly important to understand the cybersecurity risks that affect the not-for-profit sector. As charities run without making profit, it can be incredibly hard to justify regular outgoing expenses on cybersecurity, but when dealing with large sums of money, confidential information and more, they pose an easy threat to malevolent hackers.

Read more

Ransomware’s Evolving – Are You Ready?

Ransomware is big business.  It’s difficult to accurately measure just how big; the true size of the ransomware industry is masked by the fact that not all attacks and payments are made public.  However, a simple analysis of the ransom payments in the news – where new ransomware headlines appear almost daily – reveals a multi-billion-dollar industry.  Ransomware attacks are estimated to occur every 11 seconds, with the total cost of attacks to businesses exceeding $20 billion last year.  
In 2022, there are no signs ransomware is slowing down.  From ransomware as a service (RaaS) to Big Game Hunting, cybercriminals are becoming increasingly sophisticated; ransomware represents one of the greatest threats facing businesses today.  For chief information security officers (CISOs) and the wider executive leadership team, navigating the modern ransomware landscape is challenging.  Attackers are almost always one step ahead – with innovative, well-funded and coordinated teams utilising every tool at their disposal to penetrate corporate networks.  It can be difficult to know exactly what form a threat might take and where best to focus risk mitigation efforts.    

Read more

Protect what’s yours: How to Safeguard your Data this Data Protection Day

In our increasingly data-driven world, personal data is shared every second – when shopping, at work, travelling, or simply browsing the internet. It is the responsibility of every organisation to make an active commitment to protect the data it holds. After all, it could have serious implications for its reputation if a data breach occurred and its customers’ personal data was stolen and misused. 
Data Protection Day seeks to raise awareness and promote best practices around keeping data safe and secure. In this article, eleven experts in the technology industry give advice on how to best protect your data and maintain trust from your customers.

Read more

Why are People Worried About 5G Interfering With Flights?

The introduction of 5G was supposed to change how humanity uses mobile internet. From providing low-latency connectivity for mobile phones to making things like robotic surgery possible over long distances, 5G has the potential to be an invaluable tool.
On paper, it sounds like the perfect plan, but now that companies have begun to roll out the technology, a new challenge has appeared. Can 5G communications interfere with aviation instruments? Here’s what is known now and what the implications could mean for flight.

Read more

Security experts reveal their predictions for 2022

It is hard to believe that another year is about to pass, and while not quite as unpredictable as last year, 2021 held a lot of its own trials and tribulations – especially for the tech sector. Ransomware has hugely increased this year – in fact, the UK has been ranked number 10 on the list of countries worst affected by ransomware in a new report commissioned by Google – and we are in the eye of the storm of the ‘Great Resignation’, which is hitting the cybersecurity industry hard.
Despite this however, the year has also had its wins. This year the UN declared 2021 the International Year of Peace and Trust, Kamala Harris became the first female and black Vice-President of the United States, and more than 7.5 billion Covid vaccinations (so far) had been administered.
o as we celebrate the winds, wind down, and bring the year to a close, what can we expect from 2022? Cybersecurity Magazine spoke with eight technology experts to find out what they predict for the next 12 months. Here is what they had to say

Read more