Collaborate Disseminate
Information security should be at the heart of every system launched. In accordance with the Federal Information Security Management Act (FISMA), an information technology system is granted an Authority to Operate (ATO) after passing a risk-based cyber… Continue reading Integrating the Risk Management Framework (RMF) with DevOps
Technology and cyber systems have become essential components of modern society. Despite the benefit of cyber technologies, insecurities arise. These could affect all systems and infrastructures. More than that, the threat of a cyberattack could very w… Continue reading The State of Civil Aviation Cybersecurity
Ships are increasingly using systems that rely on digitalization, integration, and automation, which call for cyber risk management on board. As technology continues to develop, the convergence of information technology (IT) and operational technology … Continue reading The Biggest Challenges and Best Practices to Mitigate Risks in Maritime Cybersecurity
Building the Case for IoT Security Framework The Internet of Things (IoT) is growing in technical, social, and economic significance. ENISA defines the increasingly complex IoT systems as “cyber-physical ecosystem[s] of interconnected sensors and… Continue reading The CSA IoT Security Controls Framework
As smart ticketing systems and technological solutions become more prevalent in the transportation industry, the issue of transportation systems’ cybersecurity becomes a greater concern. Transportation Systems Cybersecurity is a Major Concern In … Continue reading Transportation Systems Sector Cybersecurity Framework Implementation Guide
Cybersecurity is not a static world. You can say that it is a social system, it affects and is affected by its surrounding environment. For example, back in 2018, it was the GDPR that shook the foundations of security and privacy by making the protecti… Continue reading The COVID-19 Pandemic Dominates the Cybersecurity World
It’s DBIR season! Put down your pens, stop watching “The Last Dance” and get to reading the key findings of the 13th edition of the annual Verizon Data Breach Investigations Report! If “experience is merely the name men gave to … Continue reading Verizon DBIR 2020: Cloud Apps, Stolen Credentials, and Errors
During the past year, we have witnessed significant data breaches that have impacted industries ranging from hospitality to legal to social media. We have seen a continuation of financially motivated threats, such as business email compromise (BEC), wh… Continue reading SANS 2019 Incident Response Survey: Successful IR Relies on Visibility
Companies are facing increased and complex cybersecurity challenges in today’s interconnected digital economy. The cyber threats have become more sophisticated and may harm a company via innovative new forms of malware, through the compromise of … Continue reading 10 Tenets for Cyber Resilience in a Digital World
Is an electricity provider’s supply chain its weakest link in the event of a cyberattack? The evidence is compelling that third parties often play unwitting roles. For example, the NotPetya ransomware attacks in mid-2017 originally gained a footh… Continue reading So You Want to Achieve NERC CIP-013-1 Compliance…