The current security state of industrial control systems (ICS) is a perplexing one. On the one hand, Kaspersky Lab found in a recent report that a majority of organizations (75 percent) regard ICS security as a major priority. On the other hand, organizations aren’t implementing the proper safeguards to secure their industrial control systems.
Many security breaches take place when attackers gain access to Internet-facing applications by using compromised credentials. As an added layer of security against leaked credentials, organizations have been implementing multi-factor authentication (MFA) mechanisms to verify the identity of users connecting to critical online assets.
What I’ve found throughout the years is that the only constant in life is the fact that everything changes and changes frequently. I can’t even get a consistent scenery on my way to work longer than a couple of weeks before something is different! At the same time, the world of technology is in constant flux whether it’s new technology or updates to automated tools that interact with all sorts of servers or services running throughout an environment.
In information warfare, the need to develop SIEM architecture has become a crucial factor due to the existence of ever-growing cyber threats and their creators – cyber pests. The SIEM (Security Information and Event Management) presents a broad range of products or services for the purpose of managing security information and security events simultaneously.
A few years ago, a news story about a man who was being paid six figures to watch cat videos went viral. Unfortunately, his company didn’t realize that this is what they were paying him to do all day. How did this happen? The employee, whom we’ll refer to as “John,” worked for a company in the US and was getting paid six figures as a developer.
There are many things within Information security that pundits have been claiming are dead, or should be killed by fire - passwords are usually found at the centre of such debates. But this isn’t a post about passwords, it’s a post about honesty, and trust. But let’s first take a look at the other side of the coin.
PCI DSS, or the Payment Card Industry Data Security Standard, is the set of regulatory requirements all organizations who process card payments must adhere to. Sounds simple enough, right? But PCI compliance can pose a major challenge to organizations if they’re not equipped with the proper knowledge and tools.
Senate Bill 1121, more commonly known as the California Consumer Privacy Act (CCPA) was passed on September 23, 2018, and becomes effective on January 1, 2020. Already being compared to the European Union’s General Data Protection Regulation (GDPR), the new law focuses on privacy rights and encompasses both consumer protection and data protection. Thus, organizations need to know how to secure and protect information to meet the CCPA’s regulatory requirements.
