Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Posts

Why Asset Visibility Is Essential to the Security of Your Industrial Environment

Threats against industrial environments are on the rise. Near the beginning of 2019, for example, Kaspersky Lab revealed that 47% of industrial control system (ICS) computers on which its software was installed suffered a malware infection in the past year. That was three percent higher than the previous year.

Change Is Inevitable: Tripwire File Analyzer

One of the only things that is constant in life is change. It’s the same with cybersecurity. There are different types of changes to consider. A lot of changes in our everyday life are out of our control. It can be hard to discover, monitor and even react to change. However, when it comes to change in the world of cybersecurity, it’s possible we can manage that change in a way that can have a positive impact on our business.

The NHS has suffered only six ransomware attacks since the WannaCry worm, investigation reveals

An investigation claims that the UK’s National Health Service, which was hit hard by the notorious WannaCry worm in 2017, has seen a marked fall in ransomware attacks since. A report published by Comparitech, based upon Freedom of Information requests, reveals the somewhat surprising news that since WannaCry there have only been six recorded ransomware attacks against the NHS.

On Authorization and Implementation of Access Control Models

There are dozens of implementations of authorization mechanisms. When there are complex requirements dictated by business processes, authorization mechanisms may often be implemented incorrectly or, at least, not optimally. The reason for that, in my opinion, is the low attention of both the customer and developers to this aspect in the initial stages of the project and, at the same time, insufficient assessment of the impact of necessary requirements.

5 Ways Your Organization Can Ensure Improved Data Security

Each year on January 28, the United States, Canada, Israel and 47 European countries observe Data Privacy Day. The purpose of Data Privacy Day is to inspire dialogue on the importance of online privacy. These discussions also seek to inspire individuals and businesses to take action in an effort to respect privacy, safeguard data and enable trust. In observance of Data Privacy Day this year, here are five recommendations through which organizations can bolster their data security efforts.

Navigating ICS Security: Having your Action Plan Ready

Trust, respect, understanding. These are all two-way relationships that must be earned over time. Whilst someone being hired in a senior position will likely already have a certain level of each, part of your job is to continuously cultivate all three of these elements with colleagues no matter your grade. When working within a cybersecurity practice, it is critically important to have this level of understanding across large swaths of the workforce, from the senior level to operations teams.

Who Are the Digital Service Providers (DSP) under the NIS Directive?

In a previous article, we discussed what the NIS Directive is. The European Union developed the Directive in response to the emerging cyber threats to critical infrastructure and the impact cyber-attacks have on society and the European digital market. The NIS Directive sets three primary objectives: The “actors of particular importance” are the operators providing essential services (OES) and digital service providers (DSP) in the EU.

Ransomware: The average ransom payment doubled in just three months

A new report into the state of ransomware at the tail end of 2019 has revealed that things aren’t getting any better. In Q4 of 2019, according to the new study published by security firm Coveware, the average ransom payment more than doubled – reaching $84,116, up from $41,198 in Q3 of 2019.

How CISOs Can Expand Their Security Duties into Industrial Environments

Digital attacks are a top concern for Industrial Control System (ICS) security professionals. In a survey conducted by Dimensional Research, 88 percent of these personnel told Tripwire that they were concerned about the threat of a digital attack. An even greater percentage (93 percent) attributed their concerns to the possibility of an attack producing a shutdown or downtime.