The aviation safety sector is the study and practice of managing aviation risks. It is a solid concentration of regulations, legal documents, investigations of accidents and near-miss aviation incidents. On top of them lie lessons learned and shared knowledge; reports, facts and stats forming a cognitive super vitamin, that the aviation community uses to keep their business healthy and safe.

Cyberattacks are an increasingly common occurrence for a spectrum of industries. Rising cybercrime affects everyone, but certain sectors are more at risk than others. In 2023, the auto industry could face particularly significant dangers. Attacks in the automotive space can impact automakers, automotive fleets, and consumers alike. Reducing these risks will be crucial as more cybercriminals seek to capitalize on the sector’s vulnerabilities.

Oftentimes, three-letter acronyms trend and become buzzwords. At other times, they act as catalysts by influencing the business environment in which an organization operates. Such acronyms include CSR (corporate social responsibility), GRC (governance, risk, and compliance), and the most recent one, ESG (environmental, social, and governance). These are important business concepts that drive investment considerations and organizations’ cybersecurity commitments to customers.

With how much of our personal and professional lives take place online, it becomes more important each day for us to understand our vulnerability to cyberattacks. Cybercriminals target emails, domains, and accounts in order to impersonate identities and scam consumers and businesses alike. In 2021 alone, email spoofing and phishing increased by 220% and caused $44 million in losses. It is crucial to employ defenses to protect against these attacks.

Malware can come from and in a variety of attack vectors. Besides using ‘traditional’ methods of spreading malware, adversaries can leverage more sophisticated methods to turn your Power System into a ‘malware host’. The key target is your data. Data is valuable, and organisations have paid at least $602 million to ransomware gangs in 2021.

A $10 million reward is being offered for information leading to the identification or location of malicious hackers working with North Korea to launch cyber attacks on US critical infrastructure. The offer comes from the US State Department which is understandably eager to disrupt the activities of hacking gangs linked to foreign governments who may have engaged in espionage, cryptocurrency theft, and other malicious activities.

I walked into a business the other day. After a long conversation about the client’s need for cybersecurity and the implementation of the ISO27001 security standard, we talked about their risk appetite. “We don’t accept any risk. We’re risk-averse” said the CEO. But, is this achievable?

The Center for Internet Security’s Critical Security Controls has become an industry standard set of controls for securing the enterprise. Now on version 8, the original 20 controls are down to 18 with several sub controls added. The first six basic controls can prevent 85 percent of the most common cyber attacks, and even though the controls have been developed with traditional data centers and process in mind, there is no reason they can’t be adapted to DevOps practices.

In the two years proceeding from the beginning of the COVID-19 pandemic, the business world has been transformed on a grand scale. Organizations have created more data than ever before, data is now spread across a wider attack surface, putting it at a heightened risk of becoming a compromised risk. The manner and location of data storage and correspondence has had to shift to meet the needs of remote and hybrid workers, with companies being forced to take a more rigorous approach to data security.

When most people speak of any city government, they often mention words like “Bureaucratic”,“Behind the times”, and “Slow.” This is especially true when considering cybersecurity initiatives. However, a small town in Texas is changing that view. Seguin, Texas, which was once the smallest Texas city to have a full-time cybersecurity employee, was the only government entity to be named in the CSO50 2022 Awards.