[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ]<\/p>\n
* 6 Scenarios That Increase Vendor Risk
\n* The Unstoppable Convergence of Physical Security and IT and What it Means for Your Role
\n* Mount St. Mary’s University plans to offer degrees in cybersecurity, forensic accounting
\n* Pakistan approves controversial Cyber Crime Bill
\n* Feds ask auto industry to help combat cyberattacks
\n* The best cyberdefence: Think like an attacker
\n* Optional Windows update aims to protect Microsoft wireless mice against hijacking
\n* How Airbus defends against 12 big cyber attacks each year
\n* Canada\u2019s top 10 most ransomware-infected cities [Malware map]
\n* Singapore cloud outage guidelines can help businesses manage data breaches, says expert
\n* Common Education Sector security misconceptions
\n* Members of the Board and C-Suite Have New Tools to Help Reduce Cyber Security Risk
\n* Appeals Court Agrees Health Solutions Provider\u2019s Insurance Requires Defense in Data Disclosure Class Action
\n* Slideshow 12 questions to assess your data breach response capability
\n* How to Plan and Execute Modern Security Incident Response \u2013 NEW
\n* POTUS taps Uber chief security officer to be a part of a cyber security commission
\n* Dominic Paluzzi named to Cybersecurity Docket’s Incident Response 30
\n* After 4 years, EU Parliament passes new data protection rules
\n* RAND Survey Shows Breaches Have Little Impact On Customer Loyalty
\n* U.S. government worse than all major industries on cyber security: report
\n* RSA survey: Not enough focus on cyber terrorism among U.S. organizations
\n* Cybersecurity Industry “Fighting the Wrong Battle for 20 Years”–New Research
\n* Software tools and services used to achieve ISO 27001
\n* Why ICS network attacks pose unique security challenges
\n* Threat hunting technique helps fend off cyber attacks
\n* Cybersecurity to help businesses deliver digital growth strategies: Cisco
\n* Insurance against cyber attacks \u2018vital\u2019 say businesses but only 41% covered for both security breaches and data loss<\/p>\n
6 Scenarios That Increase Vendor Risk
\n1. \u201cWe don\u2019t let our vendors know how important cybersecurity is to us.\u201d
\n2. \u201cWe\u2019ve hired a contractor to handle our sensitive data, but we haven\u2019t asked them which specific employees have access to it.\u201d
\n3. \u201cWe don\u2019t build out contractual requirements for our vendors to meet with respect to cybersecurity.\u201d
\n4. \u201cWe don\u2019t ask to review documentation and results of previous audits.\u201d
\n5. \u201cWE HIRED a third party without knowing how they manage their own third-party relationships.”
\n6. \u201cWe trust a snapshot in time instead of relying on continuous monitoring.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=163172f87c&e=20056c7556<\/p>\n
The Unstoppable Convergence of Physical Security and IT and What it Means for Your Role
\nThe modern design of IP networks mean that they can encompass telephony and business critical systems, alongside CCTV and other security systems enabling physical access to the building.
\nEllie Hurst, marketing manager at Advent IM, says that while our physical and cyber threats have converged, physical systems may not have the oversight of IT security regiment for patching and antimalware. \u201cSystems are often networked and once you leave a geographical location and enter cyberspace, everything changes,\u201d she says.
\nAnother issue is around a potential skill gap, and not where you think it would be, according to Martin Grigg, senior security consultant at PTS Consulting and Lecturer in Integrated Systems for high-security facilities.
\nHe said that the convergence of information and security technology has not created a skills gap but the merging of management roles may do exactly that.
\nThe necessary skills to successfully deliver each role are usually held by people with different backgrounds.
\nHurst says that it is important to note that umbrella oversight is needed from a risk perspective, to reduce the chance of converged risks remaining lost in silos \u2013 \u201cso the oversight of a chief risk officer or senior information risk owner ensuring board ownership\u201d.
\nGillispie adds that oversight should be at board level and Risk assessments would be done on all systems to ensure any risk is mitigated and that it is within organisational risk tolerances and appetite.
\nPerhaps success best lies in making each team speak the language of the other to broaden understnadin of the issues at hand.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=6d5792cb33&e=20056c7556<\/p>\n
Mount St. Mary’s University plans to offer degrees in cybersecurity, forensic accounting
\nBoth programs have been in the works for at least a year now, Mount faculty members said.
\nThey\u2019re a component of the new strategic plan moving forward at the Mount, \u201cMount 2.0,\u201d which involves revamping the school\u2019s core curriculum and expanding course offerings.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b647525a86&e=20056c7556<\/p>\n
Pakistan approves controversial Cyber Crime Bill
\nThe bill approved on Wednesday, must also be approved by Senate before it can be signed into law, Dawn online reported.
\nThe draconian bill – which has been criticised by the information technology (IT) industry as well as civil society for curbing human rights – was submitted to the NA for voting in January 2015 by the IT ministry.
\nAccording to critics, the proposed bill criminalises activities such as sending text messages without the receiver’s consent or criticising government actions on social media with fines and long-term imprisonment.
\nIndustry representatives have argued that the bill would harm business as well.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f22da19acd&e=20056c7556<\/p>\n
Feds ask auto industry to help combat cyberattacks
\nThe U.S.
\nDepartment of Justice\u2019s top national security attorney Tuesday called on the private sector to work with the federal government and law enforcement agencies to fight cyber attacks.
\n\u201cSharing information and intelligence between law enforcement is not enough,\u201d said John Carlin, assistant U.S. attorney general for national security. \u201cWith the ingenuity and development taking place in your hands … the infrastructure of the internet in your hands, to combat threats against it, we\u2019re going to have to work together.
\n\u201cI think we forget when we design a system how vulnerabilities can be exploited,\u201d said the senior in mechanical engineering at the University of New Mexico. \u201cWe forget to look at how people could use the technology for ulterior motives.
\nIt was interesting to hear it from someone who deals with it.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=19dca98993&e=20056c7556<\/p>\n
The best cyberdefence: Think like an attacker
\nIt’s a game of cat and mouse; in the ongoing battle between cyber criminals and cybersecurity professionals, it can sometimes be difficult to know what tactics attackers will employ next.
\nBut in fact cybersecurity professionals don’t always have to be playing catch-up, especially if they can get into the mindset of their opposition.
\nThis skill is making staff with experience working in IT security for the military particularly attractive to businesses.
\nAnother trait which separates military security types from your average cybersecurity pros is the ability to go on the offensive — because it makes them more effective defenders.
\n“As an attacker, you’ve really got to look at the whole environment; you’ve really got to be creative,” he continues, “You’re just so much more aware of what’s possible, rather than being on the defensive side the whole time and being reliant on how things currently work.”
\nHowever, there are only a limited number of cybersecurity professionals who have worked in government information warfare — and even fewer who have carried out offensive attacks — so the pool of potential employees with this experience is limited.
\nBut this can be overcome, Johnson suggests, by engaging in cyberwar games within an organisation, and taking turns to attack and defend.
\n“I’ll put our White Hat people up against Black Hats any day.
\nI’m not fearful that the Black Hats are any better than us; they may catch us unprepared, or at a bad moment in time — I don’t trivialise them — but I don’t feel in any way, shape, or form that they’re any better than the White Hat hackers.
\nSo I’d never stoop to hiring them,” Kelly says.
\nJohnson, however, takes a different view: “I’ve seen people with that kind of background grow up and still have that curiosity, that innovation mindset where they don’t just approach the problem in one way, they’re thinking in new ways.
\nThat’s hacking, trying to get systems to do things they weren’t designed to do, so if you start applying that to companies, that mindset is really valuable,” he says.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=3cfb16a373&e=20056c7556<\/p>\n
Optional Windows update aims to protect Microsoft wireless mice against hijacking
\nMouseJack exploits several vulnerabilities in the communications protocols between the USB dongles plugged into computers and the wireless mice and keyboards that are paired with them.
\nThese flaws allow attackers to spoof a wireless mouse from up to 100 meters away and send rogue keystrokes instead of clicks to a computer.
\nThe new KB3152550 update blocks this type of attack through a driver that filters input from affected Microsoft wireless mice to make sure that there are no QWERTY key frames that normally indicate keyboard traffic.
\nThe update is available for Windows 7, 8.1 and 10, but not Windows Server.
\nIt only protects standalone wireless mice and not those that are bundled together with a keyboard as part of Microsoft’s desktop set products.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=4a28370152&e=20056c7556<\/p>\n
How Airbus defends against 12 big cyber attacks each year
\nCivil aircraft manufacturer Airbus Group is hit by up to 12 major systems attacks each year, its chief information security officer has revealed, mostly through ransomware and state-sponsored hackers.
\nStephane Lenco told the Australian Cyber Security Centre conference that defence was particularly difficult against state-sponsored attackers who “will try everything” to break in, and if successful, “will go after everything”.
\nAs a response, Lenco took a strategy to his board outlining his plan to “deter, delay, delete and detect”.
\nLuckily, Lenco said, the infosec team still had the support of the executive for the four D’s approach, so the next step was about benchmarking.
\nWhat resulted was 47 streams containing around 350 individual projects.
\nThe security team will also soon start red-teaming – adopting an attacker’s mindset to detect vulnerabilities in networks and systems – and blue-teaming (the defenders) to better catch and mitigate threats.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d8204133ae&e=20056c7556<\/p>\n
Canada\u2019s top 10 most ransomware-infected cities [Malware map]
\nMalware infections across Canada spiked almost 15 per cent in March and the country\u2019s problem with ransomware was made evident when an Ottawa-based hospital was hit.
\nOverall malware was on the rise, increasing 14.7 per cent in March compared to February, according to tracking by EnigmaSoftware.com.
\nSee our map below to see the new rates in individual cities.
\nTrois-Rivieres, Que. remains at the top of the list as we\u2019re used to.
\nThere wasn\u2019t too much of a shake up in terms of city standings, except that we say Burnaby, B.C. enter the top 20 list by moving up from 27th spot to 15th.
\nWe\u2019ve updated our cybercrime map of Canada with a new layer of data, showing the police-reported cybercrime from 2013, the most recent data available from Statistics Canada.
\nThe range of cybercrime reported by police services in Canada range from types of fraud to threats to crimes of a sexual nature.
\nIn 2013, more than half of all cybercrime reported was described as a fraud violation, with 6,203 offenses out of a total of 11,124 offenses across all categories.
\nAlso new to our map is a layer representing an IDC Canada survey conducted earlier this year.
\nIt shows how much different regions in Canada are spending on IT security and how much they\u2019d like to spend.
\nWhich region do you think is spending the most on security.
\nFind out and read more analysis over on IT World Canada.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=02574f8da8&e=20056c7556<\/p>\n
Singapore cloud outage guidelines can help businesses manage data breaches, says expert
\nAlthough the guidelines issued by the Infocomm Development Authority of Singapore (IDA) (58-page \/ 786KB PDF) state that they are “not meant to resolve issues due to cyber security, malicious act or breach of personal data protection laws”, they are built upon recognised Singapore and international standards for cloud security, SS 584: 2015.
\nThe guidelines help explain how those standards interface with the country’s Personal Data Protection Act (PDPA) in event an outage is coupled with a data breach.
\nBusinesses subject to the PDPA are obliged to employ reasonable security arrangements to protect personal data in their possession or under their control from unauthorised access, collection, use, disclosure, copying, modification or disposal.
\nPenalties for non-compliance with can include fines of up to SIN$1 million ($740,000)
\nThe COIR guidelines also incorporate a framework of self-disclosure by cloud providers to help inform cloud users about the reliability and resilience of the cloud services they offer, as well as the “accountability, change management procedures and incident management procedures” cloud providers have in place.
\nA dedicated self-disclosure form has been created for cloud providers to fill out and post on their websites.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=33f2a167c0&e=20056c7556<\/p>\n
Common Education Sector security misconceptions
\n2016 hasn\u2019t begun in a very positive way for education institutions.
\nJanuary 2016 saw data on 80,000 students, faculty, and staff at UC Berkeley compromised in the University\u2019s third data breach disclosure of the past 15 months.
\nThis was followed by a breach of 63,000 names and social security numbers of current and former students and staff at the University of Central Florida in early February 2016 obtained when hackers attacked the school\u2019s computer system.
\nMisconception 1: I can have an open IT environment, or secure IT environment, but not both open and secure
\nMisconception 2: Breach protection and detection policies are enough to keep the hackers at bay
\nMisconception 3: I know which users and applications can be trusted
\nIt\u2019s clear that something needs to change.
\nThe education sector recognises that an issue exists; yet many are still not putting the proper measures in place.
\nIt has never been clearer that now is the time to act, and by thinking of security in a different way and overcoming the common misconceptions outlined above, education institutions can quickly begin the journey from security chaos to security harmony.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ff2ad7ab30&e=20056c7556<\/p>\n
Members of the Board and C-Suite Have New Tools to Help Reduce Cyber Security Risk
\nHERNDON, Va.–(BUSINESS WIRE)–Learning Tree International (OTCQX: LTRE), a leading provider of IT and management training to business and government organizations worldwide, has launched a new course that covers cyber security from the perspective of senior executives and members of the board.
\nThis course prepares members of the board and the C-Suite to understand, assess, and take a proactive posture in security through:
\nEffectively positioning their organizations to address cyber security threats
\nSupporting cyber security planning with management frameworks
\nThe use of governance policy and cyber insurance to minimize risk
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=e29c75cdf9&e=20056c7556<\/p>\n
Appeals Court Agrees Health Solutions Provider\u2019s Insurance Requires Defense in Data Disclosure Class Action
\nAvailability of insurance is often among the first questions that arises when a company encounters a data breach or other Internet-related problem involving company records, even where the company lacks a cyberinsurance policy.
\nThe federal Fourth Circuit Court of Appeals recently affirmed a ruling by a District Court that required insurance coverage for an inadvertent disclosure of private healthcare information under the policy\u2019s provisions regarding the publication of material that may give \u201cunreasonable publicity\u201d to, or disclose information about, a person\u2019s private life.
\nTravelers Indem. Co. v. Portal Healthcare Solutions, LLC, Case No. 14-1944 (4th Cir. April 11, 2016) (unpublished).
\nTwo patients of Portal Healthcare who found their medical information through a Google search filed a class action suit against the hospital for allegedly having inadvertently made hospital medical records available and unprotected on the Internet.
\nPortal then sought coverage against its insurer, Travelers Indemnity Company.
\nTravelers, in turn, sought a declaratory judgment that it was not obliged to defend Portal under the traditional policies that Portal had purchased.
\nThe trial court found coverage under policy language covering an injury arising from the \u201celectronic publication of material\u201d that discloses information about a person\u2019s private life.
\nSee Travelers Indem. Co. v. Portal Healthcare Solutions, LLC, 35 F. Supp. 3d 765 (E.D. Va. 2014).
\nThis type of traditional invasion of privacy claim has historically been covered by this type of policy.
\nAccording to the trial court, the private medical information was \u201cpublished\u201d because it was available to everyone on the Internet\u2014even though it was unclear whether anyone besides the two plaintiffs had ever accessed it\u2014and because the information clearly related to the patient\u2019s private life.
\nThe appellate court agreed with the trial court\u2019s reasoning and affirmed the finding that Travelers had a duty to defend Portal in the suit.
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d7d61691e8&e=20056c7556<\/p>\n
Slideshow 12 questions to assess your data breach response capability
\nA new Data Breach Response Guide from Experian walks through myriad processes for putting together an enterprisewide plan to prepare for and respond to a breach, and then put the plan into motion when an incident occurs.
\nThe guide covers communicating with the C-Suite, creating a plan, practicing the plan, responding to a breach, auditing the plan, and a quiz with core questions to assess preparedness. \u201cIf you answer ‘no’ more than once or twice, you and your team should immediately address the gaps,\u201d according to Experian, which offers breach recovery services.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=f4b8c241fe&e=20056c7556<\/p>\n
How to Plan and Execute Modern Security Incident Response \u2013 NEW
\nI had the opportunity to work with Anton on updating one of his best documents, \u201cHow to Plan and Execute Modern Security Incident Response\u201d, which was published today on Gartner.com (GTP Access required).
\nThe document is a nice assessment of what organizations should be doing in terms of incident response today.
\nIt covers some of the basics, but also the changes we\u2019ve been seeing in those practices in the past couple of years, especially the move to continuous IR.
\nAs we say there,<\/p>\n
\u201cThe traditional route of detecting incidents using security monitoring technologies is not the whole answer to today\u2019s threat landscape, which is laden with skilled and persistent threat actors.
\nLeading organizations don\u2019t just develop excellent security monitoring capabilities that operate in near-real time (such as mature SOC capabilities based on SIEM tools).
\nThey also seek to explore the data they collect in order to discover \u2014 rather than detect in real time \u2014 incidents that their own detection controls missed.\u201d
\nLink: http:\/\/paulgdavis.us3.list-manage2.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=68e78359b7&e=20056c7556<\/p>\n
POTUS taps Uber chief security officer to be a part of a cyber security commission
\nIn looking to leverage that wealth of knowledge of and experience with cyber security attacks, President Barack Obama appointed a number of former and current tech executives to a 12-person Commission on Enhancing National Security.
\nAmong those pulled from the tech world, including former IBM CEO Sam Palmisano, is Uber\u2019s Chief Security Officer Joe Sullivan.
\nSullivan, who joined Uber in 2015, handled security at Facebook prior to that for five years and at eBay before that.
\nHere are the rest of the appointed members:
\nTom Donilon, former Assistant to the President and National Security Advisor (Chair)
\nSam Palmisano, former CEO of IBM (Vice Chair)
\nGeneral Keith Alexander, CEO of IronNet Cybersecurity, former Director of the National Security Agency and former Commander of U.S.
\nCyber Command
\nAnnie Ant\u00f3n, Professor and Chair of the School of Interactive Computing at Georgia Tech.
\nAjay Banga, President and CEO of MasterCard
\nSteven Chabinsky, General Counsel and Chief Risk Officer of CrowdStrike
\nPatrick Gallagher, Chancellor of the University of Pittsburgh and former Director of the National Institute of Standards and Technology
\nPeter Lee, Corporate Vice President, Microsoft Research
\nHerbert Lin, Senior Research Scholar for Cyber Policy and Security at the Stanford Center for International Security and Cooperation and Research Fellow at the Hoover Institution
\nHeather Murren, former member of the Financial Crisis Inquiry Commission and co-founder of the Nevada Cancer Institute
\nJoe Sullivan, Chief Security Officer of Uber and former Chief Security Officer of Facebook
\nMaggie Wilderotter, Executive Chairman of Frontier Communications
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=990eeda051&e=20056c7556<\/p>\n
Dominic Paluzzi named to Cybersecurity Docket’s Incident Response 30
\nCLEVELAND, April 14, 2016 \/PRNewswire\/ — Dominic Paluzzi, member at McDonald Hopkins, has been named to Cybersecurity Docket’s inaugural Incident Response 30, a list of the “best and brightest” data breach response attorneys and compliance professionals in the industry “who not only have the right stuff to manage a data breach response, but are also the kind of professionals critical to have on speed-dial when the inevitable data breach occurs.”
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=797550a419&e=20056c7556<\/p>\n
After 4 years, EU Parliament passes new data protection rules
\nIt\u2019s been almost four years since proceedings began to agree new data protection rules within the EU, but the European Parliament has now passed new rules to help develop the digital single market.
\nAccording to the announcement made by the European Parliament, these new data protection rules will replace the older data protection legislation that has for years now been considered unfit for purpose.
\n72 hours to report a data breach
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=0c542abb61&e=20056c7556<\/p>\n
RAND Survey Shows Breaches Have Little Impact On Customer Loyalty
\nOnly 11% of US adults who received a breach notification were likely to quit doing business with the hacked company, study finds.
\nNew research from RAND Corp reveals that over 25% of American adults were notified in the past twelve months that their personal information had been breached.
\nAnd only 11% of them say they are unlikely to do business with the breached company again.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=bbb307311c&e=20056c7556<\/p>\n
U.S. government worse than all major industries on cyber security: report
\nU.S. federal, state and local government agencies rank in last place in cyber security when compared against 17 major private industries, including transportation, retail and healthcare, according to a new report released Thursday.
\nThe analysis, from venture-backed security risk benchmarking startup SecurityScorecard, measured the relative security health of government and industries across 10 categories, including vulnerability to malware infections, exposure rates of passwords and susceptibility to social engineering, such as an employee using corporate account information on a public social network.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=1dde22cbc6&e=20056c7556<\/p>\n
RSA survey: Not enough focus on cyber terrorism among U.S. organizations
\nAccording to the survey of over 200 security executives attending RSA, 92 percent think most U.S. organizations need more security against cyber terrorism or are behind the curve when it comes to protecting against such attacks.
\nThycotic said 89 percent said businesses and the military must make developing capabilities to fight against cyber terrorism more of a priority.
\nA blog posted by Thycotic also revealed that 80 percent of respondents said such an attack could occur within the next 24 months.
\nThe survey also showed that half of respondents think private companies in the U.S. are more at risk than government organizations, while 42 percent said the government is more vulnerable than private companies.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=b928ba4dff&e=20056c7556<\/p>\n
Cybersecurity Industry “Fighting the Wrong Battle for 20 Years”–New Research
\nHERNDON, Va., April 12, 2016 \/PRNewswire-USNewswire\/ — Global technology company Nuix has published a provocative white paper by cybersecurity veteran Chris Pogue arguing that the technology industry has been “fighting the wrong battle with the wrong weapons” against cybercrime for the past two decades.
\nThe paper contends that for technology to fight cybercrime and insider threats effectively, it must solve human vulnerabilities.
\nThe white paper examines five cognitive biases\u2014”bugs in our brain software”\u2014that cause people to make poor decisions.
\nIt examines how other industries have learned to deal with these biases by concentrating on changing human behavior, and applies these lessons to the fight against cybercrime.
\nThe white paper includes a strategic battle plan and practical action plan for organizations to focus on using technology, people, and processes to address the people problems of cybersecurity.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=ad03c76264&e=20056c7556<\/p>\n
Software tools and services used to achieve ISO 27001
\nMany organizations are unsure of what\u2019s available to help them implement and get certified in quick time, so CertiKit summarized the most common areas of the ISO 27001 standard where software tools and services come in handy.
\nHow many of these software tools and services you decide to use depends on your budget, timescales and how secure you want to be.
\nThe infographic below will help you to choose wisely in order to achieve ISO 27001.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=896206623f&e=20056c7556<\/p>\n
Why ICS network attacks pose unique security challenges
\nUntil recently, industrial networks were separated from the rest of the world by \u2018Air Gaps\u2019.
\nIn theory, this technique sounds great \u2013 disconnecting the industrial network from the business network and the Internet makes it very difficult for attacks to reach it.
\nHowever, an \u2018Air Gap\u2019 is no longer a functional or operationally feasible solution in today\u2019s connected world.
\nWith trends like IIoT (Industrial Internet of Things), industrial networks can\u2019t remain stand-alone environments.
\nFor efficiency and competitive advantage reasons, they are being connected to corporate systems and cloud applications.
\nIn the process, they are being exposed to cyber-threats.
\nPatching PLCs is difficult, can cause disruptions or downtime, and can lead to reliability issues and other operational problems.
\nIt is also common to find unpatched Windows-based workstations still running legacy operating systems like Windows NT and XP in operational environments due to the same concerns regarding operational stability and reliability.
\nOne of the biggest technical challenges faced when trying to secure ICS networks is that several different communication protocols are used by components in process automation systems.
\nFor example, the data-layer and control-layer use separate communication protocols.
\nMeanwhile, control-layer operations that manage the entire life-cycle of industrial processes use a different set of protocols altogether.
\nTo make matters worse, each OT vendor uses a proprietary implementation of the IEC-61131 standard for making changes to PLC logic, PLC code updates, firmware downloads and configuration changes.
\nSince these implementations are rarely documented, it is very difficult to monitor these critical activities.
\nThe emergence of cyber-threats is forcing the industrial sector to take a long, hard look at how ICS networks, and specifically, industrial controllers, are protected.
\nThe current lack of visibility and security controls combined with the presence of unpatched vulnerabilities in OT networks is placing facilities at risk.
\nIn order to prevent unintended changes by insiders and protect systems from external attacks, ICS-native monitoring and control technologies are required.
\nLink: http:\/\/paulgdavis.us3.list-manage.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=d41e964d1d&e=20056c7556<\/p>\n
Threat hunting technique helps fend off cyber attacks
\nCyber threat intelligence company DomainTools has released the results of a new survey conducted by the SANS Institute on the effectiveness of using threat hunting to aggressively track and eliminate cyber adversaries as early as possible.
\nAccording to the survey, adopters of this model reported positive results, with 74 percent citing reduced attack surfaces, 59 percent experiencing faster speed and accuracy of responses, and 52 percent finding previously undetected threats in their networks.
\nThough it’s a relatively new approach to the early identification of cyber threats, 85 percent of enterprises say they are currently involved with some level of threat hunting.
\nThere are barriers to using the technique effectively though, 40 percent cite the need for a formal program and 52 percent a lack of skilled staff.
\nThe top seven data sets that support threat hunting are IP addresses, network artifacts and patterns, DNS activity, host artifacts and patterns, file monitoring, user behavior and analytics, and software baseline monitoring.
\nThe most common trigger for launching a hunt is an anomaly or anything that deviates from normal network behavior according to 86 percent of respondents.
\nHowever, the survey also reveals that only 23 percent of businesses have hunting processes that are invisible to attackers, meaning that the majority of organizations are at risk from exposing internal hunting procedures in a way that benefits the attacker.
\nLink: http:\/\/paulgdavis.us3.list-manage1.com\/track\/click?u=45bf3caf699abf9904ddc00e3&id=78e4586355&e=20056c7556<\/p>\n
Cybersecurity to help businesses deliver digital growth strategies: Cisco
\nThe Cybersecurity as a Growth Advantage report shows that 64 percent of executives recognise that cybersecurity is fundamental to their digital growth strategy, with nearly one third believing the primary purpose of cybersecurity is to be a growth enabler, while another 44 percent of executives believe cybersecurity is a competitive advantage.
\nChina, India, and Canada were countries where growth enablement sentiment was strongest, with the report suggesting the views from these countries reflect the sharp rise in digital adoption.
\nAccording to John N Stewart, Cisco Chief Security and Trust Officer senior vice president, finance teams have solidified the beliefs executives have about cybersecurity, saying they also agree there are business benefits to be gained.
\nThe research also revealed that inadequate cybersecurity can hinder a business’ growth.
\nNearly 40 percent of respondents admitted they have halted their mission-<\/p>\n","protected":false},"excerpt":{"rendered":"
[From the desk of Paul Davis – his opinions and no-one else’s, apart from the reporter’s opinions ] * 6 Scenarios That Increase Vendor Risk * The Unstoppable Convergence of Physical Security and IT and What it Means for Your Role * Mount St. Mary’s University plans to offer degrees…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[29],"tags":[],"class_list":["post-2486","post","type-post","status-publish","format-standard","hentry","category-news"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2486","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2486"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2486\/revisions"}],"predecessor-version":[{"id":4973,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2486\/revisions\/4973"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2486"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2486"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2486"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}