Cyber Security Challenges in Healthcare IoT Devices

The recent Vectra 2019 Spotlight Report on Healthcare indicates that the proliferation of healthcare internet-of-things (IoT) devices, along with a lack of network segmentation, insufficient access controls and reliance on legacy systems, has created an increasing attack surface that can be exploited by cyber criminals determined to steal personally identifiable ... Read More

How to Advance ICS Cybersecurity: Implement Continuous Monitoring

Industrial Control Systems (ICS) include Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and other control system configurations such as Programmable Logic Controllers (PLC). They are typically used in industries such as electric, water, oil and natural gas, transportation, chemical, pharmaceutical and manufacturing (e.g., automotive, aerospace). These ... Read More

Drones as Cyber Weapons: A Reality, Not a Hyperbole

On the aftermath of the Mati wildfires in Greece that killed 100 people, the Greek Fire Department spokesperson made an announcement on June 2018, stating “Any manned and unmanned aircraft systems flights in an area of operations is a serious infringement and creates safety risks for flights. Any breach entails ... Read More

The Path to Cyber Resilience: Takeaways from the Scalar 2019 Security Study

The annual Scalar Security Study, published in February 2019 and conducted by IDC Canada, identified a new normal across the threat landscape: cybersecurity incidents, be it exfiltration, infiltration or denial of service, occur on a regular basis. Focused on small, midsize and large organizations in Canada, the study confirms that ... Read More

Trends in Industrial Control Systems Cybersecurity

With connectivity to the outside world growing, cyber attacks on industrial computers constitute an extremely dangerous threat, as these types of incidents can cause material losses and production downtime for a whole system. Moreover, industrial enterprises knocked out of service can seriously undermine a region’s social welfare, ecology and macroeconomics ... Read More

Report: Concerted Global Cyber Attack Could Disrupt Global Economy

According to a hypothetical cyber risk scenario prepared by the Cyber Risk Management (CyRiM) project for risk management purposes, a ransomware strain that can disrupt more than 600,000 businesses worldwide within 24 hours would potentially lead to damages in the amount of billions of dollars. Cyber Risk Management (CyRiM) project ... Read More

Federal Cybersecurity Posture “Untenable,” According to OMB Risk Report

When he issued Executive Order 13800 (EO 13800) on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, President Trump’s goal was to highlight that security and public accountability of government officials are foundational pillars while emphasizing the importance of reducing cybersecurity risks to the Nation. In accordance with the ... Read More

USB Threats to Cybersecurity of Industrial Facilities

Industrial facilities cybersecurity is very critical for the national security of every state and comes once more into focus following the recent Honeywell’s Industrial USB Threat Report. With increasing pressure to limit network access to industrial control systems, industrial plant dependence upon USB removable media to transfer information, files, patches ... Read More

The Digital Deciders and The Future of Internet

Recently, the nonpartisan think tank New America published a report called “The Digital Deciders” or “how a group of often overlooked countries could hold the keys to the future of the global Internet.” The authors of the report are Robert Morgus, Jocelyn Woolbright and Justin Sherman. The purpose of this ... Read More

NIST Framework for Critical Infrastructure Cybersecurity

Four years after the initial iteration was released, the National Institute of Standards and Technology (NIST) released version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity. The framework was initially developed to be a voluntary, risk-based framework to improve cybersecurity for critical infrastructure in the United States. It’s the ... Read More