Trend analysis is an important topic within threat intelligence. It lets us forecast where things are headed; whether they’re getting better, worse or different; and where we should be focusing our precious budgets. The UK’s National Cyber Security Centre (NCSC) recently released the Incident trends report (October 2018 – April ... Read More

Reports from the U.S. Government Accountability Office (GAO) and Siemens highlight both the increasing cyber threats faced by the electric utility companies and the lack of adequate readiness to respond to these threats. According to these reports, a cyber-attack on the electric grid could cause “severe” damage. The electric grid ... Read More

Most organizations with industrial control systems (ICS) fall into one of two categories: regulated and non-regulated. For those subject to government imposed regulatory requirements, the selection of a cybersecurity framework is obviously compelling. Such is the case with the nuclear energy industry and NEI 08-09. The nuclear energy industry is ... Read More

In July 2019, Capital One made news headlines not for achieving another milestone but because it had been breached. Capital One was using AWS cloud services, as many businesses are doing nowadays. The problem stemmed (in part) because Capital One had a misconfigured open-source Web Application Firewall (WAF) hosted in ... Read More

GDPR is a landmark in privacy jurisdiction. Through its 99 articles, it sets a framework for both businesses and individuals on their rights and responsibilities when it comes to protecting privacy. The most important element in my opinion is that privacy functions a fundamental human right and needs to be ... Read More

Cybersecurity threats to manufacturing and process plants are coming from a wide range of attack vectors, including supply chain, logistics, enterprise computing, remote connections, operator stations, programmable logic controllers, distributed control systems (DCSs), smart sensors, and new smart devices. Internet of Things (IoT) technologies offer greater connectivity and endless applications, ... Read More

Second Payment Services Directive (PSD2) Payment services that operate electronically should adopt technologies that guarantees the safe authentication of the user and reduces, to the maximum extent possible, the risk of fraud. In order to achieve this, the European Union in 2007 passed the Payment Services Directive (PSD). The aim ... Read More

The Importance of Insider Threats The recent IBM 2019 Cost of Data Breach survey found that the cost of a data breach had risen 12% over the past 5 years to $3.92 million on average. While 51% of the data breach attacks were attributed to malicious or criminal actors, a ... Read More

For the 14th consecutive year, IBM Security released its annual Data Breach Report that examines the financial impact of data breaches on organizations. According to the report, the cost of a data breach has risen 12% over the past 5 years to $3.92 million per incident on average. These rising ... Read More

Even though the healthcare industry has been slower to adopt Internet of Things technologies than other industries, the Internet of Medical Things (IoMT) is destined to transform how we keep people safe and healthy, especially as the demand for lowering healthcare costs increases. The Internet of Medical Things refers to ... Read More