Cybersecurity

Situational Awareness - In Search of Cyber Regulations for the Water Sector

The Record has posted an overview of ongoing efforts to find a cybersecurity regulatory solution for the water and wastewater systems sector in the wake of the withdraw of the EPA memorandum last year. WaterISAC is providing this for your situational awareness.

For more details, access The Record.

Read more about Situational Awareness - In Search of Cyber Regulations for the Water Sector

Cyber Resilience - Australian CISC Launches HealthCheck Tool for Enhanced Organizational Resilience

On Monday, the Australian Cyber and Infrastructure Security Centre (CISC) unveiled an enhanced self-assessment tool called the Organisational Resilience HealthCheck Tool along with a refreshed “Organisational Resilience: Good Practice Guide” to complement it.

Read more about Cyber Resilience - Australian CISC Launches HealthCheck Tool for Enhanced Organizational Resilience

Cyber Resilience – NCSC Guidance on SCADA “in the Cloud”

Whether your utility is considering running SCADA in the cloud or not, this new guidance from UKs National Cyber Security Centre is good for awareness of the options.

The NCSC has published new guidance on cloud-hosted Supervisory Control and Data Acquisition (SCADA).

This guidance does not aim to provide a definitive view on whether SCADA in the cloud is the best option for every OT organization. However, it will help to:

Read more about Cyber Resilience – NCSC Guidance on SCADA “in the Cloud”

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 19, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 19, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases One Industrial Control Systems Advisory

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 19, 2024

Supplemental Cyber Highlights – March 19, 2024

The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.

Critical Infrastructure

Read more about Supplemental Cyber Highlights – March 19, 2024

Supplemental Cyber Highlights – March 14, 2024

Critical Infrastructure

Read more about Supplemental Cyber Highlights – March 14, 2024

Reports: Social Engineering & Ransomware Rank as Biggest Threats to Small Organizations

The 2024 Sophos Threat Report published this week highlights how cybercrime disproportionally targets small businesses and hits them the hardest. Small organizations are typically more vulnerable to cyber attacks and thus suffer more from the impact of an attack. According to the report, ransomware, followed by business email compromise (BEC), continues to be the greatest threat to smaller organizations and also packs the biggest punch.

Read more about Reports: Social Engineering & Ransomware Rank as Biggest Threats to Small Organizations

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 14, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 14, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Fifteen Industrial Control Systems Advisories

Read more about CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 14, 2024

Cyber Resilience – Defending the Need for Cybersecurity Resources for Small Utilities

- by Jennifer Lyn Walker

Read more about Cyber Resilience – Defending the Need for Cybersecurity Resources for Small Utilities

Security Awareness – Potential Risks Posed from AI/LLM Plugins and Integrations for Data Leakage or Account Takeover

It’s difficult to keep track of AI or LLMs that employees may be using (sanctioned or shadow AI) or that leadership may be pressuring to adopt. Additionally, broad discouragement on using AI tools may force users to use “shadow AI” tools with unknown consequences.

Read more about Security Awareness – Potential Risks Posed from AI/LLM Plugins and Integrations for Data Leakage or Account Takeover

You are here

Cybersecurity

Situational Awareness - In Search of Cyber Regulations for the Water Sector

Cyber Resilience - Australian CISC Launches HealthCheck Tool for Enhanced Organizational Resilience

Cyber Resilience – NCSC Guidance on SCADA “in the Cloud”

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 19, 2024

Supplemental Cyber Highlights – March 19, 2024

Supplemental Cyber Highlights – March 14, 2024

Reports: Social Engineering & Ransomware Rank as Biggest Threats to Small Organizations

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 14, 2024

Cyber Resilience – Defending the Need for Cybersecurity Resources for Small Utilities

Security Awareness – Potential Risks Posed from AI/LLM Plugins and Integrations for Data Leakage or Account Takeover

Pages

You are here

Cybersecurity

Pages

Footer Email Signup