You are here

Home

Cybersecurity

Cybersecurity Accountability – Food for Thought, as CEO’s may be Personally on the Hook by 2024 for Cyber-Physical Attacks

Nothing screams cybersecurity is serious like personally being on the hook for an entire organization. Personal liability of executives for cyber incidents isn’t new. But when safety of the cyber-physical systems (CPS) that operate within industrial environments is on the line, executives and boards need to be acutely aware of these systems and their vulnerabilities and intentionally pursue a sound risk management strategy for securing these assets.

State-sponsored Actors and Ransomware Threaten Canadian Critical Infrastructure, according to Annual Cyber Threat Assessment

The Canadian Centre for Cyber Security has released the National Cyber Threat Assessment 2020, which begins by noting increased vulnerability of Canadian individuals and organizations to cyber threat actors given their greater reliance on the internet in the COVID-19 environment. One of the key judgements presented in the document is state-sponsored actors are very likely attempting to develop cyber capabilities to disrupt Canadian critical infrastructure, such as the supply of electricity, to further their goals.

OT/ICS Cybersecurity – Vulnerability Management of Embedded Devices

After its recent webinar on Understanding Embedded Devices and Firmware in OT, Verve Industrial took to its blog to address many questions posed during the event. Verve responds in detail and provides “pro-tips” to six important questions for understanding cybersecurity and vulnerability management issues for embedded devices.

Questions answered in this post include:

Security Awareness Reminder – Business Email Compromise, a Primer on Impersonation Attacks

Given the Abnormal Security’s Q3 Quarterly BEC Report shows that business email compromise (BEC) has recently grown in interest over the last quarter, and the energy/infrastructure industries have experienced a 93% increase in attacks, now is NOT the time to curtail your security awareness reminders on BEC and other impersonation-based scams.

Resilience – Water and Wastewater Sector Cybersecurity Resilience Considerations

WaterISAC members continue to needfully advance cybersecurity as a top business and operational priority, but that does not mean it is always easy. Therefore we continue to provide encouragement, reminders, and resources to help utilities stay on track. One such resource is a recent article posted in the Water & Wastes Digest.

DOE Launches Partnership with Energy Sector OT Security Managers

The U.S. Department of Energy (DOE) has announced a new program for operational technology security managers in the energy sector to engage with cyber and national security experts across the government. Named the “OT Defender Fellowship,” participants will spend one year in the program to gain a greater understanding of the adversaries’ strategies and how U.S. government cyber operators defend the nation.

Let Me Show you my Shocked Face for $1000, Alex

In an homage to Alex Trebek, what is: Ransomware gangs not honoring ransom payments for stolen data? While this is not an entirely surprising development, it is a little confusing. It hasn’t been since the early days of ransomware attacks where amateur groups did not honor their “promise” to discontinue an attack or unlock files after payment. It’s been quite a few years since ransomware groups realized they needed to protect their credibility in order to profit.

Threat Awareness – Ransomware Compendium

It has been a bit of a whirlwind in ransomware this past week. Bits have been circulating about Ryuk reaping the rewards from its wreckage, a new strain detonating within an hour after gaining access to the network, and an indiscriminate sample with a version to infect Linux. BleepingComputer has those details and much more in its recent “The Week in Ransomware” series for November 6, 2020.

Pages

Subscribe to Cybersecurity