You are here

Cybersecurity

Cyber Resilience – NCSC Guidance on SCADA “in the Cloud”

Whether your utility is considering running SCADA in the cloud or not, this new guidance from UKs National Cyber Security Centre is good for awareness of the options.

The NCSC has published new guidance on cloud-hosted Supervisory Control and Data Acquisition (SCADA).

This guidance does not aim to provide a definitive view on whether SCADA in the cloud is the best option for every OT organization. However, it will help to:

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 19, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 19, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases One Industrial Control Systems Advisory

Reports: Social Engineering & Ransomware Rank as Biggest Threats to Small Organizations

The 2024 Sophos Threat Report published this week highlights how cybercrime disproportionally targets small businesses and hits them the hardest. Small organizations are typically more vulnerable to cyber attacks and thus suffer more from the impact of an attack. According to the report, ransomware, followed by business email compromise (BEC), continues to be the greatest threat to smaller organizations and also packs the biggest punch.

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 14, 2024

CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 14, 2024

The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:

ICS Vulnerability Advisories:

CISA Releases Fifteen Industrial Control Systems Advisories

Security Awareness – Potential Risks Posed from AI/LLM Plugins and Integrations for Data Leakage or Account Takeover

It’s difficult to keep track of AI or LLMs that employees may be using (sanctioned or shadow AI) or that leadership may be pressuring to adopt. Additionally, broad discouragement on using AI tools may force users to use “shadow AI” tools with unknown consequences.

Passthrough: Hybrid Identity Solutions Guidance

CISA published guidance today pertaining to organizations transitioning from an on-premises identity management solution to one that utilizes the cloud, more specifically, when organizations decide to leverage a “hybrid” solution. CISA explains that when organizations leverage cloud solutions and attempt to integrate them with on-premises systems, identity management can be significantly more complex. On-premises identity management solutions need to securely and efficiently integrate with those applied in the cloud to achieve interoperability.

Pages

Subscribe to Cybersecurity