You are here

Home » Cybersecurity

Cybersecurity

Insider Threat Mitigation Guide and Fact Sheets (CISA)

Today the Cybersecurity and Infrastructure Security Agency (CISA) published its Insider Threat Mitigation Guide, which brings together planning and preparedness resources from federal and private sector experts into a single format that organizations can use to prepare for and respond to an insider threat. It contains step-by-step information, best practices, metrics, tools, and training that can be used for establishing an effective threat mitigation plan to decrease the likelihood of harm to people, companies, organizations, and critical infrastructure.

OT/ICS Cybersecurity – Vulnerability Management of Embedded Devices

After its recent webinar on Understanding Embedded Devices and Firmware in OT, Verve Industrial took to its blog to address many questions posed during the event. Verve responds in detail and provides “pro-tips” to six important questions for understanding cybersecurity and vulnerability management issues for embedded devices.

Questions answered in this post include:

Security Awareness Reminder – Business Email Compromise, a Primer on Impersonation Attacks

Given the Abnormal Security’s Q3 Quarterly BEC Report shows that business email compromise (BEC) has recently grown in interest over the last quarter, and the energy/infrastructure industries have experienced a 93% increase in attacks, now is NOT the time to curtail your security awareness reminders on BEC and other impersonation-based scams.

Resilience – Water and Wastewater Sector Cybersecurity Resilience Considerations

WaterISAC members continue to needfully advance cybersecurity as a top business and operational priority, but that does not mean it is always easy. Therefore we continue to provide encouragement, reminders, and resources to help utilities stay on track. One such resource is a recent article posted in the Water & Wastes Digest.

DOE Launches Partnership with Energy Sector OT Security Managers

The U.S. Department of Energy (DOE) has announced a new program for operational technology security managers in the energy sector to engage with cyber and national security experts across the government. Named the “OT Defender Fellowship,” participants will spend one year in the program to gain a greater understanding of the adversaries’ strategies and how U.S. government cyber operators defend the nation.

Let Me Show you my Shocked Face for $1000, Alex

In an homage to Alex Trebek, what is: Ransomware gangs not honoring ransom payments for stolen data? While this is not an entirely surprising development, it is a little confusing. It hasn’t been since the early days of ransomware attacks where amateur groups did not honor their “promise” to discontinue an attack or unlock files after payment. It’s been quite a few years since ransomware groups realized they needed to protect their credibility in order to profit.

Threat Awareness – Ransomware Compendium

It has been a bit of a whirlwind in ransomware this past week. Bits have been circulating about Ryuk reaping the rewards from its wreckage, a new strain detonating within an hour after gaining access to the network, and an indiscriminate sample with a version to infect Linux. BleepingComputer has those details and much more in its recent “The Week in Ransomware” series for November 6, 2020.

Pages

Subscribe to Cybersecurity