November 13, 2013 Added by:InfosecIsland News
Tripwire unveiled the results of a study comparing risk-based security management in the industrial sector to that of other industries.
November 12, 2013 Added by:Jason Clark
Security Advisor Alliance is a nonprofit group of Top security leaders from the Global 1000 who have come together to donate time each week to help our peers in any area of security as a pro-bono service.
November 07, 2013 Added by:Eric Byres
If you have been following SCADA news in the last month, you might have noticed an avalanche of reports and blogs on new security vulnerabilities in power industry equipment. So far, vulnerability disclosures for 9 products using the DNP3 protocol have been released by the ICS-CERT, with another 21 SCADA product disclosures on their way.
October 24, 2013 Added by:Rafal Los
After what appears to be decades of systematically ignoring security challenges, the recent climate of breaches seems to have shaken something loose. Purse strings have loosened. Boards have begun to ask security questions when they have never done so before. And most of all, I'm seeing several organizations formally hiring CISOs and giving them both accountability and control over the security fu...
September 12, 2013 Added by:Eric Byres
I am not a SCADA Apologist. If anything, I consider people like myself and Joel Langill to be SCADA Realists. Clearly Joel and I believe security is important. If we didn’t, we wouldn’t be in this business. And our clients don’t pay us to hear: “Do nothing; it’s the other guy’s fault.”
August 08, 2013 Added by:Jon Stout
he existing cyber security computing model of the past decade, based on firewalls, anti-viral services, intrusion detection controls, etc., is no longer adequate to help organizations mitigate cyber-security risk.
August 07, 2013 Added by:Jon Stout
The computing security model of the past decade, based on firewalls, anti-viral services, intrusion detection controls, system event monitoring, VPNs, etc., is failing to detect and block the most advanced malware. That is serious enough. But what’s worse is that this traditional defense model is of little use in preventing what many experts feel is the greatest threat to cyber security: human e...
August 07, 2013 Added by:Lila Kee
Organizations, especially those involved in the electric industry, must view security investments as a viable risk-reduction tools that not only protect the nation’s way of life, but also investments they have made in their own businesses. To truly understand the risk that critical infrastructures face, and the level of security attention its different sectors require, you must first understand ...
August 01, 2013 Added by:Jon Stout
There are powerful integrated security dashboards that can be installed and modified to meet each user’s particular needs. Now a company can create hundreds if not thousands of employee cyber warriors with a relatively small investment.
July 31, 2013 Added by:Jon Stout
The country is at war and it is a cyber security war. The enemies are many, diverse and competent and fighting a defensive war is not the best way to win. Cyber security war is like any other war- taking the offensive will improve your chances of success. Like any other war, the cyber security war requires proper planning for success and a total winning strategy. Half hearted measures will not ...
July 30, 2013 Added by:Jon Stout
You can be doing all the right things, adding immense value to your customer and helping your company build a great brand. When a contract changes even incumbents are suddenly “on the bench” or “between projects” or “on overhead” . You are no longer billable. As a result you have now moved from a profit-generator to a cost center. When this happens you are at risk.
July 24, 2013 Added by:Anthony M. Freed
In this panel discussion industry experts investigate the possible sources and application of the knowledge needed to secure critical infrastructure
July 05, 2013 Added by:Chris Blask
As we consider the construction of national and global situational awareness systems to secure our manifestly complex infrastructure we run into a range of hurdles. How do we get huge amounts of data from millions of facilities? How do we keep these vast pools of knowledge from becoming an Achilles' Heel that attackers leverage to bring down everything at once?
June 26, 2013 Added by:Rafal Los
Imagine if you woke up tomorrow morning and it was conclusively proven that the layered onion model was proven to fail in several circumstances commonly deployed and used in today’s enterprise. That would sure explain much of the failure we’ve seen across enterprise breaches, wouldn’t it?
June 24, 2013 Added by:Larry Karisny
Knowing the reality and reasons behind cyberattacks, it’s time to stop talking and start offering resolution to these serious problems. There is no "it won’t happen to me" anymore. We must immediately deploy prevention and detection technologies to our critical processes or frankly, we could lose it all.
May 16, 2013 Added by:Francis Cianfrocca
Despite years of engineering, programming, reverse engineering, product development and a generous amount of FUD-driven marketing, the information security industry (loosely defined as representing the forces of good) lags far behind the innovation and sophistication of modern malware perpetrated by the forces of evil.
Join Trend Micro & SecurityWeek in Belle... Shah Alam on 12-06-2013
Looking Beyond "Black Box Testing"... Paul Reed on 12-03-2013
Projectile Dysfunction... ryan mccarthy on 12-01-2013