Evidence collected by the US Department of Homeland Security (DHS) suggests that cyber-attacks on key energy infrastructure – and on the electricity system in particular – are increasing, both in frequency and sophistication. And worryingly, new research shows that the risk of a successful large-scale cyber-attack, or combined cyber and physical attack, on the electric power sector is “significant.”
06 March 2014
The SANS Institute has released its latest training and events schedule for 2014 in the Europe, Middle East and Asia regions
03 March 2014
The BBC reported yesterday that energy companies "are being refused insurance cover for cyber-attacks because their defenses are perceived as weak." Before cover is offered, applicants must undergo a security audit by the insurance companies, but "the majority of applicants were turned away because their cyber-defenses were lacking."
28 February 2014
By the end of 2014, more than half of all computing workloads will be processed by cloud based-services, based on data provided by Trend Micro’s JD Sherry. With much US-based critical infrastructure being operated by the private sector, there are both security risks and opportunities through leveraging the cloud
26 February 2014
A report prepared by Sen. Tom Coburn (R-Okla.) and the Minority Staff of the Homeland Security and Governmental Affairs Committee is calling for increased federal involvement in protecting the nation’s critical infrastructure.
11 February 2014
The healthcare industry has long been the subject of high-profile hacking efforts, and represents a specific set of considerations when it comes to data security. Privacy concerns, the risk posed by satisfying record-keeping requirements with outdated IT, a raft of connected medical equipment and devices, and a pervasive use of portable drives and easily lost USB sticks all uniquely affect the security landscape for the vertical.
14 January 2014
The European Network and Information Security Agency (ENISA) has published a good practice guide designed to help the critical infrastructure mitigate cyber-attacks against the industrial control systems supporting vital industry processes.
05 December 2013
The Institute of Chartered Accountants England and Wales has confirmed what the security industry has long been saying: it is impossible to prevent all breaches so companies should use a risk management approach to defend what the ICAEW calls the 'crown jewels.'
19 November 2013
On the very day that the City of London ran operation Waking Shark II, researchers published an analysis of known bank security incidents or vulnerabilities since 2000. If Waking Shark was designed to test the cyber-readiness of the banking sector, this new analysis suggests it might not be enough.
14 November 2013
Today is Waking Shark II day – the day the City of London's cyber resilience is tested in a day long exercise. Details are scarce (it wouldn't be a test if they were known) but the war game is expected to concentrate on the ability of banks to maintain operations in the face of a sustained cyber attack.
12 November 2013