The European Network and Information Security Agency (ENISA) has published a good practice guide designed to help the critical infrastructure mitigate cyber-attacks against the industrial control systems supporting vital industry processes.
05 December 2013
The Institute of Chartered Accountants England and Wales has confirmed what the security industry has long been saying: it is impossible to prevent all breaches so companies should use a risk management approach to defend what the ICAEW calls the 'crown jewels.'
19 November 2013
On the very day that the City of London ran operation Waking Shark II, researchers published an analysis of known bank security incidents or vulnerabilities since 2000. If Waking Shark was designed to test the cyber-readiness of the banking sector, this new analysis suggests it might not be enough.
14 November 2013
Today is Waking Shark II day – the day the City of London's cyber resilience is tested in a day long exercise. Details are scarce (it wouldn't be a test if they were known) but the war game is expected to concentrate on the ability of banks to maintain operations in the face of a sustained cyber attack.
12 November 2013
The US energy sector experienced the largest number of malware attacks of any industry in the spring and summer of 2012, with the end result being expensive outages at pipelines, oil refineries and drilling platforms. This year, brute-force attacks and botnet infestations are all alarmingly on the rise.
30 October 2013
Migration to the cloud continues apace as businesses look to outsource applications to reduce cost and management overhead. But while businesses worldwide mull the move from physical infrastructure to private, public or hybrid clouds, more than two-thirds of organizations are encountering application connectivity disruptions or outages during data center migration projects.
30 October 2013
UK businesses believe that cyber-attacks pose the No. 1 threat to their viability, and yet 96% said that they fear their information security functions do not fully meet their needs.
30 October 2013
Another day, another industrial control software (ICS) flaw: A vulnerability in ProSoft Technology’s RadioLinx ControlScape application makes the system vulnerable to expedited brute-force passphrase/password attacks and other cryptographic-based attacks, including remotely.
24 October 2013
The US Department of Commerce's National Institute of Standards and Technology (NIST) has, after months of planning and feedback-gathering, released its Preliminary Cybersecurity Framework, aimed at helping critical infrastructure owners and operators reduce cybersecurity risks in industries such as power generation, transportation and telecommunications.
23 October 2013
Distributed denial-of-service (DDoS) attacks are getting more frequent and harder to detect. To help companies keep up with daily threat levels, Arbor Networks has collaborated with Google Ideas to create a data visualization map of global attacks.
22 October 2013