In a two-year study of information about critical control systems directly connected to the Internet, researchers found mining equipment, a surprising number of wind farms, a crematorium, water utilities, and several substations.
Operation Epic Turla targeted intelligence agencies, government institutions, embassies, military groups, education institutions, and research and pharmaceutical companies in more than 45 countries, the security firm said on Thursday.
US Investigations Services (USIS), a Department of Homeland Security (DHS) contractor that conducts background checks for the agency, has been the target of a cyberattack that appears to have been launched by a state-sponsored entity.
Sharing threat information, analysis and expertise within your “extended family” can be very valuable to establishing the kind of early warning system that is the promise of cyber information sharing to begin with - and without most of the risks.
To communicate about our metrics, we need ways that we can ground our experience in terms of “normal” for us; Otherwise, we really can't communicate our metrics effectively with anyone who isn't in a similar environment.
With risks to national and economic security increasing, other avenues of cyber defense are receiving attention. Improving resilience and the promising application of predictive analysis to the prevention of cyberattacks before they occur are two such areas
it’s hard to build continuity under inconsistent leadership. It’s also really hard to beat the hackers when the person responsible for keeping them at bay has less job security than an NFL coach with a losing record.
A risk-driven approach addresses both security posture and business impact to increase operational efficiency, improve assessment accuracy, reduce attack surfaces, and improve investment decision-making.