Smart Building Risk Profile Increasing?

Today’s connected, Internet-of-Things-enabled smart buildings are making lives better on a daily basis: more comfortable to work in, more energy efficient, and even more cost-effective to run as facilities management teams are able to identify and address smaller problems before they become major issues. This is a market valued by ...

Read More »

New Challenges in the Safety of Industrial Control Systems

The technological differences between IT systems and industrial process systems, which have traditionally been treated as completely different disciplines, are disappearing. We find ourselves in a new scenario where both worlds coexist, and where it is no longer enough to rely on the proprietary nature of such technologies. A security ...

Read More »

Red Team: The Best Defense Is a Good Offense

In order to protect business from increasingly numerous and more sophisticated targeted threats, it is necessary to change mentality and evolve towards a more offensive approach that brings greater benefits on a defensive level. Performing realistic intrusion simulations where an external team, the Red Team, simulates the techniques, tactics, and ...

Read More »

GitHub Users Targeted by Malware

Apart from cost, a great attraction of open-source software is the very fact that it is open–you may inspect the code for malicious content and determine whether or not you’re comfortable including it in your project. That’s a lot of work, though, and many people don’t do it, taking on ...

Read More »

Docs.com Is Sharing Your Documents in Search Engines

A timely reminder of the need to be aware of exactly what you’re signing up to with online services.  Many users of the free docs.com sharing service aligned with Microsoft’s Office 365 are discovering that documents they believed to be private are indexed and accessible through public search engines: https://arstechnica.com/security/2017/03/doxed-by-microsofts-docs-com-users-unwittingly-shared-sensitive-docs-publicly/

Read More »

The Importance of a Security Culture across the Organization

Culture drives how people behave in groups and social (or work!) settings.  In this article for IBM’s Security Intelligence newsletter from September 2015, Kevin Beaver discusses the importance of driving a meaningful security culture across the organization – starting from the top and flowing down: https://securityintelligence.com/the-importance-of-a-security-culture-across-the-organization/

Read More »

GDPR: Halfway to What, Exactly, and Why Should I Care?

The General Data Protection Regulation (GDPR) is a piece of European law extending protection of information relating to natural persons (living people) beyond the previous narrower definitions of sensitive personal data to the full spectrum of “Personally Identifiable Information”.  In other words, any data that can be used to directly ...

Read More »

Bank Fraud: The Game of Cat and Mouse

Impersonation (corporate or user), malware and Trojans, fraudulent emails, black markets, phishing, pharming, trademark abuse… There are myriad vectors of attack cybercriminals use to defraud and obtain a significant booty from the clients of the banking sector. Faced with this situation, the entities must bet on a proactive detection, which ...

Read More »