Favorite Feeds

My favorite articles and blogs

Industrial Cyber Risk Assessment

The ISA/IEC 62443 series of standards provides a risk management methodology for industrial cybersecurity with a foundation based in physical security. Source: Industrial Cyber Risk Assessment

Secure Coding Practices for PLC’s

We have learned that secure coding practices in application development can dramatically reduce the number of bugs and exploitable vulnerability. Are there or should there be secure coding / programming practices for PLC’s? Of course the answer is yes. Jake Brodsky of Jacobs provides important examples of Security Coding Practices […]

Vulnerability Management Maturity Model

I get it. You dread going into the office sometimes. It isn’t that you don’t like the people or the location. It’s that beast, waiting for you when you arrive, and it never seems to go away. You work hard at it, but you never seem to get ahead. Source: […]

CTO Guide To The Business of Cybersecurity

The CTOvision guide to cybersecurity provides insights into the very near future of just about every other tech trend, including Robotics, AI, IOT Source: CTO Guide To The Business of Cybersecurity

A New Appreciation for Continuous Asset Monitoring

Does asset monitoring really have to be continuous? In a recent RSA blog post titled, “Security GRC Fundamentals: Creating and Utilizing a Business Context,” the case was made that without the business context provided by accurate inventory and the prioritization of information systems and data, all the intelligence in the […]

What the 6 Phases of the Threat Intelligence Lifecycle Mean for Your Team

Editor’s Note : Over the next several weeks, we’re sharing excerpts from the newly released second edition of our popular book, “ The Threat Intelligence Handbook: Moving Toward a Security Intelligence Program .” Here, we’re looking at chapter two, “The Threat Intelligence Lifecycle.” To read the full chapter, download your […]

2020 is prime for a global building cybersecurity standard

Buildings will account for 81% of all connected things in 2020, ushering in a new era of smart office buildings, schools, hospitals and more that will improve efficiencies for building management and provide a more comfortable experience for occupants. Source: 2020 is prime for a global building cybersecurity standard

From the AI arms race to adversarial AI

Read Michal Pěchouček’s article on challenges faced by the artificial intelligence on Tech Radar : The AI arms race is on, and it’s a cat and mouse game we see every day in our threat intelligence work. As new technology evolves, our lives become more convenient, but cybercriminals see new […]

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

The U.S. Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. Source: Inside […]

Handlungsfähig bleiben dank Managed Security Services

Managed Security Services (MSS) sind konkret defi nierte IT-Services, die ein Dienstleister für seinen Auftraggeber erbringt. Der Artikel erläutert in einer Kurzeinführung die wichtigsten Aspekte, die Banken und Sparkassen über Managed Security Services wissen sollten. Außerdem: Tipps für die Auswahl des Dienstleisters. Read more on Handlungsfähig bleiben dank Managed Security […]

Future SOC: SANS 2017 Security Operations Center Survey

The primary strengths of security operations centers (SOCs) are flexibility and adaptability, while their biggest weakness is lack of visibility. Survey results indicate a need for more automation across the prevention, detection and response functions. Source: Future SOC: SANS 2017 Security Operations Center Survey

What privacy profile do you fit?

In an era of constant likes and shares, where is the privacy line drawn? Are you someone who worries about being watched as you purchase an item online? Or do you consider loss of privacy the price you pay for having the world at your fingertips. Source: What privacy profile […]

What is a cybersecurity architect and how to hire one

According to the Burning Glass report titled Job Market Intelligence: Cybersecurity Jobs, 2015 , 5% of all cybersecurity job postings are for a job title of Security Architect. Unfortunately, the industry is still unclear as to exactly what an IT Security Architect is. Source: What is a cybersecurity architect and […]

The SANS State of Cyber Threat Intelligence Survey: CTI Important and Maturing

It’s 2016, and the attacks (and attackers) continue to be more brazen than ever.. In this threat landscape, the use of cyber threat intelligence (CTI) is becoming more important to IT security and response teams than ever before.. Source: The SANS State of Cyber Threat Intelligence Survey: CTI Important and […]