A back-to-school plan for reaching the next generation of cybersecurity professionals
Tag Archive for: plan
It’s already too late: Plan cyber security incident response now
It’s not a matter of if, but when your business will come under attack from hackers.
There is a cyber security hacking attempt every 39 seconds. Approximately $6 trillion is expected to be spent globally on cyber security this year, and furthermore, since COVID-19, the US FBI has reported a 300% increase in reported cyber crimes.
The advent of the pandemic resulted in an increased global dependence on the cyber industry. With cyber attacks reaching unprecedented numbers this year alone, the importance of pre-emptive cyber incident response (IR) planning has been brought to the forefront.
The financial implications of these data breaches that are a result of victims who decided to pay ransomware ranges from loss of revenue and brand denigration due to customer mistrust, to an inability to recover from the attack.
What is IR planning, and how do you do it?
IR is defined as taking the steps necessary to prepare for, detect, contain and recover from a cyber security incident. An IR plan entails the following:
- The activities required in each phase of IR.
- The roles and responsibilities for completing IR activities.
- Communication pathways between the IR team and the rest of the organisation.
- Metrics to capture the effectiveness of IR capabilities.
It is important to note that the value of an IR plan does not depreciate or become obsolete when a cyber security incident is over.
It continues to provide support for successful litigation through the availability of documentation that auditors may need, as well as historical knowledge to feed into the risk assessment process and improve the IR process itself.
Why is an IR plan important?
The value of an IR plan is in its function in the greater scheme of business continuity. As IR is not limited solely to the technical sphere, the plan must be designed to align with any organisation’s priorities and levels of acceptable risk.
The information gained through the IR process can be used to feed back into both the risk assessment procedures and the IR activity itself, to ensure better handling of future incidents and an overall stronger security posture.
It is astonishing to note that a large majority of organisations either don’t have an IR plan, or…
The Biden Administration just revealed its plan to stop the next Colonial Pipeline hack
On Wednesday, President Biden signed a National Security Memorandum that aims to improve national cybersecurity.
© Provided by Popular Science
![](https://www.bing.com/news/{"default":{"load":"default","w":"80","h":"53","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AAMFSZY.img?h=533&w=799&m=6&q=60&o=f&l=f"},"size3column":{"load":"default","w":"62","h":"42","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AAMFSZY.img?h=416&w=624&m=6&q=60&o=f&l=f"},"size2column":{"load":"default","w":"62","h":"42","src":"//img-s-msn-com.akamaized.net/tenant/amp/entityid/AAMFSZY.img?h=416&w=624&m=6&q=60&o=f&l=f"}})
It directs the Department of Homeland Security’s Cybersecurity & Infrastructure Security Agency (CISA) and the Department of Commerce’s National Institute of Standards and Technology (NIST) to collaborate with other agencies to develop cybersecurity performance standards for companies across the US that provide essential services like power, water, and transportation. When systems that control these vital infrastructures malfunction or are interrupted because of an incident such as a ransomware attack, it can jeopardize national security, economic security, as well as public health and safety.
Load Error
The memorandum also formally establishes the President’s Industrial Control System Cybersecurity (ICS) Initiative, which is a voluntary, collaborative effort between the federal government and the critical infrastructure community to establish systems that can detect cyberthreats and send timely alerts. The ICS Initiative kicked off in mid-April with an Electricity Subsector pilot, in which the Department of Energy worked with over 150 electricity utilities to plan and deploy cybersecurity tech for their control systems. Officials also gathered a number of utility and pipeline CEOs to brief them on cybersecurity threats.
The Department of Homeland Security’s Transportation Security Administration (TSA) rolled out a directive earlier this year requiring critical pipeline owners and operators to report cybersecurity incidents as well as have their current practices reviewed by a designated Cybersecurity Coordinator after a major petroleum pipeline was attacked by ransomware in May.
[Related: How a ransomware attack shut down a major US fuel pipeline]
And last week, the TSA issued a second directive which requires owners and operators of pipelines that transport hazardous liquids and natural gas to instate measures that can protect against ransomware and other cyber attacks. They also require the development of a recovery plan. Owners will also have to review their cybersecurity design every year.
“Recent…
Why Power Management Should Be In Your Cyber Protection Plan
As devices get smarter for convenience and ease; it is important to properly secure these devices to protect against possible cyberattacks.
Courtesy of Getty Images — Credit: gopixa
When it comes to cybersecurity, safeguarding power equipment may not always be the first thing IT professionals have on their checklist. Yet hackers are relentlessly exploiting new devices in innovative ways and vulnerabilities are emerging that may not have been previously considered. The ability to eliminate these vulnerabilities is becoming more and more critical.
In this article, we’ll explore why cybersecurity threats are on the upswing, unique ways hackers are exploiting data and the digital and physical perspectives on how to protect critical information.
As devices get smarter for convenience and ease; it is important to properly secure these devices to protect against possible cyberattacks.Courtesy of Getty Images — Credit: gopixa
Interconnectivity Challenges: 5 Examples of Surprising Hacks
While IoT advancement has generated many benefits for businesses, including the ability to streamline operational efficiency with connected devices like uninterruptible power systems (UPSs) and other power backup devices, this growing interconnectedness brings a new set of cybersecurity challenges. In fact, 61% of organizations have experienced an IoT security incident, which often results in significant financial loss and reputation damage.
On top of that, COVID-19 has created a handful of difficulties for organizations – cybersecurity being one of them. With an increase in remote work and reliance on technology during the pandemic, hackers have had ample opportunity to take advantage of vulnerabilities. The Federal Bureau of Investigation reported a 300% increase in cybercrimes since the pandemic has struck. Also, recent reporting from the International Criminal Police Organization (Interpol) revealed that in a four-month period, 907,000 spam messages, 737 malware incidents and 48,000 malicious URLs related to COVID-19 were detected.
A growing list of equipment has become more susceptible to breaches as cybercrime grows, from household appliances to medical equipment. Here are five examples that…