Tag: National Cybersecurity Institute

Vehicles have notoriously been vulnerable to attack from various sources. These have varied from the equipment, endpoints, and communication being insecure to open ports. Regardless of the source, these have historically and continue to provide ample attack surfaces for those with malicious intent. Engineers in the automotive industry have attacked this issue from the defensive …

Years ago, a business could plan to secure its enterprise. The IT department would harden the system and in most cases there would be a reasonable assurance the enterprise was relatively safe. Things have changed as technology has improved. This improvement has come at a price. The speed of advancement has not been the easiest …

The latest settlement for a potential HIPAA violation provides us with another example of the consequences of not conducting and documenting a comprehensive risk analysis and having a risk management plan. http://www.hhs.gov/about/news/2016/08/04/advocate-health-care-settles-potential-hipaa-penalties-555-million.html# According to the Open Group Standard Risk Analysis, a risk analysis is the evaluation component of the risk assessment process. The analysis is …

The Community College Cybersecurity Summit (or 3CS) was held in Pittsburg in July. This conference, while targeted at community colleges offered several sessions that would appeal to university faculty, cybersecurity practitioners, and government. What differentiates this conference from most other cybersecurity conferences is the wealth of hands-on, innovative, and collaborative sessions. This is the place …

The National Cyber Summit (NCS) June 7-9, 2016 in Huntsville, Alabama was one of the best cybersecurity conferences I have attended. The conference included many sessions ranging from paper presentations, new technology overviews, and hands-on workshop sessions. The keynote speakers were knowledgeable, funny, and engaging, and included Lt. Gen. Edward Cardon, Commander US Army Cyber …

When we think of the impact of the Internet on our daily lives, we can’t help but be astonished at the breadth and depth of the effect it has on all aspects of our world. For the vast majority of us, the Web is our means of accessing Internet resources. The Web employs an innovative …

What Moody’s and Standard & Poor’s are to credit ratings of companies, companies such as  FICO and Bitsight are becoming to cyber risk ratings for companies. Businesses have relied on credit ratings to determine investment risk levels and now companies are relying on rating companies to have a standard bench mark of cyber risk.  This …

I happened on an article today that spoke of the high risk of a cyber breach in the UK. According to the Association of British Insurers (ABI) “A UK Government survey estimated that in 2014 81% of large corporations and 60% of small businesses suffered a cyber breach. The average cost of a cyber-security breach …

The automotive industry’s cyber threat information sharing organization, Auto-ISAC, recently announced its best practices for cybersecurity measures for automobiles. The best practices are intended for all manufacturers and suppliers in the automotive industry, regardless of size. The organization states they built in flexibility for implementation by a range of companies. Auto-ISAC is a member of …