Security Top Stories

RSS

Given the rising attacks on critical infrastructure and the interconnected mesh of cyber-physical systems, the United States government is looking to better coordinate protection efforts that anticipate and counter criminal groups’ tactics, techniques and procedures, to help prevent attacks from reaching their intended targets.

As threats evolve from emboldened and increasingly sophisticated malicious actors targeting critical infrastructure, the electric sector has developed a holistic and shared-responsibility approach that has supported key improvements to the security posture and culture of electric companies.

In acknowledgment of the wide-reaching effects that damage to critical infrastructure organizations and systems can impart, Security has dedicated our October 2021 issue to Critical Infrastructure Security. This month, our features cover the challenges and risks associated with this market sector, along with solutions and best practices security leaders can take to mitigate some of those risks. Here, we cover a few simple steps critical infrastructure security leaders can take to proactively build a program of resiliency.

By making resilience a priority for an organization, business leaders can reduce disruptions and lessen the consequences from risks that may materialize. To build a framework for the future, considerations must include preparedness, hazard mitigation, insurance and resilience in the context of emerging risks.

9/11 had a transformative effect on security risk management, just as COVID-19 has on healthcare. The risk of terrorism had come directly into business operations, impacting employees as it never had before. Duty of care came to the fore with regards to security risks, both from a legislation perspective and the growing responsibility for corporates. 

How long does a cybercriminal’s timeline usually take? What are their moves? And what tools do they usually employ? To answer these questions, it helps to think like a hacker.

The challenge companies now face is how they can maintain control over the security and privacy of their information, especially as they look to make remote and hybrid work permanent options after employees return to the workplace.

The path to success requires artificial intelligence and machine learning to supercharge the expertise and experience of an equally innovative and warm-bodied defender working as part of an enterprise security operations center and outsourced services like managed detection and response.

Jerry Caponera, Head of Risk Strategies at ThreatConnect, discusses the importance of developing a risk-oriented view into cybersecurity and why cyber risk needs to be quantified in the same way as operational risk or credit risk.

Security and operational requirements are changing. Technology offered by smart cameras is providing an entirely new way of monitoring and controlling safety measures and optimizing security processes within manufacturing and logistics.