All Cyber-Kinetic Security & Cybersecurity Posts
-
Cyber-Kinetic Security
Social Engineering – Greatest Information Security Risk
Social engineering doesn’t have to be just a supporting process to obtain system access; it is could be even more dangerous when it is used as the main attack. We, information security defenders, rarely consider that risk. If you think Social Engineering is an effective way to obtain access to systems by exploiting the weakest link – people – you are correct. But not completely…
Read More » -
Cyber-Kinetic Security
“Zero Tolerance” to “80-20” – Lazy Approaches to Cyber Risk
There is a new danger lurking in the information assets of countless organizations around the globe disguised by a plan devised to protect a large portion of those assets while failing miserably to protect the rest. Zero tolerance approach to cyber security is untenable Traditional approach to cyber security was for a board / management to declare that they have “zero tolerance” for cyber breaches,…
Read More » -
Cyber-Kinetic Security
Information Security is not IT Security
Information security and IT security are often used interchangeably – even among experienced security professionals. While the two terms are related and share the common goal of protecting the confidentiality, integrity, and availability (CIA) of information, there are significant differences between them that are crucial for Chief Information Security Officers (CISOs) to understand. Misconstruing information security as merely IT security can lead to blind spots…
Read More » -
Cyber-Kinetic Security
The Lights Are Blinking Red, and Cyber Budgets Are Blinking Off
We finally got the enterprise to look at cybersecurity. The crash slammed the door on spend just as threats professionalized and the attack surface exploded. That’s the bad news. The good news: the first 90 days of disciplined basics still move risk more than the last shiny thing you demoed in ’00. If you’re in finance, tech, or telecom, your security strategy for the year…
Read More » -
Cyber-Kinetic Security
Cyber-Kinetic Attacks: Safeguarding the Physical World from Digital Threats
Cyber-kinetic attacks are not science fiction but an emerging reality, as early incidents and government exercises have shown. This paper introduced the term to crystallize the concept that digital attacks can have deadly real-world effects. We have outlined how the rise of connected cyber-physical systems demands a commensurate evolution in security thinking, education, and policy. Moving forward, stakeholders must treat cyber-kinetic security with the urgency…
Read More »