Home Tags CYBERSECURITY

Tag: CYBERSECURITY

Security Standards Regulations Guidelines
Below is my attempt to list of all published 5G, IoT and "Smart Everything"-related security guidelines, frameworks and standards. If you are aware of additional entries that should be here, please let us know at info@5g.security
Italian Earthquake Risk Management
We have to ask ourselves; at what point does an unexpected outcome via expert prediction justify a prison sentence? Minutes after I delivered cyber risk assessment results to my Italian client, I heard the news – six Italian scientists and a government official have been sentenced to six years in prison over statements they made prior to a 2009 earthquake that killed 309 in the town of L’Aquila in Italy. The offense? Manslaughter. This group was comprised of well-respected members of the National Commission for the Forecast and Prevention of Major Risks which apparently the public had deemed as being able to...
Cyber-War
“Cyber war” is a term that is in recent days used so liberally that people may often wonder if these words are as menacing as they sound or used only as a tool to incite fear as a way to control a society that increasingly depends on technology. How we prepare and respond to cyber attacks depends on whether we believe we are in cyber war. It influences how we estimate the risks, potential impacts, or insurance premiums. Preparation for and response to cyber war implies government involvement and that might mean handing over the control of our networks to...
Social Engineering
Social engineering doesn't have to be just a supporting process to obtain system access; it is could be even more dangerous when it is used as the main attack. We, information security defenders, rarely consider that risk. If you think Social Engineering is an effective way to obtain access to systems by exploiting the weakest link – people – you are correct. But not completely correct. Social engineering could be much more than what is being discussed in the media or on social engineering awareness sessions. Social Engineering is the most effective way to: obtain information. It’s a subtle difference, but one...
Information Security IT Security
Information security and IT security are often used interchangeably. Even among InfoSec professionals. The terms are interrelated and often share the common goals of protecting the confidentiality, integrity and availability of information, however; there are significant differences between them. IT security is only concerned with the systems that store, process, transfer and make available electronic data. Information security goes far beyond that. It encompasses classification of information across an organization, information security policies and procedures, physical security aspects, legal protections, HR, awareness, and retention of information, regardless of information format. Even when the information is on paper or in employees’ heads. Examples...