Industrial control systems (ICS) are the backbone of some of the world’s most critical industries like healthcare, chemicals, power, communications, food and agriculture, transportation, and waste and water systems. (Some 16 sectors in the U.S. are designated as critical infrastructure.) Historically, these environments were not designed to be internet-facing. But with rising demand for better connectivity, faster […]
Trust is at the heart of every business relationship. Consumers won’t do business with you and employees won’t work with you if they don’t trust you. And while trust can comprise a number of elements (including product quality, honesty, integrity and goodwill), security is quickly emerging as one of the key pillars of trust. Per […]
In this episode, ISF Chief Executive Steve Durbin speaks with Brett Beranek, Vice President and General Manager of security and biometrics at Nuance Communications. They explore some of the potential, as well as the challenges of biometrics in the security space, whilst expanding upon the recent advancements in deep neural networks and deep fakes. The […]
Ransomware needs no introduction and is perhaps the most damaging and widespread form of cybercrime in years. Several high-profile businesses fell hostage to ransomware in the first half of 2021, with U.S. agencies now prioritizing ransomware incidents as serious acts of terrorism. In 2020, attack incidents grew by 800 percent, and 73 percent of those […]
Steve Durbin is Chief Executive of Information Security Forum. He is a frequent speaker on the Board’s role in cybersecurity and technology. Cybercrime will cost the global economy $10 trillion annually by 2025. Even though security spending is at an all-time high, the majority of security leaders still lack confidence in cybersecurity investments. This is because most security breaches aren’t a […]
To pay or not to pay? Notwithstanding the ethical and emerging federal legal liability issues associated with paying a ransom, what should you do in this situation? Steve Durbin, Chief Executive, ISF Police forces, healthcare providers, educational institutes, the oil industry, entire governments — no sector is immune to the ransomware epidemic. Once you’re hit, […]
ISF Chief Executive, Steve Durbin speaks with Mel Shakir, Managing Director of DreamIt Ventures, about his work helping cyber security startups reach their full potential. They discuss how helping cyber security startups can reach their full potential and how CISOs can keep up with changing cyber security software in this time of digital transformation, as well […]
The number of devices and associated challenges are far too many. IIoT devices possess limited computing power and, therefore, lack the ability to run security solutions…. This is where AI and machine learning come into play. Steve Durbin, Chief Executive of the ISF and Forbes Business Council Member. A technology-led revolution, dubbed Industry 4.0, is gathering […]
Containerization has effectively become the new normal for expediting app delivery and improvements; security concerns surrounding containers don’t seem to be holding back the tide. And rightly so, because the security of any technology really depends on how it’s used. Containers are not inherently insecure. What ultimately determines how vulnerable they can be is how […]
Introduction Welcome to the ISF Live website. This page tells you the terms on which you may use our website www.isflive.org. Please read carefully before use. By using the site, you accept the terms and agree to obey them. If you do not accept them, please do not use the site. Who we are The ISF […]
1. Introduction Welcome to securityforum.org This page tells you the terms on which you may use our website securityforum.org. Please read carefully before use. By using the site, you accept the terms and agree to obey them. If you do not accept them, please do not use the site. 2. Who we are www.securityforum.org is operated […]
By Daniel Norman, Senior Solutions Analyst at the ISF A large portion of IoT-related breaches have stemmed from the attacker discovering the default password and compromising devices at scale. The consumer Internet of Things (IoT) has exploded into the connected world, making domestic life richer, easier and more entertaining. Consumer IoT comprises a set of […]
By Steve Durbin, Managing Director, Information Security Forum, and Forbes Business Council Member Ransomware, phishing, social media scams, data leakage, insider threats, cloud security challenges and the majority of all data breaches have something in common: All of these rely on people serving as conduits. Cyber scammers frequently employ human psychology in their attack strategies, thriving on […]
A human-centered security program helps organizations to understand their people and carefully craft initiatives that are targeted at behavior change… Daniel Norman, Senior Solutions Analyst at the ISF Designing a behavioral change program requires an audit of existing security practices and where the sticking points are. Security awareness rarely leads to sustained behavior change on […]
Basic cyber hygiene standards need to be met, covering patching and updates, network segmentation, network monitoring and hardening, especially for technologies such as AI, robotics and IoT devices. Dan Norman, Senior Solutions Analyst at the ISF The Cybersecurity and Infrastructure Security Agency (CISA), FBI and the U.S. Department of Homeland Security warned this week of […]
…individuals should proactively try and seek out vulnerability forums online and regularly assess whether exploits and vulnerabilities have been exposed in the media Daniel Norman, Senior Solutions Analyst at the ISF The global surge in home-based Internet of Things (IoT) devices seen in recent years should be a cause for celebration. Essentially electronic devices that connect […]
Attackers will once again turn their attention to disrupting the health service by targeting poorly secured devices and systems, which will now start to have severe ramifications for human life. Daniel Norman, Senior Solutions Analyst at the ISF. Universal Health Services (UHS), one of the largest healthcare services provider, has reportedly shut down systems at […]
By Steve Durbin, Managing Director, ISF Over the next few years, the first truly digital generation (Gen Z) will filter into the workplace. Like the preceding millennial generation, they will bring different attitudes with them. However, unlike their predecessors their approach to information sharing will be extreme. Growing up in the age of the smartphone […]
How has the coronavirus impacted the outlook on security over the next few years? The Information Security Forum (ISF) recently released its annual “Threat Horizon” report, looking ahead to 2020-2022. And frankly, the future of security looks a bit scary. The three key themes from the report are: Invasive Technology Disrupts the Everyday: New technologies will further […]
The COVID-19 outbreak has turned many regular office goers and commuters into home workers. They have been thrust into an environment that is both familiar and strange that can pose novel risks for both staff and their employers. These Information Security Forum top tips can make your experience more safe and secure: 1. Choose the […]
When it comes to your online safety, companies have some say in how safe you are by deploying certain security features on their servers and fortifying their sites as best as possible. Still, there’s some responsibility on your shoulders too! When you go online, you need to be aware of the dangers, too, not only […]
Everyone appreciates a cracker joke every now and then. Since it’s Christmas, we thought we would do something fun and share some of the favourite information security jokes from the office. There was a catastrophic cyber attack recently… The government is still looking for the hacker. They think he ran some ware. What does a […]
Bug bounties and crowdsourced penetration testing, why might you need them? Many organisations have implemented a Penetration Testing programme of some sort. This usually takes the form of performing a test on any application and then re-checking it on a regular basis. This is then followed by a defined grace period that an application owner […]
Every 15-25 years a new ‘generation’ enters the workplace, each with different social values, characteristics and personality types. Each generation has well-documented impacts on society, culture, business and on the wider world. With privacy, information and cybersecurity playing a crucial role in society now, should security professionals care about new generational demographics’ impact on business? […]
Bug bounties and crowd sourced penetration testing, why might you need them? Many organisations have implemented a Penetration Testing programme of some sort. This usually takes the form of performing a test on any application and then re-checking it on a regular basis. This is then followed by a defined grace period that an application […]
“Organizations are adopting smart devices with enthusiasm, not realizing that these devices are often insecure by design and therefore offer many opportunities for attackers.” Steve Durbin, Managing Director of the Information Security Forum A state-backed Russian hacking group, dubbed STRONTIUM, has been attacking corporate IoT devices, according to a blog post recounting the findings of researchers […]
Hackers often attack company networks using compromised login information, a challenge for cybersecurity leaders who want to protect data and systems while allowing employees the access they need. Experts say the solution is secure yet flexible identity-management tools and practices—but figuring out what is best isn’t easy. Recommendations include regular and thorough review of individual […]
Microsoft is using its legal muscle to push back against an advanced persistent threat group that is says is “widely associated with Iranian hackers.” Following court approval, it is taking control of 99 website domains allegedly used by the attackers as part of an ongoing spear-phishing campaign. A court filing unsealed Wednesday reveals the details of Microsoft’s request […]
