Cyber Threat Landscape: The More Things Change …


Many analyses of cybersecurity include consideration of the field’s constant state of flux and change. As the battlefield of the internet evolves, typically, so do the attack strategies, weapons, defense mechanisms and actors. However, according to ISACA’s 2018 State of Cybersecurity research, two elements that remain relatively constant are the types of attackers and the type [...]

Sofacy Group’s Parallel Attacks


Summary The Sofacy group remains a persistent global threat. Unit 42 and others have shown in the first half of 2018 how this threat actor group continues to target multiple organizations throughout the world with a strong emphasis on government, diplomatic and other strategic organizations primarily in North America and Europe. Following up our most [...]

When it Comes to ERP, Cybersecurity is a Chief Concern


For businesses that have a lot of resources tied up in logistics and inventory, enterprise resource planning (ERP) systems can be a lifesaver. However, you should never invest in an ERP system blindly. With so much valuable data filtering through such a system, you must pay attention to cybersecurity. Understanding the Need for ERP Security [...]

IoT Audits Loom Large in a Connected World


The proliferation of Internet of Things devices is well-documented, with the potential for more than 20 billion connected things by 2020. Installations of connected devices are spanning virtually all industries and cover just about any use case that can be imagined. With such an enormous volume of connected devices and minimal regulation, it comes as [...]

Security Operating Platform for Smart Manufacturing and Industry 4.0


Information technology is transforming manufacturing by digitizing virtually every step of the modern manufacturing process – a trend referred to as “smart manufacturing” in the United States and “Industry 4.0” in Europe. Cloud computing, together with technologies such as 5G wireless, smart sensors, high-performance computing (HPC), computer-aided design, engineering and the industrial internet of things, [...]

Panel Shares Guidance in Immediate Aftermath of GDPR Deadline


Despite the many nuances about the new General Data Protection Regulation (GDPR) and questions about how it will be enforced, panelists at Tuesday’s GDPR panel during ISACA’s EuroCACS conference provided some straightforward guidance to organizations – if you don’t need the data, don’t collect it. Operating within that basic framework can prevent many of the GDPR-related headaches [...]