The rise of "as a Service" companies mean that the corporate supply chain is more complicated than ever. Your company probably doesn't do its own hiring, accounting, or software development in-house.
Imagine having to put rubber boots on to fix the damage from a cyberattack. This act was a reality for researchers at a simulated coal plant in Sweden, where a paid penetration tester proved the vulnerability of the plant’s physical systems by tampering with its cooling system.
In theory, the digital aspect of industrial control systems is supposed to be air-gapped from run of the mill corporate networks. In practice, however, there will often be bridges – left either accidentally or on purpose – between industrial controls and the general-purpose internet.
As of this writing, we’re just a month into 2018, and it’s already looking like an interesting year in the realm of information security. Here, interesting means fraught. The first few days of the year ushered in devastating news in the form of the Specter and Meltdown vulnerabilities.
We’ve already spoken extensively about the need for enterprises to occasionally offer access to their data to nearly anyone who asks for it.
Everyone values efficiency and simplicity, which is why thousands of technology startups and established companies have been “disrupting” the old way of doing business with new solutions for long-standing challenges.
Another year has gone by – another year that seems to have been a single all-consuming cyber-disaster. 2017 has been so bad for information security that it’s hard to even visualize separate security incidents.