In theory, the digital aspect of industrial control systems is supposed to be air-gapped from run of the mill corporate networks. In practice, however, there will often be bridges – left either accidentally or on purpose – between industrial controls and the general-purpose internet.
As of this writing, we’re just a month into 2018, and it’s already looking like an interesting year in the realm of information security. Here, interesting means fraught. The first few days of the year ushered in devastating news in the form of the Specter and Meltdown vulnerabilities.
We’ve already spoken extensively about the need for enterprises to occasionally offer access to their data to nearly anyone who asks for it.
Everyone values efficiency and simplicity, which is why thousands of technology startups and established companies have been “disrupting” the old way of doing business with new solutions for long-standing challenges.
Another year has gone by – another year that seems to have been a single all-consuming cyber-disaster. 2017 has been so bad for information security that it’s hard to even visualize separate security incidents.
File upload is one of those can’t-live-with-it, can’t-live-without-it items that makes information security so fraught with difficulty. On the one hand, it automates parts of doing business – especially B2C business – that would typically require a person to make a phone call, send an email, or even dust off their fax machine.
Knowing what's changing in the tech world is a crucial way to drive your own IT department and compete in business. For example, over the past year, quite a few CISOs and other execs have had to brush up on their knowledge of trends like cloud service delivery and container virtualization.
In the world of private encryption, there are few words more apocalyptic than “I gave away my private key.” It is rule number one of PGP security – never reveal your private key to anyone else.