The NIST has published a voluntary framework to reduce cyber risk to critical infrastructure as a result of a directive inside the President's execute order for improving critical infrastructure cybersecurity. The core of this framework is composed of a function matrix and a framework implementation level matrix. The goal of the implementation matrix is to reflect the cybersecurity state of the critical infrastructure from the previous role perspectives.
Honeypot to attacks to critical infrastructure systems
8 Jul 2013
ICS-CERT issued its quarterly report and observed a significant increase in the number of brute force attacks on critical infrastructure. In 2012, ICS-CERT said it responded to 198 incidents of critical infrastructures, a number that has already passed the fiscal year that began in October 2012 and ended in May 2013. Energy continues to be the most affected with 53 percent of targeted attacks, compared to 41 percent last year. Manufacturing is next with 17 percent.
Indian Govt puts cyber policy in place, invites pvt players
8 Jul 2013
The Union government is expecting an investment of $1 billion (about Rs 5,940 crore today) from private technology companies, with the release of India’s first cyber security policy on Tuesday. The policy proposes a contingency plan to handle cyber attacks on vital installations and critical infrastructure.
Thinking About Security Considerations in SCADA Systems
8 Jul 2013
SCADA System can be affected by a number of threats, which may be natural or intentional. So it is very much important to focus on security aspects of SCADA Systems. This article focuses on various types of threats which must be considered in order to plan the security management of a SCADA system.
Spain's Industrial Cybersecurity Roadmap Published
8 Jul 2013
July 1st, Spain's Industrial Cybersecurity Roadmap (2013-2018) has been published. The document, developed by the Industrial Cybersecurity Center pretends to be the first step on the way of building an Industrial Cybersecurity culture in order to improve the security of Spain's industrial infrastructures.
Attacks attributed to the Anonymous group endanger critical infrastructure in Brazil
28 Jun 2013
During the last week many calls for help from government organizations due to DOS, DDOS and defacement attacks were received, warning about attacks that were making their portals unavailable to public service. These actions against critical infrastructure are attributed to the hacktivist group Anonymous, which claimed responsibility for public protests in the real and virtual world in Brazil.
South Korea government confirmed a cyber attack by unidentified hackers that shut down several sites including the Blue House. Investigations into several recent large-scale cyber assaults on South Korean media groups and financial institutions concluded that they originated in North Korea.
Advanced Persistent Threat Awareness Study Results
28 Jun 2013
Advanced persistent threat (APT) has been a term used frequently during security threat discussion; however, confusion exists as to what an APT is and how to manage the risk associated with it. Although the study reveals that a large number of respondents feel that APTs are important and have the ability to impact national security and economic stability, the study also demonstrates that the controls being used to defend against APT might not be sufficient to adequately protect enterprise networks.
The Superintendence of Electronic Certification Services SUSCERTE country joins the Venezuelan Plan Safe Homeland. The Superintendent stated that is responsible SUSCERTE the National Incident Management Telematics (VenCERT) whose task is the prevention, detection and management of incidents generated in the information systems of public administration and national public bodies in charge of management of the Nation's critical infrastructure. In fact, the security of information systems and networks in the public sector is a critical component of homeland security.
The Voice of Industry. The situation in Spain's Industrial Cybersecurity
25 Jun 2013
On June 20th was held the first The Voice of Industry event, organized by the Industrial Cybersecurity Center. The event began with the official launch of the Centre for Industrial and the presentation of the Cybersecurity Roadmap Industrial Cybersecurity in Spain (2013-2018), which will be published next July 1st. Then INTECO and CNPIC gave his vision of public-private partnerships as a primary mechanism to improve Industrial Cybersecurity in Spain.