identity and zero trust - H-ISAC

whitePaper | December 18, 2019

The Ohio Data Protection Act (“ODPA” or the Act), came into force on November 2, 2018.1 The Act seeks to improve cybersecurity among Ohio businesses. It does so by providing an affirmative defense against tort claims arising from a data breach to businesses that can demonstrate they have implemented a qualifying cybersecurity program that reasonably conforms to one of ten specified cybersecurity frameworks and met certain other safeguards specified in the Act.

whitePaper | August 25, 2022

These days, you can’t have a conversation about cybersecurity without talking about zero trust. The security concept requires that all individuals and devices on a network be continuously authenticated, authorized, and monitored. Gone are the days of letting someone in the front door, giving them a role with access privileges and then having them go about their merry way.

whitePaper | October 27, 2022

In many ways, the cloud1 is more secure than a traditional data center. Asset management, inventory, audit logging, two-factor access controls, connectivity redundancy and firewalls are built into the cloud provider platform. Servers are easier to patch and won’t become outdated within a few years; there aren’t any forgotten boxes sitting in a dark corner with a note reading, “DO NOT TURN OFF.” However, assets on the cloud continue to be compromised, just as those stored in traditional data centers.

whitePaper | August 22, 2022

Managing the ecosystem of identities accessing enterprise resources has only gotten more complicated during the past several years. Between the increasing number of identities, the challenges posed by phishing attacks, and the continued growth of cloud adoption, enterprises are under pressure to ensure the army of remote workers, contractors, and employees accessing network resources are doing so securely and successfully.

whitePaper | August 26, 2022

The SolarWinds compromise became public in December 2020 and was a massive wake up to the industry. Likely a state-sponsored attack, it compromised potentially thousands of governments and other high-profile organisations across the globe. Many organisations are currently in damage control following the breach. Many of them are unsure if the perpetrators have entered, spread and are still persistent within their environment - even after they shut down the SolarWinds Platforms.

whitePaper | February 16, 2023

There are three key elements in the world of Internet of Things cyber security. Standards are created in order to harmonize a common set of requirements. Regulations are created in order to incentivize manufacturers to adopt cybersecurity hygiene practices so as to protect societies and increase their cyber-resilience. Labels are created in order to provide visibility to consumers.