How To Create a Successful Cyber-Security Policy

DP Solutions

As security breaches become the new normal, having a cyber-security policy in place for your organization becomes essential. Technology alone cannot prevent a cyber-attack; therefore, businesses need to create a culture of security among their staff. The best way to do this is with cyber-security policies: a series of rules that define what end users may or may not do with their technology. In this on-demand webinar, DP Solutions’ Senior IT Risk Advisor Ben Schmerler discusses how to develop a solid and reasonable policy for your organization. From this webinar, you will learn: What information should be covered in your policies. Special considerations such as mobile devices, social media, compliance or legal concerns. How to properly document your policies. How to determine if your employees are following the policies. Technology options to enforce the policies.
Watch Now

Spotlight

A global change in culture has been materializing recently in the energy automation business for electric utilities with regards to cyber security. This has accelerated rapidly in the last three years, with the culmination of new standards and mature methodologies being deployed for the energy market. Electric utilities operate critical infrastructure in order to secure the reliability of the energy supply. Therefore the utility is focused on the uninterrupted operation and availability of the different components of the infrastructure from the control centers, substations, RTUs to the field devices. Former energy automation systems (EAS) have not been developed with cyber security in mind. They have been operated as an “island” with “private” communication connections to other systems. Starting with the introduction of internet technology, EASs became increasingly more interconnected and emerged as targets for “hacker” groups to attack the infrastructure. The process of awareness for cyber security issues started initially very slowly. The first attacks / incidents were not widely published and therefore not prevalently known. Nowadays the awareness of cyber security issues is growing due to the importance of energy infrastructure to be constantly in operation. The awareness of all the related cyber security topics needs to be extended in future to guarantee further smooth operation of the critical energy infrastructure. The operational failure of an EAS can have an extremely negative impact for industry, the general public and governments. Industry and households increasingly depend on electrical energy. Nobody will accept a blackout due to a cyber security attack.

OTHER ON-DEMAND WEBINARS

How to Remain Secure, Protect Data, and Stay Compliant in the Face of End of Life Operating Systems

Carbon Black

The ever-changing threat landscape continues to challenge businesses who attempt to protect critical data, improve security posture, and remain compliant. That challenge is intensified when adding the constant risk of operating systems going end of life and pushing endpoints out of compliance against many modern data security laws, regulations, and compliance policies. The risk is too great and businesses can no longer afford to take a passive stance when it comes to maintaining system endpoints and ensuring that vulnerabilities are in check.
Watch Now

Ask the experts: What’s the worst web application security issue?

Synopsys

We know. It’s an impossible question to answer. There’s no such thing as a “worst web application security issue,” because every app and every organization has its own unique set of issues. But if you’re a development organization with limited resources, how do you know where to start? Which issues appear over and over in data breaches, exploits, and top N lists such as the OWASP Top 10? We asked some experts—and Twitter—to give us their opinions.
Watch Now

Reducing SMB Cybersecurity Risk

Mediapro

Small- and mid-size businesses (SMBs) can no longer afford to think they’re too small to be a target for cybercriminals. That’s why SMBs should consider new or expanded investment in a comprehensive security awareness program to help address the growing risks related to cybersecurity, privacy, and regulatory compliance.
Watch Now

Attack Tactics 6! Return of the Blue Team

Black Hills Information Security

In this webcast we walk through the step-by-step defenses to stop the attackers in every step of the way we showed in Attack Tactics Part 5. Introduction, password spray toolkit, account lockout, honey accounts, canary tokens, and two factor authorization. fixthefuture , two factor authorization, dumping global address lists, mailsniper 20:30 Lateral movement, OWA, VPN, SSH. Scanning and enumeration, Nmap, SSH Brute Force, “Find Open”, LLMNR, LLMNR Responder, and NrlmRelayX.
Watch Now

Spotlight

A global change in culture has been materializing recently in the energy automation business for electric utilities with regards to cyber security. This has accelerated rapidly in the last three years, with the culmination of new standards and mature methodologies being deployed for the energy market. Electric utilities operate critical infrastructure in order to secure the reliability of the energy supply. Therefore the utility is focused on the uninterrupted operation and availability of the different components of the infrastructure from the control centers, substations, RTUs to the field devices. Former energy automation systems (EAS) have not been developed with cyber security in mind. They have been operated as an “island” with “private” communication connections to other systems. Starting with the introduction of internet technology, EASs became increasingly more interconnected and emerged as targets for “hacker” groups to attack the infrastructure. The process of awareness for cyber security issues started initially very slowly. The first attacks / incidents were not widely published and therefore not prevalently known. Nowadays the awareness of cyber security issues is growing due to the importance of energy infrastructure to be constantly in operation. The awareness of all the related cyber security topics needs to be extended in future to guarantee further smooth operation of the critical energy infrastructure. The operational failure of an EAS can have an extremely negative impact for industry, the general public and governments. Industry and households increasingly depend on electrical energy. Nobody will accept a blackout due to a cyber security attack.

resources