Head First into Sandboxing

whitePaper | March 14, 2023

This document describes data that is exchanged between the Hardware Management Console (HMC) and the IBM Service Delivery Center (SDC). In addition, it also covers the methods and protocols for this exchange. This includes the configuration of “Call Home” (Electronic Service Agent) on the HMC for automatic hardware error reporting. All the functionality that is described herein refers to Power Systems HMC and the HMC that is used for the IBM Storage System DS8000.

whitePaper | November 28, 2019

Safety Instrumented Systems (SIS) are designed to keep processes safe, especially during critical situations. With this concept in mind, it is paramount that the SIS components are not taken down due to cyber-threats. The purpose of this white paper is to explain, in detail, the Emerson approach for cybersecurity as well as the built-in security features available within the DeltaV SIS process safety system.

whitePaper | March 5, 2020

Held Hostage in Hollywood: In February 2016 the Hollywood Presbyterian Medical Center, in Los Angeles, paid a ransom of about US$17,000 to hackers who infiltrated and disabled its computer network with ransomware. The hospital paid the ransom of 40 Bitcoins (currently worth about $16,664) after a “network infiltration” began on February 5, when employees reported being unable to access the hospital’s network and electronic medical records system. “The malware locked access to certain computer systems and prevented us from sharing communications electronically,” said hospital CEO Allen Stefanek.

whitePaper | April 19, 2021

This guide presents an opinionated view of Google Cloud security best practices, organized to allow users to adopt or adapt them and then automatically deploy them for their estates on Google Cloud. This document can be useful to you if you are a CISO, security practitioner, risk or compliance officer.

whitePaper | November 9, 2022

The CISA Stakeholder-Specific Vulnerability Categorization (SSVC) is a customized decision tree model that assists in prioritizing vulnerability response for the United States government (USG), state, local, tribal, and territorial (SLTT) governments; and critical infrastructure (CI) entities. This document serves as a guide for evaluating vulnerabilities using the CISA SSVC decision tree. The goal of SSVC is to assist in prioritizing the remediation of a vulnerability basedon the impact exploitation would have to the particular organization(s).

whitePaper | October 31, 2022

GE Gas Power has developed a product security program based on industry-leading standards, encompassing end-toend cybersecurity through the entire software development lifecycle in conjunction with engineering, sourcing, and vulnerability and incident response. As part of this program, we have also created the Gas Power Cybersecurity Portal, a central, publicly available resource regarding cybersecurity at GE Gas Power.