From the report, “As 2019 approached, ControlScan and MAC once again partnered to organize and conduct an industry study; however, this time we decided to reach out to the SMB merchants themselves. Measuring successes and concerns from the MSP’s perspective had given us part of the equation, so we wanted to learn how well aligned SMBs are with the efforts being aimed at them.” Read on to find out more.

The essays in this eBook provide a wealth of information and present an inside look at an aspect of cybersecurity that is still not well understood. I am certain that anyone responsible for critical industrial operations will benefit from the advice and experiences of those who have contributed to this eBook.

From the Report, “This paper is based on our own research, in which we discovered critical cybersecurity issues in several robots from multiple vendors. While we assist the vendors in addressing the cybersecurity vulnerabilities identified, we want to describe the currently available technology, some of the threats posed by a compromised robot, and the types of cybersecurity issues we discovered. The goal is to make robots more secure and prevent vulnerabilities from being used maliciously by attackers to cause serious harm to businesses, consumers, and their surroundings.”

The purpose of this research is to provide a comprehensive description of the technical details and approach IOActive used to discover vulnerabilities affecting widely deployed radiation monitoring devices. Our work involved software and firmware reverse engineering, RF analysis, and hardware hacking.

This document recommends best practices for endpoint security in industrial applications under the broader scope of industrial internet security.

This case study, focuses on one of Claroty’s power plant installations. It illustrates challenges and solutions that are both unique to the power generation sub-segment, as well those that apply to the broader context of OT cybersecurity.

This report takes an inside look at Industrial Control Systems and the need for them to be updated for the new Cyber Security Threats.

This report offers insight into the impact of AI from both the attackers, and the cybersecurity warriors.

This paper offers insight and direction to election officials seeking to assess the security of their entire election ecosystem.

This document will examine the cyber risk trends that are of concern to the insurance industry, and introduce the RiskSense solution designed to address these challenges

This report offers insight for institutions of higher learning seeking to understand that regulations and issues surrounding cybersecurity on campus.

From the report, “Welcome to the Monthly Threat Roundup report for Sept 2017. At Paladion CTAC we continuously track emerging threats and vulnerabilities and provide you timely actionable intelligence to stay safe. We provide threat related IOC for auto-download that can be directly integrated with your security devices. We also provide advisories on how to prevent, detect and respond to latest attacker techniques. This report summarizes the key observations and analysis done by the CTAC team. It also includes insights and analysis related to global threats and incidents of the past month. "

From the report, “Welcome to Paladion’s Monthly Threat Report for October 2017. At Paladion CTAC we continuously track emerging threats and vulnerabilities to bring you timely, actionable threat intelligence. We provide this intelligence in machine-readable format from our Threat Intelligence Feeds, which can be directly integrated with your security devices. We also provide advisories on how you can prevent, detect, and respond to the latest threats as they happen. This report summarises the key findings of the stated month. It also contains insights related to threats and incidents that we have analysed.”

The Internet of Things: A New Era of Third Party Risk was sponsored by Shared Assessments and conducted by Ponemon Institute to understand organizations’ level of awareness and preparedness for the upcoming enterprise IoT wave. We hope the research findings will help organizations address the risks associated with the proliferation of IoT devices. We surveyed 553 individuals who have a role in the risk management process and are familiar with the use of IoT devices in their organizations.

Welcome to the Monthly Threat Roundup report for November 2017. At Paladion CTAC we continuously track the emerging threats and vulnerabilities and provide you timely actionable intelligence to stay safe. We provide machine-readable intelligence in the form of IOCs, which can be directly integrated with your security devices. We also provide advisories on how you can prevent, detect and respond to latest attacker techniques. This report summarises the key findings of the stated month. It also contains insights related to threats and incidents that we have analysed.

This third edition of the Hacker’s Playbook Findings Report continues in the tradition of reporting enterprise security trends from the point of view of an attacker. The findings represent anonymized data from many millions of SafeBreach breach methods executed within real production environments. This edition includes existing Hacker’s Playbook Findings Report data and new data from deployments between January 2017 and November 2017, with a combination of over 3,400 total breach methods and almost 11.5 million simulations completed. This report reflects which attacks are blocked, which are successful, and key trends and findings based on actual security controller effectiveness.

How is cyber-resilience defined and measured? How are breach risk and cyber resilience related, and what is the best way to improve cyber-resilience for an enterprise? This paper will answer these questions and shed light on steps you can take to improve the cyber-resilience of your enterprise.

This report offers insights into why a CSIRT is crucial in today’s world. It provides some helpful tips and steps that can improve any organization’s response team.

This year, NopSec predicts that the biggest cyber threats will be massive data breaches, ransomware, opportunistic crypto-mining attacks and IoT hacking.

It’s been another headline-grabbing 12 months for cybersecurity. There were many large and damaging compromises affecting retailers, airlines and credit rating companies, to name just a few. Thousands of organizations weren’t prepared and had sensitive data stolen, suffered downtime of key systems or were affected in some other way. Are you ready?

3rd-party (aka supply-chain) cyber attacks were one of the main reasons for major data breaches in 2018. Here is a recap of 3rd-party data breaches that hit the news in 2018