Segmentados Administración sistemas y redes TI

In this post we will explain the ability to resist, one of the 4 goals of the IMC model, which allows us to determine if an organization is capable of continuing with the essential services it provides, in the event of a cyberattack.

After the articles “IEC 61850 Standard, all for one and one for all” and “Multicast security in IEC 61850”, it is useful to add more information about the cybersecurity guidelines set out in the IEC 62351 standard with respect to the GOOSE protocol. An explanation will be made of the operation of the protocol, the weaknesses it presents and the appropriate security measures to protect it against possible attackers.

In this post we explain the update made in the IMC model to continue improving its approach and applicability to companies.

In this blog post we detail the new PGP keys generated by INCIBE-CERT to establish secure communication channels with different audiences.

Anticipating is one of the four aims of cyberresilience. It consists of maintaining a state of informed readiness, in order to prevent essential services from being compromised in the event of a cyberattack. To measure the objectives of this aim, its three functional domains are analysed: cybersecurity policies, risk management and cybersecurity training.

The goal of cyber-resilience for an organization, whether or not it belongs to a strategic sector, whether or not it provides one of these digital services, is to maintain its primary purpose and integrity in the face of a cybersecurity threat or attack to an ideal level. Continuous detection processes must be established given that total prevention will never be guaranteed.

Electric charging stations are increasingly used in urban furniture in cities. Electric cars and their need to be charged are a reality. Because of this, there is an increase in supply points that depend on specific protocols and communications for these stations.

The union of the IT and OT worlds is unstoppable, which means that the cybersecurity strategy, traditionally focused on the IT field, must now include aspects related to the industrial world. Having a good cybersecurity strategy is essential for IC systems to survive in this new era.

The open and most-widely-used framework for communication and vulnerability scoring, the CVSS (Common Vulnerability Scoring System), has been updated, incorporating improvements in its new version 3.1 with respect to the previous one. This standard assesses the severity of computer systems vulnerabilities and assigns them a score of 0 to 10.

Trips across the ocean have changed over the years with the arrival of the industrial revolution and information technology, among other things, making technology its best ally, both to automate their navigation and to control their location from land-based stations. However, this total dependence on technology brings with it important security issues that need to be addressed with the importance they deserve.

In recent years, indicators of compromise have become the best way of exchanging information when it comes to managing an incident. But, do we really know how to manage an indicator of compromise? The aim of an indicator of compromise is to map the information that is received or extracted during the analysis of an incident. This is done in such a way that it can be reused by other investigators or affected people, in order to discover the same evidence in their systems and to be able to determine if they have been compromised or not.

The problems originating from the application of patches in an industrial setting have consequently led to them being rejected by the operators. For years they were practically abandoned, but thanks to the support from security companies and IT departments they are now receiving their due credit.