Segmentados Administración sistemas y redes TI

In recent years, indicators of compromise have become the best way of exchanging information when it comes to managing an incident. But, do we really know how to manage an indicator of compromise? The aim of an indicator of compromise is to map the information that is received or extracted during the analysis of an incident. This is done in such a way that it can be reused by other investigators or affected people, in order to discover the same evidence in their systems and to be able to determine if they have been compromised or not.

The problems originating from the application of patches in an industrial setting have consequently led to them being rejected by the operators. For years they were practically abandoned, but thanks to the support from security companies and IT departments they are now receiving their due credit.

The protection of critical and strategic infrastructures in our country is a task that must be tackled by all the agents involved in a public-private cooperation framework.

The IDS, IPS and SIEM are equipment originally designed for IT environments but whose adaptation to TO environments has been forced in recent years due to a proliferation of attacks on industrial environments.

After having analysed the "why" behind the cybersecurity capacities evaluation model in the first entry dedicated to the C4V model and after having explained how to carry out an appropriate management of risks in the value chain in the second edition, this third edition is dedicated to explaining how to carry out an evaluation of ourselves.

Wireless technologies are becoming more and more prominent everywhere, and also in industrial environments, driven by all other environments where the use of wireless communication technologies is widespread.

As explained in the first post of this series dedicated to the C4V model, the cyber security level of outsourced services is key to assess the cyber security capabilities of any organisation: It is no use increasing the cyber security levels of an organisation if their suppliers’ levels are not as high, because -it goes without saying that- "security is as strong as its weakest link".

The outsourcing of processes is not something we can consider new. In fact, the contrary is true. And in particular, in terms of how it applies to ICT (Information and Communication Technology), it is common for at least part of our systems to be accessed by third parties or managed directly by third parties.

New control methods of energy distribution needs have required new communication ways, which have been many tines solved with new protocols. A security review to avoid unauthorized Access to private information is one task of main power companies.

Control system standards are being updated in order to support and regulate emerging features in these environments. One of the most consulted standards and used as an example in industrial control systems, the ISA99, has also evolved into the IEC 62443 thanks to the International Electrotechnical Commission.