![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/exfiltracion_sci_1.jpg)
Exfiltration of data, or information leakage, poses a threat to all companies throughout the world. It is important to know the possible ways information can get out to control them and avoid a loss of information in our organisation. Since in industry the most important factor is availability, this threat has to be put into perspective.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/ciberresiliencia_portada_0.jpg)
The goal of cyber-resilience for an organization, whether or not it belongs to a strategic sector, whether or not it provides one of these digital services, is to maintain its primary purpose and integrity in the face of a cybersecurity threat or attack to an ideal level. Continuous detection processes must be established given that total prevention will never be guaranteed.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/toolbox.jpg)
A BusyBox is software or a program that combines several functionalities in a small executable. This small tool was created for use in integrated operating systems with very limited resources, and they are usually used in control systems. But, as in all tools, you have to know what security level they have and if it can be improved.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/cvss3.1_principal720x410.jpg)
The open and most-widely-used framework for communication and vulnerability scoring, the CVSS (Common Vulnerability Scoring System), has been updated, incorporating improvements in its new version 3.1 with respect to the previous one. This standard assesses the severity of computer systems vulnerabilities and assigns them a score of 0 to 10.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/defensa_teoria_practica.jpg)
The concept of defence in industrial environments is changing. Just as the attacks are increasingly more sophisticated, the protection systems tend to be more flexible and more evolved. Being able to strengthen the upper levels, such as active defence and intelligence, is essential, whilst always maintaining a solid base of the lower levels (passive defence and secure architecture).
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/mitigacion_problemas_industria.jpg)
Given that availability is always a critical point to take into account for within industrial environments, it is necessary to prevent the attacks that denial of services cause and that affect these environments. The means of giving way to a denial of service can be diverse, much like the means of mitigating these problems. This article will review all of these points, as well as the way in which the risks derived from these attacks can be reduced.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/auditorias_industria.jpg)
The wireless protocols used in industrial environments for communication between devices are numerous are extensive, therefore ensuring these communications is vital for industrial process to function correctly. In this article, we'll look at the advantages of wireless communication audits and the disadvantages of not performing them.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/thinkstockphotos-489306446.jpg)
The protection of critical and strategic infrastructures in our country is a task that must be tackled by all the agents involved in a public-private cooperation framework.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/myd-224_img_blog_v1.png)
The IDS, IPS and SIEM are equipment originally designed for IT environments but whose adaptation to TO environments has been forced in recent years due to a proliferation of attacks on industrial environments.
![Imagen de Avisos Imagen decorativa Avisos](/sites/default/files/contenidos/blog/thinkstockphotos-518524202.jpg)
After having analysed the "why" behind the cybersecurity capacities evaluation model in the first entry dedicated to the C4V model and after having explained how to carry out an appropriate management of risks in the value chain in the second edition, this third edition is dedicated to explaining how to carry out an evaluation of ourselves.