It's rare that CISOs have a horizontal view across their controls to know where to focus their resources for best overall effect which is why Nik Whitfield says agile analytics is a core capability that security teams already require today.
Unlike compliance mandates, the Center for Internet Security's Critical Security Controls enable you to easily see where holes exist in your current security armoury before you engage external expertise says Mark Kedgley
Rory Duncan argues that companies need to invest not only in detective and defensive controls, but also in the ability to take action when an attack is occurring
Updates are available following US Computer Emergency Response Team (CERT) issuing advisory warning of "weakly protected" credentials in Siemens SIMATIC WinCC flexible industrial control system.
Increasing levels of digitisation, but our nuclear infrastructure is still 'insecure by design'
Despite original attackers losing control of Stuxnet malware, it still poses a problem for organisations
In separate developments, a demo hack in Amsterdam shows how to crash a plane, while the US Federal Aviation Administration seeks to improve air cyber-security.
Dr Richard Piggin, in a blog published this week, notes how concerns about the vulnerability of control systems have been vindicated following the issuing of details about an attack on a German steelworks.
Control systems are visible on the internet and under attack from dedicated malware, but vendors are not providing adequate security.
Massive Android botnet discovered, as APWG chairman warns on dangers of jailbroken iPhones.