It seems that every day a new and more frightening data breach goes public. These attacks seem to run the gamut; everything from International Banks, Government Agencies, private companies, educational institutions, and even non-profit organizations are targets. With each attack the confidentiality, integrity and availability of our data is diminishing. The use of the “Critical Controls” is one part of the defense in depth approach to data security. By approaching security from the perspective of these controls, we can reduce the threat vectors, reduce detection time, and expose attacks to the overall security posture. This paper reviews one such attack and shows how implementation of the critical controls would have reduced the impact to the company.
2015 Energy Industry Cybersecurity Report
Strategic Cybersecurity: A Toolkit for Prioritizing, Coordinating, and Transforming Your Cybersecurity Program