Cyber-Kinetic Security

As I am getting up to speed with cybersecurity laws, regulations and doctrine of my new country, China, an interesting realization came to me – China and Russia share an information security doctrine, one that is significantly different from Euro-Atlantic doctrines. In the Chino-Russian model of information space a discussion about population zombification does happen and it fits squarely within the domain of information security.
IoT Security
Below is my attempt at tracking all published IoT and "Smart Everything"-related security guidelines, frameworks and standards. If you are aware of additional entries that should be here, please let me know. List of Internet of Things (IoT) Security Guidelines, Frameworks and Standards by Marin Ivezic is licensed under a...
We have to ask ourselves; at what point does an unexpected outcome via expert prediction justify a prison sentence? Minutes after I delivered cyber risk assessment results to my Italian client, I heard the news - six Italian scientists and a government official have been sentenced to six years in...
“Cyber war” is a term that is in recent days used so liberally that people may often wonder if these words are as menacing as they sound or used only as a tool to incite fear as a way to control a society that increasingly depends on technology. How we...
There is a new danger lurking in the information assets of countless organizations around the globe disguised by a plan devised to protect a large portion of those assets while failing miserably to protect the rest. Zero tolerance approach to cyber security is untenable Traditional approach to cyber security was for...
Information security and IT security are often used interchangeably. Even among InfoSec professionals. The terms are interrelated and often share the common goals of protecting the confidentiality, integrity and availability of information, however; there are significant differences between them. IT security is only concerned with the systems that store, process,...
Social engineering doesn't have to be just a supporting process to obtain system access; it is could be even more dangerous when it is used as the main attack. We, information security defenders, rarely consider that risk. If you think Social Engineering is an effective way to obtain access to...