We spoke with Felix Nater, security management consultant who helps employers implement and manage workplace security strategy and policy, on how COVID-19 will leave behind a complicated form of grief that could linger potentially for many years after the immediate crisis has abated.
The nature of IIoT devices and infrastructure makes them high-value cyber targets. This is because they are relatively easy to compromise and are often connected to internal networks with high-value content with links to other networks. Moreover, IIoT devices rarely have direct user interaction, and this unattended nature means that many types of device compromise are likely to go unnoticed and undetected – particularly when the malware does not disrupt the device’s primary functionality. Here are a dozen reasons why intelligent IIoT devices are attractive targets for hackers.
My favorite definition of the (public) cloud is “It’s someone else’s computer.” That is really what any external cloud service is. And if your services, data and other assets are located on someone else’s equipment, you are at their mercy on whether you can access those assets and data at any time. It isn’t up to you. It’s solely determined by them, and any service level agreement you agreed to. And you can lose everything stored there permanently. You should have multiple backups of your data no matter where it is stored, especially including if it is stored using a cloud service.
Obstacles including budget concerns, time constraints, stubborn company culture, or a lack of cybersecurity best practices can seem overwhelming, especially to a smaller organization with limited resources. Fortunately, there are reasonable solutions to each of these roadblocks that can help all organizations be more secure.
The path to securing the remote workforce should be seamless and experienced as a hassle-free balance between safety and a quality user-experience. It is pivotal to implement appropriate security practices, as inadequate measures can lead to unmanaged risks and the endangerment of corporate systems, data and employees.
Sure, Greek mythology begins with Zeus, Poseidon and Hades divvying up the universe in a game of dice. But they never employed risk management as a methodology to take the future into their own hands. How can security professionals best develop a risk mindset based on probability and rigor rather than intuition and emotion?