September 19, 2024 I have taken notice lately of the number of headlines that are discussing cyberspace threats in space. Well, not just threats in cyberspace space but also kinetic threats in space. In many ways the threats are interconnected as cyberspace attacks can lead to kinetic results in space. And the likely threat actors […]
Articles
Find out the latest on active cyber defenses and other emerging technology trends from our featured writers and guest bloggers. Articles are designed to educate, inform and elicit feedback on a range of current topics dealing with adaptive security, quantum cryptography, active cyber defense, augmented reality, operational technology security, and more. You will find our articles broken out by category (categories are defined here) for convenient searching and easy-to-follow threads. Subscribe to ActiveCyber.net here and you will also receive emails when your favorite topics are updated.

January 15, 2024 Lately, I have been wondering about the emerging threat factors that are impacting the cyber kill chain and how the cyber kill chain and related frameworks [MITRE ATT&CK™, Diamond] processes, tools, and defenders need to adapt to these changes in 2024. Given today’s hottest topics, this line of thinking naturally led me […]

As 2022 ended and we rolled into another year, I began to see the yearly editions of the top data breaches, top threats, and top privacy fines from different cyber and privacy companies. There were also some predictions on what 2023 will bring from a security tool and protection perspective. Generally, I didn’t perceive much […]

I have been seeing quite a number of references lately to the terms “cyber ready” and “cyber readiness.” Some of these references reflect an enterprise view of readiness – defined as “…the state of being able to detect and effectively respond to computer security breaches and intrusions, malware attacks, phishing attacks, theft of data and […]

I have been thinking a lot lately about the accuracy of cyber attack attribution. Most cyber forensic analysts and threat intelligence specialists will tell you that cyber attack attribution done right is a laborious, time-consuming process that is often fraught with multiple dead ends and sometimes requires a leap of faith in the end. The […]

My journey into OT security has led me to the question of can we safely operate automated security orchestration platforms in an OT environment or a converged OT/IT environment? I mean many OT systems are already highly automated operations. What are the ramifications of providing security responses in a highly automated manner? I learned that […]

This election year spurred me into researching the cyber resilience of OT / IoT systems, of which electronic election systems are a subset. I discovered there was quite a bit of synergy between cyber resilience and mod-sim. As I explored the relationship I became convinced that any OT or IoT system of consequence could significantly […]

A Plethora of Standards and Guidance for OT / IoT Security In my research into OT and IoT systems security, I have come across a plethora of guidance and standards from various organizations and standards bodies. To some extent, this wide range of guidance is difficult to get your arms around to figure out what […]

My most recent article discussed the first 5 of my top 10 recommended security capabilities for OT and IIoT systems. Here they are again for your reference. Capability 1: Real-time visibility and compliance tracking of assets that may have limited function and power Capability 2: Real-time anomaly detection including increased use of AI/ML technology and […]
