ActiveCyber
16Apr

Enabling Authenticity and Trust in the IoT Age Using Decentralized Systems

Posted by: CyberSecurityChief Categories: Authenticity
No comments

It has been over 30 years since the the web was introduced, and most of us are facing critical problems involving the security and privacy of our digital identity, our personal data, and the authenticity of content on the Internet. These problems include widespread spam, phishing attacks, fraud, abuse, fake news and misinformation. According to […]

Read more
Tags:
11Feb

Authenticity-by-Design: Ensuring the Authenticity of Content and Identity

Posted by: CyberSecurityChief Categories: Authenticity Spotlight Spotlight - Research & Standards
1 Comment

Current Security Trends Reveal Difficulties in Assuring Authenticity Recently I was thinking about some of the major security challenges and problems of 2020 and going forward into 2021 like the ongoing SolarWinds supply chain mitigation issues; election fraud; the problems around disinformation and deepfakes; false flags in cyberattacks and the difficulties in making accurate attribution; […]

Read more
Tags:
5Jan

Orchestration for OT Systems – Is the Time Right?

Posted by: CyberSecurityChief Categories: Articles Automated Orchestration Operational Technology
1 Comment

My journey into OT security has led me to the question of can we safely operate automated security orchestration platforms in an OT environment or a converged OT/IT environment? I mean many OT systems are already highly automated operations. What are the ramifications of providing security responses in a highly automated manner? I learned that […]

Read more
Tags:
10Nov

Using MBSE and Digital Twins to Design and Evaluate Cyber Resilient Systems

Posted by: CyberSecurityChief Categories: Operational Technology
1 Comment

This election year spurred me into researching the cyber resilience of OT / IoT systems, of which electronic election systems are a subset. I discovered there was quite a bit of synergy between cyber resilience and mod-sim. As I explored the relationship I became convinced that any OT or IoT system of consequence could significantly […]

Read more
Tags:
17Jun

Active Cyber Surveys the Standards Landscape for OT and IoT Systems Security

Posted by: CyberSecurityChief Categories: Articles Operational Technology Spotlight - Research & Standards
1 Comment

A Plethora of Standards and Guidance for OT / IoT Security In my research into OT and IoT systems security, I have come across a plethora of guidance and standards from various organizations and standards bodies. To some extent, this wide range of guidance is difficult to get your arms around to figure out what […]

Read more
Tags:
30Apr

Measuring the Cyber Resiliency of OT and IT Systems

Posted by: CyberSecurityChief Categories: Spotlight Spotlight - Research & Standards
3 Comments

Recently, I was talking with my daughter, the engineer, about testing. She is the lead engineer for payload integration and test for a large NASA space telescope. Our discussion got me to thinking about cyber testing and test metrics. From her space telescope perspective, it is very expensive to conduct tests, with some tests requiring […]

Read more
Tags:
8Mar

Active Cyber Interviews NIST Scientists on the Next Generation Access Control Standard

Posted by: CyberSecurityChief Categories: Spotlight Spotlight - Interviews Spotlight - Research & Standards
No comments

Many years ago I was hosting a series of workshops on a variety of security topics. One of those topics dealt with role-based, attribute-based, and policy-based access control approaches and I was lucky to get Mr. Dave Ferraiolo as one of my presenters for the workshop. Dave has been a long-time evangelist for NIST on […]

Read more
Tags:
7Feb

Security Capabilities for OT and IIoT Systems – Part 2

Posted by: CyberSecurityChief Categories: Articles Operational Technology
No comments

My most recent article discussed the first 5 of my top 10 recommended security capabilities for OT and IIoT systems. Here they are again for your reference. Capability 1: Real-time visibility and compliance tracking of assets that may have limited function and power Capability 2: Real-time anomaly detection including increased use of AI/ML technology and […]

Read more
Tags:
« Older posts
Newer posts »