Gartner Says CEOs to be Personally Liable for CPS Breaches

September 1, 2020 CyberCecurity Leave a comment

Gartner defines Cyber-Physical Systems (CPS) as those systems “that are engineered to orchestrate sensing, computation, control, networking, and analytics to interact with the physical world, including humans”. CPSs include many IoT, IIoT, critical infrastructure such as electric and water and healthcare systems, among others. Gartner predicts that the LIABILITY from cyber incidents will fall DIRECTLY […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Best Practices, Privacy, User Tips

Windows 10 App Background Permissions

August 31, 2020 CyberCecurity Leave a comment

This is one of a series of user tips for protecting your privacy and security. Windows 10 has a feature that allows apps to run in the background. Is this a problem? Well, not in theory, but that is the problem. Theories are just that – our best guess at the moment. If you allow […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Best Practices

I Can’t Seem to Get Away from Supply Chain Attacks

August 27, 2020 CyberCecurity Leave a comment

Supply chain attacks are attacks on the software (and hardware) that goes into the software (and hardware) that you buy. We keep seeing attacks that compromise that underlying software. Earlier this year, it was Ripple20 that affected millions of IoT devices. Many of those devices will likely never be patched and will be vulnerable forever. […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Best Practices, Security Practices

It All Starts With Physical Access

August 25, 2020 CyberCecurity Leave a comment

Sometimes we focus on the details of cybersecurity protections. And ignore the core issues. In a lot of cases, when companies office in multi-tenant office buildings, the Internet comes into a shared area of the building that is not part of the company’s leased space. This is called a Dmarc for point of demarcation. The […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Alerts, Best Practices, Security Practices

Beware: Changes to HTTPS Certificate Requirements

August 24, 2020 CyberCecurity Leave a comment

This is a follow up to yesterday’s newsletter alert and sorry, it is a bit technical, but I will try to make it as untechnical as possible. Up to a few years ago, if you ran a website, you could buy an HTTPS (also known as a TLS or SSL) certificate that didn’t expire for […]

Continue reading → [DISPLAY_ACURAX_ICONS]

Best Practices, Legal

Federal Trade Commission Plans to Update Privacy Rule

August 20, 2020 CyberCecurity Leave a comment

Unlike Europe, the United States does not have a uniform national privacy law. Instead we have a patchwork of state laws and federal regulations that apply to one industry or another. One of those regulations is Gramm-Leach-Bliley or GLBA. GLBA was signed into law in 1999 and written over the years prior to that. It […]

Continue reading → [DISPLAY_ACURAX_ICONS]