Home / Blog / Filter / Blog
Subscribe to INCIBE-CERT - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Data protection
decorative image

Web-based virtual radars

Posted on 11/11/2022, by Víctor Rivero Díez (INCIBE)
Es tanta la información que se encuentra actualmente accesible para los usuarios en Internet, que aquella ofrecida por ciertas páginas web o aplicaciones en tiempo real puede resultar de especial preocupación en cuanto a su confidencialidad para ciertos sectores, dado que podría ser utilizada con fines malintencionados.
Context in the measurement of cyberresilience at the national level

Context in the measurement of cyberresilience indicators at the national level

Posted on 10/27/2022, by INCIBE
Organisations are exposed to the consequences of cyber threats, and may be ill-prepared to face and manage cyber incidents, whether provoked or unprovoked. For this reason, in 2014 INCIBE launched its Indicators for the Improvement of Cyber Resilience (IMC) model, with the aim of improving and understanding the state of cyber resilience in organisations.
Command and control post

C&C: models, function and measures

Posted on 08/18/2022, by Ricardo del Rio García (INCIBE)
This post explains the infrastructure of command and control (C&C), describing what an attack consists of, related terminology, actions undertaken by attackers, models, general function and preventative measures, detection and response to this threat.
OT DMZ vs IT DMZ

Differences between OT DMZ and IT DMZ

Posted on 08/04/2022, by INCIBE
Demilitarized zones, also known as DMZs (demilitarized zones), are used for the secure exchange of information between computers on a network that we want to protect and an external network that needs to access those computers. DMZs are widely used in the IT sector and also in the OT sector, but the equipment and services they host are not exactly the same.
ML in ICS

Machine learning in ICS

Posted on 06/23/2022, by INCIBE
In recent years, the concept of machine learning has gained more prominence, mainly driven by advances in parallel computing capacity. More and more developments, applications and programs are using these algorithms to provide systems with greater security, intelligence and independence. However, it’s rarely used in industrial environments, although some recent tests and developments prove its effectiveness, including in the scope of detection and prediction of cyber attacks.
Standard IEC 62443-4-2, the need to secure ISC components

IEC 62443-4-2, the need to secure components

Posted on 05/12/2022, by INCIBE
The security of control systems can be threatened from different aspects, with the end device being the most important attack vector. With this in mind, the IEC, within the 62443 standard, wanted to emphasise devices by preparing a document exclusively concerning their security: IEC62443-4-2. This document contains different technical requirements to improve the security of the types of assets that can be found in a control system.
FAT and SAT tests on ICS

FAT and SAT tests on industrial devices

Posted on 04/07/2022, by INCIBE
The continuity of the production process in businesses that require industrial automation depends more and more on the proper functioning, safety and reliability of the system of that composes it. Therefore, conducting tests of acceptance of its operation prior to its commissioning, is vital to ensure that the systems acquired meet the requirements set out in the contract between the company and the manufacturer.

Pages