All organisations must be prepared so that, after the impact of a cyberattack, it may change, improve and adapt its processes and services. For this reason, it is necessary to protect the main business processes using a set of tasks that allow the organisation to evolve after a serious incident to redesign its strategies and minimise the possible impact of future cyberattacks
Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Studies & stats
It is necessary to protect the main business processes through a set of tasks that allow the organisation to recover from a major incident in a timeframe that does not compromise the continuity of its services. This ensures a planned response to any security breach.
This article reviews some of the most representative cybersecurity and cyberresilience frameworks that can be found in Spain, Europe, the US and the UK, and whose adoption can help organisations to further improve their cybersecurity protection capabilities.
Various studies with threat analysis or malware distribution campaigns affecting Spain and identified through incident management undertaken by INCIBE-CERT. The aim is to increase knowledge of the more technical details and characteristics of the threats so that organisations can implement appropriate detection and protection measures.
In this post we will explain the ability to resist, one of the 4 goals of the IMC model, which allows us to determine if an organization is capable of continuing with the essential services it provides, in the event of a cyberattack.
Anticipating is one of the four aims of cyberresilience. It consists of maintaining a state of informed readiness, in order to prevent essential services from being compromised in the event of a cyberattack. To measure the objectives of this aim, its three functional domains are analysed: cybersecurity policies, risk management and cybersecurity training.
The goal of cyber-resilience for an organization, whether or not it belongs to a strategic sector, whether or not it provides one of these digital services, is to maintain its primary purpose and integrity in the face of a cybersecurity threat or attack to an ideal level. Continuous detection processes must be established given that total prevention will never be guaranteed.
The union of the IT and OT worlds is unstoppable, which means that the cybersecurity strategy, traditionally focused on the IT field, must now include aspects related to the industrial world. Having a good cybersecurity strategy is essential for IC systems to survive in this new era.
In recent years, indicators of compromise have become the best way of exchanging information when it comes to managing an incident. But, do we really know how to manage an indicator of compromise? The aim of an indicator of compromise is to map the information that is received or extracted during the analysis of an incident. This is done in such a way that it can be reused by other investigators or affected people, in order to discover the same evidence in their systems and to be able to determine if they have been compromised or not.