Home / Segmented / Audit and consulting

Audit and consulting

This section provides content of interest to professionals who understand and audit legal and regulatory compliance in cybersecurity, risk management, internal policies management and compliance, or are responsible for internal training in cybersecurity.

Cybersecurity measures from a global perspective

Cybersecurity measures from a global perspective

Posted on 03/11/2022, by INCIBE
An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.
Security level according to IEC 62443-3-3 in control systems

Security level according to IEC 62443-3-3 in Industrial Control Systems

Posted on 03/10/2022, by INCIBE
Standard 62443 arose as a development the ISA 99 standard to fully cover security within control systems. Divided into several parts, each refers to different aspects related to security. The IEC 62443-3-3 standard refers to system security requirements and security levels.
Log4Shell: analysis of vulnerabilities in Log4j

Log4Shell: analysis of vulnerabilities in Log4j

Posted on 02/24/2022, by INCIBE
This post will analyse the vulnerabilities associated with Log4Shell, detected in the library Log4j, which is found in infinite software products both in technical and industrial fields. Although there have been other instances of more sophisticated vulnerabilities, the problem with this one is area of exposure.
MITRE matrix: TTP in ICS

The MITRE matrix: tactics and techniques in industrial settings

Posted on 02/03/2022, by INCIBE
Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.
CORBAsec security in CORBA middleware

CORBAsec: security in CORBA middleware

Posted on 01/20/2022, by INCIBE
Not all industrial control systems operate with the same programming language given that, depending on the manufacturer, devices will work with a specific software and programming language. This may be a problem for plant managers in industrial systems, as the interconnectivity between devices becomes impossible, or at least, is further complicated. One solution that has emerged in order to connect systems from different operating systems is CORBA standard and CORBAsec, its development with added security.
imagen de estudios de amenazas

Threat analysis study: Hive

Posted on 12/20/2021, by INCIBE
The malicious code of the ransomware known as ‘Hive’ represents a threat to all users, as it implements encryption functionalities on the information in an infected computer, making simple recovery of the data impossible. This threat attempts to use extortion to recover the information, demanding a payment and threatening publication of part of the stolen information on a blog through the network Tor if the payment is not forthcoming.
Ransomware: response measures

Ransomware: response measures

Posted on 12/16/2021, by INCIBE
Cyberattacks using ransomware are one of the main threats for companies all over the world and Spain is the tenth most affected country. For this reason, this article, in continuation of previous posts on measures of prevention and detection, looks in detail at how to respond these attacks.
CII: evolve measurement

EVOLVE: organisations’ capacity to adapt and improve their services after a cyberattack

Posted on 11/25/2021, by INCIBE
All organisations must be prepared so that, after the impact of a cyberattack, it may change, improve and adapt its processes and services. For this reason, it is necessary to protect the main business processes using a set of tasks that allow the organisation to evolve after a serious incident to redesign its strategies and minimise the possible impact of future cyberattacks

Pages