Home / Segmented / Audit and consulting

Audit and consulting

This section provides content of interest to professionals who understand and audit legal and regulatory compliance in cybersecurity, risk management, internal policies management and compliance, or are responsible for internal training in cybersecurity.

CVSS3.1

Measuring the severity of vulnerabilities: changes in CVSS 3.1

Posted on 08/01/2019, by Hugo Rodríguez Santos (INCIBE)
The open and most-widely-used framework for communication and vulnerability scoring, the CVSS (Common Vulnerability Scoring System), has been updated, incorporating improvements in its new version 3.1 with respect to the previous one. This standard assesses the severity of computer systems vulnerabilities and assigns them a score of 0 to 10.
Sea

Cybersecurity standards at sea

Posted on 07/11/2019, by INCIBE
Trips across the ocean have changed over the years with the arrival of the industrial revolution and information technology, among other things, making technology its best ally, both to automate their navigation and to control their location from land-based stations. However, this total dependence on technology brings with it important security issues that need to be addressed with the importance they deserve.
Trends in the industry, improvements in cybersecurity

Trends in the industry, improvements in cybersecurity

Posted on 07/12/2018, by INCIBE
Manufacturers have an essential role with regards improving the cybersecurity in their devices. These improvements will not only affect the devices, but rather they will also involve an improvement in the cybersecurity of industrial infrastructure where the new security provisions and functions that have the manufacturers' automation and control solutions (e.g. SCADA, PLC, etc.) are introduced.
decorative imageç

Monitoring Networks and Events in SCIs: more Information, more Security

Posted on 06/28/2018, by INCIBE
Advances in security within control systems have brought us many of the security tools and services offered in IT for this environment. Until now, protection was based on reactive measures, acting only where there was evidence of the attack, but this trend changed with deployment of monitoring and the proactive defensive actions that this can provide.

Pages