Home / Segmented / Audit and consulting

Audit and consulting

This section provides content of interest to professionals who understand and audit legal and regulatory compliance in cybersecurity, risk management, internal policies management and compliance, or are responsible for internal training in cybersecurity.

Riesgos y retos de ciberseguridad y privacidad en IoT

Cybersecurity and IoT Privacy Risks and Challenges

Posted on 12/26/2017, by Miriam Puente García
The Internet of Things (IoT) has started to become part of daily life in society: intelligent homes, intelligent education, intelligent healthcare, wearable devices, the Internet of Vehicles (IoV) and other industries make great use of this technology, with it playing a key role in the digital transformation and the hyper-connection of their elements.
Iniciativas y prácticas de seguridad para el IoT

Safety initiatives and best practices for IoT

Posted on 12/11/2017, by Miriam Puente García
Tomando en consideración las amenazas y los riesgos detallados anteriormente queda de manifiesto la necesidad de desarrollar acciones o modelos de protección para mitigar las vulnerabilidades que surgen del tratamiento de los datos de los usuarios así como prácticas de seguridad en la funcionalidad y el despliegue de tecnologías IoT.
What is the cyber security level of my value chain?

What is the cyber security level of my value chain?

Posted on 03/30/2017, by INCIBE
As explained in the first post of this series dedicated to the C4V model, the cyber security level of outsourced services is key to assess the cyber security capabilities of any organisation: It is no use increasing the cyber security levels of an organisation if their suppliers’ levels are not as high, because -it goes without saying that- "security is as strong as its weakest link".
Managing Provider Risk as a Priority

Managing Provider Risk as a Priority

Posted on 03/09/2017, by INCIBE
The outsourcing of processes is not something we can consider new. In fact, the contrary is true. And in particular, in terms of how it applies to ICT (Information and Communication Technology), it is common for at least part of our systems to be accessed by third parties or managed directly by third parties.
Security for PLC Updating

Security for PLC Updating

Posted on 01/26/2017, by INCIBE
Sometimes it is necessary to make some adjustments to control system devices, which leads to a reprogramming of PLC, RTU and similar devices. Reprogramming is a complicated step in terms of security and if the process is not adequately executed, the entire process of which the device is a part may be at risk.

Pages