Fresh Thinking for the Modern CISO
powered by Kudelski Security
How Face-to-Face Security Awareness Can Prevent Information Leaks – a Pentester’s Experience
In August 2008, the DEFCON security conference held its 16th session in the Riviera hotel in Las Vegas, Nevada. Among the litany of brilliant talks on computer security was a 30-minute presentation by Renderman on the topic of attacking client computers rather than...
read more
To AI or Not to AI? That Is the Question – Or Is It?
Artificial intelligence (AI) is being discussed quite a bit, in fact, maybe the term is used too much. After all, it means different things in different situations, and vendors are using the term particularly loosely to tie into a hot market and hopefully sell more...
read more
Operational Technology: The Next Cyber Battlefront
Critical infrastructure sectors are vital to the functioning of modern societies and are vulnerable to damage from natural disasters, and physical incidents. However, ever since its consolidation with IT networks, Operational Technology (OT) threat landscape has...
read more
Penetration Testing: Stories from the Trenches, Lessons Learned
Last year, my colleague Fabrice wrote about the benefits and challenges of penetration testing to businesses’ security. I decided to revisit the subject and provide more insight as a practicing security engineer. An opportunity to compile a security checklist...
read more
6 Key Lessons We Learned from Our Own GDPR Implementation Project
Author: Martin Dion, the Vice-President, EMEA Delivery (Information Assurance & Managed Security Services) at Kudelski Security Data protection, privacy, and innovation are part of our DNA at Kudelski Security. We work with some of the largest national and...
read more
A Lack of Industrial Security
Almost a decade has gone by since I performed my first risk analysis of a nuclear plant and discovered a completely new world. Since then, security professionals will have heard a lot more about the current state OT security (or lack thereof). Operational Technology...
read more
Securing Industrial Control Systems: A Holistic Defense-In-Depth Approach
Critical infrastructure is infused with proprietary protocols and software, air-gapped networks, and robust physical security systems—an amalgam that effectuated the notion of “security by obscurity” in the industrial control systems (ICS) community. Still, business...
read more
Security Automation – Taking Playbooks to the Next Level
With our final part in the Security Automation series, Kudelski Security will take a look at what our clients are doing to take their manual playbooks to the next level, using automation. Before we take a look at playbooks, a quick review of the key factors from our...
read more