shared security podcast, social media security podcast, internet of things, jeep hack, venture beat, veracode, scott wright, tom eston
You are not logged in. Access is limited. Login or see membership information. • Streetwise Security Zone Community

To see the list of all blogs, including Scott Wright's Security Views Blog and the Streetwise Security Zone Podcast click HERE. You also can subscribe via an RSS reader, or check the "Watch This" box in the left column to receive news by email of new articles.


  Scott Wright's Security Views
Blog Entry

ISAC is a community-based approach to addressing cyber risks in industry verticals

Monday, August 31st 2015 @ 11:57 PM (not yet rated)    post viewed 1997 times

I often teach organizations to educate users on doing their jobs securely by focusing on doing only the things they are authorized to do. Anything else that comes up - like "out of the blue" requests from outsiders - should be treated with caution. This lets employees work efficiently in areas they know well, and gives them guidance on when to double-check and take extra security precautions.

A similar approach has been used successfully by cooperative industry organizations called Information Sharing and Analysis Centers (ISAC). These types of organizations offer some degree of promise for setting up guidelines and standards to reduce risks for businesses within their industry area.

Most recently, ISAC's have been set up for the automotive industry and the legal services industry (LS-ISAC). Some have been around for much longer, like the Financial Services FS-ISAC, which has been in place for 15 years.

The idea behind an ISAC is to enable sharing of threat data between industry participants, for their mutual benefit. This approach is logical, since organizations within a given vertical industry tend to use similar types of data in similar ways. For example, law firms have a standard way of handling case information, and automobile manufacturers use standards for parts, as well as for sensor and computer data.

By trying to understand what data attackers might go after, and trying to anticipate the nature of the threats, the ISAC's can help their industry participants in preparing for, and maybe even preventing, successful attacks on their information systems. I think we'll see a lot more of these organizations being set up for virtually every industry in future. You should consider them as a good reference source for security planning information that can help strengthen the information flows within and between supply chains.

Here's a good article that describes this emerging trend in fighting cyber security risks within industries.

 

Share

 

Scott Wright

The Streetwise Security Coach

Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Scott Wright on LinkedIn 

To download my FREE Security Management Resource Guide now, and to receive my series of Streetwise Security Tips, as well as my Streetwise Security News and updates click HERE.

 

Site Meter

 rate this post: very bad poor average good fantastic!
Comments
Blog Entry

The Shared Security Podcast is Here - formerly the Social Media Security Podcast

Friday, August 14th 2015 @ 4:21 PM (not yet rated)    post viewed 2166 times

Since 2009, Tom Eston and I have been publishing a pseudo-monthly audio program called the Social Media Security Podcast. In that time, we've put out 42 episodes, discussing privacy risks, threats and vulnerabilities, as well as tips for staying secure.

While social media and social networks still deserve some critical attention in the area of security, we've decided to expand our scope. In our 43rd episode just published this month, we now aim to cover security news, tips and advice in the many areas of personal and business life that are increasingly in the news.

So, we've decided to rebrand our audio series as the Shared Security podcast, and we'll be covering everything from hacked cars to the Internet of Things (IoT) to phishing and social engineering scams. We'll still be presenting those keen insights and observations, but on a broader scope - all focusing on what you trust, whether it's people, apps or technology.

In this month's episode (#43), we dig into the hacked Jeep story, as well as stories of privacy issues with Visio TV's and many other interesting topics. Please have a listen to our new episodes directly on our brand new, mobile-friendly sharedsecurity.net website, or even better, subscribe via iTunes (or via Android or RSS), and have each episode delivered automatically to your audio device or computer as soon as it's issued.

We'd love to hear your comments or stories, so feel free to use the Connect With Us form on the website's homepage, or submit a comment on any episode.

Share

 

Scott Wright

The Streetwise Security Coach

Phone: 1-613-693-0997
Email: scott@streetwise-security-zone.com
Scott Wright on LinkedIn 

To download my FREE Security Management Resource Guide now, and to receive my series of Streetwise Security Tips, as well as my Streetwise Security News and updates click HERE.

 

Site Meter

 rate this post: very bad poor average good fantastic!
Comments

Copyright 2012. Security Perspectives Inc. All Rights Reserved.