Operation Risk #2 Part of the critical infrastructure is in close proximity for public access. Two main types of attacks causing service interruption. Masking Like any types of tools in both physical and cyber worlds, this can be used for legitimate or evil purposes. Warning Message We are more cautious about warning messages in physical world to keep ourselves safe from risk of fatality. In cyber Perimeter #2 Perimeter is intended to control and scrutinize access. Now, systems are interconnected and standalone system is no longer considered effective. Protocol #2 Heartbeat is required in resilience configuration such that primary and secondary devices are constantly communicating. A question for the reader: The Same I In cyber world, this means risk. Deployed cyber components require up-keeping their healthiness, like applying security patches and updating with Big Picture Common pitfalls in conducting risk assessment are Controls in place are not explicitly stated as assumptionLack of big picture A Protocol The road is clear and why are these pedestrians waiting for? This is because all road users need to observe Policies #3 (From Directive to Enforcement) 1. Use case Authenticate the user of parking is "Aliens" status, a yes/no decisionGrant usage durationDisclaim loss/damage responsibilities 2. Enforcement Foundation Proper cybersecurity in an organization must have a foundation. The effective approach is driven from the top to mandate integration Insider This is a popular topic in Board Room too. No matter how much cyber protection technologies are invested and deployed, Insecurity Road system in physical world is designed for safe (secure) use - sign board, speed limit, road shoulder, proper lane « Previous 1 … 13 14 15 16 17 … 22 Next »