Major infrastructure in the United States is under attack. As more heavy industrial companies, defense contractors and government agencies increasingly rely on cloud platforms and IT solutions to serve their users and constituents, hackers are finding ways to leverage vulnerabilities and steal information.

The problem with these attacks is that they are taking advantage of the fact that a flaw in a cloud platform can undermine security with a completely unrelated company or industry. As we’ve learned from the SolarWinds hack, the Colonial Pipeline ransomware attack and now the LineStar attack, a single flaw in a cloud platform can open up critical energy production and manufacturing operations to being held hostage for millions of dollars in ransom.

Ransomware isn’t just a consumer issue. Here, we cover the state of ransomware in 2021 and how different organizations are responding to the problem.

Audit Machine Awareness Continuum GRC

What is the Difference Between Cybersecurity and Compliance?

Jun 10, 2021 Continuum GRC 0 Comment

Words like cybersecurity and compliance are often interchangeable without much care taken with how they differ. But make no mistake: while they are related practices, both are different approaches to a common problem of cybersecurity threats.

Here we break down the differences and, more importantly, why these differences are important for when you have to meet compliance requirements or undergo audits.

Awareness

What is NIST Framework for Improving Critical Infrastructure Cybersecurity?

May 19, 2021 Continuum GRC 0 Comment

With the more recent threats and attacks we’ve seen in both the Colonial Pipeline and SolarWinds hacks, the question of infrastructure security is firmly in the collective consciousness. With President Biden’s Executive Order focusing executive resources to beef up cybersecurity, the efforts of the government are turning towards addressing some of the gaps that have been around for the past few years.

This reality calls for private contractors and any business with infrastructure-critical services in areas like energy, defense, financial services or other areas to take the right steps to address these issues. Fortunately, the NIST Framework for Improving Critical Infrastructure Cybersecurity provides a thorough risk assessment framework to help.