Book Review, Industrial Network Security

Some months ago doing a research for a job assignment, I ended up in scadahacker.com which is an ICS specific cyber security blog. Among the books the blog recommends is Industrial Network Security, I did not think about it twice and bought it. I was not familiar enough with the area to understand it, so…

Cyber Economics (1) – Development of a security control baseline

This is a short post of a simple of Cyber Economics framework to help organisations develop investment strategies to reduce Cyber Risk. The framework is based on a research paper produced by AFCEA International Cyber Committee. This document was created in 2013 but the principles are still the same in 2020 as well as the…

Defensible architectures

Defensible architectures are those that follow a set of specific practices oriented to avoid the shortcomings of classic security architecture. In a classical security architecture, systems are hardened during the design stage and they continue like this thorough the whole life-cycle thus assuming the threat’s modus operandi is constant unlike in a defensible architecture in…

Threat oriented cyber strategy with Cyber Prep

Cyber Prep is a preparedness methodology that aligns with a Multi-tier approach to Risk Management as defined in NIST SP 800-39. Cyber Prep supports the first step of this multi-tier approach which is Risk Framing. Risk framing pertains to the organizational level and from there it cascades all down to Mission / Business and Systems…

Russian disinformation operations for the masses

This a very good, short and to the point documentary on how Russia has been developing their disinformation operations. Having researched this field through papers and doctrine; I recommend watching this video. It is very succinct with real examples from the past and present in which the objectives and impact of these operations in western…

The Most Dangerous Town on the Internet

A couple of days ago I was recommended these 2 documentaries, they are short but concise and they show how cyber criminality is on the rise. In the first documentary they explain how Romania as a result of its history is seeing a surge in cyber criminal activities. It is an excellent testimony from some…

Malware forensics field guide for Windows Systems

All good books deserve a reference and this one is one of them. Malware forensics field guide for Windows systems.   The book is very easy to read and mainly practical. It goes from describing the general IR process to advance subjects such as memory forensics, live and dead analysis of windows systems and malware…

The new security paradigm shift (2)

After some time postponing this article I finally decided to sit down and finish it. In the first post: ¬†https://samuelalonsog.wordpress.com/2015/10/28/the-new-security-paradigm-shift-1/ I described the evolution of security for the past¬†15 years until the current day. Today I want to show you the current landscape and guide you to understand how to tackle the new security paradigm…

Hello world!

This is your very first post. Click the Edit link to modify or delete it, or start a new post. If you like, use this post to tell readers why you started this blog and what you plan to do with it. Happy blogging!