11 matches found
New tools and guidance: Announcing Zero Trust for AI
Over the past year, I have had conversations with security leaders across a variety of disciplines, and the energy around AI is undeniable. Organizations are moving fast, and security teams are rising to meet the moment. Time and again, the question comes back to the same thing: "We're adopting A...
Robust Vision Systems for Connected and Autonomous Vehicles: Security Challenges and Attack Vectors
This article investigates the robustness of vision systems in Connected and Autonomous Vehicles CAVs, which is critical for developing Level-5 autonomous driving capabilities. Safe and reliable CAV navigation undeniably depends on robust vision systems that enable accurate detection of objects,...
ICS-SimLab: A Containerized Approach for Simulating Industrial Control Systems for Cyber Security Research
Industrial Control Systems ICSs are complex interconnected systems used to manage process control within industrial environments, such as chemical processing plants and water treatment facilities. As the modern industrial environment moves towards Internet-facing services, ICSs face an increased...
CISA Releases Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management (ICAM) Reference Architecture
Today, CISA released the Continuous Diagnostics and Mitigation Program: Identity, Credential, and Access Management ICAM Reference Architecture to help federal civilian departments and agencies integrate their identity and access management IDAM capabilities into their ICAM architectures. Prior t...
CISA Releases SCuBA TRA and eVRF Guidance Documents
CISA has released several documents as part of the Secure Cloud Business Applications SCuBA project: The Technical Reference Architecture TRA document, previously released for public comment on April 19, 2022, is the final version of a security guide that agencies can use to adopt technology for...
Accelerate compliance with the Landing Zone Accelerator on AWS
Increasing complex compliance requirements is placing a heavy burden on security leaders. To better support organizations' pursuit of FedRAMP High Compliance, AWS launched the Landing Zone Accelerator on AWS. We conducted a thorough evaluation of the solution and shared our findings in the new LZ...
CISA Releases Cloud Security Technical Reference Architecture
CISA has released its Cloud Security CS Technical Reference Architecture TRA to guide federal civilian departments and agencies in securely migrating to the cloud. Co-authored by CISA, the United States Digital Service, and the Federal Risk and Authorization Management Program, the CS TRA defines...
Addressing cybersecurity risk in industrial IoT and OT
As the industrial Internet of Things IIoT and operational technology OT continue to evolve and grow, so too, do the responsibilities of the Chief Information Security Officer CISO. The CISO now needs to mitigate risks from cloud-connected machinery, warehouse systems, and smart devices scattered...
Addressing cybersecurity risk in industrial IoT and OT
As the industrial Internet of Things IIoT and operational technology OT continue to evolve and grow, so too, do the responsibilities of the Chief Information Security Officer CISO. The CISO now needs to mitigate risks from cloud-connected machinery, warehouse systems, and smart devices scattered...
Assess Vulnerabilities, Misconfigurations in AWS Golden AMI Pipelines
Today we’re starting a blog series focused on how to integrate Qualys solutions into DevSecOps for securing cloud infrastructures. In this initial post, we’ll discuss the importance of assessing vulnerabilities and misconfigurations on AWS pipelines. When developing golden Amazon Machine Images...
Cloud Migration Checklist for Application and Data Security
In the final post of our series on cloud migration, we’ve put together a list of strategic and immediate considerations as you plan to migrate your business to the cloud. From a high-altitude viewpoint, cloud security is based on a model of “shared responsibility” in which the concern for securit...