journal header

Volume 1, 2015

This Week's Online-Exclusive Feature

Book Review:  Cybersecurity for Industrial Control Systems
21 January 2015
Tyson Macaulay and Bryan Singer | Reviewed by A. Krista Kivisild, CISA, CA

In June 2010 a computer worm known as Stuxnet, designed to attack industrial programmable logic controllers (PLCs) in target areas, such as nuclear power plants in Iran, was discovered. While certainly not the first (nor the last) piece of malware targeting industrial control systems (ICSs), it helped bring this type of industrial espionage into the limelight, as it appeared to involve matters of national security, bringing the activity of planting a virus from the fictional world of James Bond to the real world of national secret service agencies. Suddenly, mundane control systems became provocative.

ICSs have been around for decades with the job of controlling, monitoring and managing large production systems, often in critical infrastructure industries, such as electric power generators, transportation systems, dams, chemical facilities, petrochemical operations and pipelines.
Read More

Indicates Online-Exclusive Content



Podcast  New!
ISACA Journal Volume 1 Podcast:  Microwave Software

This Week's Featured Author Blog

4 Ways to Honor User Privacy (While Avoiding User Threats)
26 January 2015
Dimitri Vlachos

Did you know that 69 percent of reported breaches involve someone inside the organization? Whether by mistake or malice, users are the biggest threat to a company’s data. Therefore having forensics and analytics on your users’ actions is the best way to audit and respond to a data breach. But how will users feel about you collecting these forensics?

On the one hand, organizations need to monitor user activity for potential threats. On the other hand, employees do not want to feel like their privacy is being violated. So, how do you protect your company from data breaches without employees seeing you as being intrusive? Here are a few suggestions... Read More

Indicates Online-Exclusive Content