Blog del CCI

lunes, 29 de febrero de 2016

Misuses, counter-attacks and being up-to-date

On May, 13th, 2008, I had the opportunity to introduce for the first time in Spain, as a novelty, what just some twenty days after would become the first  -and, could be said, almost the last up today-  international standard dealing with BoD’s accountability for the use of technology in their organizations.

[ISO 38500 was released, in its first edition, on early June, 2008]

I recall that after my speech, and given the ‘overseer’ role the new standard was going to assign to directors, one attendant asked me: “And who is going to ‘oversee’ the ‘overseer’?”.

I also remember that during my answer I advocated for giving a certain margin of trust to regulators.

Today, eight years later, these same regulators seem to keep interested  -I hope that even more than in 2008-  in making companies accountable for the [negative] consequences of the use of technology. More precisely, BAD use.

Current cyberspace’s strategic interest and, particularly, that of the critical information infrastructures that populate it, can be, as a relevant cause, behind regulators’ concern about how businesses adopt counter-measures to avoid, or to minimize, the effects of any cyber incident. Among these measures, ‘counter-hacking’ seems to be gaining relevance; or, at least, it seems to be matter of debate.

Dissemination and awareness improvement could be taken into account, too, as part of the above mentioned counter-measures: CCI has released a series of sound recommendations to face the effects of certain high-impact threats on industrial automation and control systems. ISA, via its Spain’s Section, has released a new guide explaining some of the technologies that integrate those control systems.

Deepen these and other topics in our weekly "Newsletter". Subscribe here and enjoy reading!

No hay comentarios :

Publicar un comentario