EmberSec
  • Home
  • Solutions
    • Services >
      • Technical Services
      • Managed Detection & Response
      • Governance, Risk, & Compliance
    • vCISO
    • Remote Work
    • Utilities
  • Resources
    • Partner Program
    • Blog
    • Webinars
  • About
    • Why EmberSec
    • News
  • Partners
    • FireEye
    • Fortinet
    • ATT
  • Contact

Blog

Be Prepared: Risk Assessment and Emergency Response Planning Under AWIA

8/31/2020

 

By Bill Palifka

On Oct. 23, 2018, America’s Water Infrastructure Act (AWIA) of 2018 was signed into law, essentially requiring water utilities to be better prepared for a wide range of threats. It requires water utilities to thoroughly assess their vulnerabilities to all types of natural hazards and man-made disasters and develop a detailed plan to address them.
 
Section 2013 of AWIA, through an amendment to the Safe Drinking Water Act (SDWA), introduced a new requirement for every public water system that serves more than 3,300 people to conduct a Risk and Resilience Assessment (RRA) and prepare (or revise) an Emergency Response Plan (ERP). If multiple entities are involved in water supply, treatment and distribution – such as wholesale suppliers, treatment operators and (separately owned) distribution systems – all would need to separately conduct RRAs and develop ERPs for assets under their control. Utilities are required to certify to the U.S. Environmental Protection Agency (EPA) that both have been completed by established statutory deadlines.

Read More

Blog Series: Exploitations, Penetration Testing, and Modern Cybersecurity Defenses Evolution of Exploitation, Part 2: 2010-2015

8/20/2020

 

By Luke Willadsen

BLUF: This blog series is written to provide an anecdotal history of the evolution of exploitation in cybersecurity, focused largely on network exploitations in an enterprise and couched as Luke’s perspective over his decade-long career in InfoSec.

To best discuss the state of exploitations in cybersecurity in 2010-2015, let’s first take a brief walk back in time to put your mind in the right timeframe. The year was 2010, and…
  • Top Grossing Movie – Toy Story 3
  • Top Grossing Video Game – Call of Duty, Black Ops
  • Super Bowl XLIV – Drew Brees’ Saints beat Peyton Manning’s Colts
  • Deepwater Horizon Oil Spill
  • WikiLeaks publishes their first bombshell leak
  • Major Earthquake in Haiti
  • Luke Exploits his First Box ()

Read More

Blog Series: Exploitations, Penetration Testing, and Modern Cybersecurity Defenses part 1

8/17/2020

 

By Luke Willadsen

What is an Exploitation, Anyway?
If we leave it up to Merriam Webster an ‘exploitation’ is “an act of instance of exploiting.” Because that doesn’t quite clear things up, we’ll take it one step further: “to make use of meanly or unfairly for one’s own advantage.” When it comes to cybersecurity, and in keeping things ethical, exploitation is the execution of any method or technique that can be used to accomplish one of the following:
  • To gain unauthorized access to a system or information,
  • To gain unauthorized privileges within an information system or organization,
  • To deny, degrade, or destroy a network, information system, or similar object of importance within an organization.

With a working definition that’s more in-line with the intention of this blog, let’s explore how one can ethically exploit something or someone.

Read More

    Archives

    December 2020
    November 2020
    October 2020
    September 2020
    August 2020
    June 2020
    May 2020
    April 2020
    March 2020
    February 2020
    January 2020
    December 2019
    November 2019
    October 2019

    Categories

    All

    RSS Feed

Home 
Services 

About 
Events
​Resources
​Contact​
Contact Us
​ (703) 224-1000
info [at] embercybersecurity.com
8484 Westpark Dr.
Suite 600, McLean, VA, 22102
Home 
Services 
About

Events
Resources
​Contact​
Contact Us
​ (703) 224-1000
info [at] embercybersecurity.com
8484 Westpark Dr.
Suite 600, McLean, VA, 22102
Privacy Policy
Picture
© 2020 By Light Professional IT Services LLC. All Rights Reserved.
  • Home
  • Solutions
    • Services >
      • Technical Services
      • Managed Detection & Response
      • Governance, Risk, & Compliance
    • vCISO
    • Remote Work
    • Utilities
  • Resources
    • Partner Program
    • Blog
    • Webinars
  • About
    • Why EmberSec
    • News
  • Partners
    • FireEye
    • Fortinet
    • ATT
  • Contact