Risk assessment

Pierluigi Paganini September 28, 2022
NUVOLA: the new Cloud Security tool

nuvola is the new open-source cloud security tool to address the privilege escalation in cloud environments. nuvola is the new open source security tool made by the Italian cyber security researcher Edoardo Rosa (@_notdodo_), Security Engineer at Prima Assicurazioni. The tool was released during the RomHack 2022 security conference in Rome. The tool helps the […]

Pierluigi Paganini April 06, 2020
ENISA released a Tool to map dependencies to International Standards

The European Agency for Cybersecurity ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators. ENISA has released a tool for the mapping of international security standards to interdependencies’ indicators that have been introduced and demonstrated in the report Good practices on interdependencies between OES and DSPs. This ENISA report analyzed […]

Pierluigi Paganini October 06, 2015
Civil nuclear facilities worldwide at risk of cyber attack

The nuclear industry is still unprepared to respond cyberattacks exposing civil nuclear facilities worldwide at risk of cyber attacks. Civil nuclear facilities worldwide are privileged targets for cyber attacks, according to a new report published this week by the Chatham House. The Stuxnet attack that targeted Iranian nuclear facilities demonstrated the risks for cyberattacks, for the first […]

Pierluigi Paganini March 06, 2015
Cleaning up the Cyber Mess: Adopting Cyber Hygiene principles

The increasing number of cyber incidents along with a significant improvement of TTP adopted by threat actors requests the adoption of a cyber hygiene. The rate of data breaches are increasing drastically throughout the year. Cyber-attacks could cause severe disruption to a company’s business functions or operational supply chain, impact reputation, compromise customer information or […]

Pierluigi Paganini December 18, 2013
Becoming Resilient: The Definitive Guide to ISO 22301 Implementation

In this post I’ll review a book called Becoming Resilient: The Definitive Guide to ISO 22301 Implementation from my friend Dejan Kosutic that describes how to implement business continuity according to this international standard. At first sight, business continuity may not have a direct relationship with information security, but this is not so – business […]