The Risk Roundtable: EP 10 – Geopolitics, Partnerships and Information Sharing

the Gate 15 team discusses geopolitics and the impacts they have on organizations around the world. The team touches on security concerns around current issues including U.S.-China tensions and why TikTok is a topic of discussion and the idea that how nations and leaders see each other – as adversaries or competitors – is also an important consideration. Listen to Dave, Jorhena, Jen, and Andy then speak on the importance of partnerships and the need to build and engage in trusted relationships and information sharing. But they couldn’t completely escape the enduring threats of ransomware and COVID, and they weighed in on the continued impact it is having on sports leagues while hearing Andy’s hope for his favorite football team. Andy also shares his current earworm struggles and gets mocked for his choice of attire…

Continue Reading →

Blended Threats: VPN Bugs Could Cause Physical Impacts with Critical Lifeline Sectors

In a blog post on 28 Jul, security researchers at Claroty shared that they have “discovered remote code execution vulnerabilities affecting virtual private network (VPN) implementations primarily used to provide remote access to operational technology (OT) networks. These dedicated remote access solutions are mainly focused on the industrial control system (ICS) industry… Exploiting these vulnerabilities can give an attacker direct access to the field devices and cause some physical damage.”

At Gate 15, we spend a lot of time discussing Blended Threats. A Blended Threat is a natural, accidental, or purposeful physical or cyber danger that has or indicates the potential to have crossover impacts and harm life, information, operations, the environment, and/or property.

Continue Reading →

Blending Threats into a Complex New Year

As 2019 turns into 2020, technologies and threats that impact daily operations and data security persist in blended and complex ways. The convergence of both physical and cyber domains increase the productivity and value of businesses and critical infrastructure at large, but introduce new and evolving risks that can harm assets and individuals when the line between IT and physical risks are no longer crystal clear.

Continue Reading →