Tag: InfoSecWOTD

Packt Publishing Ltd: Book Release by Durgesh Kalya – July 2025 Pre Order Available Now.

Originally intended as a personal documentation of my knowledge and research on the often-overlooked yet vital area of incident management, this book has grown into a comprehensive resource aimed at elevating awareness and preparedness for cyber threats in industrial control systems (ICS) and critical infrastructure. It simplifies complex ICS challenges, emphasizes the importance of coordinated incident response, and equips professionals with practical tools, techniques, and training exercises for real-world application. Designed to empower both new and seasoned professionals, this book also highlights the collective efforts in the field of ICS cybersecurity, offering a structured approach to safeguarding organizations against evolving threats. Pre-order now to secure your copy and enhance your ICS cybersecurity skills ahead of its July 2025 release.

InfoSecWOTD#6 Blue Team 🛡

Today’s #infosec Word of the Day #6 is

#Blueteam 🛡

You may have heard the term, Blue Team, sometimes also used in a discussion on security assessments. Also used is Pen Testing* & Red Team. The concept of the blue team & red team has their humble beginnings in the military. The idea behind this is that one group attacks another team & the second team tries to defend themselves. 

So a blue team is a group of individuals who work tirelessly to ensure security, identify security flaws, verify the effectiveness of each security measure, and make certain all security measures will continue to be effective after implementation. Essentially they work for the company from the inside.

That was it for today, follow me for more tidbits, and hit that like button on this post to automatically engage in a conversation and keep. A new word* will be posted tomorrow.

#learning!#threatassessment #cybersecurityawareness #cybersecurity #blueteam #penetrationtesting #INFOSECWOTD

InfoSecWOTD#4 PKI 📃

Thank you for your feedback and comments. Let us get down a little deeper in #Infosec today.

Today’s #infosec Word of the Day #4 is

#PKI 📃 – Public Key Infrastructure

If you work for any organization today, most likely in the role of asset owners, risk managers, principal engineers and various positions who are responsible for your organizations systems, products and solutions, you will come across this term #PKI. It stands for Public Key Infrastructure.

Simply put, a PKI is a system of software, hardware, creation, storage, and distribution of digital certificates.

The core of most security systems is authentication and access control and the digital certificates give us the ability to identify people and machines behind the information that is presented either on the screen or to other systems for further processing.

They also provide the ability to secure sensitive electronic information as it is passed back and forth between two parties, and provides each party with a key to encrypt and decrypt the digital data

#sslcertificates are one prime example of these. As an exercise of your cyber-hygiene, go ahead and click on the 🔓 icon on any website, and see which PKI Organization issued the SSL Certificate.

That was it for today, follow me on LinkedIn and hit that like button on this post to automatically engage in a conversation and keep #learning!

#digitalcertificates #threatassessment #cybersecurityawareness #cybersecurity #cyberhygiene #INFOSECWOTD

InfoSecWOTD#3 Cyberhygiene 🧹

Today’s #infosec Word of the Day #3 is

#Cyberhygiene 🧹

One of the buzz word thrown around in many discussions around best practices in #Infosec with respect to the security culture in a company.

Cyber hygiene is the cybersecurity equivalent to the concept of personal hygiene in public health. 

The European Union’s Agency for Network and Information Security (ENISA) states that “cyber hygiene should be viewed in the same manner as personal hygiene and, once properly integrated into an organization will be simple daily routines, good behaviors, and occasional checkups to make sure the organization’s online health is in optimum condition”.

ENISA even published a report in 2016 -https://lnkd.in/e5kkdbd

That was it for today, follow me on LinkedIn and hit that like button on this post to automatically engage in a conversation and keep #learning!

#riskmanagement #threatassessment #cybersecurityawareness #cybersecurity #cyberhygiene #INFOSECWOTD

InfoSecWOTD#2

Today’s #infosec Word of the Day #2 :
#PASTA 🍝 (-threat modelling methodology)

This PASTA is for a different kind of appetite, the one associated with threats aka #Riskappetite.

PASTA is a threat modelling methodology to identify threats in a very systematic way. It stands for Process for Attack Simulation and Threat Analysis , a 7 step risk centric method to identify threats.

That was it for today, follow me on LinkedIn and hit that like button on this post to automatically engage in a conversation and keep #learning!
#riskmanagement #threatassessment #cybersecurityawareness  #cybersecurity
#INFOSECWOTD