https://community.isc2.org/t5/Industry-News/Danish-training-stopped-from-running/m-p/54962#M6010 <P>Sad to see but reinforces the need to "Audit/Review" all third party providers security posture.</P><P>&nbsp;</P><P>Unfortunate that more and more OT (ICS) attacks are happening.&nbsp; These attacks present a risk to human life and the attackers do not really seem to care....just another way to make money.&nbsp; Can you read that I am disgusted?&nbsp; yes, I am.</P><P>&nbsp;</P><P>Similar to outsourcing data to the Cloud, corporations need to develop a checklist/standards that can be applied to any third party vendor.&nbsp; It should include things like but not limited to:</P><P>&nbsp;</P><P>- A review of their last audit</P><P>- rules and regulations if they need to come on site</P><P>- revision history (plans)</P><P>&nbsp;</P><P>We should also remember that even though the software being provided by any external vendor can be problematic especially when they update/patch software or do not patch.</P><P>&nbsp;</P><P>d</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 06 Nov 2022 21:16:44 GMT dcontesti 2022-11-06T21:16:44Z https://community.isc2.org/t5/Industry-News/Danish-training-stopped-from-running/m-p/54960#M6009 <P>HI All</P><P>&nbsp;</P><P>This appears to be endless, people making poor decision about critical infrastructure and people's lives.</P><P>&nbsp;</P><P><A href="https://www.securityweek.com/cyberattack-causes-trains-stop-denmark" target="_blank">https://www.securityweek.com/cyberattack-causes-trains-stop-denmark</A></P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_Cautim</P> Mon, 09 Oct 2023 10:21:24 GMT https://community.isc2.org/t5/Industry-News/Danish-training-stopped-from-running/m-p/54960#M6009 Caute_cautim 2023-10-09T10:21:24Z https://community.isc2.org/t5/Industry-News/Danish-training-stopped-from-running/m-p/54962#M6010 <P>Sad to see but reinforces the need to "Audit/Review" all third party providers security posture.</P><P>&nbsp;</P><P>Unfortunate that more and more OT (ICS) attacks are happening.&nbsp; These attacks present a risk to human life and the attackers do not really seem to care....just another way to make money.&nbsp; Can you read that I am disgusted?&nbsp; yes, I am.</P><P>&nbsp;</P><P>Similar to outsourcing data to the Cloud, corporations need to develop a checklist/standards that can be applied to any third party vendor.&nbsp; It should include things like but not limited to:</P><P>&nbsp;</P><P>- A review of their last audit</P><P>- rules and regulations if they need to come on site</P><P>- revision history (plans)</P><P>&nbsp;</P><P>We should also remember that even though the software being provided by any external vendor can be problematic especially when they update/patch software or do not patch.</P><P>&nbsp;</P><P>d</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Sun, 06 Nov 2022 21:16:44 GMT https://community.isc2.org/t5/Industry-News/Danish-training-stopped-from-running/m-p/54962#M6010 dcontesti 2022-11-06T21:16:44Z