Cloud provides flexibility, cost savings, and often also better technical security than on-premise solutions. However, if you are used to the on-premise world, the cloud environment may bring new risks that you haven’t encountered before. “Sometimes people don’t understand the technical and legal threat model of the cloud,” says Mattias Almeflo, a Principal Security Consultant in Nixu.

The second meetup of the Cyber Security Essentials training program dwelled into security operations and log analysis, instructed by Flavia Koskivaara and Antti Ollila from Nixu. The free training program is organized by Future Female and HelSec, and it is intended for women who are interested in working in cybersecurity or gaining more in-depth technical knowledge. Nixu is hosting the meetups to support diversity in cybersecurity.

Do the names Industroyer/CrashOverride, Stuxnet, Blackenergy 2, Havex and Triton ring a bell? These are the names of malware targeted to Industrial Control Systems (ICS). Targets were electric grid operators, Iran’s nuclear facilities and Saudi Arabian petrochemical plants . But even non-ICS targeted malware, like Petya , may have an impact on industrial control systems. NotPetya ransomware wreaked havoc at Maersk’s APM Terminal in Rotterdam. IT related crime has already infiltrated ICS. What can we do to protect existing systems without causing downtime?