Project Management Data Security

All risk is enterprise risk. Cybersecurity Risk Management (CSRM) must be part of Enterprise Risk Management (ERM). Many companies think managing cyber risks is: ╳ Just an IT problem. ╳ Isolated from other risks. ╳ A low-priority task. But in reality, it is: ☑ A key part of the entire risk strategy. Here are the key steps to integrate cybersecurity risk into enterprise risk management: 1. Unified Risk Management ↳ Integrating CSRM into ERM helps handle all enterprise risks effectively. 2. Top-Level Involvement ↳ Top management must be involved in managing cyber risks along with other risks. 3. Contextual Consideration ↳ Cyber risks should be considered in the context of the enterprise's mission, financial, reputational, and technical risks. 4. Aligned Risk Appetite ↳ Align risk appetite and tolerance between enterprise management levels and cybersecurity systems. 5. Holistic Approach ↳ Adopt a holistic approach to identify, prioritize, and treat risks across the organization. 6. Common Risk Language ↳ Establish a common language around risk that permeates all levels of the organization. 7. Continuous Improvement ↳ Monitor, evaluate, and adjust risk management strategies continuously. 8. Clear Governance ↳ Ensure clear governance structures to support proactive risk management. 9. Digital Dependency ↳ Understand how cybersecurity risks affect business continuity, customer trust, and regulatory compliance. 10. Strategic Enabler ↳ Prioritize risk management as both a strategic business enabler and a protective measure. 11. Risk Register ↳ Use a unified risk register to consolidate and communicate risks effectively. 12. Organizational Culture ↳ Foster a culture that values risk management as important for achieving strategic goals. Integrating cybersecurity risk into enterprise risk management isn't just a technical task. It's a strategic necessity. 💬 Leave a comment — how does your company handle cyber risk? ➕ Follow Andrey Gubarev for more posts like this

𝗦𝘁𝗮𝗿𝘁𝗶𝗻𝗴 𝗮𝗻 𝗜𝗻𝗱𝘂𝘀𝘁𝗿𝗶𝗮𝗹 𝗖𝘆𝗯𝗲𝗿𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗣𝗿𝗼𝗴𝗿𝗮𝗺 𝗳𝗿𝗼𝗺 𝗦𝗰𝗿𝗮𝘁𝗰𝗵? 𝗛𝗲𝗿𝗲’𝘀 𝗠𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 Industrial operations run our daily lives—think metro trains, water systems, power grids, even the checkout at your supermarket. All of this is powered by Operational Technology (OT), which directly impacts physical processes and public safety. But OT systems are under attack more than ever. Many still run on 20-year-old software, are tough to update, and can’t just be “patched” like regular IT systems. Real-world consequences can be huge: from power outages to critical failures in hospitals and transport. So, where do you even begin with OT security? Here’s my take (as discussed with Prabh in his latest podcast): 1. Understand What You Have: Start with an asset inventory. Visibility is everything. You can’t protect what you don’t know exists. 2. Identify Risks: Figure out what could go wrong. Every asset, old or new, has its own risks—especially those running legacy software. 3. Involve Your Operations Team: OT staff are focused on keeping the plant running. Bring them into the conversation from Day 1. Awareness and buy-in are key. 4. Tailor Your Approach: There’s no copy-paste. Every factory, plant, or substation is unique. Build processes that fit your environment, not just what the textbook says. 5. Prioritize the Basics: ✏️ Incident response plans: Who does what when things go wrong? ✏️ Control remote access: Limit those USB sticks, dongles, and remote sessions. ✏️ Access control: Don’t give everyone full admin rights. ✏️ Network segmentation: Create “islands” to limit the spread if something goes wrong. ✏️ Training: Make cybersecurity real for your OT staff. One weak link can break everything. 6. Use the Right Frameworks: IEC 62443 is a great start, covering people, process, and technology. Pair it with industry guidance like NIST 800-82. 7. Continuous Improvement: Cybersecurity isn’t a one-off project. Monitor, learn, and adapt. OT threats evolve—your defenses should too. Why does all this matter? Because OT is critical. Downtime isn’t just about lost money—it can risk lives. And with more cyber threats targeting OT, our collective vigilance matters now more than ever. I’ve built the OT Security Huddle community for this reason: to share, discuss, and solve real OT security problems together. Whether you’re just getting started or deep into your journey, you’re not alone. Watch my full conversation with Prabh Nair for all the details—link below! https://lnkd.in/gjYCnt7j #OTSecurity #Cybersecurity #IEC62443 #CriticalInfrastructure #IndustrialSecurity

93% of companies struggle with ICS/OT cyber security. That percentage is probably even higher. Most companies struggle because of a lack of understanding. And that leads to a lack of planning. It's more about awareness than budget. Though budget does play a big part. Especially as you mature. The CSF v2 can help you plan a new ICS/OT cyber security strategy. Or help you improve an existing one. While the framework is mostly associated with the IT world, it can be used to help you with your ICS/OT cyber security program. Working the six phases into your environment. 1. Identify Planning for the worst to happen. And what you need to do to prevent it. -> Identify your assets -> Perform risk assessments -> Develop your risk strategy 2. Protect Taking the steps to protect your environment. Implementing the security controls. -> Secure network architecture -> Vulnerability management -> Secure remote access 3. Detect Watching network/host activity for suspicious signs. Is something bad happening in your ICS/OT network? -> Threat hunting -> Threat detection -> Event correlation -> Continuous monitoring 4. Respond Can you respond efficiently when something bad happens? Are you able to limit the damage? -> Escalation -> Incident triage -> Communication -> Coordinating the incident response team 5. Recover How safely are you able to restore operations? How quickly? -> Rebuild/replace systems -> Restore from backup -> Restore operations 6. Govern -> Audit & review -> Metrics & reporting -> Policies & procedures -> Continuous improvement These are just a start of how the CSF v2 can guide you. If you already have an ICS/OT cyber security program... Never stop improving. If you don't have an ICS/OT cyber security program today... Don't wait! The attackers aren't! P.S. Do you think most organizations are prepared for an attack?

You’re the newly hired Compliance Lead at a fast-growing tech startup. Two weeks into your role, you discover that the company has no formal incident response plan in place, even though it recently experienced a ransomware attack. Leadership is concerned but doesn’t know where to begin, and employees are confused about their roles during an incident. Your CEO asks you to draft a basic Incident Response Framework and outline the top 3 immediate steps the company should take to prepare for future incidents. - What would your first draft framework include? (Hint: Think of NIST’s Incident Response Lifecycle – preparation, detection, analysis, containment, eradication, and recovery.) - How would you ensure team alignment across IT, legal, and operations? (Hint: Consider regular tabletop exercises, clear role definitions, and a central incident communication channel.) - What tools or processes would you recommend to track and report incidents effectively? (Hint: Look at tools like Splunk for monitoring, Jira for tracking, and SOAR platforms for automation.)

On my wishlist of items I would love companies to do: 𝐈𝐑 𝐏𝐥𝐚𝐧𝐬 𝐚𝐧𝐝 𝐏𝐥𝐚𝐲𝐛𝐨𝐨𝐤𝐬. Writing documentation is the worst part of any job, but its critical to ensuring the right steps are taken during chaotic incidents. An 𝐈𝐑 𝐩𝐥𝐚𝐧 has the 𝒐𝒗𝒆𝒓𝒂𝒍𝒍 𝒑𝒓𝒐𝒄𝒆𝒔𝒔𝒆𝒔 𝒂𝒏𝒅 𝒑𝒓𝒐𝒄𝒆𝒅𝒖𝒓𝒆𝒔 an organization follows during an incident, including: 🔹What responsibilities do internal groups have? 🔹When do 3rd parties get contacted? 🔹What are incident severities and their SLAs? 𝐈𝐑 𝐏𝐥𝐚𝐲𝐛𝐨𝐨𝐤𝐬 are 𝒎𝒐𝒓𝒆 𝒅𝒆𝒕𝒂𝒊𝒍𝒆𝒅 and often tied to specific types of incident. 🔹How does your team react to a phishing attack? Ransomware? Server compromise? 🔹Do they shut down the system or quarantine it? 🔹How do they investigate? Both IR Plans and Playbooks are important to have and to follow! Test them out, make sure they work, and utilize them. 𝑇ℎ𝑒𝑦 𝑎𝑟𝑒𝑛’𝑡 𝑗𝑢𝑠𝑡 𝑎𝑢𝑑𝑖𝑡 𝑐ℎ𝑒𝑐𝑘𝑏𝑜𝑥𝑒𝑠. Whether a company has IR Plans and Playbooks but ignores them, or doesn’t have them at all, the result is the same. Mistakes are made during incidents, response takes longer, and the company faces higher costs and extended downtime. To get you started, here are some great example plan and policies. If you know of others, post them in the comments. 🔹MS IR Playbooks: https://lnkd.in/gMkWiNSe 🔹CERT Societe Generale Sample Playbooks: https://lnkd.in/gks4terZ 🔹SANS Sample IR Forms: https://lnkd.in/gq3AQXKG 🔹Sample IR Plan Template: https://lnkd.in/gX-8grRY #incidentresponse #dfir #plan #inversion6

The Critical Role of QAQC in Mineral Exploration and Mining: Ensuring Data Integrity and Project Success In the mineral exploration and mining industries, Quality Assurance and Quality Control (QAQC) are fundamental for ensuring reliable data, minimizing risks, and optimizing resource development. A robust QAQC system ensures standardized procedures throughout exploration—from sampling to analysis—enhancing decision-making and minimizing uncertainties. 1. Sample Collection & Handling Accurate exploration results depend on careful sampling protocols. Samples must be representative, collected properly, and preserved to avoid contamination. Chain-of-custody tracking ensures sample integrity from field collection to laboratory analysis. 2. Geological Logging Geological logging is essential for creating resource models. Accurate, consistent logging of lithology, mineralization, and alteration data is crucial for reliable resource estimation and modeling. 3. Laboratory Analysis Analytical methods must be precise and standardized. Laboratories should use accredited techniques (e.g., ICP, XRF, fire assays) and regularly calibrate equipment to ensure accurate assay results. 4. Certified Reference Materials (CRMs), Blanks, and Duplicates The use of CRMs, blanks, and duplicates in assay batches helps identify errors in the analysis, verify assay accuracy, detect contamination, and assess precision. 5. Geophysical & Geochemical Survey QAQC QAQC in geophysical and geochemical surveys ensures that instruments are calibrated correctly and consistent methods are used. Environmental corrections and quality control in geochemical sampling ensure the reliability of survey data. 6. Data Integrity and Management QAQC in data management is essential for maintaining the integrity of geological data. Proper validation checks allow for early detection of discrepancies, ensuring that only accurate, verifiable data is used in resource modeling. 7. Drill Core Sampling Drill core sampling protocols are key for obtaining representative samples. Duplicate sampling and assay validation help ensure that core results reflect the true characteristics of the deposit, supporting accurate resource estimation. 8. Statistical Analysis Geostatistical methods, like kriging and cross-validation, help evaluate assay data variability and optimize resource models by quantifying uncertainty and identifying anomalies. 9. Reporting Standards & Regulatory Compliance Adhering to international reporting standards such as JORC, NI 43-101, and SAMREC ensures transparency and consistency in resource reporting, providing confidence to stakeholders and investors. By embedding QAQC principles across all stages of exploration, companies can ensure more accurate resource estimations, reduce risks, and improve the efficiency and success of their mining operations. #QAQC #MineralExploration #Geology #GeochemicalAnalysis #GeologicalLogging #ResourceEstimation #GeologicalData

Bad data can break business decisions. That’s why ETL Testing is critical for ensuring accuracy, completeness, and reliability in data pipelines. Here’s the ETL Testing Checklist - It all starts with Pre-ETL Checks - verifying data availability, validating formats (CSV, JSON, Parquet), confirming source-to-target mappings, and checking schema compatibility. These steps ensure the foundation is solid before processing begins. - Next is Data Completeness. Testers validate whether all records are extracted, row counts match, missing partitions are avoided, and incremental vs. full loads are tracked properly. - Moving to Data Accuracy, the focus shifts to validating transformations against business rules, checking calculated fields, verifying data type conversions, and comparing results against expected values. - Data Consistency ensures uniformity by testing referential integrity, validating constraints, checking date formats, and ensuring encoding and locale compatibility. - Equally important is Data Integrity—making sure primary keys are unique, joins across tables remain intact, and hash totals and checksums confirm no truncation or corruption. - Then comes Data Transformation Testing, which verifies mapping rules, conditional logic (CASE, IF-ELSE), consistent date handling, and correct lookup mappings. - For migrations, Data Migration Testing ensures legacy vs. new system records align, reconciliations are accurate, and incremental migrations maintain business logic. - Under heavy loads, Performance & Load Testing validates execution time, pipeline scalability, bottlenecks in joins, and SLAs like latency and throughput. - Errors are inevitable, so Error Handling & Logging checks error capture, retry mechanisms, log details, and alerting systems for failures. - Finally, Post-ETL & Reporting Checks validate BI availability, ensure dashboards show accurate numbers, cross-check totals, and confirm end-user accessibility. ETL testing is not just about pipelines - it’s about trusting the data that drives decisions. A robust checklist ensures businesses run on reliable, error-free information.

A CISO was asked by the board whether the company was prepared for a major cyber incident They said yes They had a 60-page incident response plan. A dedicated IR retainer. A SIEM, a SOC, a runbook for every scenario Six weeks later a supply chain attack hit The plan was opened for the first time in eleven months Page 1 referenced a ticketing system the company had retired Page 4 listed a team lead who had left eight months ago Page 12 had a contact number for an ISP they no longer used The IR retainer was called. Hold time: 4 hours. A larger client had activated first The SOC escalated the alert — to an inbox nobody monitored after 6 PM The CISO spent the first three hours of the incident not fighting the attacker Fighting the plan Post-incident review: "When was the plan last tested?" Silence "When was it last updated?" "For the audit. Eight months ago." The plan had been written for an audit. Presented to the board as evidence of preparedness It had never been used What a living IR plan actually requires: → Quarterly review - contacts, systems, tools verified against current reality → Named roles tied to current people - not job titles → Retainer SLA tested - not assumed → Escalation paths verified after-hours - not just in business hours → One live drill annually - not a tabletop, an actual activation Eight months later a credential compromise hit senior accounts Time to first containment: 18 minutes During the supply chain attack it had been 3 hours and 40 minutes The plan hadn't changed in length It had changed in truth The lesson: an incident response plan is not a document It's a living capability that decays the moment it stops being tested A plan nobody has practised is not a plan It's a liability with page numbers When did someone last verify every contact, every tool, every escalation path in yours? Not review it. Verify it. SOC(k)s are on fire courtesy of Wiz #cybersecurity #ciso #leadership #ir #incidentresponse #plan #practice #test #technology #innovation #databreach #attack

Data quality is a cornerstone of effective monitoring, evaluation and decision-making in development programs. This manual provides comprehensive guidance on how to manage, assess and improve data quality across the project cycle. It aims to equip teams with tools, procedures and principles to ensure data is accurate, timely, complete and reliable. The document presents the following key elements: – Definitions and dimensions of data quality – Roles and responsibilities in data management systems – Tools and checklists for data quality assessment (DQA) – Steps for planning and conducting routine DQAs – Approaches to documenting, reporting and addressing gaps – Integration of DQA into performance management cycles – Best practices and quality assurance mechanisms The manual emphasizes a structured and proactive approach to data governance, highlighting that quality assurance must be institutionalized and not treated as a one-time activity. By promoting ownership, continuous improvement and accountability, the guidance supports organizations in producing trustworthy evidence that informs policy and enhances program effectiveness.