Parliament - The Dispel Blog

How to Comply with the NSA/CISA Alert AA20-205A's Recommended Mitigations

This guide summarizes how you can implement the NSA/CISA Alert AA20-205A's recommended mitigations with Dispel's remote access and protect your remotely accessible OT assets from malicious cyberattacks.

Ben Is Helpful

Your Guide to the NSA/CISA Alert AA20-205A

Your guide to the NSA and CISA-issued alert urging immediate action be taken by organizations with critical infrastructure.

Ben Is Helpful

What You Need to Know About the Russian Malware "Drovorub"

This article explains what Drovorub is, why it is a threat, and what steps to take to mitigate your organization's risk.

Ben Is Helpful

Section 889 explained.

Take the time to evaluate your organization and identify any presence of the prohibited companies. Remember that regardless of what part of your business is under federal government contract, your entire global supply chain must be compliant.

Ben Is Helpful

The 5 Questions You Should Ask Your Remote Access Vendor

If you don’t choose your remote access vendor carefully, you can be left with a tool that fails to satisfy the needs of your operators, IT security individuals, and your business manager. We’ll discuss the questions to ask to properly vet your remote access vendor.

Ben Is Helpful

MITRE Att&ck for ICS: Supply Chain Compromise

Next in this blog series, we will dive into Supply Chain Compromise. The aim is to help you understand the MITRE Att&ck walk-through, and their mitigation techniques, as well as offer our own insight.

Ben Is Helpful

MITRE Att&ck for ICS: Network Service Scanning

Next in this blog series, we will dive into Network Service Scanning. The aim is to help you understand the MITRE Att&ck walk-through, and their mitigation techniques, as well as offer our own insight.

Ben Is Helpful

MITRE Att&ck for ICS: Man-in-the-Middle Attacks

Next in this blog series, we will dive into Man-in-the-Middle-Attacks. The aim is to help you understand the MITRE Att&ck walk-through, and their mitigation techniques, as well as offer our own insight.

Ben Is Helpful

A How to Guide: OT Remote Work During the Coronavirus

As a remote access tool, Dispel has received this question a few times: How can you maintain security while transitioning to a remote workforce?

Ben Is Helpful

MITRE Att&ck for ICS: Remote System Discovery

Next in this blog series, we will dive into Remote System Discovery. The aim is to help you understand the MITRE Att&ck walk-through, and their mitigation techniques, as well as offer our own insight.

Making Decisions

Should we advertise during a public health emergency?

This article is a little unusual. In it, Fred, an analyst at Dispel, details the team's thought process behind launching a social media campaign advertising Dispel's remote access technology amidst sensitive current affairs.

Ben Is Helpful

MITRE Att&ck for ICS: External Remote Services

To begin this blog series, we will first dive into External Remote Services. The aim is to help you understand the MITRE Att&ck walk-through, and their mitigation techniques, as well as offer our own insight.

The Joys Of Running A Company

Implementing the NIST Special Publication 800-82

Ethan walks you through the NIST Special Publication 800-82's main topics.

Ben Is Helpful

The Key to a Secure Password? Professing Your Undying Love

In honor of Valentine’s Day, we’re diving into the importance of selecting a password that protects your privacy—and your heart.

Tales From The Submarine

Rising Fortunes, Falling Iguanas

"I think it is fair to say we observed pent-up demand for sunshine,” said Schmertzler.

Ben Is Helpful

In the Wake of an Imminent Iranian Cyber-Attack, What Can You Do?

Last Friday, the U.S. assassinated Qasem Soleimani via drone strike, following claims that four American embassies were under possible threat. Since then, tensions have heightened in the region and the promise of a cyberattack on U.S. critical infrastructure is now imminent.

[series name under construction]

Refocusing dispel.io

Dispel launched a complete rebuild of https://dispel.io. Dispel's new website features more targeted content and user-friendly changes.

Tales From The Submarine

So What? Why Smart Systems Are Not Selling.

Why are we still hearing people on stage huff and puff about "smart systems", and why aren’t people actually selling “smart” systems? The reason, I would posit, is reaction time.

I Write Like I Talk

The Mystical Engineering Roadmap

The processes used to create engineering roadmaps are different for companies at different sizes, so allow me to give you a basic rundown of the different moving parts and some strategies

Ben Is Helpful

Of CFATS and Protecting Chemicals of Interest

The purpose of this series is to pick a subset of the “Critical Asset” class of facilities/devices and to dig in on the attached regulatory framework(s) with a direct focus on the elements of the framework related to cybersecurity.

The Joys Of Running A Company

How do you tell if a conference is worth attending?

Conference vendors abound. Running a startup, you'll get plenty of offers from a variety of people plying their trade, promising leads and glory. How do you tell if any of them are actually legitimate and worth your money?

Tales From The Submarine

Seeing The Flowers As Well As The Bull: What is Thought Leadership?

Why do companies pay tens of thousands of dollars to talk on stages at conferences? What you are seeing, when you sit in those sad auditoriums that smell of overcooked chicken and underbrewed coffee, is an arms race in Thought Leadership.

I Write Like I Talk

Jack Dorsey SIM Swapped

When I woke up this morning, I did not expect to have a hot take opinion on Twitters CEO Jack Dorsey being SIM swapped, allowing the attacker(s) to send several tweets from his account using the text to tweet service. But here we are, apparently.

Ben Is Helpful

Forcing RDP to use TLS Encryption

Windows Remote Desktop Protocol (RDP) is widely used by system administrators trying to provide remote operators access. In a shocking oversight this connection does not use strong encryption by default. This post will walk through the steps required to force TLS encryption on all RDP connections.

Tales From The Submarine

It is Convenience, Stupid

When you have spent nearly 40 million dollars building a system to solve a network security problem, I guarantee you will find it jarring when you start seeing it purchased for a usability feature you listed as 8th or 9th on the spec sheet.