As the frequency and severity of cyber attacks on industrial organizations increase, defenders are struggling to keep ahead of threats. Security leaders know that a unified IT and OT approach is critical to protecting the safety and availability of operations, but are faced with cultural and technical differences...
Congress has passed the $1.2 trillion physical infrastructure bill, which will inject $1.9 billion in new cybersecurity funding for the federal government. The bill, long held up in Congress, passed the House on Friday and moves to the desk of President Joe Biden, who plans to sign the measure into law.
While doing digital transformation, CISOs tend to look more at technology and try to adapt it without making the distinction between technologies that are must-have and good to have. Krishnamurthy Rajesh of ICRA says CISOs must analyze risks, update security, and change the mindset of employees.
Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.
The business benefits of digital transformation in grid operations are tremendous, but this progress increases cyber risk to Operations Technology (OT) in the areas of safety, unscheduled downtime, and negative impact on corporate brand.
The good news is that there are practical steps utilities can take to enhance...
As enterprises invest heavily in digital transformation, industrial cybersecurity will increasingly serve as the critical enabler for safely and securely advancing business goals through technological innovation.
While advancing connectivity and digitalization of operational technology (OT) provides significant...
Industrial asset owners know that protecting the integrity of their systems is critical for maintaining operations, but the challenges around cybersecurity vulnerabilities make that job much harder. As environments become more connected, and attackers become more advanced, staying a step ahead has never been more...
U.S. federal agencies issued a joint advisory around potential cyber threats to the nation's water facilities. They cite "ongoing malicious cyber activity - by both known and unknown actors - targeting the IT and OT technology networks, systems and devices" of U.S. water and wastewater systems.
MITRE, the not-for-profit organization that works across governmental and federal agencies, as well as various industrial verticals and academia, has set up The Cyber Infrastructure Protection Innovation Center and The Clinical Insights Innovation Cell to protect healthcare.
Recent years have seen
firms in electricity generation and distribution, oil, and gas facing increasingly sophisticated
cybersecurity attacks. And the stakes in the energy sector are significantly high.
In May 2021, a cyber attack hit Colonial Pipeline1, and though the attack targeted the company’s
Researchers at Ben-Gurion University of the Negev, Israel, have uncovered a new type of electromagnetic attack, dubbed LANtenna, that exfiltrates sensitive data from an isolated, air-gapped computer using Ethernet cables as transmitting antennas.
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
Dragos is currently tracking 3000+ Common Vulnerabilities and Exposures (CVEs) that affect ICS/OT networks. Of those, more than 400 CVEs have at least one publicly available exploit. Public exploits affect every level of an industrial environment, providing adversaries pre-packaged tools capable of infiltrating an...
If you're not "on board" with the Functional Safety Standard EN 50128:2011 - “Railway
applications - Communication, signaling and processing systems - Software for
railway control and protection systems" - you'll need to run to catch up.
Currently the systems included under EN 50128 include
Like his peer CISOs, Amit Basu of International Seaways is concerned about complexity and the shifting landscape. But not just the threat landscape – he also is challenged by the shifting dynamics of business priorities and processes, as well as what "protection" in this new environment now entails.