CISA must update its plans to improve the security - both physical and cyber - within the nation's critical infrastructure, according to a report that specifically looked at issues related to the country's dams and levees. Attacks targeting critical infrastructure have raised the issue.
As DNS remains a favorite target for attack vectors, organizations need to build unified security by establishing harmonized DNS traffic and communication to prevent data exfiltration, say Alvin Rodrigues and Pankaj Chawla from Infoblox.
In addition to doing asset inventory, it is important to profile the risks of each asset to ensure OT security, says Mel Migriño, vice president and group CISO at Meralco, the largest power distribution unit in the Philippines.
2021 has more than confirmed the need to protect critical infrastructure from cyber threats. The Colonial Pipeline incident illustrated that an IT compromise of an organization that also has OT can have a disruptive impact on its industrial operations, even if the attackers fail to move laterally into the more...
This edition of the ISMG Security Report features an analysis initiatives unveiled by the Biden administration to enhance supply chain and critical infrastructure security and address the cybersecurity skills gap. Also featured: LockBit 2.0 ransomware rep 'tells all'; misconfigured Microsoft Power Apps.
The Biden administration unveiled a package of supply chain and critical infrastructure security initiatives following a meeting at the White House with tech executives and others. Companies such as Google and Microsoft also promised billions in spending on cybersecurity over the next several years.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the evolution of fraud trends and the challenges in implementing the "zero trust" framework in the OT environment.
Implementing the "zero trust" model in the OT environment can prove to be more difficult than in the IT environment because many OT systems are older, cannot easily be replaced and may be difficult to monitor, according to two experts.
What are the latest cybersecurity issues? Join four Information Security Media Group editors as they describe the top issues of the week, including the risk of cyberattacks provoking a kinetic response, as well as top healthcare CISOs' tips for handling supply chain security, resiliency and ransomware.
OT, IoT, IIoT - each has critical distinctions, and each is increasingly vital to protecting the world's critical infrastructure from crippling cyberattacks. In a panel discussion, cybersecurity leaders discuss what it takes to get the C-suite's attention to prioritize this new generation of risk.
The widely used NicheStack TCP/IP stack has 14 vulnerabilities that, if exploited, could allow for remote code execution, denial of service, information leaks, TCP spoofing or DNS cache poisoning, according to researchers at Forescout and JFrog. But patches are now available.
The growing adoption of smart manufacturing and connected operations combined with today’s highly robust threat landscape requires a renewed commitment to industrial security.
With Defense-in-Depth security, you can better secure your organization at all levels. This eBook touches on every level of threat...
Industrial companies around the world are undergoing a digital transformation and moving toward smart manufacturing. The value of smart manufacturing begins with a secure and reliable infrastructure.
This eBook provides a step-by-step playbook of the journey toward connection by mapping your journey, setting...
You can enhance your security posture of your connected enterprise with threat detection services that help improve the visibility of a connected plant floor by continuous monitoring of OT/IT assets.
This white paper discusses considerations for each phase of the attack continuum. These key insights cover the...
Ransomware-wielding criminals continue to find innovative new ways to extort victims, develop technically and sidestep skills shortages by delivering ransomware as a service, said Robert Hannigan, the former head of U.K. intelligence agency GCHQ, in his Infosecurity Europe 2021 virtual keynote speech.