The Biden administration will put more critical infrastructure sectors, such as water, under mandates to ensure minimal cybersecurity standards. The White House is also ramping up interest in consumer cybersecurity by initiating a labeling program for the internet of things.
Made up of 3,000 public utilities, the U.S. power grid has many weak links in its cyber defenses. Regulators can fine utilities for service outages, but a proposed federal program and recent Purdue University study say financial incentives will help firms make the right security investments.
The U.S. Department of Defense uncovered almost 350 vulnerabilities in the department's networks as part of its experimental bug bounty program launched on American Independence Day. The weeklong bug bounty challenge called "Hack U.S." ran from July Fourth to July 11.
The Department of Treasury and the Cybersecurity and Infrastructure Security Agency are soliciting comments on whether risks to critical infrastructure from a catastrophic cyberattack - and the concurrent potential for ruinous financial exposure by insurers - should lead to a new federal approach.
Public water systems in the United States will continue connecting control systems to the internet despite the risks, members of the House Homeland Security Committee heard today. Water systems need network connectivity for remote repairs, said an official with the National Rural Water Association.
CISA is months behind a deadline set by President Biden in 2021 to provide voluntary guidance on OT security controls for critical infrastructure firms, but the agency announced at a House subcommittee hearing its plans for public-private information sharing and grants to smaller organizations.
A Texas nonprofit, safety net medical center is still struggling to fully bring its communications and other systems back online two weeks after a ransomware attack in which cybercriminals have demanded a ransom in the "tens of millions of dollars.
The U.S. government accused Iran of turning a blind eye to ransomware hackers after indicting three men affiliated with the Islamic Revolutionary Guard Corps. Authorities say their attacks affected critical infrastructure including healthcare centers, transportation services and utility providers.
Albania cut diplomatic ties with Iran following a July cyberattack that disrupted the country's online governmental services portal. Prime Minister Edi Rama today said he gave Iranian diplomats 24 hours to depart the country after establishing Iranian responsibility for the cyberattack.
In the latest "Proof of Concept," VP and CISO Nicole Darden Ford shares findings from Rockwell Automation's new survey report on cybersecurity preparedness in critical infrastructure, OT security gaps, the state of critical infrastructure, and insights into preparedness and best practices.
A recent survey sponsored by Rockwell Automation finds that critical infrastructure organizations miss basic protections for operational technology, with 80% failing to conduct frequent asset inventory audits, 63% lacking real-time threat monitoring and 42% needing effective patch management.
California's largest public school district and the second-largest in the U.S. is undergoing a ransomware attack. The attack has disrupted the district's email system but fundamental school system functions - including instruction and transportation, food and after-school programs - are unaffected.
Post-pandemic, in the new era of hybrid work, Mastercard CSO Ron Green says the unintentional insider threat is one of his top concerns for member institutions and their customers. He shares insight on threats, partnerships and how the public and private sectors can address workforce development.
The role and impact of criminal hackers and volunteer hacktivists in the Russia-Ukraine war has been vastly overestimated, a team of cybersecurity researchers report, based not just on charting distributed denial-of-service attacks and defacements but also on interviews with participants.
Retired U.S. General Gregory Touhill (Director of the Software Engineering Institute’s CERT Division) and former Rockwell Automation CISO Dawn Cappelli sat down for a interview with ISMG’s Tom Field, SVP of Editorial, to discuss the 2022 Rockwell Automation research report on cybersecurity preparedness in Critical...