In addition to doing asset inventory, it is important to profile the risks of each asset to ensure OT security, says Mel Migriño, vice president and group CISO at Meralco, the largest power distribution unit in the Philippines.
The direct link between firstline workers and business results hasn’t gone unnoticed. A recent survey by Harvard Business Review Analytic Services of 600 global executives found 88% of the respondents asserting that digital transformation has increased the need to equip firstline workers with digital...
2021 has more than confirmed the need to protect critical infrastructure from cyber threats. The Colonial Pipeline incident illustrated that an IT compromise of an organization that also has OT can have a disruptive impact on its industrial operations, even if the attackers fail to move laterally into the more...
This edition of the ISMG Security Report features an analysis initiatives unveiled by the Biden administration to enhance supply chain and critical infrastructure security and address the cybersecurity skills gap. Also featured: LockBit 2.0 ransomware rep 'tells all'; misconfigured Microsoft Power Apps.
The Biden administration unveiled a package of supply chain and critical infrastructure security initiatives following a meeting at the White House with tech executives and others. Companies such as Google and Microsoft also promised billions in spending on cybersecurity over the next several years.
In the latest weekly update, four editors at Information Security Media Group discuss important cybersecurity issues, including the evolution of fraud trends and the challenges in implementing the "zero trust" framework in the OT environment.
What are the latest cybersecurity issues? Join four Information Security Media Group editors as they describe the top issues of the week, including the risk of cyberattacks provoking a kinetic response, as well as top healthcare CISOs' tips for handling supply chain security, resiliency and ransomware.
OT, IoT, IIoT - each has critical distinctions, and each is increasingly vital to protecting the world's critical infrastructure from crippling cyberattacks. In a panel discussion, cybersecurity leaders discuss what it takes to get the C-suite's attention to prioritize this new generation of risk.
The widely used NicheStack TCP/IP stack has 14 vulnerabilities that, if exploited, could allow for remote code execution, denial of service, information leaks, TCP spoofing or DNS cache poisoning, according to researchers at Forescout and JFrog. But patches are now available.
The lack of adequate security features in critical electric grid equipment that's made in other nations poses a serious U.S. cybersecurity threat, federal officials said this week. Supply chain attacks could take down the grid and result in a lengthy recovery period, they told Congress.
A bipartisan group of senators is pushing a bill that would require CISA to identify and respond to vulnerabilities and threats that target industrial control systems. The House has already passed a similar measure.
In the world of operational technology (OT), one small change or networking issue can have a significant effect on production, automation systems and even safety. Staying on top of what’s happening in the control network is mission critical – but one can’t monitor and manage what you can’t see.
U.S. water treatment facilities are increasingly vulnerable to cyberthreats to their IT networks as well as their OT systems, according to experts who testified at a Senate committee hearing this week.
Transportation and logistics organizations are rapidly evolving to improve their service levels and
efficiency. At the same time, safety has never been more important, as risks from cyber threats
increase. The World Economic Forum cited cyberattacks on critical infrastructure, including
transportation, as the...
To improve cyber resilience, many utilities are evaluating
options for augmenting the cybersecurity of their OT and
IoT networks. One fundamental security best practice is
having real-time visibility into cybersecurity attacks, risks
This paper illustrates how a network visibility...