CISA is months behind a deadline set by President Biden in 2021 to provide voluntary guidance on OT security controls for critical infrastructure firms, but the agency announced at a House subcommittee hearing its plans for public-private information sharing and grants to smaller organizations.
In this episode of "Cybersecurity Unplugged," Mark Cristiano of Rockwell Automation discusses Rockwell's cybersecurity journey, the particular challenges of deploying cybersecurity in an OT environment, and the minimum and proper industrial protections that organizations need to have in place.
CISO Marcin Szczepanik recalls when his team's budget was cut dramatically after the onset of the pandemic. He wanted to invest in the latest state-of-the-art tools but prioritized his costs and focused on email security - a move that improved the company's level of cyber maturity.
In the latest "Proof of Concept," VP and CISO Nicole Darden Ford shares findings from Rockwell Automation's new survey report on cybersecurity preparedness in critical infrastructure, OT security gaps, the state of critical infrastructure, and insights into preparedness and best practices.
A recent survey sponsored by Rockwell Automation finds that critical infrastructure organizations miss basic protections for operational technology, with 80% failing to conduct frequent asset inventory audits, 63% lacking real-time threat monitoring and 42% needing effective patch management.
The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider. Through ineptitude or outright lying, this isn't the first time that a ransomware group has claimed the wrong victim.
Security executives at Black Hat USA 2022 discuss the latest cybersecurity trends from confidential computing and unified threat hunting languages to attack surface management and recovery services, social engineering campaigns and blockchain vulnerabilities.
Cyberattacks aren't just an annoyance but have real-world effects. Case in point: ransomware attacks on Colonial Pipeline and on food processor JBS. IBM Security's Chris McCurdy discusses these developments and security scenarios emerging from the cyber-physical fusion.
Critical infrastructure providers face a unique set of challenges when it comes to securing their environment from the cruciality of uptime to complying with new federal directives, according to Mark Cristiano, commercial director for Rockwell Automation's global services business.
As information technology - aka IT - and operational technology - aka OT - continue to converge, organizations must stay ahead of new security challenges and threats, says Mex Martinot, vice president and global head of industrial cybersecurity at Siemens Energy.
Former Rockwell Automation CISO Dawn Cappelli discusses the mission of the new Dragos OT-CERT - a cybersecurity resource designed to help industrial asset owners and operators build their OT cybersecurity programs, improve their security postures and reduce OT risk - and her role as its director.
Forescout has agreed to purchase startup Cysiv to help OT and IoT customers analyze, detect and respond to threats using cloud-native data analytics. The proposed acquisition will make it easier for customers to mine and cross-reference data that's stored on Forescout's platform.
In the latest weekly update, four ISMG editors discuss important cybersecurity issues, including the trending topics at this year's RSA Conference, how security researchers are tracking a zero-day vulnerability in Microsoft Office and what Broadcom's acquisition of VMware means for security.
John Kindervag, creator of Zero Trust, and two ISMG editors discuss whether we have advanced or regressed in security technology, implementing Zero Trust security in OT environments, and how federal agencies are progressing with Zero Trust adoption a year after the cybersecurity executive order.