We’re in the 4th Industrial Revolution, and it came unannounced...that's the backdrop of this 2022 study. The revolution came with smart devices, automation, cloud migration and a new streamlined ability to engage with customers and partners - along with the vulnerabilities inherent in legacy technology: the...
Securing hybrid and multi-cloud workloads and supporting infrastructures is a daunting challenge for many organizations. Tried and trusted on-premises approaches and tools often don’t easily translate to the cloud and cloud-native monitoring and security tools are often platform specific making it difficult to gain...
Federal authorities are advising healthcare sector entities to take precautions, including enhancing their cybersecurity posture and being prepared to implement four- to six-week business continuity plans, as they continue to face potential cyber incidents related to the Russia-Ukraine war.
"All too often we hear that our industrial control systems have no security. That's not true," says Kevin Jones, group CISO of Airbus. In fact, he states, "some of these systems have been designed with security encapsulating them and security around them." He discusses enhancing cyber resilience.
The security world continues its fight against potential widespread exploitation of the critical remote code execution vulnerability - tracked as CVE-2021-44229 - in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell" and "Logjam." This is a digest of ISMG's updates.
Ransomware has captured the attention of many due to its far-reaching impacts on industrial control systems (ICS) and has become the primary attack vector for many industrial organisations in 2021. Once a problem that only affected IT infrastructure, incidents like Colonial Pipeline, Honeywell, and JB Foods showed...
There is a safer and potentially more profitable way to
conduct business along the manufacturing enterprise –
and the funny thing is it has been here all the time.
By applying API RP 754 and extending it with edge
analytics, it is possible for manufacturers to create a process safety
Digital transformation is well established in the business IT space, but it’s a different story for industrial process
control. Because reliability and safety are so critical to industries like oil and gas, these industries are more
cautious about adopting the newest technologies.
But what are the best ways to...
Securing operational technology (OT) systems for critical
infrastructure requires identifying and tracking a complete inventory
of all OT and IT endpoints. Only with a comprehensive inventory
that includes configuration data can companies protect against
unauthorized change, achieve compliance, mitigate risk...
Congress has passed the $1.2 trillion physical infrastructure bill, which will inject $1.9 billion in new cybersecurity funding for the federal government. The bill, long held up in Congress, passed the House on Friday and moves to the desk of President Joe Biden, who plans to sign the measure into law.
Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.
Recent years have seen
firms in electricity generation and distribution, oil, and gas facing increasingly sophisticated
cybersecurity attacks. And the stakes in the energy sector are significantly high.
In May 2021, a cyber attack hit Colonial Pipeline1, and though the attack targeted the company’s
The world is experiencing a cybercrime pandemic, which is a direct consequence of COVID-19, according to Amit Basu, CISO and CIO at International Seaways. He offers proactive prevention measures, based on his own experience, for how organizations can stay safe and secure.
If you're not "on board" with the Functional Safety Standard EN 50128:2011 - “Railway
applications - Communication, signaling and processing systems - Software for
railway control and protection systems" - you'll need to run to catch up.
Currently the systems included under EN 50128 include
Like his peer CISOs, Amit Basu of International Seaways is concerned about complexity and the shifting landscape. But not just the threat landscape - he also is challenged by the shifting dynamics of business priorities and processes, as well as what "protection" in this new environment now entails.