The deployment of an asset management platform is helping Main Line Health gain deeper visibility and better security over the 100,000-plus medical devices and IoT gear used throughout the group's multiple hospitals and medical facilities, said CISO Aaron Weismann, who discusses the implementation.
AI has enhanced security in critical infrastructure, but integrating AI with legacy systems in OT environments presents challenges, said Sithembile Songo, group head of information security at Eskom, a utilities company in South Africa. Network segmentation is a must, he said.
Multiple critical vulnerabilities in Emerson Rosemount 370XA gas chromatographs could allow malicious actors to access sensitive data, cause denial-of-service conditions and execute arbitrary commands. Emerson recommends that end users update the firmware on the products.
Cisco remained atop Forrester's OT security rankings, Palo Alto Networks climbed into the leader space, and Claroty and Tenable fell to strong performer. The transition from a network-centric to an asset- and data-centric security model has introduced challenges, especially with legacy equipment.
In the latest weekly update, ISMG editors discussed critical infrastructure security challenges, a report on the 2022 Medibank breach compromising personal data for 10 million people, and Fortinet's acquisition to integrate Lacework's cloud-native security into its Security Fabric and SASE platform.
Cyber resilience has become more crucial than ever. Erwin Eimers, general manager, IT and cybersecurity and CIO/CISO of Sumitomo Chemical America, emphasized the importance of preparing for compromises and breaches, rather than just preventing them.
Cybersecurity workforce development is critical as IT and OT converge. Sean McBride, director of the informatics research institute at Idaho State University, advises organizations to train people with the "skills, attitudes and behaviors" to manage and protect critical systems.
The U.S. National Institute of Standards and Technology wants public feedback on the first draft publication of a new project that aims to better secure the water and wastewater sectors from emerging cyberthreats by focusing on common concerns affecting operational technology assets.
Cyber Florida: The Florida Center for Cybersecurity helps enhance cybersecurity resilience by assisting understaffed critical infrastructure entities across Florida. Ambassador Roland Miller emphasized the importance of helping smaller entities improve their cybersecurity defenses.
Modern security challenges such as increased remote work and interconnected applications demand robust strategies. Todd Beebe, information security officer at Freeport LNG, shared insights on developing cybersecurity programs for OT environments.
Anthony Perry, director IT and OT/IoT security at FedEx, shared strategies for developing robust OT security programs. At FedEx, the focus on OT and IoT security has grown over the past several years, driven by the need to protect the company's automation processes, Perry said.
Security leaders face significant challenges in securing OT environments, especially with increasing geopolitical disruptions and psychological barriers. Trish McGill, IT and OT cybersecurity expert at Ilionx, emphasized the importance of addressing these psychological factors to bridge the IT-OT divide.
Managing security in the oil and gas industry involves unique challenges as firms rely on both legacy systems and modern technologies. Many devices in use were built decades ago without current security guidelines, making them vulnerable to cyberattacks, said Bemi Anjous, CISO at Noble Drilling.
U.S. federal authorities are alerting healthcare entities about critical vulnerabilities in two medical device products from manufacturer Baxter. Both flaws can be exploited remotely, potentially jeopardizing patient care. Some experts say such disclosures in general need more attention.
Lorena Nunes, industrial cybersecurity specialist at Braskem, discusses how to bridge the cultural gap between IT and OT. She emphasizes the importance of building a cybersecurity culture and getting buy-in from leadership and rank-and-file employees.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.