CISO Marcin Szczepanik recalls when his team's budget was cut dramatically after the onset of the pandemic. He wanted to invest in the latest state-of-the-art tools but prioritized his costs and focused on email security - a move that improved the company's level of cyber maturity.
In the latest "Proof of Concept," VP and CISO Nicole Darden Ford shares findings from Rockwell Automation's new survey report on cybersecurity preparedness in critical infrastructure, OT security gaps, the state of critical infrastructure, and insights into preparedness and best practices.
A recent survey sponsored by Rockwell Automation finds that critical infrastructure organizations miss basic protections for operational technology, with 80% failing to conduct frequent asset inventory audits, 63% lacking real-time threat monitoring and 42% needing effective patch management.
How has the role of a CISO evolved over the years, and what are some of the areas in which it has changed? Sapan Talwar, global CISO at a manufacturing firm, shares his journey and talks about the technologies that he is passionate about.
The Cl0p ransomware group has been attempting to extort Thames Water, a public utility in England. Just one problem: the group attacked an entirely different water provider. Through ineptitude or outright lying, this isn't the first time that a ransomware group has claimed the wrong victim.
Security executives at Black Hat USA 2022 discuss the latest cybersecurity trends from confidential computing and unified threat hunting languages to attack surface management and recovery services, social engineering campaigns and blockchain vulnerabilities.
Cyberattacks aren't just an annoyance but have real-world effects. Case in point: ransomware attacks on Colonial Pipeline and on food processor JBS. IBM Security's Chris McCurdy discusses these developments and security scenarios emerging from the cyber-physical fusion.
Many of the principles for defending your IT environment apply to industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems and other OT. But securing OT has additional complexities and considerations.
We’ve created this resource guide with more than 80 useful reference links,...
Are You Prepared To Deal With Rising OT Cybersecurity Threats?
Critical Infrastructure organizations increasingly realize that downtime from cyberattack can be catastrophic. The Colonial Pipeline ransomware attack, for example, resulted in 5 days of downtime, millions of dollars in ransoms, recovery and federal...
Compare your scores to industry peers for key industrial security protections.
Attacks on Critical Infrastructure are on the rise. Organizations need to leverage modern industrial security practices to avoid preventable breaches and the costly downtime, damage and public safety risks they cause. This quick...
OT security has been at the center of the security conversation ever since the Colonial Pipeline attacks. Scott Flower, the founder of Pareto Cyber and a former global intelligence officer at FS-ISAC, discusses the challenges in OT security and where the industry needs to go.
Hacking group Gonjeshke Darande, or Predatory Sparrow in Persian, is claiming responsibility for hacking Iranian manufacturer Khouzestan Steel Company. The company shut down operations, but semiofficial Mehr News Agency reports that the factory is expected to return to normal by the end of today.
The U.S. Cybersecurity and Infrastructure Security Agency has begun issuing alerts about 56 flaws across operational technology equipment built by 10 different vendors. Researchers at Forescout Technologies say the flaws trace to poor design decisions by vendors.
Siemens is advising its SINEC NMS customers to update to version V1.0 SP2 or newer in order to prevent exploitation of vulnerabilities that could allow remote execution of malicious code. As an alternative, customers could just restrict access to affected systems to trusted IP addresses only.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.asia, you agree to our use of cookies.