Norway's railway network, Bane NOR, is undergoing a nationwide digitization process. Its CISO, Tom Remberg, describes the task of replacing legacy technology with digital train control and traffic management systems and how his role as CISO is critical to making that transformation happen.
Federal regulators are reminding healthcare organizations about the critical importance of addressing security risks involving legacy systems and devices - including specialty software and gear - that are often difficult for entities to replace. What steps should entities take?
While doing digital transformation, CISOs tend to look more at technology and try to adapt it without making the distinction between technologies that are must-have and good to have. Krishnamurthy Rajesh of ICRA says CISOs must analyze risks, update security, and change the mindset of employees.
Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.
U.S. federal agencies issued a joint advisory around potential cyber threats to the nation's water facilities. They cite "ongoing malicious cyber activity - by both known and unknown actors - targeting the IT and OT technology networks, systems and devices" of U.S. water and wastewater systems.
Criminal hackers don't break for lunches, weekends or holidays. Of course, that's just one of many challenges facing information security teams, as they attempt to maximize visibility and minimize complexity while protecting their business around the clock, says Peter Van Lierde, the CISO of energy firm Sibelga.
How does one begin to secure the digital transformation journey in two legacy enterprises? Kush Sharma, principal for Sharma and Company and former CISO for the city of Toronto, shares his experience and offers advice on investing in and integrating technologies.
In today’s modern work environment, desktop virtualization has skyrocketed to the top of the list of IT priorities. Business leaders need to deliver virtual desktops and apps that offer the flexibility to respond to rapidly changing demands without the complexities associated with managing on-premises...
CISA must update its plans to improve the security - both physical and cyber - within the nation's critical infrastructure, according to a report that specifically looked at issues related to the country's dams and levees. Attacks targeting critical infrastructure have raised the issue.
In addition to doing asset inventory, it is important to profile the risks of each asset to ensure OT security, says Mel Migriño, vice president and group CISO at Meralco, the largest power distribution unit in the Philippines.
When Conrad Bell joined C Spire, the cybersecurity team numbered one - him. Today he has a thriving team. The VP and CISO explains how he built it, describes the skills he values and tells how this team is helping the telecommunications firm respond to today's daunting cybersecurity challenges.
This edition of the ISMG Security Report features an analysis initiatives unveiled by the Biden administration to enhance supply chain and critical infrastructure security and address the cybersecurity skills gap. Also featured: LockBit 2.0 ransomware rep 'tells all'; misconfigured Microsoft Power Apps.
The Biden administration is hosting a White House meeting Wednesday with technology, banking, insurance and education executives to focus on cybersecurity and national security issues, such as protecting critical infrastructure from attacks and how to hire more security professionals to meet demand.
While the U.S. government is making strides in improving the nation's cybersecurity, it needs to do more to protect critical infrastructure from attacks and create public-private partnerships to improve national security, the Cyberspace Solarium Commission notes in a report published Thursday.
The Office of Management and Budget is ordering federal agencies to begin identifying "critical software" that needs protection as part of the effort to fulfill President Biden's cybersecurity executive order. Executive branch agencies then will have a year to implement security measures.