The security world continues its fight against potential widespread exploitation of the critical remote code execution vulnerability - tracked as CVE-2021-44229 - in Apache's Log4j software library, versions 2.0-beta9 to 2.14.1, known as "Log4Shell" and "Logjam." This is a digest of ISMG's updates.
Cybersecurity risk has spread from IT to OT, and this combined business risk is a shared responsibility that includes senior leaders and even the board. What are each stakeholder's roles? Robert Lee of Dragos and Dawn Cappelli of Rockwell Automation preview their upcoming webinar on this topic.
Ransomware has captured the attention of many due to its far-reaching impacts on industrial control systems (ICS) and has become the primary attack vector for many industrial organisations in 2021. Once a problem that only affected IT infrastructure, incidents like Colonial Pipeline, Honeywell, and JB Foods showed...
Discover more about MITRE Engenuity’s first evaluation of the Industrial Control Systems (ICS) threat detection market and how the Dragos Platform and other participant solutions performed in a realistic demonstration attack against an Operational Technology (OT) environment.
This guide offers a high-level...
Ransomware attacks targeting IT networks disrupt everyday life when the safety and availability of operational technologies are at risk. Despite the valiant efforts of cyber professionals, security best practices and better “cyber hygiene” are ineffective against the blended approaches adversaries employ, and a...
Supply chain attacks and OT risks are not new, but they got taken to new lengths by cyber adversaries in 2021. The outlook for 2022: More of the same, says Jim Richberg of Fortinet. But he has ideas on how governments worldwide can improve their defenses and security postures.
Cybersecurity experts worry about attacks and ransomware directed at the 70,000 water and wastewater facilities in the U.S. In November 2020, the Hampton Roads Sanitation District was infected with Ryuk ransomware. Fortunately, its operational technology systems were unaffected, and it recovered.
There is a safer and potentially more profitable way to
conduct business along the manufacturing enterprise –
and the funny thing is it has been here all the time.
By applying API RP 754 and extending it with edge
analytics, it is possible for manufacturers to create a process safety
Digital transformation is well established in the business IT space, but it’s a different story for industrial process
control. Because reliability and safety are so critical to industries like oil and gas, these industries are more
cautious about adopting the newest technologies.
But what are the best ways to...
Securing operational technology (OT) systems for critical
infrastructure requires identifying and tracking a complete inventory
of all OT and IT endpoints. Only with a comprehensive inventory
that includes configuration data can companies protect against
unauthorized change, achieve compliance, mitigate risk...
As the frequency and severity of cyber attacks on industrial organizations increase, defenders are struggling to keep ahead of threats. Security leaders know that a unified IT and OT approach is critical to protecting the safety and availability of operations, but are faced with cultural and technical differences...
Congress has passed the $1.2 trillion physical infrastructure bill, which will inject $1.9 billion in new cybersecurity funding for the federal government. The bill, long held up in Congress, passed the House on Friday and moves to the desk of President Joe Biden, who plans to sign the measure into law.
While doing digital transformation, CISOs tend to look more at technology and try to adapt it without making the distinction between technologies that are must-have and good to have. Krishnamurthy Rajesh of ICRA says CISOs must analyze risks, update security, and change the mindset of employees.
Findings from CyberTheory's 2021 Third Quarter Review indicate that criminals are exploiting the open-source supply chain, and those exploits are proving much more difficult to identify, defend and stop in terms of complexity and depth than we've seen before, says CyberTheory's director, Steve King.
The business benefits of digital transformation in grid operations are tremendous, but this progress increases cyber risk to Operations Technology (OT) in the areas of safety, unscheduled downtime, and negative impact on corporate brand.
The good news is that there are practical steps utilities can take to enhance...