news analysisICS malware FrostyGoop disrupted heating in Ukraine, remains threat to OT worldwideThe malware leverages Modbus TCP communications to target operational technology assets — and can easily be repurposed to compromise other industrial controllers, putting widespread critical infrastructure at risk.By Lucian Constantin23 Jul 20245 minsMalwareCritical InfrastructureNetwork Security feature Inside the world’s largest ‘live-fire’ cyber-defense exerciseBy Mario Moreno19 Jul 20247 minsCyberattacksIT Training Critical Infrastructureopinion Legacy systems are the Achilles’ heel of critical infrastructure cybersecurityBy Christopher Burgess08 Jul 20248 minsThreat and Vulnerability ManagementCritical InfrastructureSecurity Practices featureHijack of monitoring devices highlights cyber threat to solar power infrastructureBy Cynthia Brumfield 23 May 20249 minsEnergy IndustryUtilities IndustryCritical Infrastructure news analysisBiden delivers updated take on security for critical infrastructure By Cynthia Brumfield 02 May 20248 minsGovernmentThreat and Vulnerability ManagementCritical Infrastructure featureTop 10 physical security considerations for CISOsBy Ericka Chickowski 23 Apr 202414 minsCritical InfrastructureSecurity InfrastructureSecurity news analysisLawmakers see power grid security risks from Chinese storage batteriesBy Cynthia Brumfield 16 Feb 202411 minsAdvanced Persistent ThreatsGovernmentCritical Infrastructure opinionA changing world requires CISOs to rethink cyber preparednessBy Christopher Whyte 13 Feb 202412 minsCSO and CISOCritical InfrastructureRisk Management newsCISA takes on US state election security issues, deploys inspectorsBy Jon Gold 09 Feb 20243 minsElection HackingGovernmentCritical Infrastructure ArticlesopinionDefend critical infrastructure from cyber threats like the US Navy protects ships Smart cities, power grids, and other distributed critical infrastructure could learn from how the US Navy protects the mission-readiness of its deployed fleet.By Tracy Gregorio 25 Jan 2024 6 minsThreat and Vulnerability ManagementCritical InfrastructurefeatureCivilian cyber reserves gaining steam at the US federal and state levelsVolunteer cybersecurity reserve workforces are growing in the face of infosec worker shortages, with US CyberCommand recently authorized in the 2024 NDAA to create its own civilian cybersecurity reserve corps.By Cynthia Brumfield 24 Jan 2024 7 minsGovernmentCritical InfrastructureCareersnews analysisMonths long AsyncRAT campaign targeted key US infrastructure employeesAttackers used more than 300 samples of the malicious tool and more than 100 domains to evade detection.By Lucian Constantin 09 Jan 2024 5 minsAdvanced Persistent ThreatsCyberattacksMalwarenewsAustralian government opens consultation on mandatory ransomware reporting obligationConsultation proposes new cybersecurity legislation for IoT devices, ransomware reporting and amendments to the Security of Critical Infrastructure Act 2018.By Samira Sarraf 20 Dec 2023 9 minsGovernment ITRansomwareCritical Infrastructurenews analysis2024 US NDAA boosts nuclear cybersecurity, highlights artificial intelligenceThis year's annual national defense funding bill is chock-full of cybersecurity-related provisions with spending focused on nuclear weapons and systems security, artificial intelligence, digital diplomacy, and much more.By Cynthia Brumfield 18 Dec 2023 8 minsMilitaryGenerative AICritical Infrastructurenews analysisWater system attacks spark calls for cybersecurity regulationThe Iranian CyberAv3ngers group’s simplistic exploitation of Unitronics PLCs highlights the cybersecurity weaknesses in US water utilities, the need to get devices disconnected from the internet, and renewed interest in regulation.By Cynthia Brumfield 11 Dec 2023 11 minsRegulationCyberattacksCritical Infrastructurenews analysisRussia's Fancy Bear launches mass credential collection campaigns The campaigns exploit Outlook and WinRAR flaws to target government, defense, and other entities, and they represent a change of tactic for the APT28 group. By Lucian Constantin 05 Dec 2023 5 minsAdvanced Persistent ThreatsCritical InfrastructureVulnerabilitiesnews analysisAustralia’s cybersecurity strategy focuses on protecting small businesses and critical infrastructureThe Australian federal government released the 2023-2030 cybersecurity strategy, which focuses on protecting households and small businesses and has big expectations from telecommunications providers.By Samira Sarraf 21 Nov 2023 8 minsSmall and Medium BusinessGovernmentCritical Infrastructurenews analysisChina, Ukraine, and Israel in the cyberwar spotlight as tensions riseWith active kinetic wars in two major global arenas and fears that China is stealthily infiltrating critical infrastructure for future cyber disruption, experts at this year’s Cyberwarcon painted a picture of the growing harm that malicious cyber tools can wreak.By Cynthia Brumfield 13 Nov 2023 8 minsAdvanced Persistent ThreatsCyberattacksCritical InfrastructurenewsGenerative AI to fuel stronger phishing campaigns, information operations at scale in 2024Google Cloud forecasts continued use of gen AI to create smarter campaigns while cybersecurity pros will use the same tools to defend and close the skills gap.By Samira Sarraf 08 Nov 2023 6 minsPhishingCyberattacksGenerative AInewsUS launches “Shields Ready” campaign to secure critical infrastructureShields Ready initiative outlines strategies for preparing critical infrastructure organizations for potential disruption and building more resilience into systems, facilities, and processes.By Michael Hill 08 Nov 2023 3 minsGovernmentComplianceCritical InfrastructurenewsMPs to examine cyber resilience of UK’s critical national infrastructureThe UK Parliament’s Science and Technology Committee has launched an inquiry into the cyber resilience of the nation’s critical national infrastructureBy Michael Hill 26 Oct 2023 4 minsCyberattacksCritical Infrastructure Show more Show less View all Resources whitepaper Best Practices in Cybersecurity and Cyber Resilience In today’s digital world, consumers and employees expect organizations of all types and sizes to operate without interruption. In fact, contractual obligations and service level agreements demand it. The post Best Practices in Cybersecurity and Cyber Resilience appeared first on Whitepaper Repository –. By Cohesity Inc. 26 Aug 2024Business OperationsCybercrimeData and Information Security whitepaper Cyber resilience in the ransomware era By Cohesity Inc. 26 Aug 2024Business OperationsCybercrimeSecurity whitepaper Unlock the power of AI and ML for data protection By Cohesity Inc. 26 Aug 2024Artificial IntelligenceBusiness OperationsMachine Learning View all Video on demand videoWhat the Colonial Pipeline ransomware attack suggests about critical infrastructure securityThe largest fuel pipeline in the United States, Colonial Pipeline, halted operations because of a ransomware attack. The attack was carried out by the cybercriminal group DarkSide. Much of the pipeline remains offline, although the pipeline operator aims to restore service by the end of the week. Mark Weatherford is the CISO at AlertEnterprise, Chief Strategy Officer at the National Cybersecurity Center and the former Deputy Under Secretary for Cybersecurity at the U.S. Department of Homeland Security. He joins Juliet to discuss what the Colonial Pipeline attack suggests about the state of critical infrastructure security, national security concerns and what steps critical infrastructure companies should take to secure their enterprise. 12 May 2021 22 minsRansomwareCyberattacksCritical Infrastructure Are mass transit systems the next cybersecurity target? | Salted Hash Ep 14 15 Jan 2018 9 minsApplication SecurityCritical InfrastructureCybercrime See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos feature How to ensure cybersecurity strategies align with the company’s risk tolerance By Rosalyn Page 03 Sep 202410 mins CSO and CISORisk Management news North Korean hackers actively exploited a critical Chromium zero-day By Shweta Sharma 02 Sep 20243 mins Zero-day vulnerability feature Ransomware recovery: 8 steps to successfully restore from backup By Maria Korolov 02 Sep 202417 mins RansomwareMalwareBackup and Recovery podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins RansomwareZero TrustCloud Security video CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO video Cybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with Resilience 10 Jul 202424 mins CSO and CISO