news analysisICS malware FrostyGoop disrupted heating in Ukraine, remains threat to OT worldwideThe malware leverages Modbus TCP communications to target operational technology assets — and can easily be repurposed to compromise other industrial controllers, putting widespread critical infrastructure at risk.By Lucian Constantin23 Jul 20245 minsMalwareCritical InfrastructureNetwork Security feature Inside the world’s largest ‘live-fire’ cyber-defense exerciseBy Mario Moreno19 Jul 20247 minsCyberattacksIT Training Critical Infrastructureopinion Legacy systems are the Achilles’ heel of critical infrastructure cybersecurityBy Christopher Burgess08 Jul 20248 minsThreat and Vulnerability ManagementCritical InfrastructureSecurity Practices featureHijack of monitoring devices highlights cyber threat to solar power infrastructureBy Cynthia Brumfield 23 May 20249 minsEnergy IndustryUtilities IndustryCritical Infrastructure news analysisBiden delivers updated take on security for critical infrastructure By Cynthia Brumfield 02 May 20248 minsGovernmentThreat and Vulnerability ManagementCritical Infrastructure featureTop 10 physical security considerations for CISOsBy Ericka Chickowski 23 Apr 202414 minsCritical InfrastructureSecurity InfrastructureSecurity news analysisSiemens, other vendors patch critical ICS product vulnerabilitiesBy Lucian Constantin 20 Mar 20244 minsCritical InfrastructureVulnerabilities opinion5 ways private organizations can lead public-private cybersecurity partnershipsBy Christopher Whyte 20 Mar 202413 minsCSO and CISOCritical Infrastructure news analysisChinese espionage a prime concern for connected vehiclesBy Cynthia Brumfield 12 Mar 20249 minsAdvanced Persistent ThreatsGovernmentCritical Infrastructure Articlesnews analysisInternational warning: Attackers could gain persistence on Ivanti VPN appliances Researchers identify methods that could allow attackers to bypass Ivanti integrity checks for recent attacks, perhaps surviving factory resets.By Lucian Constantin 01 Mar 2024 7 minsAdvanced Persistent ThreatsCritical InfrastructureVulnerabilitiesnews analysisThree new advanced threat groups targeted industrial organizations last yearThreat actors continue to target operational technology assets of industrial organizations, but the quality of vulnerability information and mitigation advice is lacking.By Lucian Constantin 28 Feb 2024 7 minsAdvanced Persistent ThreatsThreat and Vulnerability ManagementCritical Infrastructurenews analysisBiden order bars data broker sale of Americans’ sensitive data to adversariesPresident Biden issued an executive order to bar data brokers from selling American’s sensitive data to “countries of concern,” ordering a slew of actions by the Justice Department and other government agencies that would deny adversaries access to the highly prized information.By Cynthia Brumfield 28 Feb 2024 10 minsGovernmentData PrivacyCritical InfrastructurefeatureRussia's use of malware to enhance election influence operations sign of things to comeNew research shows that Russia used click-fraud malware to enhance the visibility of its troll farm content in the 2016 US presidential campaign, and the practice likely continues in this big election year globally.By Christopher Whyte 28 Feb 2024 11 minsAdvanced Persistent ThreatsElection HackingMalwarenews analysisNIST releases expanded 2.0 version of the Cybersecurity FrameworkThe US National Institute of Standards and Technology released the 2.0 version of its Cybersecurity Framework, focusing more on governance and supply chain issues and offering resources to speed the framework’s implementation.By Cynthia Brumfield 27 Feb 2024 6 minsIT Governance FrameworksSupply ChainCritical Infrastructurenews analysisBiden's maritime cybersecurity actions target China threatsThe White House announced a new executive order and other actions to strengthen the cybersecurity of the maritime industry and ports while seeking to revive a domestic crane industry and wean America off Chinese-made port cranes.By Cynthia Brumfield 22 Feb 2024 9 minsAdvanced Persistent ThreatsGovernmentCritical InfrastructureopinionCritical infrastructure attacks aren't all the same: Why it matters to CISOsRecent warnings about advanced persistent threats from China against critical infrastructure suggest a shift in goals, but other nation-state adversaries have their own agendas.By Christopher Whyte 22 Feb 2024 12 minsAdvanced Persistent ThreatsCritical Infrastructurenews analysisLawmakers see power grid security risks from Chinese storage batteriesLawmakers and experts fear that the use of Chinese storage batteries could threaten the power grid, but few alternatives are in the offing, at least in the short term.By Cynthia Brumfield 16 Feb 2024 11 minsAdvanced Persistent ThreatsGovernmentCritical InfrastructureopinionA changing world requires CISOs to rethink cyber preparednessCISOs should consider a more values-oriented, socially informed approach to cyber risk as global conflict grows and many governments could change in key elections.By Christopher Whyte 13 Feb 2024 12 minsCSO and CISOCritical InfrastructureRisk ManagementnewsCISA takes on US state election security issues, deploys inspectorsRegional inspectors will help bolster US election security ahead of 2024 presidential voting.By Jon Gold 09 Feb 2024 3 minsElection HackingGovernmentCritical InfrastructureopinionDefend critical infrastructure from cyber threats like the US Navy protects ships Smart cities, power grids, and other distributed critical infrastructure could learn from how the US Navy protects the mission-readiness of its deployed fleet.By Tracy Gregorio 25 Jan 2024 6 minsThreat and Vulnerability ManagementCritical InfrastructurefeatureCivilian cyber reserves gaining steam at the US federal and state levelsVolunteer cybersecurity reserve workforces are growing in the face of infosec worker shortages, with US CyberCommand recently authorized in the 2024 NDAA to create its own civilian cybersecurity reserve corps.By Cynthia Brumfield 24 Jan 2024 7 minsGovernmentCritical InfrastructureCareers Show more Show less View all Resources whitepaper Real-Time, All the Time: Fuelling AI success through a continuous data stream With AI dominating conversations everywhere, practitioners and executives are seeking answers: How to succeed with GenAI? Delivering on AI initiatives requires the right strategy, platform and data stack. The post Real-Time, All the Time: Fuelling AI success through a continuous data stream appeared first on Whitepaper Repository –. By StreamSets 26 Aug 2024Artificial IntelligenceData and Information SecurityData Management whitepaper 2023 GigaOm Radar Report on Autonomous Security Operation Center (SOC) Solutions [XSIAM] By Palo Alto Networks 11 Jul 2024Artificial IntelligenceSecuritySecurity Software whitepaper XSIAM E-Book: Machine-Led, Human-Empowered Platform By Palo Alto Networks 11 Jul 2024SecuritySecurity InfrastructureSecurity Operations Center View all Video on demand videoWhat the Colonial Pipeline ransomware attack suggests about critical infrastructure securityThe largest fuel pipeline in the United States, Colonial Pipeline, halted operations because of a ransomware attack. The attack was carried out by the cybercriminal group DarkSide. Much of the pipeline remains offline, although the pipeline operator aims to restore service by the end of the week. Mark Weatherford is the CISO at AlertEnterprise, Chief Strategy Officer at the National Cybersecurity Center and the former Deputy Under Secretary for Cybersecurity at the U.S. Department of Homeland Security. He joins Juliet to discuss what the Colonial Pipeline attack suggests about the state of critical infrastructure security, national security concerns and what steps critical infrastructure companies should take to secure their enterprise. 12 May 2021 22 minsRansomwareCyberattacksCritical Infrastructure Are mass transit systems the next cybersecurity target? | Salted Hash Ep 14 15 Jan 2018 9 minsApplication SecurityCritical InfrastructureCybercrime See all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics All topics Close Application Security Business Continuity Business Operations Careers Cloud Security Compliance Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management Security Security Infrastructure Software Development Vulnerabilities Generative AI Show me morePopularArticlesPodcastsVideos feature How to ensure cybersecurity strategies align with the company’s risk tolerance By Rosalyn Page 03 Sep 202410 mins CSO and CISORisk Management news North Korean hackers actively exploited a critical Chromium zero-day By Shweta Sharma 02 Sep 20243 mins Zero-day vulnerability feature Ransomware recovery: 8 steps to successfully restore from backup By Maria Korolov 02 Sep 202417 mins RansomwareMalwareBackup and Recovery podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins RansomwareZero TrustCloud Security video CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO video Cybersecurity Insights for Tech Leaders: Addressing Dynamic Threats and AI Risks with Resilience 10 Jul 202424 mins CSO and CISO