Don't pull data from an operational technology network: OT networks should push data out. Segment critical OT networks. Don't introduce cybersecurity systems into an OT network unless administrators can guarantee they won't hinder a restart after a complete loss of electricity.
Dragos' acquisition of Network Perception will enrich its real-time network monitoring with robust visualization and configuration analysis tools. This transaction aims to bolster the security of operational technology networks and support customers in building more defensible architectures.
Industrial control systems made by different manufacturers for monitoring fuel storage tanks including those used in everyday gas stations contain critical zero-days that could convert them into targets for cyberattacks that cause physical damage.
A severe vulnerability in Rockwell Automation software used to configure programmable logic controllers could allow attackers to remotely execute malicious code. The vulnerability is rated 8.8 on the CVSS v4 scale. The U.S. Cybersecurity and Infrastructure Security Agency advised immediate patching.
Preparing healthcare organizations to respond to and rebound from a disruptive ransomware attack is akin to implementing a "12-step program," said Dr. Eric Liederman, CEO of consultancy CyberSolutionsMD and recently retired long-serving director of medical informatics at Kaiser Permanente.
Excessive deployment of remote access tools in operational technology environments expands attack surfaces and creates operational challenges, warn security researchers from Claroty. Remote access tools are essential, but they introduce numerous potential vulnerabilities that threat actors exploit.
Critical infrastructure encompasses the essential services and assets vital to the functioning of society and the economy. Specializing in security in this field requires a deep understanding of the challenges and threats facing sectors such as energy, transportation, healthcare and water systems.
An artificial intelligence-fueled growth in data center construction has the federal government asking what it should do to help manage data security risks. The NTIA is interested in identifying opportunities "to improve data centers’ market development, supply chain resilience, and data security."
Centralized architecture in the automotive industry streamlines cybersecurity and supply chain operations by reducing hardware components and enabling quicker fixes. But that centralization also poses major cybersecurity challenges, said Thomas Sermpinis, technical director at Auxilium Pentest Labs.
Piotr Ciepiela, EMEIA cybersecurity leader at EY, discusses the challenges of securing OT systems and contrasts them with IT SOC environments. He emphasizes the need for specialized tools, dedicated personnel and strong collaboration with engineering teams to manage OT SOC operations.
As threats to industrial environments rise, the digitalization of electric utilities, oil & gas, and manufacturing networks have blurred IT and OT boundaries, expanding the attack surface. Threat groups like VOLTZITE (overlaps with Volt Typhoon/Vanguard Panda) exploit this by pivoting through the IT networks and...
As concerns grow about China's cyberthreat to U.S. critical infrastructure, Scythe founder and CEO Bryson Bort suggests the actual risk may not be as severe as feared. He explains the factors that might limit China's cyber activities and the real strategic vulnerabilities that could be targeted.
Aftin Ross, deputy director of the Office of Readiness and Response at FDA's Center for Devices and Radiological Health, discusses the latest medical device cybersecurity regulations, industry collaboration and manufacturers' efforts to address vulnerabilities and ensure patient safety.
Cyber threats against the U.S. water sector are growing but the main federal regulatory agency that oversees it may be stymied by a lack of cooperation from sector operators, concludes a Government Accountability Office report. Attacks against the water sector have mounted steadily.
A vulnerability in Rockwell Automation's ControlLogix 1756 devices allows attackers to bypass a critical security feature, turning the trusted slot mechanism into a hacker's secret passageway to jump between slots and gain access to industrial control systems.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.