See All Nexus 2024 Sessions
Claroty Nexus Logo
Topics:
See all in Cyber Resilience See all in Articles
See all in Videos
See all in Podcasts

Starting, Succeeding in Securing OT

Mike Holcomb joins the Nexus Podcast explains the fundamentals of protecting OT and cyber-physical systems for IT security teams new to OT.

Listen to this episode
nexus_holcomb-pod-cover.jpg
A diversified operational technology (OT) cybersecurity monitoring platform plays a key role in strengthening the protection of cyber-physical systems by providing clear visibility, real-time threat detection, and proactive risk mitigation. By integrating multiple monitoring tools and technologies, organizations can build a layered security approach that minimizes vulnerabilities, improves response times, and keeps critical systems resilient against cyber threats.
Operational Resilience
Operational Technology
Federal

Diversified Monitoring Essential to a Strong OT Cybersecurity Foundation

John Ballentine
/
Mar 17, 2025
Reactive cybersecurity programs are destined for a fate similar to the story of the boiling frog, one that doesn’t know it’s in trouble until it’s too late. Proactive and predictive approaches to cybersecurity are a must because they act as early warning systems that alert organizations before disaster strikes.
Risk Management
Industrial
Healthcare

‘The Boiled Frog’: A Cybersecurity Lesson for Organizations

Francesco Terlizzi
/
Mar 19, 2025
Building management or automation systems are increasingly being connected online. Each connection to the internet introduces a new risk. Attackers looking for an entry point onto an internal network or to disrupt operations within a building could target a vulnerability in an internet-facing system and put the physical safety of occupants—or patients at a hospital, for example—at risk.
Vulnerability Management
Risk Management
Operational Resilience
Operational Technology

Reducing the Cybersecurity Risks of Connected BMS

Alessio Rosas
/
Mar 10, 2025
The European Union Agency for Cybersecurity (ENISA)'s NIS360 report identifies gaps in the current state of NIS2 compliance readiness and provides recommendations to lawmakers and affected industry verticals on what they need to do to become NIS2 compliant.
Cyber Resilience
Healthcare
Industrial
Operational Resilience
Operational Technology
Zero Trust

ENISA Attempts to Move NIS2 Forward with NIS360 Findings

George V. Hulme
/
Mar 20, 2025

Most Popular

See all
Brian Foster, senior advisor for grid security at Southern California Edison, joins the Nexus Podcast to discuss his presentation delivered at the S4 Conference on the risks of a hyperconnected grid. Adding a Wi-Fi connection to vulnerable smart meters that are enrolled by customers on a massive scale may allow attackers able to compromise centralized command and control of these devices to issue commands at scale that could result in catastrophic damage.
Industrial
Internet of Things
Operational Technology
Cyber Resilience

Nexus Podcast: Brian Foster on the Risks of a Hyperconnected Power Grid

Michael Mimoso
Ron Fabela joins the Nexus podcast to discuss his research into low-skilled threat actors targeting operational technology and industrial control systems. Many of these groups operate as hacktivists and carry out less sophisticated defacements and intrusions. While less of a risk, these incidents are still a drain on human resources required to investigate them and decided on mitigation strategies.
Industrial
Vulnerability Management
Risk Management
Operational Technology

Nexus Podcast: Ron Fabela on Low-Skilled OT/ICS Threat Actors

Michael Mimoso
On the latest episode of the Claroty Nexus Podcast, Munish Walther-Puri, adjunct professor at the Center Global Affairs at New York University, describes a homegrown scale OT cybersecurity incidents called the Infrastructure Cyber Incident Scale, which takes into account an incident's magnitude, intensity, and duration.
Industrial
Operational Resilience
Operational Technology
Risk Management

Nexus Podcast: Munish Walther-Puri on Developing a Scale for OT Cybersecurity Incidents

Michael Mimoso
On this episode of the Nexus Podcast, Team82 researcher Noam Moshe provides some technical details on the IOCONTROL malware, a Linux-based backdoor used to infect critical infrastructure around the world. IOCONTROL has a modular architecture that allows it to be configured for IoT, OT, and SCADA devices.
Internet of Things
Operational Technology

Nexus Podcast: Noam Moshe on the IOCONTROL Malware

Michael Mimoso

Featured Topics

Read more about the topics prioritized by security leaders responsible for cyber-physical systems protection.
Explore more
Risk Management
Nexus Podcast: Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity Standard ‘The Boiled Frog’: A Cybersecurity Lesson for Organizations Visibility, Governance Key to Managing Open Source Risk Reducing the Cybersecurity Risks of Connected BMS
Cyber Resilience
Nexus Podcast: Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity Standard ENISA Attempts to Move NIS2 Forward with NIS360 Findings Software Security is Aim of EU Cyber Resilience Act Compliance Nexus Podcast: Brian Foster on the Risks of a Hyperconnected Power Grid
Healthcare
Nexus Podcast: Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity Standard ENISA Attempts to Move NIS2 Forward with NIS360 Findings ‘The Boiled Frog’: A Cybersecurity Lesson for Organizations Software Security is Aim of EU Cyber Resilience Act Compliance
Industrial
Nexus Podcast: Mike Holcomb on Starting and Succeeding in OT Cybersecurity ENISA Attempts to Move NIS2 Forward with NIS360 Findings ‘The Boiled Frog’: A Cybersecurity Lesson for Organizations Nexus Podcast: Ron Fabela on Low-Skilled OT/ICS Threat Actors
Vulnerability Management
Nexus Podcast: Mike Holcomb on Starting and Succeeding in OT Cybersecurity Visibility, Governance Key to Managing Open Source Risk Reducing the Cybersecurity Risks of Connected BMS Nexus Podcast: Ron Fabela on Low-Skilled OT/ICS Threat Actors

Latest in

florence-hudson-picture_edit.jpg
Healthcare
Internet of Things
Risk Management
Cyber Resilience

Nexus Podcast: Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity Standard

Michael Mimoso
On this episode of the Claroty Nexus Podcast, Mike Holcomb, global lead for ICS and OT cybersecurity at engineering and construction solution provider Fluor, discusses his advocacy and efforts to educate engineers and IT cybersecurity professionals in the nuances of protecting operational technology and industrial control systems.
Operational Technology
Operational Resilience
Vulnerability Management
Industrial

Nexus Podcast: Mike Holcomb on Starting and Succeeding in OT Cybersecurity

Michael Mimoso
The European Union Agency for Cybersecurity (ENISA)'s NIS360 report identifies gaps in the current state of NIS2 compliance readiness and provides recommendations to lawmakers and affected industry verticals on what they need to do to become NIS2 compliant.
Cyber Resilience
Healthcare
Industrial
Operational Resilience
Operational Technology
Zero Trust

ENISA Attempts to Move NIS2 Forward with NIS360 Findings

George V. Hulme
Reactive cybersecurity programs are destined for a fate similar to the story of the boiling frog, one that doesn’t know it’s in trouble until it’s too late. Proactive and predictive approaches to cybersecurity are a must because they act as early warning systems that alert organizations before disaster strikes.
Risk Management
Industrial
Healthcare

‘The Boiled Frog’: A Cybersecurity Lesson for Organizations

Francesco Terlizzi
A diversified operational technology (OT) cybersecurity monitoring platform plays a key role in strengthening the protection of cyber-physical systems by providing clear visibility, real-time threat detection, and proactive risk mitigation. By integrating multiple monitoring tools and technologies, organizations can build a layered security approach that minimizes vulnerabilities, improves response times, and keeps critical systems resilient against cyber threats.
Operational Resilience
Operational Technology
Federal

Diversified Monitoring Essential to a Strong OT Cybersecurity Foundation

John Ballentine
Enterprises often are blind to the use of open source software in commercial and homegrown software development. Vulnerabilities and other weaknesses in OSS deployments are significant exposures that must be managed and mitigated.
Vulnerability Management
Risk Management
Technical Debt

Visibility, Governance Key to Managing Open Source Risk

George V. Hulme
Building management or automation systems are increasingly being connected online. Each connection to the internet introduces a new risk. Attackers looking for an entry point onto an internal network or to disrupt operations within a building could target a vulnerability in an internet-facing system and put the physical safety of occupants—or patients at a hospital, for example—at risk.
Vulnerability Management
Risk Management
Operational Resilience
Operational Technology

Reducing the Cybersecurity Risks of Connected BMS

Alessio Rosas
Ron Fabela joins the Nexus podcast to discuss his research into low-skilled threat actors targeting operational technology and industrial control systems. Many of these groups operate as hacktivists and carry out less sophisticated defacements and intrusions. While less of a risk, these incidents are still a drain on human resources required to investigate them and decided on mitigation strategies.
Industrial
Vulnerability Management
Risk Management
Operational Technology

Nexus Podcast: Ron Fabela on Low-Skilled OT/ICS Threat Actors

Michael Mimoso
Identifying and classifying the riskiest devices in operational technology (OT)-heavy environments is crucial for maintaining operational integrity and security. Expert Dan Ricci provides an extensive checklist for doing so that includes internal stakeholders and technical advice.
Industrial
Operational Technology
Vulnerability Management
Risk Management

Identifying, Classifying Riskiest Devices in OT-Heavy Environments

Dan Ricci