Apply Now to Attend Nexus Conference 2025
Claroty Nexus Logo
Topics:
See all in Cyber Resilience See all in Articles
See all in Videos
See all in Podcasts

CISA '15 Expiration Date at Hand

Megan Stifel of the Institute for Security and Technology urges Congress to reauthorize the Cybersecurity Information Sharing Act of 2015 to protect not only critical infrastructure, but also ensure continuing innovation.

Read more
Claroty Nexus contributor Megan Stifel, Chief Strategy Officer of the Institute for Security and Technology, writes about the upcoming expiration of the Cybersecurity Information Sharing Act of 2015 (CISA '15). She urges Congress to reauthorize CISA '15 because failing to do so will put national security and personal privacy at risk, and threaten innovation.
Experts weigh in on the recent Cybersecurity and Infrastructure Security Agency (CISA) guidance aimed at addressing the risks associated with the convergence of OT/IT in modern industrial organizations. CISA recommends enhanced asset inventories and taxonomies as foundational cybersecurity pieces of an OT security program.
Operational Technology
Vulnerability Management
Risk Management

Asset Management Key to Mitigating OT/IT Convergence Cybersecurity Risks

George V. Hulme
/
Sep 2, 2025
Rural hospital leaders are scrutinizing every budget dollar and have to find a way to balance patient care and safety with defending against digital cybersecurity threats.
Healthcare
Cyber Resilience
Risk Management

As Medicaid Cuts Take Hold, Rural Healthcare Cybersecurity Hangs by a Thread

George V. Hulme
/
Aug 26, 2025
The convergence of IT and OT systems, primarily driven by the deployment of IIoT (industrial Internet of Things), cloud computing, and the need for remote monitoring, has fundamentally altered the OT architecture that the Purdue Model was initially designed to help manage.
Zero Trust
Risk Management
Operational Resilience
Operational Technology

Is It Time to Rethink the Purdue Model?

George V. Hulme
/
Jul 28, 2025
Threat intelligence for operational technology environments differs from traditional IT threat intelligence. OT threat intelligence requires contextual, situational awareness that identifies vulnerabilities and anomalies, and also which assets, and in what part of the process, are exposed. It must also note what the safety and operational consequences would be if exploited. This context enables security teams to prioritize risk mitigation according to real-world impact rather than theoretical severity.
Vulnerability Management
Risk Management
Operational Technology
Operational Resilience
Cyber Resilience

Why Traditional Threat Intelligence Falls Short For Operational Technology

George V. Hulme
/
Aug 13, 2025

Trending in Cyber

Explore now
Pankaj Goyal, Chief Operating Officer of Safe Security, joins the Nexus Podcast to discuss the nuances of protecting OT environments, and how cyber insurance must adapt as OT and cyber-physical systems are connected online and increasingly exposed to attackers.
Cybersecurity Insurance
Risk Management

Nexus Podcast: Pankaj Goyal on Cyber Insurance for OT Environments

Michael Mimoso
On this episode of the Nexus Podcast, Vivek Ponneda, SVP Growth & Strategy at Frenos, discusses the maturity and evolution of OT security as a practice, and advises that organizations need to leverage these data-rich environments in order to bring necessary context to threat and risk management efforts

Nexus Podcast: Vivek Ponnada on the Need for Context in OT Security

Michael Mimoso
Trend Micro Senior Threat Researcher Salvatore Gariuolo joined the Nexus Podcast, calling int question whether the ISO 15188 standard is sufficient enough to protect EV charging—the cybersecurity of charging stations in particular.
Internet of Things
Vulnerability Management
Risk Management

Nexus Podcast: Salvatore Gariuolo on ISO 15118, Safe EV Charging

Michael Mimoso
Rui Adaite, Managing Security Consultant at GuidePoint Security, joined the Nexus Podcast recently to discuss the nuances of ransomware negotiations, how negotiations work, and the ins and outs of interacting with ransomware gangs.
Ransomware
Cyber Resilience
Industrial
Healthcare

Nexus Podcast: Rui Ataide on Ransomware Negotiations and Recovery

Michael Mimoso

Essential Topics (for Security Leaders)

Discover expert insights on Risk Management, Cyber Resilience, Vulnerability Management, and more. Learn how top security leaders safeguard critical cyber-physical systems.
Explore more
Risk Management
Nexus Podcast: Bob Maley on Critical Infrastructure Resource Challenges Reauthorization of CISA ’15: 10 Years Later, New Threats, Exigent Urgency Nexus Podcast: Pankaj Goyal on Cyber Insurance for OT Environments Asset Management Key to Mitigating OT/IT Convergence Cybersecurity Risks
Cyber Resilience
Nexus Podcast: Bob Maley on Critical Infrastructure Resource Challenges Reauthorization of CISA ’15: 10 Years Later, New Threats, Exigent Urgency Nexus Podcast: Rui Ataide on Ransomware Negotiations and Recovery As Medicaid Cuts Take Hold, Rural Healthcare Cybersecurity Hangs by a Thread
Healthcare
Nexus Podcast: Bob Maley on Critical Infrastructure Resource Challenges Reauthorization of CISA ’15: 10 Years Later, New Threats, Exigent Urgency Nexus Podcast: Rui Ataide on Ransomware Negotiations and Recovery As Medicaid Cuts Take Hold, Rural Healthcare Cybersecurity Hangs by a Thread
Industrial
Nexus Podcast: Bob Maley on Critical Infrastructure Resource Challenges Reauthorization of CISA ’15: 10 Years Later, New Threats, Exigent Urgency Nexus Podcast: Rui Ataide on Ransomware Negotiations and Recovery The Economics of OT Cybersecurity: Are We Investing in the Wrong Priorities?
Vulnerability Management
Asset Management Key to Mitigating OT/IT Convergence Cybersecurity Risks Nexus Podcast: Salvatore Gariuolo on ISO 15118, Safe EV Charging Why Traditional Threat Intelligence Falls Short For Operational Technology Panel: Nation-States Leveraging CPS to Damage Confidence in Resilience, Response

Latest Insights in

On the Nexus Podcast, former Commonwealth of Pennsylvania CISO and current Black Kite CSO Bob Maley discussed the resource challenges facing not only critical infrastructure asset owners and operators, but also how those challenges are impacting risk-management efforts in critical industries.
Risk Management
Technical Debt
Cyber Resilience
Healthcare
Industrial
Internet of Things

Nexus Podcast: Bob Maley on Critical Infrastructure Resource Challenges

Michael Mimoso
Claroty Nexus contributor Megan Stifel, Chief Strategy Officer of the Institute for Security and Technology, writes about the upcoming expiration of the Cybersecurity Information Sharing Act of 2015 (CISA '15). She urges Congress to reauthorize CISA '15 because failing to do so will put national security and personal privacy at risk, and threaten innovation.
Risk Management
Cyber Resilience
Healthcare
Industrial

Reauthorization of CISA ’15: 10 Years Later, New Threats, Exigent Urgency

Megan Stifel
Pankaj Goyal, Chief Operating Officer of Safe Security, joins the Nexus Podcast to discuss the nuances of protecting OT environments, and how cyber insurance must adapt as OT and cyber-physical systems are connected online and increasingly exposed to attackers.
Cybersecurity Insurance
Risk Management

Nexus Podcast: Pankaj Goyal on Cyber Insurance for OT Environments

Michael Mimoso
Experts weigh in on the recent Cybersecurity and Infrastructure Security Agency (CISA) guidance aimed at addressing the risks associated with the convergence of OT/IT in modern industrial organizations. CISA recommends enhanced asset inventories and taxonomies as foundational cybersecurity pieces of an OT security program.
Operational Technology
Vulnerability Management
Risk Management

Asset Management Key to Mitigating OT/IT Convergence Cybersecurity Risks

George V. Hulme
Rui Adaite, Managing Security Consultant at GuidePoint Security, joined the Nexus Podcast recently to discuss the nuances of ransomware negotiations, how negotiations work, and the ins and outs of interacting with ransomware gangs.
Ransomware
Cyber Resilience
Industrial
Healthcare

Nexus Podcast: Rui Ataide on Ransomware Negotiations and Recovery

Michael Mimoso
Rural hospital leaders are scrutinizing every budget dollar and have to find a way to balance patient care and safety with defending against digital cybersecurity threats.
Healthcare
Cyber Resilience
Risk Management

As Medicaid Cuts Take Hold, Rural Healthcare Cybersecurity Hangs by a Thread

George V. Hulme
Trend Micro Senior Threat Researcher Salvatore Gariuolo joined the Nexus Podcast, calling int question whether the ISO 15188 standard is sufficient enough to protect EV charging—the cybersecurity of charging stations in particular.
Internet of Things
Vulnerability Management
Risk Management

Nexus Podcast: Salvatore Gariuolo on ISO 15118, Safe EV Charging

Michael Mimoso
Threat intelligence for operational technology environments differs from traditional IT threat intelligence. OT threat intelligence requires contextual, situational awareness that identifies vulnerabilities and anomalies, and also which assets, and in what part of the process, are exposed. It must also note what the safety and operational consequences would be if exploited. This context enables security teams to prioritize risk mitigation according to real-world impact rather than theoretical severity.
Vulnerability Management
Risk Management
Operational Technology
Operational Resilience
Cyber Resilience

Why Traditional Threat Intelligence Falls Short For Operational Technology

George V. Hulme
black-hat-media-panel-1.jpeg
Cyber Resilience
Operational Resilience
Vulnerability Management
Risk Management

Panel: Nation-States Leveraging CPS to Damage Confidence in Resilience, Response

Michael Mimoso