See All Nexus 2024 Sessions
Claroty Nexus Logo
Topics:
See all in Cyber Resilience See all in Articles
See all in Videos
See all in Podcasts

Articles

Recent articles

nexus_devops-geo.jpg
Operational Technology

Does DevOps have a place in OT/ICS Development?

George V. Hulme
nexus_cranes-hulme.jpg
Cyber Resilience
Risk Management
Industrial

US Government Expands Tech Restrictions to Safeguard Critical Infrastructure

George V. Hulme
nexus_sign.jpg
Cyber Resilience
Healthcare
Industrial
Operational Technology
Risk Management

CPS Security Leaders Convene on One Goal: Protect Mission-Critical Infrastructure

Upa Campbell
nexus_eu-flag-hulme-update.jpg
Risk Management

NIS2 Directive Must Be More Than a Compliance Exercise

George V. Hulme
nexus_sbom-practical.jpg
Vulnerability Management
Risk Management

Putting SBOMs to Practical Use

George V. Hulme
Mike Ratliff, AVP Security Engineering and Operations at Providence, writes about five steps healthcare delivery organizations should take to mitigate the risk of ransomware and extortion-based attacks.
Ransomware
Healthcare
Cyber Resilience

5 Things Hospitals Can Do to Mitigate Threats of Ransomware

Mike Ratliff
Healthcare delivery organizations using open-source software experience a balance of development advantages and security tradeoffs. Visibility, oversight, and tracking the use of OSS is critical to reducing risks it introduces. SBOMs, meanwhile, can be an advantage, in particular with regard to vulnerability management.
Cyber Resilience
Healthcare
Vulnerability Management
Risk Management

Understanding the Risks of Open Source Software in Healthcare

George V. Hulme
In OT and ICS cybersecurity, living off the land (LOTL) techniques refer to the practice of attackers using the existing tools and processes in a target system to carry out their malicious activities. This approach is particularly dangerous because it allows the attacker to blend in with everyday activities, making detection significantly more challenging.
Operational Technology
Cyber Resilience
Industrial

How Living-Off-The-Land Techniques Impact OT and ICS

Dan Ricci
CISOs remain at risk for potential securities fraud charges as public ‘security statements’ can still be used against them despite a New York judge's ruling that all but ended the SEC's case against SolarWinds and its CISO Tim Brown.
Risk Management

Judge Dismisses Most of SEC Case vs. SolarWinds; CISOs Must Remain Wary

George V. Hulme
If we are indeed at the full outset of Industry 4.0, the fourth industrial revolution, initiatives such as smart manufacturing will not truly succeed without keen awareness of new cybersecurity risks introduced by IT/OT connectivity and advanced technologies.
Cyber Resilience
Internet of Things
Operational Resilience
Operational Technology

Smart Manufacturing Requires Proactive Cybersecurity

Jim LaBonty
On Nexus, former NSA Director Adm. Michael Rogers writes about the current legislative and personal liability changes that are impacting the CISO office. But Rogers urges security leaders to view these times as an opportunity to refine their business acumen and ensure cybersecurity is a priority across the enterprise.
Risk Management
Operational Resilience
Cyber Resilience

CISO Unrest is an Opportunity

ADM. Michael S. Rogers, USN (Ret.)
Increased investments in digital transformation are expanding operational technology (OT) attack surfaces. Organizations requiring enhanced remote access to industrial control systems and other OT devices must adequately secure them.

Hardening Remote Access a Must for OT

George V. Hulme

Latest on Nexus Podcast

See all episodes
The Nexus podcast features conversations with security leaders, researchers, and experts sharing their expertise on cyber-physical systems security.
In this episode of the Nexus Podcast, Alethe Denis, a senior security consultant at Bishop Fox, joins to discuss the ongoing effectiveness of open-source intelligence analysis and social engineering tactics as a precursor to larger intrusions against critical infrastructure.
Cyber Resilience
Healthcare
Industrial
Risk Management

Nexus Podcast: Alethe Denis on Social Engineering, Red-Teaming
On this episode of the Nexus Podcast, Alon Dankner of the Technion Institute in Israel explains his research into the Siemens S7 protocol and PLCs. A vulnerability uncovered during research allows an attacker to expose and steal private cryptographic keys by leveraging a severe vulnerability and configuration error.
Operational Technology

Nexus Podcast: Alon Dankner on Extracting Private Crypto Keys from PLCs
In this episode of the Nexus Podcast, Claroty Team82 researcher Noam Moshe explains the challenges involved in gathering attack forensic artifacts from OT devices, in this case, Unitronics PLCs that were exploited in 2023 in attacks against water facilities in the U.S. and Israel.
Operational Technology
Industrial

Nexus Podcast: Noam Moshe on Extracting Forensic Data from Unitronics PLCs