Articles

Recent articles

The European Union Agency for Cybersecurity (ENISA)'s NIS360 report identifies gaps in the current state of NIS2 compliance readiness and provides recommendations to lawmakers and affected industry verticals on what they need to do to become NIS2 compliant.
Cyber Resilience
Healthcare
Industrial
Operational Resilience
Operational Technology
Zero Trust

ENISA Attempts to Move NIS2 Forward with NIS360 Findings

George V. Hulme
Reactive cybersecurity programs are destined for a fate similar to the story of the boiling frog, one that doesn’t know it’s in trouble until it’s too late. Proactive and predictive approaches to cybersecurity are a must because they act as early warning systems that alert organizations before disaster strikes.
Risk Management
Industrial
Healthcare

‘The Boiled Frog’: A Cybersecurity Lesson for Organizations

Francesco Terlizzi
A diversified operational technology (OT) cybersecurity monitoring platform plays a key role in strengthening the protection of cyber-physical systems by providing clear visibility, real-time threat detection, and proactive risk mitigation. By integrating multiple monitoring tools and technologies, organizations can build a layered security approach that minimizes vulnerabilities, improves response times, and keeps critical systems resilient against cyber threats.
Operational Resilience
Operational Technology
Federal

Diversified Monitoring Essential to a Strong OT Cybersecurity Foundation

John Ballentine
Enterprises often are blind to the use of open source software in commercial and homegrown software development. Vulnerabilities and other weaknesses in OSS deployments are significant exposures that must be managed and mitigated.
Vulnerability Management
Risk Management
Technical Debt

Visibility, Governance Key to Managing Open Source Risk

George V. Hulme
Building management or automation systems are increasingly being connected online. Each connection to the internet introduces a new risk. Attackers looking for an entry point onto an internal network or to disrupt operations within a building could target a vulnerability in an internet-facing system and put the physical safety of occupants—or patients at a hospital, for example—at risk.
Vulnerability Management
Risk Management
Operational Resilience
Operational Technology

Reducing the Cybersecurity Risks of Connected BMS

Alessio Rosas
Identifying and classifying the riskiest devices in operational technology (OT)-heavy environments is crucial for maintaining operational integrity and security. Expert Dan Ricci provides an extensive checklist for doing so that includes internal stakeholders and technical advice.
Industrial
Operational Technology
Vulnerability Management
Risk Management

Identifying, Classifying Riskiest Devices in OT-Heavy Environments

Dan Ricci
EU software and IoT device manufacturers must begin their efforts to come into compliance with the EU's Cyber Resilience Act (CRA). The CRA aims to protect consumers and businesses buying software or hardware products with a digital component from vulnerabilities and improve secure software development practices.
Cyber Resilience
Operational Resilience
Industrial
Healthcare
Risk Management

Software Security is Aim of EU Cyber Resilience Act Compliance

George V. Hulme
As shop floors and factories get smarter, there is an unprecedented surge in, and demand for, remote access to manufacturing systems. Former Pfizer global head of automation engineering Jim LaBonty writes for Claroty Nexus about the need to secure remote access to manufacturing environments to reduce risk and improve efficiency.
Cyber Resilience
Operational Technology
Zero Trust

Secure Remote Access for Smart Factory Environments

Jim LaBonty
Former NSA Director Adm. Michael S. Rogers shares three priorities the Trump Administration should pursue with regard to cybersecurity and critical infrastructure protection. Those include resuming the Cybersecurity Review Board, urging enterprises to focus on basic security hygiene, and exert its influence on vendors to secure their products.
Cyber Resilience
Risk Management
Industrial
Healthcare

3 Cybersecurity Priorities for the New Administration

ADM. Michael S. Rogers, USN (Ret.)
Exploitable cybersecurity vulnerabilities in Contec's CMS8000 patient monitors may be an insecure design choice rather than a backdoor as labeled by CISA. But regardless, the risk of leaked patients' protected health information (PHI) and remote code execution remains a real possibility.
Healthcare
Risk Management
Vulnerability Management
Cyber Resilience

Insecure Design Choice Puts Patient Safety, Data at Risk

George V. Hulme
Exploitable cybersecurity vulnerabilities in Contec's CMS8000 patient monitors may be an insecure design choice rather than a backdoor as labeled by CISA. But regardless, the risk of leaked patients' protected health information (PHI) and remote code execution remains a real possibility.
Risk Management
Operational Resilience
Cyber Resilience

Outgoing Biden EO Takes Aim at Improved Software Security

George V. Hulme
IT cybersecurity team members bring a fresh set of experience and perspective to the protection of cyber-physical systems and industrial and automation control system production environments.
Industrial
Operational Technology
Cyber Resilience

Accelerating IACS/OT Cybersecurity Improvements

Don C. Weber
Latest on Nexus Podcast