See All Nexus 2024 Sessions

Topics:

Cyber Resilience

Operational Technology

Operational Resilience

Risk Management

Five Trends Driving OT Cybersecurity in 2025

George V. Hulme

Cyber Resilience

Operational Technology

Operational Resilience

Vulnerability Management

Nexus Reflections and Predictions: John Ballentine

John Ballentine

Cyber Resilience

Operational Resilience

Risk Management

Vulnerability Management

Nexus Reflections and Predictions: Adm. Michael Rogers

ADM. Michael S. Rogers, USN (Ret.)

See all in Cyber Resilience See all in Articles

A New Jersey appeals court agreed with an earlier court’s decision that cybersecurity insurance providers could not deny ransomware coverage under a so-called “war exclusion” for a cybersecurity incident Merck & Co. claimed caused $1.4 billion in losses.

Cybersecurity Insurance

Merck Ransomware Insurance Ruling Helps Clear Fog of Cyberwar

George V. Hulme

Avoid these seven pitfalls when seeking cybersecurity liability insurance; ensure you understand policy terms and conditions, conduct due diligence, and involve the proper stakeholders, among other things.

Cybersecurity Insurance

Cybersecurity Liability Insurance Pitfalls to Avoid

George V. Hulme

Navigating cybersecurity insurance in a recession requires diligence about systemic cybersecurity risks that can cause premiums to rise or insurers to consider an organization uninsurable.

Cybersecurity Insurance

Risk Management

Navigating Cyber Insurance in a Recession

George V. Hulme

See all in Cybersecurity Insurance See all in Articles

Cyber Resilience

Risk Management

Blunting the Risks of Private-Sector Ownership of CI

ADM. Michael S. Rogers, USN (Ret.)

The “Report to the President: Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World,” reaffirms that cyber-resilience-by-design should be the standard and urges a coalition of government leaders and private sector critical infrastructure asset owners and operators to refocus their energies to build resilient cyber-physical systems (CPS) that are designed to withstand attack.

Cyber Resilience

Risk Management

Applauding A Codified Strategy for CPS Resilience

See all in Federal See all in Articles

Cyberattacks against the food and beverage industry are opportunistic and leverage the growth in digitization to exploit previously unmanaged vulnerabilities to disrupt operations.

Food & Beverage

On the Menu: Cybersecurity Risks in the Food and Beverage Industry

George V. Hulme

See all in Food & Beverage See all in Articles

The U.S. Department of Health and Human Services (HHS) hopes to strengthen the security of electronic protected health information (ePHI) with the most significant proposed update to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule in more than a decade.

Risk Management

HIPAA Security Rule Update Aims to Strengthen Medical Device, Data Protections

George V. Hulme

ASL Roma 1's implementation of an advanced security operation center called HyperSOC allows it to convert its cybersecurity approach from reactive to proactive, ensuring effective management of cyber threats. The adoption of this safeguard has led to a significant reduction in security incidents, despite the growing number of attacks at national and European level, because of the continuous monitoring of the attack surface of the infrastructure, which guarantees a higher level of security than other peers in the sector.

Cyber Resilience

Risk Management

ASL Roma 1 HyperSOC Approach Secures Patient Safety, Operational Efficiency

Stefano Scaramuzzino

In an increasingly interconnected and constantly evolving healthcare environment, there are numerous cybersecurity challenges that hospitals must face to guarantee patients high-quality health services, avoid interruptions in supply, optimize the use of devices, and effectively manage cyber risks. These challenges require the use of cutting-edge technologies and real-time availability of diverse data and information.

Risk Management

Cyber Resilience

A Predictive, Proactive Approach to the Governance of Medical Devices

Stefano Scaramuzzino

See all in Healthcare See all in Articles

Risk managers—especially C-suite and boards of directors—looking to establish a culture of OT cyber awareness and risk remediation proactivity in their organizations need to establish a formal and measurable program approach. The program must provide a shared vision and a practical roadmap that makes sense because it relates to many of the unique characteristics of their organization, OT environment, business model, and risk appetite.

Risk Management

Lessons Learned from Creating an OT Cybersecurity Program in a Large, Slow-Moving Government Agency

John Ballentine

An OIG report critical of the water and wastewater industry's cybersecurity practices and posture illuminates endemic security issues within this critical infrastructure sector, from unpatched vulnerabilities to a lack of sharing of incident data.

Cyber Resilience

Vulnerability Management

Risk Management

Water, Wastewater Cybersecurity Still Has Long Way to Go

George V. Hulme

Securing connectivity in operational technology (OT) environments is crucial for the safety of critical infrastructure and maintaining the uninterrupted service it provides. Leaving unnecessary open ports, protocols, and services exposed, along with directly connected devices to the internet, such as programmable logic controllers (PLCs) and human machine interfaces (HMIs), greatly increases the risks of cyberattacks.

Operational Technology

Risk Management

Explaining the Importance of Secure Connectivity in OT

See all in Industrial See all in Articles

If we are indeed at the full outset of Industry 4.0, the fourth industrial revolution, initiatives such as smart manufacturing will not truly succeed without keen awareness of new cybersecurity risks introduced by IT/OT connectivity and advanced technologies.

Cyber Resilience

Internet of Things

Operational Resilience

Operational Technology

Smart Manufacturing Requires Proactive Cybersecurity

See all in Internet of Things See all in Articles

Cyber Resilience

Operational Technology

Operational Resilience

Risk Management

Five Trends Driving OT Cybersecurity in 2025

George V. Hulme

Cyber Resilience

Operational Technology

Operational Resilience

Vulnerability Management

Nexus Reflections and Predictions: John Ballentine

John Ballentine

Cyber Resilience

Operational Resilience

Risk Management

Vulnerability Management

Nexus Reflections and Predictions: Adm. Michael Rogers

ADM. Michael S. Rogers, USN (Ret.)

See all in Operational Resilience See all in Articles

Cyber Resilience

Operational Technology

Operational Resilience

Risk Management

Five Trends Driving OT Cybersecurity in 2025

George V. Hulme

Cyber Resilience

Operational Technology

Operational Resilience

Vulnerability Management

Nexus Reflections and Predictions: John Ballentine

John Ballentine

Operational Technology

Cyber Resilience

Operational Resilience

Vulnerability Management

Nexus Reflections and Predictions: Dan Ricci

See all in Operational Technology See all in Articles

The HHS Office for Civil Rights proposes substantial rule changes to the long-standing Health Insurance Portability and Accountability Act (HIPAA) Security Rule. While details on the proposed rule changes remain unclear, HHS plans to issue a Notice of Proposed Rulemaking (NPRM) by the end of the year. These changes are believed to be the most substantial changes since the HIPAA Security rule went into effect in 2003

Significant Changes to HIPAA Security Rule on the Way

George V. Hulme

Mike Ratliff, AVP Security Engineering and Operations at Providence, writes about five steps healthcare delivery organizations should take to mitigate the risk of ransomware and extortion-based attacks.

Cyber Resilience

5 Things Hospitals Can Do to Mitigate Threats of Ransomware

Resilience, Recovery Strategies to Combat Ransomware and Extortion

ADM. Michael S. Rogers, USN (Ret.)

See all in Ransomware See all in Articles

The U.S. Department of Health and Human Services (HHS) hopes to strengthen the security of electronic protected health information (ePHI) with the most significant proposed update to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule in more than a decade.

Risk Management

HIPAA Security Rule Update Aims to Strengthen Medical Device, Data Protections

George V. Hulme

Cyber Resilience

Operational Technology

Operational Resilience

Risk Management

Five Trends Driving OT Cybersecurity in 2025

George V. Hulme

Risk Management

The Anti-Library: How Unread Books Can Be the Secret Weapon Against Hackers

Francesco Terlizzi

See all in Risk Management See all in Articles

Technical debt in OT leads to increased operations costs as teams fight to maintain outdated systems, and security teams struggle to keep those same systems secure, often through compensating controls.

Operational Technology

Getting Strategic Against Technical Debt in OT

George V. Hulme

Technical debt broadly refers to having old technology in place that causes problems later on, such as increased maintenance, lower productivity, and software or system reliability.

Operational Technology

Technical Debt in OT Environments: How It's Different and Why it Matters

George V. Hulme

See all in Technical Debt See all in Articles

Cyber Resilience

Operational Technology

Operational Resilience

Vulnerability Management

Nexus Reflections and Predictions: John Ballentine

John Ballentine

Cyber Resilience

Operational Resilience

Risk Management

Vulnerability Management

Nexus Reflections and Predictions: Adm. Michael Rogers

ADM. Michael S. Rogers, USN (Ret.)

Operational Technology

Cyber Resilience

Operational Resilience

Vulnerability Management

Nexus Reflections and Predictions: Dan Ricci

See all in Vulnerability Management See all in Articles

Risk Management

Vulnerability Management

Operational Technology

A Strategic Necessity: Compensating Controls in ICS, OT

George V. Hulme

Behavioral Identity as the New Perimeter

Implementing a zero-trust architecture for operational technology environment ensures additional security around cyber physical systems processes that are essential to our way of life.

The Zero Trust for OT Imperative

George V. Hulme

See all in Zero Trust See all in Articles

screenshot-2024-11-07-at-4.43.18-pm.png

Nexus Conference

Rodnei Gripp da Petrobras Fortalece a Conexão entre Segurança de Infraestruturas Críticas e Negócio

Saiba como a Claroty colaborou com o time de segurança cibernética da Petrobras, gerando benefícios estratégicos para a equipe responsável pelas plataformas de…

screenshot-2024-11-07-at-4.40.51-pm.png

José Carlos Hererra de Sigma, la Importancia de la Visibilidad y la Simplicidad

José Carlos Herrera, CISO de Sigma Europa, nos habla de la importancia de tener un inventario claro y una herramienta amigable como base para desarrollar una…

Nexus Conference

Felipe Bonomo Destaca os Desafios Relacionados à Proteção de Infraestruturas Críticas

Felipe Bonomo, CISO da Alpargatas, empresa responsável pela icônica marca Havaianas, compartilha os desafios e benefícios de sua parceria com a Claroty na…

See all in Videos

Cyber Resilience

Operational Technology

Nexus Podcast: CISA on Secure-by-Demand for OT

Internet of Things

Operational Technology

Nexus Podcast: Noam Moshe on the IOCONTROL Malware

Team82’s Noam Moshe discusses state actor targeting of OT, why it’s so challenging to develop ransomware for OT and industrial control systems, and the mitigation strategies available to defenders of cyber-physical systems.

Cyber Resilience

Internet of Things

Nexus Podcast: Team82 on Attacking the Insecure IoT Cloud

See all in Podcasts

Articles

Recent articles

The U.S. Department of Health and Human Services (HHS) hopes to strengthen the security of electronic protected health information (ePHI) with the most significant proposed update to the Health Insurance Portability and Accountability Act (HIPAA) Security Rule in more than a decade.

Risk Management

HIPAA Security Rule Update Aims to Strengthen Medical Device, Data Protections

George V. Hulme

Cyber Resilience

Operational Technology

Operational Resilience

Risk Management

Five Trends Driving OT Cybersecurity in 2025

George V. Hulme

Risk Management

The Anti-Library: How Unread Books Can Be the Secret Weapon Against Hackers

Francesco Terlizzi

Cyber Resilience

Operational Technology

Operational Resilience

Vulnerability Management

Nexus Reflections and Predictions: John Ballentine

John Ballentine

Cyber Resilience

Operational Resilience

Risk Management

Vulnerability Management

Nexus Reflections and Predictions: Adm. Michael Rogers

ADM. Michael S. Rogers, USN (Ret.)

Risk Management

Cyber Resilience

Nexus Reflections and Predictions: Cristin Flynn Goodwin

Cristin Flynn Goodwin

Operational Technology

Cyber Resilience

Operational Resilience

Vulnerability Management

Nexus Reflections and Predictions: Dan Ricci

Cyber Resilience

Vulnerability Management

SPDX, CycloneDX, or SWID: Navigating the SBOM Standard Landscape

George V. Hulme

Risk managers—especially C-suite and boards of directors—looking to establish a culture of OT cyber awareness and risk remediation proactivity in their organizations need to establish a formal and measurable program approach. The program must provide a shared vision and a practical roadmap that makes sense because it relates to many of the unique characteristics of their organization, OT environment, business model, and risk appetite.

Risk Management

Lessons Learned from Creating an OT Cybersecurity Program in a Large, Slow-Moving Government Agency

John Ballentine

An OIG report critical of the water and wastewater industry's cybersecurity practices and posture illuminates endemic security issues within this critical infrastructure sector, from unpatched vulnerabilities to a lack of sharing of incident data.

Cyber Resilience

Vulnerability Management

Risk Management

Water, Wastewater Cybersecurity Still Has Long Way to Go

George V. Hulme

ASL Roma 1's implementation of an advanced security operation center called HyperSOC allows it to convert its cybersecurity approach from reactive to proactive, ensuring effective management of cyber threats. The adoption of this safeguard has led to a significant reduction in security incidents, despite the growing number of attacks at national and European level, because of the continuous monitoring of the attack surface of the infrastructure, which guarantees a higher level of security than other peers in the sector.

Cyber Resilience

Risk Management

ASL Roma 1 HyperSOC Approach Secures Patient Safety, Operational Efficiency

Stefano Scaramuzzino

In an increasingly interconnected and constantly evolving healthcare environment, there are numerous cybersecurity challenges that hospitals must face to guarantee patients high-quality health services, avoid interruptions in supply, optimize the use of devices, and effectively manage cyber risks. These challenges require the use of cutting-edge technologies and real-time availability of diverse data and information.

Risk Management

Cyber Resilience

A Predictive, Proactive Approach to the Governance of Medical Devices

Stefano Scaramuzzino

1

Latest on Nexus Podcast

See all episodes

The Nexus podcast features conversations with security leaders, researchers, and experts sharing their expertise on cyber-physical systems security.

See all episodes

Cyber Resilience

Operational Technology

Nexus Podcast: CISA on Secure-by-Demand for OT

Internet of Things

Operational Technology

Nexus Podcast: Noam Moshe on the IOCONTROL Malware

Team82’s Noam Moshe discusses state actor targeting of OT, why it’s so challenging to develop ransomware for OT and industrial control systems, and the mitigation strategies available to defenders of cyber-physical systems.

Cyber Resilience

Internet of Things

Nexus Podcast: Team82 on Attacking the Insecure IoT Cloud