See All Nexus 2025 Sessions

Topics:

The U.S. Environmental Protection Agency recently released a set of new planning and response tools designed to strengthen the cybersecurity defenses of the nation's at-risk water treatment systems. The move marks the latest in a series of federal actions aimed at bolstering the protection of drinking water and wastewater infrastructure in the U.S. from nation-state-driven cyberattacks.

Operational Technology

Operational Resilience

Cyber Resilience

Risk Management

EPA Launches Comprehensive Cybersecurity Resources as Water Sector Faces Escalating Threats

George V. Hulme

More than 250 influential cybersecurity leaders from industrial companies, healthcare delivery organizations, and the highest levels of government convened for Claroty’s fourth annual thought leadership conference to share best practices on cyber-physical systems cybersecurity, protection, and resilience strategies.

Cyber Resilience

Operational Resilience

Risk Management

Nexus Conference

CPS Security Leaders Establish Priorities for Resilience at Nexus 2025

The congressional delay in hammering out a federal budget has added another layer of pain to the ongoing crisis for the Cybersecurity and Infrastructure Security Agency (CISA). Not only are there funding concerns., but it's the expiration of critical information-sharing legislation and a regulatory compliance vacuum that has left enterprises unsure about their next steps.

Cyber Resilience

Operational Resilience

Risk Management

Internet of Things

Threat Intelligence Goes Dark, CISA Crisis Leaves Enterprise Security Blind

George V. Hulme

See all in Cyber Resilience See all in Articles

A New Jersey appeals court agreed with an earlier court’s decision that cybersecurity insurance providers could not deny ransomware coverage under a so-called “war exclusion” for a cybersecurity incident Merck & Co. claimed caused $1.4 billion in losses.

Cybersecurity Insurance

Merck Ransomware Insurance Ruling Helps Clear Fog of Cyberwar

George V. Hulme

Navigating cybersecurity insurance in a recession requires diligence about systemic cybersecurity risks that can cause premiums to rise or insurers to consider an organization uninsurable.

Cybersecurity Insurance

Risk Management

Navigating Cyber Insurance in a Recession

George V. Hulme

Avoid these seven pitfalls when seeking cybersecurity liability insurance; ensure you understand policy terms and conditions, conduct due diligence, and involve the proper stakeholders, among other things.

Cybersecurity Insurance

Cybersecurity Liability Insurance Pitfalls to Avoid

George V. Hulme

See all in Cybersecurity Insurance See all in Articles

A diversified operational technology (OT) cybersecurity monitoring platform plays a key role in strengthening the protection of cyber-physical systems by providing clear visibility, real-time threat detection, and proactive risk mitigation. By integrating multiple monitoring tools and technologies, organizations can build a layered security approach that minimizes vulnerabilities, improves response times, and keeps critical systems resilient against cyber threats.

Operational Resilience

Operational Technology

Diversified Monitoring Essential to a Strong OT Cybersecurity Foundation

John Ballentine

Cyber Resilience

Risk Management

Blunting the Risks of Private-Sector Ownership of CI

ADM. Michael S. Rogers, USN (Ret.)

The “Report to the President: Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World,” reaffirms that cyber-resilience-by-design should be the standard and urges a coalition of government leaders and private sector critical infrastructure asset owners and operators to refocus their energies to build resilient cyber-physical systems (CPS) that are designed to withstand attack.

Cyber Resilience

Risk Management

Applauding A Codified Strategy for CPS Resilience

See all in Federal See all in Articles

Cyberattacks against the food and beverage industry are opportunistic and leverage the growth in digitization to exploit previously unmanaged vulnerabilities to disrupt operations.

Food & Beverage

On the Menu: Cybersecurity Risks in the Food and Beverage Industry

George V. Hulme

See all in Food & Beverage See all in Articles

Providence CISO Mike Ratliff shares the results and initial impact of an AI up-skilling program implemented at the Washington-based hospital system for its cybersecurity team. The benefits are already being see in terms of operational efficiency and cross-functional collaboration.

Operational Resilience

Internet of Things

Risk Management

Providence Cybersecurity AI Up-Skilling Program: Building Smarter Defenses for a Digital Future

ASL Roma 1 CISO Stefano Scaramuzzino and Deloitte analyst Fabio Battelli write about how Italy's largest public healthcare system's HOPE initiative adds automated intelligence to its cybersecurity governance program. HOPE reimagines cybersecurity not as a defensive function, but as a living cognitive system that learns, correlates, and reasons across every layer of the healthcare ecosystem. It marks the birth of a new discipline for digital public health: operational intelligence for healthcare governance.

Cyber Resilience

Vulnerability Management

Risk Management

HOPE: Intelligent Governance Transforming Healthcare Cybersecurity at ASL Roma 1

Stefano Scaramuzzino

Claroty Nexus contributor Megan Stifel, Chief Strategy Officer of the Institute for Security and Technology, writes about the upcoming expiration of the Cybersecurity Information Sharing Act of 2015 (CISA '15). She urges Congress to reauthorize CISA '15 because failing to do so will put national security and personal privacy at risk, and threaten innovation.

Risk Management

Cyber Resilience

Reauthorization of CISA ’15: 10 Years Later, New Threats, Exigent Urgency

See all in Healthcare See all in Articles

The U.S. Environmental Protection Agency recently released a set of new planning and response tools designed to strengthen the cybersecurity defenses of the nation's at-risk water treatment systems. The move marks the latest in a series of federal actions aimed at bolstering the protection of drinking water and wastewater infrastructure in the U.S. from nation-state-driven cyberattacks.

Operational Technology

Operational Resilience

Cyber Resilience

Risk Management

EPA Launches Comprehensive Cybersecurity Resources as Water Sector Faces Escalating Threats

George V. Hulme

Operational Technology

Vulnerability Management

Risk Management

ENISA Warns of Escalating OT Threats

George V. Hulme

Converged IT/OT operations often run into decision-making gridlock when it comes to exposure management and vulnerability management of OT. Without clearly established governance, organizations are experiencing prolonged periods of time exposed to attacks.

Cyber Resilience

Operational Technology

Operational Resilience

Risk Management

Bridging the Divide: Overcoming Security Deadlocks in IT/OT Convergence

George V. Hulme

See all in Industrial See all in Articles

Providence CISO Mike Ratliff shares the results and initial impact of an AI up-skilling program implemented at the Washington-based hospital system for its cybersecurity team. The benefits are already being see in terms of operational efficiency and cross-functional collaboration.

Operational Resilience

Internet of Things

Risk Management

Providence Cybersecurity AI Up-Skilling Program: Building Smarter Defenses for a Digital Future

The congressional delay in hammering out a federal budget has added another layer of pain to the ongoing crisis for the Cybersecurity and Infrastructure Security Agency (CISA). Not only are there funding concerns., but it's the expiration of critical information-sharing legislation and a regulatory compliance vacuum that has left enterprises unsure about their next steps.

Cyber Resilience

Operational Resilience

Risk Management

Internet of Things

Threat Intelligence Goes Dark, CISA Crisis Leaves Enterprise Security Blind

George V. Hulme

U.S. critical infrastructure operators are urged to be vigilant in hardening operational technology and ICS cybersecurity in expectation of a retaliatory response from Iran for last week’s missile strikes.

Cyber Resilience

Operational Technology

Internet of Things

Risk Management

Experts: Expect Iran’s Cyber Tactics to be Disruptive

George V. Hulme

See all in Internet of Things See all in Articles

More than 250 influential cybersecurity leaders from industrial companies, healthcare delivery organizations, and the highest levels of government convened for Claroty’s fourth annual thought leadership conference to share best practices on cyber-physical systems cybersecurity, protection, and resilience strategies.

Cyber Resilience

Operational Resilience

Risk Management

Nexus Conference

CPS Security Leaders Establish Priorities for Resilience at Nexus 2025

See all in Nexus Conference See all in Articles

The U.S. Environmental Protection Agency recently released a set of new planning and response tools designed to strengthen the cybersecurity defenses of the nation's at-risk water treatment systems. The move marks the latest in a series of federal actions aimed at bolstering the protection of drinking water and wastewater infrastructure in the U.S. from nation-state-driven cyberattacks.

Operational Technology

Operational Resilience

Cyber Resilience

Risk Management

EPA Launches Comprehensive Cybersecurity Resources as Water Sector Faces Escalating Threats

George V. Hulme

Providence CISO Mike Ratliff shares the results and initial impact of an AI up-skilling program implemented at the Washington-based hospital system for its cybersecurity team. The benefits are already being see in terms of operational efficiency and cross-functional collaboration.

Operational Resilience

Internet of Things

Risk Management

Providence Cybersecurity AI Up-Skilling Program: Building Smarter Defenses for a Digital Future

More than 250 influential cybersecurity leaders from industrial companies, healthcare delivery organizations, and the highest levels of government convened for Claroty’s fourth annual thought leadership conference to share best practices on cyber-physical systems cybersecurity, protection, and resilience strategies.

Cyber Resilience

Operational Resilience

Risk Management

Nexus Conference

CPS Security Leaders Establish Priorities for Resilience at Nexus 2025

See all in Operational Resilience See all in Articles

The U.S. Environmental Protection Agency recently released a set of new planning and response tools designed to strengthen the cybersecurity defenses of the nation's at-risk water treatment systems. The move marks the latest in a series of federal actions aimed at bolstering the protection of drinking water and wastewater infrastructure in the U.S. from nation-state-driven cyberattacks.

Operational Technology

Operational Resilience

Cyber Resilience

Risk Management

EPA Launches Comprehensive Cybersecurity Resources as Water Sector Faces Escalating Threats

George V. Hulme

Operational Technology

Vulnerability Management

Risk Management

ENISA Warns of Escalating OT Threats

George V. Hulme

Building management systems (BMS) are centralized platforms that oversee a building’s mechanical, electrical, and environmental systems. Yet they are often overlooked with regard to an organization’s cybersecurity planning. Expert Dan Ricci explains why and provides six strategies for securing BMS.

Operational Resilience

Operational Technology

Cyber Resilience

Vulnerability Management

Risk Management

The Overlooked Cyber Risk: Building Management Systems in Critical Infrastructure

See all in Operational Technology See all in Articles

The HHS Office for Civil Rights proposes substantial rule changes to the long-standing Health Insurance Portability and Accountability Act (HIPAA) Security Rule. While details on the proposed rule changes remain unclear, HHS plans to issue a Notice of Proposed Rulemaking (NPRM) by the end of the year. These changes are believed to be the most substantial changes since the HIPAA Security rule went into effect in 2003

Significant Changes to HIPAA Security Rule on the Way

George V. Hulme

Mike Ratliff, AVP Security Engineering and Operations at Providence, writes about five steps healthcare delivery organizations should take to mitigate the risk of ransomware and extortion-based attacks.

Cyber Resilience

5 Things Hospitals Can Do to Mitigate Threats of Ransomware

Resilience, Recovery Strategies to Combat Ransomware and Extortion

ADM. Michael S. Rogers, USN (Ret.)

See all in Ransomware See all in Articles

The U.S. Environmental Protection Agency recently released a set of new planning and response tools designed to strengthen the cybersecurity defenses of the nation's at-risk water treatment systems. The move marks the latest in a series of federal actions aimed at bolstering the protection of drinking water and wastewater infrastructure in the U.S. from nation-state-driven cyberattacks.

Operational Technology

Operational Resilience

Cyber Resilience

Risk Management

EPA Launches Comprehensive Cybersecurity Resources as Water Sector Faces Escalating Threats

George V. Hulme

Providence CISO Mike Ratliff shares the results and initial impact of an AI up-skilling program implemented at the Washington-based hospital system for its cybersecurity team. The benefits are already being see in terms of operational efficiency and cross-functional collaboration.

Operational Resilience

Internet of Things

Risk Management

Providence Cybersecurity AI Up-Skilling Program: Building Smarter Defenses for a Digital Future

More than 250 influential cybersecurity leaders from industrial companies, healthcare delivery organizations, and the highest levels of government convened for Claroty’s fourth annual thought leadership conference to share best practices on cyber-physical systems cybersecurity, protection, and resilience strategies.

Cyber Resilience

Operational Resilience

Risk Management

Nexus Conference

CPS Security Leaders Establish Priorities for Resilience at Nexus 2025

See all in Risk Management See all in Articles

Current OT cybersecurity budgeting approaches reflect a misalignment of prioritizing surface-level defenses over architectural shortcomings. Instead, CISOs should demand vendors deliver products that are secure by design, and address systemic failures over a reactive approach to the security of cyber-physical systems.

Operational Technology

Risk Management

The Economics of OT Cybersecurity: Are We Investing in the Wrong Priorities?

Enterprises often are blind to the use of open source software in commercial and homegrown software development. Vulnerabilities and other weaknesses in OSS deployments are significant exposures that must be managed and mitigated.

Vulnerability Management

Risk Management

Visibility, Governance Key to Managing Open Source Risk

George V. Hulme

Technical debt in OT leads to increased operations costs as teams fight to maintain outdated systems, and security teams struggle to keep those same systems secure, often through compensating controls.

Operational Technology

Getting Strategic Against Technical Debt in OT

George V. Hulme

See all in Technical Debt See all in Articles

ASL Roma 1 CISO Stefano Scaramuzzino and Deloitte analyst Fabio Battelli write about how Italy's largest public healthcare system's HOPE initiative adds automated intelligence to its cybersecurity governance program. HOPE reimagines cybersecurity not as a defensive function, but as a living cognitive system that learns, correlates, and reasons across every layer of the healthcare ecosystem. It marks the birth of a new discipline for digital public health: operational intelligence for healthcare governance.

Cyber Resilience

Vulnerability Management

Risk Management

HOPE: Intelligent Governance Transforming Healthcare Cybersecurity at ASL Roma 1

Stefano Scaramuzzino

Operational Technology

Vulnerability Management

Risk Management

ENISA Warns of Escalating OT Threats

George V. Hulme

Building management systems (BMS) are centralized platforms that oversee a building’s mechanical, electrical, and environmental systems. Yet they are often overlooked with regard to an organization’s cybersecurity planning. Expert Dan Ricci explains why and provides six strategies for securing BMS.

Operational Resilience

Operational Technology

Cyber Resilience

Vulnerability Management

Risk Management

The Overlooked Cyber Risk: Building Management Systems in Critical Infrastructure

See all in Vulnerability Management See all in Articles

The convergence of IT and OT systems, primarily driven by the deployment of IIoT (industrial Internet of Things), cloud computing, and the need for remote monitoring, has fundamentally altered the OT architecture that the Purdue Model was initially designed to help manage.

Risk Management

Operational Resilience

Operational Technology

Is It Time to Rethink the Purdue Model?

George V. Hulme

Operational Resilience

Operational Technology

Poor Visibility Still a Drag on Secure Third-Party Remote Access

George V. Hulme

The European Union Agency for Cybersecurity (ENISA)'s NIS360 report identifies gaps in the current state of NIS2 compliance readiness and provides recommendations to lawmakers and affected industry verticals on what they need to do to become NIS2 compliant.

Cyber Resilience

Operational Resilience

Operational Technology

ENISA Attempts to Move NIS2 Forward with NIS360 Findings

George V. Hulme

See all in Zero Trust See all in Articles

Samantha Jacques, VP Clinical Engineering, at McLaren Health Care, explains the technology complexity hospitals and clinical environment cybersecurity teams encounter and how it impacts risk management and mitigation. While there are standardized IT systems, the medical devices and operational technology prevalent in hospitals are far from it. Myriad manufacturers and configurations significantly complicate risk mitigation efforts. Jacques explains how to best navigate those waters in order to reduce overall cyber risk.

Vulnerability Management

Risk Management

Cyber Resilience

Nexus Conference

Samantha Jacques on Cyber Risk Mitigation in Healthcare

Samantha Jacques, VP Clinical Engineering, at McLaren Health Care, explains the technology complexity hospitals and clinical environment cybersecurity teams…

Cyber Resilience

Internet of Things

Operational Technology

Operational Resilience

Risk Management

Nexus Conference

Charles Carmakal on China's Cyber Threat to Critical Infrastructure

Charles Carmakal, Chief Technology Officer at Mandiant (Part of Google Cloud), explains how China-nexus threat actors such as Volt Typhoon, Salt Typhoon, and…

Cyber Resilience

Leandro Ribeiro, Sobre la Segurança Cibernética no Setor de Saúde

Leandro Ribeiro, CISO do Hospital Sírio-Libanês, compartilha sua experiência no Nexus 24 em Boston, discutindo segurança cibernética no setor de saúde e o…

See all in Videos

Adm. Michael S. Rogers, USN (Ret.) joins the Nexus podcast to discuss the Biden administration's National Cybersecurity Strategy, and its themes of cyber resilience and critical infrastructure protection.

Cyber Resilience

Operational Resilience

Risk Management

Nexus Podcast: Adm. Michael Rogers on Deterrence in Cyberspace

On the Nexus Podcast, former Commonwealth of Pennsylvania CISO and current Black Kite CSO Bob Maley discussed the resource challenges facing not only critical infrastructure asset owners and operators, but also how those challenges are impacting risk-management efforts in critical industries.

Risk Management

Cyber Resilience

Internet of Things

Nexus Podcast: Bob Maley on Critical Infrastructure Resource Challenges

Pankaj Goyal, Chief Operating Officer of Safe Security, joins the Nexus Podcast to discuss the nuances of protecting OT environments, and how cyber insurance must adapt as OT and cyber-physical systems are connected online and increasingly exposed to attackers.

Cybersecurity Insurance

Risk Management

Nexus Podcast: Pankaj Goyal on Cyber Insurance for OT Environments

See all in Podcasts

Articles

Recent articles

The U.S. Environmental Protection Agency recently released a set of new planning and response tools designed to strengthen the cybersecurity defenses of the nation's at-risk water treatment systems. The move marks the latest in a series of federal actions aimed at bolstering the protection of drinking water and wastewater infrastructure in the U.S. from nation-state-driven cyberattacks.

Operational Technology

Operational Resilience

Cyber Resilience

Risk Management

EPA Launches Comprehensive Cybersecurity Resources as Water Sector Faces Escalating Threats

George V. Hulme

Providence CISO Mike Ratliff shares the results and initial impact of an AI up-skilling program implemented at the Washington-based hospital system for its cybersecurity team. The benefits are already being see in terms of operational efficiency and cross-functional collaboration.

Operational Resilience

Internet of Things

Risk Management

Providence Cybersecurity AI Up-Skilling Program: Building Smarter Defenses for a Digital Future

More than 250 influential cybersecurity leaders from industrial companies, healthcare delivery organizations, and the highest levels of government convened for Claroty’s fourth annual thought leadership conference to share best practices on cyber-physical systems cybersecurity, protection, and resilience strategies.

Cyber Resilience

Operational Resilience

Risk Management

Nexus Conference

CPS Security Leaders Establish Priorities for Resilience at Nexus 2025

The congressional delay in hammering out a federal budget has added another layer of pain to the ongoing crisis for the Cybersecurity and Infrastructure Security Agency (CISA). Not only are there funding concerns., but it's the expiration of critical information-sharing legislation and a regulatory compliance vacuum that has left enterprises unsure about their next steps.

Cyber Resilience

Operational Resilience

Risk Management

Internet of Things

Threat Intelligence Goes Dark, CISA Crisis Leaves Enterprise Security Blind

George V. Hulme

ASL Roma 1 CISO Stefano Scaramuzzino and Deloitte analyst Fabio Battelli write about how Italy's largest public healthcare system's HOPE initiative adds automated intelligence to its cybersecurity governance program. HOPE reimagines cybersecurity not as a defensive function, but as a living cognitive system that learns, correlates, and reasons across every layer of the healthcare ecosystem. It marks the birth of a new discipline for digital public health: operational intelligence for healthcare governance.

Cyber Resilience

Vulnerability Management

Risk Management

HOPE: Intelligent Governance Transforming Healthcare Cybersecurity at ASL Roma 1

Stefano Scaramuzzino

Operational Technology

Vulnerability Management

Risk Management

ENISA Warns of Escalating OT Threats

George V. Hulme

Building management systems (BMS) are centralized platforms that oversee a building’s mechanical, electrical, and environmental systems. Yet they are often overlooked with regard to an organization’s cybersecurity planning. Expert Dan Ricci explains why and provides six strategies for securing BMS.

Operational Resilience

Operational Technology

Cyber Resilience

Vulnerability Management

Risk Management

The Overlooked Cyber Risk: Building Management Systems in Critical Infrastructure

Converged IT/OT operations often run into decision-making gridlock when it comes to exposure management and vulnerability management of OT. Without clearly established governance, organizations are experiencing prolonged periods of time exposed to attacks.

Cyber Resilience

Operational Technology

Operational Resilience

Risk Management

Bridging the Divide: Overcoming Security Deadlocks in IT/OT Convergence

George V. Hulme

Vulnerability scoring models such as CVSS 3.1 and CVSS 4.0 must evolve to include contextual information that helps network and systems analysts and security teams better prioritize remediation, mitigation, and patching processes.

Vulnerability Management

Risk Management

Operational Technology

Cyber Resilience

CVSS Scores No Longer Enough: The Move to Context-Driven Vulnerability Management

George V. Hulme

Claroty Nexus contributor Megan Stifel, Chief Strategy Officer of the Institute for Security and Technology, writes about the upcoming expiration of the Cybersecurity Information Sharing Act of 2015 (CISA '15). She urges Congress to reauthorize CISA '15 because failing to do so will put national security and personal privacy at risk, and threaten innovation.

Risk Management

Cyber Resilience

Reauthorization of CISA ’15: 10 Years Later, New Threats, Exigent Urgency

Experts weigh in on the recent Cybersecurity and Infrastructure Security Agency (CISA) guidance aimed at addressing the risks associated with the convergence of OT/IT in modern industrial organizations. CISA recommends enhanced asset inventories and taxonomies as foundational cybersecurity pieces of an OT security program.

Operational Technology

Vulnerability Management

Risk Management

Asset Management Key to Mitigating OT/IT Convergence Cybersecurity Risks

George V. Hulme

Rural hospital leaders are scrutinizing every budget dollar and have to find a way to balance patient care and safety with defending against digital cybersecurity threats.

Cyber Resilience

Risk Management

As Medicaid Cuts Take Hold, Rural Healthcare Cybersecurity Hangs by a Thread

George V. Hulme

1

Latest on Nexus Podcast

See all episodes

The Nexus podcast features conversations with security leaders, researchers, and experts sharing their expertise on cyber-physical systems security.

See all episodes

Adm. Michael S. Rogers, USN (Ret.) joins the Nexus podcast to discuss the Biden administration's National Cybersecurity Strategy, and its themes of cyber resilience and critical infrastructure protection.

Cyber Resilience

Operational Resilience

Risk Management

Nexus Podcast: Adm. Michael Rogers on Deterrence in Cyberspace

On the Nexus Podcast, former Commonwealth of Pennsylvania CISO and current Black Kite CSO Bob Maley discussed the resource challenges facing not only critical infrastructure asset owners and operators, but also how those challenges are impacting risk-management efforts in critical industries.

Risk Management

Cyber Resilience

Internet of Things

Nexus Podcast: Bob Maley on Critical Infrastructure Resource Challenges

Pankaj Goyal, Chief Operating Officer of Safe Security, joins the Nexus Podcast to discuss the nuances of protecting OT environments, and how cyber insurance must adapt as OT and cyber-physical systems are connected online and increasingly exposed to attackers.

Cybersecurity Insurance

Risk Management

Nexus Podcast: Pankaj Goyal on Cyber Insurance for OT Environments