Critical Infrastructure Security
CISA Warns Phobos Ransomware Groups Attacking Critical Infrastructure
Phobos, a complex ransomware-as-a-service (RaaS) operation that has been around for five years and is includes multiple variants, continues to target a range of critical infrastructure in the United States, including education, ...
Security Boulevard
5 Reasons the Public Sector Must Move Away From Legacy IT
Jake Madders | | Critical Infrastructure Security, Federal Government, legacy IT, patches, Public Sector
Legacy IT software is costing the taxpayer, it’s damaging the security of public services infrastructure and it’s bad for the environment—something governments drastically need to address in the next 10 years if ...
Security Boulevard
The Challenge of Regulatory Compliance for Critical Infrastructure
Sue Poremba | | Compliance, congressional legislation, Critical Infrastructure Security, Cybersecurity
Healthcare has HIPAA. Credit cards and electronic payments have PCI DSS. Consumers have GDPR and CCPA. There is an alphabet soup of regulatory compliance requirements that many industries must follow to offer ...
Security Boulevard
Of Pipelines And Cybersecurity
One of the scariest phrases I have ever encountered is “gasoline pipeline” –thousands of miles of three foot diameter pipes buried in the ground for decades carrying billions of gallons of one ...
Security Boulevard
Throwback Thursday: Whatever happened to Stuxnet?
Whatever happened to Stuxnet? Since it destroyed hundreds of centrifuges at a nuclear enrichment facility in Iran in 2010, the worm’s been quiet—but not idle. Compared to many of its malware colleagues, ...
President’s ‘cybersecurity moonshot’: Transformational or pie in the sky?
Making the internet safe and secure in 10 years isn’t going to be easy, if it’s even possible. And that’s why NSTAC’s new proposal is a cyber security moonshot. Stop me if ...
Hard questions raised when a software ‘glitch’ takes down an airliner
The parts and systems on an airplane don’t have to fail in a big way to have big consequences. A flaw in airline software could be a matter of life or death ...
Threats obvious, but electronic voting systems remain insecure
Election security requires that voters trust the results. But many U.S. electronic voting systems are clearly insecure, and untrustworthy. What are we doing about it? The original version of this article was ...
‘Cyber Pearl Harbor’ unlikely, but critical infrastructure needs a major upgrade | NCSAM at Synopsys
Officials have warned for decades of a “cyber Pearl Harbor” or “cyber 9/11” kind of attack on the nation’s critical infrastructure. Yet no attack has come. It’s either because our attackers can’t ...
How to protect our critical infrastructure | NCSAM at Synopsys
The 2018 Verizon Data Breach Investigations Report (DBIR) reported and analyzed 649 breaches in utilities, transportation, healthcare, and other verticals that employ operational technology (OT) systems in addition to traditional IT for ...