Latest from todayfeature8 biggest cybersecurity threats manufacturers faceThe manufacturing sector remains a prominent target for cybercriminals, due to complex supply chains, legacy industry control and IoT systems, and a lack of appetite for downtime.By John Leyden06 Dec 20249 minsCyberattacksManufacturing IndustryRansomware feature Russian group’s hack of Texas water system underscores critical OT cyber threatsBy Cynthia Brumfield21 Oct 202411 minsCritical InfrastructureCyberattacksGovernment ITnews China-based cyber espionage campaign in SE Asia is expanding, says SophosBy Howard Solomon10 Sep 20246 minsCritical InfrastructureCyberattacksGovernment newsUS charges 5 Russian spies for Ukraine, NATO cyberattacksBy Lucian Constantin 05 Sep 20247 minsCritical InfrastructureCyberattacksGovernment news analysisICS malware FrostyGoop disrupted heating in Ukraine, remains threat to OT worldwideBy Lucian Constantin 23 Jul 20245 minsCritical InfrastructureMalwareNetwork Security featureInside the world’s largest ‘live-fire’ cyber-defense exerciseBy Mario Moreno 19 Jul 20247 minsCritical InfrastructureCyberattacksData and Information Security opinionLegacy systems are the Achilles’ heel of critical infrastructure cybersecurityBy Christopher Burgess 08 Jul 20248 minsCritical InfrastructureSecurity PracticesThreat and Vulnerability Management featureHijack of monitoring devices highlights cyber threat to solar power infrastructureBy Cynthia Brumfield 23 May 20249 minsCritical InfrastructureEnergy IndustryUtilities Industry news analysisBiden delivers updated take on security for critical infrastructure By Cynthia Brumfield 02 May 20248 minsCritical InfrastructureGovernmentThreat and Vulnerability Management ArticlesfeatureTop 10 physical security considerations for CISOsSecuring premises and devices from physical attacks can be just as challenging as defending against cyber threats. Collaboration and communication with all teams involved is the key to success.By Ericka Chickowski 23 Apr 2024 14 minsCritical InfrastructureSecuritySecurity Infrastructurenews analysisSiemens, other vendors patch critical ICS product vulnerabilitiesSome of the flaws outlined in 15 advisories could result in remote code execution on industrial control systems.By Lucian Constantin 20 Mar 2024 4 minsCritical InfrastructureVulnerabilitiesopinion5 ways private organizations can lead public-private cybersecurity partnershipsPublic-private partnerships like the US Joint Cyber Defense Collaborative are often led by public agencies, but private-led cybersecurity partnerships might be more effective.By Christopher Whyte 20 Mar 2024 13 minsCSO and CISOCritical Infrastructurenews analysisChinese espionage a prime concern for connected vehiclesAs the Biden administration worries about China's role in the emerging connected vehicle market, experts point to the country's ability to engage in espionage as the biggest threat.By Cynthia Brumfield 12 Mar 2024 9 minsAdvanced Persistent ThreatsCritical InfrastructureGovernmentnews analysisInternational warning: Attackers could gain persistence on Ivanti VPN appliances Researchers identify methods that could allow attackers to bypass Ivanti integrity checks for recent attacks, perhaps surviving factory resets.By Lucian Constantin 01 Mar 2024 7 minsAdvanced Persistent ThreatsCritical InfrastructureVulnerabilitiesnews analysisThree new advanced threat groups targeted industrial organizations last yearThreat actors continue to target operational technology assets of industrial organizations, but the quality of vulnerability information and mitigation advice is lacking.By Lucian Constantin 28 Feb 2024 7 minsAdvanced Persistent ThreatsCritical InfrastructureThreat and Vulnerability Managementnews analysisBiden order bars data broker sale of Americans’ sensitive data to adversariesPresident Biden issued an executive order to bar data brokers from selling American’s sensitive data to “countries of concern,” ordering a slew of actions by the Justice Department and other government agencies that would deny adversaries access to the highly prized information.By Cynthia Brumfield 28 Feb 2024 10 minsCritical InfrastructureData PrivacyGovernmentfeatureRussia's use of malware to enhance election influence operations sign of things to comeNew research shows that Russia used click-fraud malware to enhance the visibility of its troll farm content in the 2016 US presidential campaign, and the practice likely continues in this big election year globally.By Christopher Whyte 28 Feb 2024 11 minsAdvanced Persistent ThreatsElection HackingMalwarenews analysisNIST releases expanded 2.0 version of the Cybersecurity FrameworkThe US National Institute of Standards and Technology released the 2.0 version of its Cybersecurity Framework, focusing more on governance and supply chain issues and offering resources to speed the framework’s implementation.By Cynthia Brumfield 27 Feb 2024 6 minsCritical InfrastructureIT Governance FrameworksSupply Chainnews analysisBiden's maritime cybersecurity actions target China threatsThe White House announced a new executive order and other actions to strengthen the cybersecurity of the maritime industry and ports while seeking to revive a domestic crane industry and wean America off Chinese-made port cranes.By Cynthia Brumfield 22 Feb 2024 9 minsAdvanced Persistent ThreatsCritical InfrastructureGovernmentopinionCritical infrastructure attacks aren't all the same: Why it matters to CISOsRecent warnings about advanced persistent threats from China against critical infrastructure suggest a shift in goals, but other nation-state adversaries have their own agendas.By Christopher Whyte 22 Feb 2024 12 minsAdvanced Persistent ThreatsCritical Infrastructurenews analysisLawmakers see power grid security risks from Chinese storage batteriesLawmakers and experts fear that the use of Chinese storage batteries could threaten the power grid, but few alternatives are in the offing, at least in the short term.By Cynthia Brumfield 16 Feb 2024 11 minsAdvanced Persistent ThreatsCritical InfrastructureGovernment Show more Show less View all Resources whitepaper Integrating Network, Application, and Workforce Security: A Comprehensive Approach Through Platformization Navigating the Current Middle East Threat Landscape The post Integrating Network, Application, and Workforce Security: A Comprehensive Approach Through Platformization appeared first on Whitepaper Repository –. By Cloudflare 03 Dec 2024Application SecurityCloud SecuritySecurity whitepaper Real-Time, All the Time: Fuelling AI success through a continuous data stream By StreamSets 26 Aug 2024Artificial IntelligenceData and Information SecurityData Management View all Video on demand videoCSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 2)Eric Nguyen – Industry Advisor (AI x Cyber Security) at the University of Canberra’s Open Source Institute – joins Xiou Ann Lim for this CSO Executive Sessions interview. They talk about supply chain risks to critical infrastructure, public-private partnerships, and more. 14 Nov 2024 15 minsCritical InfrastructureIT GovernanceSupply Chain CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 1) 04 Nov 2024 19 minsCritical InfrastructureSecuritySupply Chain CSO Executive Sessions: New World Development’s Dicky Wong on securing critical infrastructure 16 Oct 2024 12 minsCritical InfrastructureSecurity CSO Executive Sessions: EDOTCO’s Mohammad Firdaus Juhari on safeguarding critical infrastructure in the telecommunications industry 05 Sep 2024 11 minsCritical InfrastructureSecurityTelecommunications IndustrySee all videos Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Cybercrime Identity and Access Management Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics Show me morePopularArticlesPodcastsVideos feature 7 biggest cybersecurity stories of 2024 By John Leyden 24 Dec 202410 mins Data BreachRansomwareRegulation feature Top 7 zero-day exploitation trends of 2024 By Lucian Constantin 23 Dec 202411 mins SecurityThreat and Vulnerability ManagementVulnerabilities news US order is a reminder that cloud platforms aren’t secure out of the box By Howard Solomon 20 Dec 20245 mins Cloud SecurityGovernment IT podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO podcast CSO Executive Session India with Charanjit Bhatia, Head of Cybersecurity, COE, Bata Brands 08 Jul 202418 mins CSO and CISO video CSO Executive Sessions: Standard Chartered’s Alvaro Garrido on cybersecurity in the financial services industry 23 Oct 202410 mins Financial Services IndustrySecurity video CSO Executive Sessions: DocDoc’s Rubaiyyaat Aakbar on security technology 12 Sep 202419 mins Artificial IntelligenceHealthcare IndustrySecurity video CSO Executive Sessions: Hong Kong Baptist University’s Allan Wong on security leadership 05 Sep 202410 mins Education IndustryIT Leadership