U.S. federal regulators are revamping their approach to oil pipeline cybersecurity by telling operators they have newfound latitude so long as they implement continuous monitoring and test their posture. Pipeline cybersecurity became a priority after a 2021 ransomware attack led to gas shortages.
First National Bank Omaha (FNBO) is a subsidiary of First National of Nebraska. It is the largest privately held bank subsidiary in the United States. Before Pindrop, FNBO relied heavily on one-time passwords (OTPs) even with genuine customers. Within the first year into the Pindrop relationship, FNBO experienced...
The latest edition of the ISMG Security Report asks: Whatever happened to Russia's cyberwar against Ukraine? It also looks at the curious case of a cardiologist who's been accused of moonlighting as a developer of such notorious strains of ransomware as Thanos and Jigsaw.
What happened to the Russian cyber war? It was almost a universal prediction: Cyberattacks against Ukrainian digital infrastructure would help invaders seize control. But Kyiv has managed to resist such efforts. Here are nearly a dozen lessons learned so far from the war's cyber operations.
A $2 billion fund to root out equipment from Chinese manufacturers Huawei and ZTE operating within small and rural U.S. telecoms isn't enough to cover costs, the Federal Communications Commission informed Congress. The program's full cost is closer to $5 billion, wrote FCC Chair Jessica Rosenworcel.
As the world embraces renewables and green energy, is the energy sector properly learning from past cybersecurity mistakes? Rafael Narezzi, CTO of CF Partners, discusses current industrial cybersecurity shortcomings and the need for the industry to take a more mature and proactive approach.
Cyberattacks aren't just an annoyance but have real-world effects. Case in point: ransomware attacks on Colonial Pipeline and on food processor JBS. IBM Security's Chris McCurdy discusses these developments and security scenarios emerging from the cyber-physical fusion.
Four ISMG editors discuss important cybersecurity issues, including lessons learned from the cyberattack on a steelmaker in Iran that caused a serious fire, how the economic crisis in Sri Lanka is affecting cybersecurity and what the rising cost of cyber insurance means for the industry.
The Predatory Sparrow hacking group recently claimed to have triggered fires in multiple state-run Iranian steel foundries via hack attacks. Clearly, industrial cybersecurity remains essential. But are the attacks a sign of much more to come or more of a politically motivated proof of concept?
Welcome to ISMG's compendium of RSA Conference 2022. The 31st annual conference covered a wide range of topics including cybercrime, cyberwarfare, zero trust, supply chain risk, ransomware, OT security, cyber insurance and jobs. Access 150+ interviews with the top speakers and influencers.
Many of the principles for defending your IT environment apply to industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems and other OT. But securing OT has additional complexities and considerations.
We’ve created this resource guide with more than 80 useful reference links,...
Are You Prepared To Deal With Rising OT Cybersecurity Threats?
Critical Infrastructure organizations increasingly realize that downtime from cyberattack can be catastrophic. The Colonial Pipeline ransomware attack, for example, resulted in 5 days of downtime, millions of dollars in ransoms, recovery and federal...
Compare your scores to industry peers for key industrial security protections.
Attacks on Critical Infrastructure are on the rise. Organizations need to leverage modern industrial security practices to avoid preventable breaches and the costly downtime, damage and public safety risks they cause. This quick...
The U.S. and Israel have agreed to a new joint cybersecurity program called BIRD Cyber to enhance the cyber resilience of both countries' critical infrastructures. Grants of up to $1.5 million will be given to entities who jointly develop advanced cybersecurity applications under this program.
The Biden executive order on cybersecurity was a catalyst for action, with tight delivery times for steps including promotion of SBOMs and zero trust. The cyber-physical nexus and expanding threat surface mean it's not easy to maintain vigilance, but recognizing that is the first step.