Critical Infrastructure

Critical Infrastructure | News, how-tos, features, reviews, and videos

5G light trails
Unitd States cybersecurity   >   U.S. flag with a digital network of locks instead of stars

nycrr cybersecurity gavel regulation compliance law nyc statue of liberty

Infrastructure bill includes $1.9 billion for cybersecurity

Passage of the infrastructure bill includes $1.9 billion for cybersecurity, and more could be on the way with the Build Back Better and other bills working their way through Congress.

USA / United States of America stars + stripes and binary code superimposed over The White House

Biden’s cybersecurity executive order, a progress report

Of the 46 tasks President Biden mandated to protect digital government assets, 19 are now completed, though not all agencies have reported their progress.

Stack of legal documents with compliance and regulatory stamp

Lack of C3PAO assessors jeopardizes DoD CMMC certification goal

Only 100 approved assessors are available to certify that 300,000 US DoD providers are in compliance with the Cybersecurity Maturity Model Certification by the 2023 deadline.

joe biden cyberceomeeting public domain wh

Tech giants pledge at least $30 billion to improve cybersecurity following White House meeting

Technology, financial, and education leaders commit to a wide range of initiatives to enhance the nation's cybersecurity posture in collaboration with the Biden Administration.

shutterstock editorial 12065997e jen easterly

CISA’s Joint Cyber Defense Collaborative: Why it just might work

New CISA director Jen Easterly is tasked with implementing the JCDC, which promises to make US critical infrastructure more resilient to cyberattacks. Her history makes her the right person for the job.

shutterstock editorial 11745281m blackberry

BlackBerry faces bad PR by failing to go public with BadAlloc vulnerability

Although the company informed its OEM customers of the vulnerability, users of IoT devices running its QNX OS were potentially kept in the dark.

Gate Smart Lock

What is physical security? How to keep your facilities and devices safe from on-site attackers

Securing premises and devices from physical attacks can be just as challenging as defending against cyber threats. Automation and AI are increasingly used to shore up defenses.

industrial power plant hacked skull and crossbone pixels security breach power plant by jason black

Serious flaws in widespread embedded TCP/IP stack endanger industrial control devices

Critical vulnerabilities potentially affect millions of devices, but finding and patching them will be difficult.

stethoscope mobile healthcare ipad tablet doctor patient

Basic flaws put pneumatic tube transport systems in hospitals at risk

Multiple vulnerabilities could allow persistent take-over and ransom demands by attackers.

USA / United States of America stars + stripes and binary code superimposed over The White House

Biden memo, infrastructure deal deliver cybersecurity performance goals and money

The White House initiatives and expected passage of the US infrastructure plan will set new cybersecurity standards for critical infrastructure, provide money to state and local governments.

data pipeline primary

TSA issues second cybersecurity directive for pipeline companies

Experts applaud the agency's new, detailed security requirements for US pipeline operators but question how they will be enforced or monitored.

industrial power plant hacked skull and crossbone pixels security breach power plant by jason black

CISA: China successfully targeted US oil and natural gas infrastructure

CISA alert details past network compromises and exposes a lack of preparedness among ICS companies.

skull and crossbones in binary code

Authentication bypass allows complete takeover of Modicon PLCs used across industries

The vulnerability could allow attackers to insert malicious code and easily avoid detection.

A Colonial Pipeline facility in Baltimore, Maryland, USA, 10 May 2021.

Colonial Pipeline take-away for CISOs: Embrace the mandates

The DarkSide attack on Colonial is yet another wake-up call for companies to harden their systems against ransomware. History suggests that might not happen despite new government guidance.

tt21 020 thumb
video

What the Colonial Pipeline ransomware attack suggests about critical infrastructure security

The largest fuel pipeline in the United States, Colonial Pipeline, halted operations because of a ransomware attack. The attack was carried out by the cybercriminal group DarkSide. Much of the pipeline remains offline, although the...

data pipeline primary

Colonial Pipeline shutdown highlights need for better OT cybersecurity practices

Experts weigh in on what the Colonial attack teaches critical infrastructure providers about preparation and incident response.

power plant utilities energy innovation industrial iot american public power association unsplash

Biden administration releases 100-day plan to address electric system cybersecurity risks

The plan focuses largely on supply chain risks to the electric grid, requests input on the DOE's role in coordinating cybersecurity efforts.

cso security hack breach water leak gettyimages 466029458 by firmafotografen 2400x1600px

Oldsmar cyberattack raises importance of water utility assessments, training

The attempt to poison a city's water supply by remotely accessing its ICS underscores the need for cybersecurity assistance at under-resourced critical infrastructure facilities.

Load More
You Might Also Like