Critical Infrastructure

Critical Infrastructure | News, how-tos, features, reviews, and videos

CrowdStrike logo / Ukraine flag and map on globe / data center servers / binary code
News Analysis

CrowdStrike, Ukraine, and the DNC server: Timeline and facts

Cyber warfare > Russian missile launcher / Russian flag / binary code
News Analysis

Russia’s Sandworm hacking group heralds new era of cyber warfare

Fragmented image of a Boeing 787 airplane represented in encrypted data.
News

Boeing's poor information security posture threatens passenger safety, national security, researcher says

The aircraft maker failed to perform minimum due diligence in securing its networks, then tried to cover it up, security researcher Chris Kubecka tells Aviation Cyber Security conference attendees.

A binary map of china.
News Analysis

China’s MLPS 2.0: Data grab or legitimate attempt to improve domestic cybersecurity?

The new version China’s Multi-Level Protection Scheme (MLPS) expands what companies fall under its purview and lower the threshold for government inspection. Should companies with operations in China be concerned?

Russian flag overlay / mobile phone / wireless signals / data
News

Cell phones don't belong in SCIFs, says Republican congressman

Rep. Mike Rogers says his phone was infected by Russian malware three years ago. Also, why he believes we need fewer federal cybersecurity agencies and election laws.

Microsoft-based election, campaign systems
Feature

How to secure Microsoft-based election, campaign systems

Microsoft has issued guidance and provided resources for local election bodies and candidate campaigns to help protect systems and communications.

Political data > Republican + Democratic mascots in a binary world
News

Presidential campaign websites fail at privacy, new study shows

A non-partisan analysis of 23 presidential campaign websites reveals glaring privacy issues.

Industry 4.0 / Industrial IoT / Engineer reviews virtual interface for robotics.
Feature

5 OT security takeaways CISOs need to communicate to stakeholders

Operational technology security requires a different approach than IT security. Here are key takeaways CSOs need to communicate to other executives and boards of directors.

secure elections / electronic voting / digital election data security / secure voting machines
Feature

Voting machine security: What to look for and what to look out for

The US Senate approved $250 million to help states purchase more secure voting equipment — but includes no provisions for what "secure" means. Our buying guide will help state election officials spend taxpayer money wisely.

Election security / vulnerabilities
News

CISA’s Krebs seeks more measured approach to election security heading into 2020

The Cybersecurity and Infrastructure Security Agency director says overhyped concern is a problem, while election officials say they reap the benefits of improved communications.

Internet of Things (IoT) / security alert / wireless network management
News Analysis

IoT vendors ignore basic security best practices, CITL research finds

New measurements by the CITL mass fuzzing project show just how bad things really are--and how IoT device makers could radically increase binary security with one day of engineering work.

United States national government cybersecurity > Diverse hands surround/protect the U.S. Capitol.
News

Leader of new NSA Cybersecurity Directorate outlines threats, objectives

Director Anne Neuberger says her group will focus on ransomware, threats to US elections, and nation-state influence operations.

cloud based service ics as a service by ipopba getty
Feature

ICS as a cloud service is coming: Will the benefits outweigh the risks?

Plugging industrial control and operational technology equipment into cloud-based monitoring and remote management systems increases visibility, but it also takes away their security by obscurity.

CSO > IoT / Internet of Things, unencrypted/unsecured/vulnerable
News

ICS security: Popular building management system vulnerable to takeover

Remotely exploitable vulnerability in internet-connected devices gives attackers a means to cause disruption and damage in a wide range of industries.

election hacking security 2020 election security flag global breach by stuartmiles99 getty
News

U.S. Rep Lieu hopeful for election security bill prospects

Congressman sees Republican softening on gun legislation as a sign they might be willing to consider election security. Calls on the security community to expose election system weaknesses.

binary code matrix broken / breached / failed / hacked / security risk / threat / vulnerability
News

Critical VxWorks flaws expose millions of devices to hacking

Researchers have found 11 serious vulnerabilities in VxWorks, the world's most popular real-time operating system (RTOS) that powers over 2 billion devices including enterprise network firewalls and routers, industrial controllers and...

election hacking security 2020 election security flag global breach by stuartmiles99 getty
News Analysis

Why getting election security right for 2020 matters

The U.S. is moving at glacial speed to secure election systems against possible interference by foreign adversaries. We're not even close to ready, and that could call contests into question.

Election secuity / ballot boxes / binary code
Feature

Secure elections scorecard: Grading the candidate and Congressional proposals

After 2016's election security debacle, there's a push to secure America's electronic voting infrastructure. Some of the proposals are good. Others fall short. CSO investigates.

succession brain sharing intellectual knowledge sharing
Feature

What is an ISAC or ISAO? How these cyber threat information sharing organizations improve security

Information Sharing and Analysis Organizations were created to make cyber threat data and best practices more accessible than with Information Sharing and Analysis Centers, but results are mixed.

secure government messaging
Feature

What is the CISA? How the new federal agency protects critical infrastructure from cyber threats

The Cybersecurity and Infrastructure Security Agency (CISA) is a new federal agency, created to protect the nation's critical infrastructure.

Load More