Critical Infrastructure
Critical Infrastructure | News, how-tos, features, reviews, and videos
Boeing's poor information security posture threatens passenger safety, national security, researcher says
The aircraft maker failed to perform minimum due diligence in securing its networks, then tried to cover it up, security researcher Chris Kubecka tells Aviation Cyber Security conference attendees.
China’s MLPS 2.0: Data grab or legitimate attempt to improve domestic cybersecurity?
The new version China’s Multi-Level Protection Scheme (MLPS) expands what companies fall under its purview and lower the threshold for government inspection. Should companies with operations in China be concerned?
Cell phones don't belong in SCIFs, says Republican congressman
Rep. Mike Rogers says his phone was infected by Russian malware three years ago. Also, why he believes we need fewer federal cybersecurity agencies and election laws.
How to secure Microsoft-based election, campaign systems
Microsoft has issued guidance and provided resources for local election bodies and candidate campaigns to help protect systems and communications.
Presidential campaign websites fail at privacy, new study shows
A non-partisan analysis of 23 presidential campaign websites reveals glaring privacy issues.
5 OT security takeaways CISOs need to communicate to stakeholders
Operational technology security requires a different approach than IT security. Here are key takeaways CSOs need to communicate to other executives and boards of directors.
Voting machine security: What to look for and what to look out for
The US Senate approved $250 million to help states purchase more secure voting equipment — but includes no provisions for what "secure" means. Our buying guide will help state election officials spend taxpayer money wisely.
CISA’s Krebs seeks more measured approach to election security heading into 2020
The Cybersecurity and Infrastructure Security Agency director says overhyped concern is a problem, while election officials say they reap the benefits of improved communications.
IoT vendors ignore basic security best practices, CITL research finds
New measurements by the CITL mass fuzzing project show just how bad things really are--and how IoT device makers could radically increase binary security with one day of engineering work.
Leader of new NSA Cybersecurity Directorate outlines threats, objectives
Director Anne Neuberger says her group will focus on ransomware, threats to US elections, and nation-state influence operations.
ICS as a cloud service is coming: Will the benefits outweigh the risks?
Plugging industrial control and operational technology equipment into cloud-based monitoring and remote management systems increases visibility, but it also takes away their security by obscurity.
ICS security: Popular building management system vulnerable to takeover
Remotely exploitable vulnerability in internet-connected devices gives attackers a means to cause disruption and damage in a wide range of industries.
U.S. Rep Lieu hopeful for election security bill prospects
Congressman sees Republican softening on gun legislation as a sign they might be willing to consider election security. Calls on the security community to expose election system weaknesses.
Critical VxWorks flaws expose millions of devices to hacking
Researchers have found 11 serious vulnerabilities in VxWorks, the world's most popular real-time operating system (RTOS) that powers over 2 billion devices including enterprise network firewalls and routers, industrial controllers and...
Why getting election security right for 2020 matters
The U.S. is moving at glacial speed to secure election systems against possible interference by foreign adversaries. We're not even close to ready, and that could call contests into question.
Secure elections scorecard: Grading the candidate and Congressional proposals
After 2016's election security debacle, there's a push to secure America's electronic voting infrastructure. Some of the proposals are good. Others fall short. CSO investigates.
What is an ISAC or ISAO? How these cyber threat information sharing organizations improve security
Information Sharing and Analysis Organizations were created to make cyber threat data and best practices more accessible than with Information Sharing and Analysis Centers, but results are mixed.
What is the CISA? How the new federal agency protects critical infrastructure from cyber threats
The Cybersecurity and Infrastructure Security Agency (CISA) is a new federal agency, created to protect the nation's critical infrastructure.
-
Video/Webcast
Sponsored -
White Paper
-
eBook
Sponsored -
White Paper
-
eBook
Sponsored