Apply to Attend Nexus Conference 2026
Claroty Nexus Logo
Topics:
See all in Cyber Resilience See all in Articles
See all in Videos
See all in Podcasts

Inventory to Insight

Dan Ricci cautions CPS asset owners that an asset list is not an inventory. Inventories are organized, updated, and physically validated to be effective.

Read more
ICS Advisory founder Dan Ricci explains why a list of operational technology (OT) assets is not an asset inventory. Asset inventories must be organized, updated, and physically validated. Only then can this facet of asset management support enterprise-wide risk management and cyber-physical systems protection programs.
AJ Eserjose, Regional Director for Operational Technology Information Sharing and Analysis Center (OT-ISAC), writes about how the information shared among members of a hub such as OT-ISAC creates a predictive resilience. Attack, threat, and risk signals are aggregated from contributions made by different members into comprehensive intelligence that improves overall cyber and operational resilience.
Cyber Resilience
Industrial
Operational Resilience
Operational Technology
Risk Management

How Collective Intelligence Enhances Predictive Resilience

AJ Eserjose
/
May 20, 2026
Project Glasswing and the Claude Mythos Preview have caused an upheaval related to vulnerability discovery and exploit development. On Nexus, former NSA Director Adm. Michael S. Rogers introduces some nuance to the discussion. The nuance that isn’t being articulated enough, he says, is that Project Glasswing is largely a defensive effort that does more to level the playing field between threat actors and defenders than we may realize.
Cyber Resilience
Federal
Operational Resilience
Vulnerability Management

Exploring Some Nuance on Project Glasswing

ADM. Michael S. Rogers, USN (Ret.)
/
May 18, 2026
OT has a cybersecurity skills gap. Leading organizations, however, are responding by building cross-functional IT/OT security teams, investing in OT-specific training, creating hybrid cybersecurity roles, and leveraging managed OT security services to bridge immediate gaps. They are also prioritizing asset visibility, documentation, and standardized processes to reduce reliance on tribal knowledge.
Operational Technology
Industrial
Operational Resilience
Cyber Resilience

OT Cybersecurity Faces a Skills Gap

Jon Holzbauer
/
May 12, 2026
Data centers have been targeted for kinetic attacks during the ongoing Iran war, and given their strategic prioritization during the conflict, they could be targeted for cyberattacks as well. Nexus contributor James LaBonty explains the risk and potential vulnerabilities, including building management systems and other cyber-physical systems.
Cyber Resilience
Operational Technology
Risk Management
Vulnerability Management
Operational Resilience
Industrial

Protecting Physical, Digital Security of Data Centers During Conflict

Jim LaBonty
/
Mar 17, 2026

Trending in Cyber

Explore now
derbyshire.jpg
Cyber Resilience
Industrial
Operational Resilience
Operational Technology
Risk Management
Vulnerability Management

Nexus Podcast: Ric Derbyshire on Living-Off-the-Plant OT Cyberattacks

Michael Mimoso
Rapid7 Principal Security Research (IoT) lead Deral Heiland joins the Nexus Podcast to discuss work his team did on how attackers might weaponize cellular-based IoT.  Rapid7 conducted three phases of this research, with the most recent digging into how attackers with access to these systems can abuse them to gain unauthorized access, potentially exfiltrate critical data, or pivot into backend network infrastructure.
Internet of Things
Vulnerability Management
Risk Management
Operational Resilience

Nexus Podcast: Deral Heiland on Weaponizing Cellular-Based IoT

Michael Mimoso
rob-king.jpg
Industrial
Operational Technology
Vulnerability Management

Nexus Podcast: Rob King on OT Asset Exposures, Mitigations

Michael Mimoso
nexus_samir.jpg
Industrial
Cyber Resilience
Operational Resilience
Operational Technology
Risk Management

Nexus Podcast: MITRE on Caldera for OT Adversary Emulation

Michael Mimoso

Essential Topics (for Security Leaders)

Discover expert insights on Risk Management, Cyber Resilience, Vulnerability Management, and more. Learn how top security leaders safeguard critical cyber-physical systems.
Explore more
Risk Management
From Inventory to Insight: Turning OT Visibility into Concrete Risk Reduction Nexus Podcast: Ric Derbyshire on Living-Off-the-Plant OT Cyberattacks How Collective Intelligence Enhances Predictive Resilience Nexus Podcast: Deral Heiland on Weaponizing Cellular-Based IoT
Cyber Resilience
Achieving Cyber and Physical Resilience Across Data Centers, Critical Infrastructure From Inventory to Insight: Turning OT Visibility into Concrete Risk Reduction Nexus Podcast: Ric Derbyshire on Living-Off-the-Plant OT Cyberattacks Nexus Digest: Jon Holzbauer on CPS Security Skills Gap
Healthcare
Nexus Podcast: Tiffany Wilson on the Security Crisis of Consumer Tech in Healthcare Nexus Podcast: Joe Slowik on Securing Exposed Internet-Facing Assets Nexus Podcast: Health-ISAC's Phil Englert on Medical Device Cybersecurity At ASL Roma 1, Canonical Risk Informs Governance, Remediation Actions
Industrial
Nexus Podcast: Ric Derbyshire on Living-Off-the-Plant OT Cyberattacks Nexus Digest: Jon Holzbauer on CPS Security Skills Gap How Collective Intelligence Enhances Predictive Resilience OT Cybersecurity Faces a Skills Gap
Vulnerability Management
From Inventory to Insight: Turning OT Visibility into Concrete Risk Reduction Nexus Podcast: Ric Derbyshire on Living-Off-the-Plant OT Cyberattacks Exploring Some Nuance on Project Glasswing Nexus Podcast: Deral Heiland on Weaponizing Cellular-Based IoT

Latest Insights in

Swisscom Head of Physical Security, Safety, BCM, Emergency & Crisis Management Thomas Dummermuth writes about the growing mandates to achieve operational resilience—digital and physical—within data centers and critical infrastructure organizations to meet evolving threats.
Operational Resilience
Cyber Resilience

Achieving Cyber and Physical Resilience Across Data Centers, Critical Infrastructure

Thomas Dummermuth
ICS Advisory founder Dan Ricci explains why a list of operational technology (OT) assets is not an asset inventory. Asset inventories must be organized, updated, and physically validated. Only then can this facet of asset management support enterprise-wide risk management and cyber-physical systems protection programs.
Cyber Resilience
Operational Resilience
Operational Technology
Vulnerability Management
Risk Management

From Inventory to Insight: Turning OT Visibility into Concrete Risk Reduction

Dan Ricci
derbyshire.jpg
Cyber Resilience
Industrial
Operational Resilience
Operational Technology
Risk Management
Vulnerability Management

Nexus Podcast: Ric Derbyshire on Living-Off-the-Plant OT Cyberattacks

Michael Mimoso
Jon Holzbauer, OT systems manager at Silgan Containers, is featured in Episode 3 of Claroty Nexus Digest. Jon discusses the skills gap between IT security teams and OT asset operators as these two distinct operational disciplines converge. He also describes the challenges and conflicting priorities that emerge in converged environments, and how to navigate those.
Cyber Resilience
Operational Resilience
Operational Technology
Industrial

Nexus Digest: Jon Holzbauer on CPS Security Skills Gap

Jon Holzbauer, OT systems manager at Silgan Containers, is featured in Episode 3 of Claroty Nexus Digest. Jon discusses the skills gap between IT security…
Michael Mimoso
AJ Eserjose, Regional Director for Operational Technology Information Sharing and Analysis Center (OT-ISAC), writes about how the information shared among members of a hub such as OT-ISAC creates a predictive resilience. Attack, threat, and risk signals are aggregated from contributions made by different members into comprehensive intelligence that improves overall cyber and operational resilience.
Cyber Resilience
Industrial
Operational Resilience
Operational Technology
Risk Management

How Collective Intelligence Enhances Predictive Resilience

AJ Eserjose
Project Glasswing and the Claude Mythos Preview have caused an upheaval related to vulnerability discovery and exploit development. On Nexus, former NSA Director Adm. Michael S. Rogers introduces some nuance to the discussion. The nuance that isn’t being articulated enough, he says, is that Project Glasswing is largely a defensive effort that does more to level the playing field between threat actors and defenders than we may realize.
Cyber Resilience
Federal
Operational Resilience
Vulnerability Management

Exploring Some Nuance on Project Glasswing

ADM. Michael S. Rogers, USN (Ret.)
Rapid7 Principal Security Research (IoT) lead Deral Heiland joins the Nexus Podcast to discuss work his team did on how attackers might weaponize cellular-based IoT.  Rapid7 conducted three phases of this research, with the most recent digging into how attackers with access to these systems can abuse them to gain unauthorized access, potentially exfiltrate critical data, or pivot into backend network infrastructure.
Internet of Things
Vulnerability Management
Risk Management
Operational Resilience

Nexus Podcast: Deral Heiland on Weaponizing Cellular-Based IoT

Michael Mimoso
OT has a cybersecurity skills gap. Leading organizations, however, are responding by building cross-functional IT/OT security teams, investing in OT-specific training, creating hybrid cybersecurity roles, and leveraging managed OT security services to bridge immediate gaps. They are also prioritizing asset visibility, documentation, and standardized processes to reduce reliance on tribal knowledge.
Operational Technology
Industrial
Operational Resilience
Cyber Resilience

OT Cybersecurity Faces a Skills Gap

Jon Holzbauer
rob-king.jpg
Industrial
Operational Technology
Vulnerability Management

Nexus Podcast: Rob King on OT Asset Exposures, Mitigations

Michael Mimoso