Systemic Incentives to Mitigate AI Risk

Institute for Security and Technology Chief Strategy Officer Megan Stifel writes about the need for incentives that help organizations eliminate legacy technical debt and mitigate risks introduced by frontier AI models.

nexus_stifel-ai.jpg

Essential Topics (for Security Leaders)

Discover expert insights on Risk Management, Cyber Resilience, Vulnerability Management, and more. Learn how top security leaders safeguard critical cyber-physical systems.

Latest Insights in

In this episode of the Claroty Nexus Podcast, Austin Allen, Sr. Director of Global Solutions Architecture at Airlock Security, discusses the cybersecurity challenges facing healthcare delivery organizations, and the potential negative impacts of a breach or incident on patient care.
Healthcare
Vulnerability Management
Risk Management

Nexus Podcast: Austin Allen on Healthcare Cybersecurity and Patient Safety

Michael Mimoso
Mike Ratliff, CISO at Providence, one of the country's largest not-for-profit healthcare providers, writes about his organization's attempt to re-think GRC as Governance, Risk, Attack Surface Management, and Compliance (GRAC). Ratliff describes five areas GRAC improves the overall security program, including the quantification and prioritization of risk, the integration of attack surface management, and an architecture that supports secure-by-design principles.
Healthcare
Risk Management
Cyber Resilience
Operational Resilience

Rebuilding Legacy GRC from the Ground Up

Mike Ratliff
Current OT cybersecurity budgeting approaches reflect a misalignment of prioritizing surface-level defenses over architectural shortcomings. Instead, CISOs should demand vendors deliver products that are secure by design, and address systemic failures over a reactive approach to the security of cyber-physical systems.
Industrial
Operational Technology
Risk Management
Technical Debt

The Economics of OT Cybersecurity: Are We Investing in the Wrong Priorities?

Dan Ricci
ASL Roma 1’s HOPE (Healthcare Operational Protection & Excellence) project stands as a cutting-edge initiative in healthcare cybersecurity, leveraging advanced technologies and innovative methodologies to strengthen organizational resilience. Here we lay the foundation for explaining how our CMDB becomes a key tool for proactively managing vulnerabilities, especially during waves of CVEs (Common Vulnerabilities and Exposures) that can quickly disrupt complex environments.
Healthcare
Operational Resilience
Cyber Resilience
Vulnerability Management

ASL Roma 1’s HOPE: Innovation and Resilience to Vulnerability Waves

Stefano Scaramuzzino
Fabio Battelli