See All Nexus 2025 Sessions

Topics:

Cyber Resilience

Risk Management

Vulnerability Management

CISA Alert on EOL Edge Devices Should Also Spark Enhanced CPS Defenses

ADM. Michael S. Rogers, USN (Ret.)

Risk Management

Operational Resilience

Cyber Resilience

Imminent National Cyber Strategy May Lean on Offense at the Expense of Defense

OT cybersecurity expert Dan Ricci writes about what OT asset management and visibility can reveal about an industrial environments, including the surfacing of risk signals, exposure of hidden dependencies, and insight about the efficacy virtual network segmentation policies and practices.

Operational Resilience

Operational Technology

Cyber Resilience

Risk Management

From OT Asset Management to Insight: Turning Visibility Into Something That Matters

See all in Cyber Resilience See all in Articles

A New Jersey appeals court agreed with an earlier court’s decision that cybersecurity insurance providers could not deny ransomware coverage under a so-called “war exclusion” for a cybersecurity incident Merck & Co. claimed caused $1.4 billion in losses.

Cybersecurity Insurance

Merck Ransomware Insurance Ruling Helps Clear Fog of Cyberwar

George V. Hulme

Avoid these seven pitfalls when seeking cybersecurity liability insurance; ensure you understand policy terms and conditions, conduct due diligence, and involve the proper stakeholders, among other things.

Cybersecurity Insurance

Cybersecurity Liability Insurance Pitfalls to Avoid

George V. Hulme

Navigating cybersecurity insurance in a recession requires diligence about systemic cybersecurity risks that can cause premiums to rise or insurers to consider an organization uninsurable.

Cybersecurity Insurance

Risk Management

Navigating Cyber Insurance in a Recession

George V. Hulme

See all in Cybersecurity Insurance See all in Articles

Cyber Resilience

Risk Management

Vulnerability Management

CISA Alert on EOL Edge Devices Should Also Spark Enhanced CPS Defenses

ADM. Michael S. Rogers, USN (Ret.)

Risk Management

Operational Resilience

Cyber Resilience

Imminent National Cyber Strategy May Lean on Offense at the Expense of Defense

The Department of Defense has issued comprehensive guidance requiring all organizational units to implement zero-trust security principles across operational technology (OT) systems, marking a fundamental shift in how the military secures critical infrastructure from power grids to manufacturing control systems.

Operational Technology

Cyber Resilience

Pentagon Mandates Zero Trust Security Framework for Operational Technology Environments

George V. Hulme

See all in Federal See all in Articles

Cyberattacks against the food and beverage industry are opportunistic and leverage the growth in digitization to exploit previously unmanaged vulnerabilities to disrupt operations.

Food & Beverage

On the Menu: Cybersecurity Risks in the Food and Beverage Industry

George V. Hulme

See all in Food & Beverage See all in Articles

Risk Management

Operational Resilience

Cyber Resilience

Imminent National Cyber Strategy May Lean on Offense at the Expense of Defense

Cyber-physical systems cybersecurity is a maturing practice, which means protection of these critical systems must become more programmatic. Stefano Scaramuzzino CISO of ASL Roma-1 and Fabio Battelli of Deloittte explain the first steps on this journey using ASL Roma-1's HOPE program as the model.

Cyber Resilience

Operational Resilience

Risk Management

Moving from Visibility to Governance of CPS

Stefano Scaramuzzino

ASL Roma 1, a public health provider in Rome, has distinguished itself in the global healthcare landscape over the past two years by implementing advanced cybersecurity strategies, moving toward a hyper convergent security model, the so-called HyperSOC, in response to the growing cyber attacks in the global healthcare sector.

Risk Management

Cyber Resilience

Nexus Reflections and Predictions: Stefano Scaramuzzino

Stefano Scaramuzzino

See all in Healthcare See all in Articles

Risk Management

Operational Resilience

Cyber Resilience

Imminent National Cyber Strategy May Lean on Offense at the Expense of Defense

OT cybersecurity expert Dan Ricci writes about what OT asset management and visibility can reveal about an industrial environments, including the surfacing of risk signals, exposure of hidden dependencies, and insight about the efficacy virtual network segmentation policies and practices.

Operational Resilience

Operational Technology

Cyber Resilience

Risk Management

From OT Asset Management to Insight: Turning Visibility Into Something That Matters

Cybersecurity experts identify five trends that leaders responsible for cyber-physical systems protection programs and OT security must strategize around.

Cyber Resilience

Operational Technology

Operational Resilience

Vulnerability Management

Risk Management

5 Trends Driving OT Security in 2026: From State-Sponsored Attacks to AI-Powered Threats

George V. Hulme

See all in Industrial See all in Articles

Congress' failure to reauthorize the Cybersecurity Information Sharing Act of 2015 (CISA 2015) signals a fundamental shift in threat intelligence sharing and overall risk management strategies.

Vulnerability Management

Risk Management

Cyber Resilience

Internet of Things

CISO Survival Guide: 4 Steps to Prepare for CISA 2015 Expiration

George V. Hulme

China-nexus threat actors are targeting edge devices that do not support EDR. Adm. Michael Rogers writes that cyber-physical systems could be next since many of the connected OT, IoT, and IoMT devices and sensors also lack EDR protection.

Operational Resilience

Internet of Things

Cyber Resilience

Risk Management

Adversaries' Adaptability is Bad News for Cyber-Physical Systems

ADM. Michael S. Rogers, USN (Ret.)

Amazon's intent to replace humans with robots represents a wave of cyber-physical systems (CPS) security that will need to be implemented not only in the logistics and warehousing industries but also for work-in-process (WIP) inventory in manufacturing and other critical industries.

Cyber Resilience

Internet of Things

Operational Resilience

Operational Technology

Vulnerability Management

Risk Management

Automation Inroads Bring Urgency to CPS Protection

See all in Internet of Things See all in Articles

More than 250 influential cybersecurity leaders from industrial companies, healthcare delivery organizations, and the highest levels of government convened for Claroty’s fourth annual thought leadership conference to share best practices on cyber-physical systems cybersecurity, protection, and resilience strategies.

Cyber Resilience

Operational Resilience

Risk Management

Nexus Conference

CPS Security Leaders Establish Priorities for Resilience at Nexus 2025

See all in Nexus Conference See all in Articles

Risk Management

Operational Resilience

Cyber Resilience

Imminent National Cyber Strategy May Lean on Offense at the Expense of Defense

OT cybersecurity expert Dan Ricci writes about what OT asset management and visibility can reveal about an industrial environments, including the surfacing of risk signals, exposure of hidden dependencies, and insight about the efficacy virtual network segmentation policies and practices.

Operational Resilience

Operational Technology

Cyber Resilience

Risk Management

From OT Asset Management to Insight: Turning Visibility Into Something That Matters

Cyber-physical systems cybersecurity is a maturing practice, which means protection of these critical systems must become more programmatic. Stefano Scaramuzzino CISO of ASL Roma-1 and Fabio Battelli of Deloittte explain the first steps on this journey using ASL Roma-1's HOPE program as the model.

Cyber Resilience

Operational Resilience

Risk Management

Moving from Visibility to Governance of CPS

Stefano Scaramuzzino

See all in Operational Resilience See all in Articles

OT cybersecurity expert Dan Ricci writes about what OT asset management and visibility can reveal about an industrial environments, including the surfacing of risk signals, exposure of hidden dependencies, and insight about the efficacy virtual network segmentation policies and practices.

Operational Resilience

Operational Technology

Cyber Resilience

Risk Management

From OT Asset Management to Insight: Turning Visibility Into Something That Matters

Cybersecurity experts identify five trends that leaders responsible for cyber-physical systems protection programs and OT security must strategize around.

Cyber Resilience

Operational Technology

Operational Resilience

Vulnerability Management

Risk Management

5 Trends Driving OT Security in 2026: From State-Sponsored Attacks to AI-Powered Threats

George V. Hulme

The Department of Defense has issued comprehensive guidance requiring all organizational units to implement zero-trust security principles across operational technology (OT) systems, marking a fundamental shift in how the military secures critical infrastructure from power grids to manufacturing control systems.

Operational Technology

Cyber Resilience

Pentagon Mandates Zero Trust Security Framework for Operational Technology Environments

George V. Hulme

See all in Operational Technology See all in Articles

The HHS Office for Civil Rights proposes substantial rule changes to the long-standing Health Insurance Portability and Accountability Act (HIPAA) Security Rule. While details on the proposed rule changes remain unclear, HHS plans to issue a Notice of Proposed Rulemaking (NPRM) by the end of the year. These changes are believed to be the most substantial changes since the HIPAA Security rule went into effect in 2003

Significant Changes to HIPAA Security Rule on the Way

George V. Hulme

Mike Ratliff, AVP Security Engineering and Operations at Providence, writes about five steps healthcare delivery organizations should take to mitigate the risk of ransomware and extortion-based attacks.

Cyber Resilience

5 Things Hospitals Can Do to Mitigate Threats of Ransomware

Resilience, Recovery Strategies to Combat Ransomware and Extortion

ADM. Michael S. Rogers, USN (Ret.)

See all in Ransomware See all in Articles

Cyber Resilience

Risk Management

Vulnerability Management

CISA Alert on EOL Edge Devices Should Also Spark Enhanced CPS Defenses

ADM. Michael S. Rogers, USN (Ret.)

Risk Management

Operational Resilience

Cyber Resilience

Imminent National Cyber Strategy May Lean on Offense at the Expense of Defense

OT cybersecurity expert Dan Ricci writes about what OT asset management and visibility can reveal about an industrial environments, including the surfacing of risk signals, exposure of hidden dependencies, and insight about the efficacy virtual network segmentation policies and practices.

Operational Resilience

Operational Technology

Cyber Resilience

Risk Management

From OT Asset Management to Insight: Turning Visibility Into Something That Matters

See all in Risk Management See all in Articles

Current OT cybersecurity budgeting approaches reflect a misalignment of prioritizing surface-level defenses over architectural shortcomings. Instead, CISOs should demand vendors deliver products that are secure by design, and address systemic failures over a reactive approach to the security of cyber-physical systems.

Operational Technology

Risk Management

The Economics of OT Cybersecurity: Are We Investing in the Wrong Priorities?

Enterprises often are blind to the use of open source software in commercial and homegrown software development. Vulnerabilities and other weaknesses in OSS deployments are significant exposures that must be managed and mitigated.

Vulnerability Management

Risk Management

Visibility, Governance Key to Managing Open Source Risk

George V. Hulme

Technical debt in OT leads to increased operations costs as teams fight to maintain outdated systems, and security teams struggle to keep those same systems secure, often through compensating controls.

Operational Technology

Getting Strategic Against Technical Debt in OT

George V. Hulme

See all in Technical Debt See all in Articles

Cyber Resilience

Risk Management

Vulnerability Management

CISA Alert on EOL Edge Devices Should Also Spark Enhanced CPS Defenses

ADM. Michael S. Rogers, USN (Ret.)

Cybersecurity experts identify five trends that leaders responsible for cyber-physical systems protection programs and OT security must strategize around.

Cyber Resilience

Operational Technology

Operational Resilience

Vulnerability Management

Risk Management

5 Trends Driving OT Security in 2026: From State-Sponsored Attacks to AI-Powered Threats

George V. Hulme

Compensating controls are often the only cybersecurity options available to offset risk in operational technology environments still supporting legacy technology or end-of-life industrial control systems or field devices.

Operational Technology

Cyber Resilience

Vulnerability Management

Risk Management

Nexus Reflections and Predictions: Don C. Weber

See all in Vulnerability Management See all in Articles

The Department of Defense has issued comprehensive guidance requiring all organizational units to implement zero-trust security principles across operational technology (OT) systems, marking a fundamental shift in how the military secures critical infrastructure from power grids to manufacturing control systems.

Operational Technology

Cyber Resilience

Pentagon Mandates Zero Trust Security Framework for Operational Technology Environments

George V. Hulme

The convergence of IT and OT systems, primarily driven by the deployment of IIoT (industrial Internet of Things), cloud computing, and the need for remote monitoring, has fundamentally altered the OT architecture that the Purdue Model was initially designed to help manage.

Risk Management

Operational Resilience

Operational Technology

Is It Time to Rethink the Purdue Model?

George V. Hulme

Operational Resilience

Operational Technology

Poor Visibility Still a Drag on Secure Third-Party Remote Access

George V. Hulme

See all in Zero Trust See all in Articles

At Nexus 2025, we sat down with Bruno Carvalho, IT manager for the Hospital Felicio Rocho in Belo Horizonte, Brazil, who describes the need to achieve greater granular visibility, ensuring the integrity of all aspects encompassing hospitals and the healthcare sector as a whole.

Operational Resilience

Nexus Conference

Cyber Resilience

Bruno Carvalho on How Visibility Enables Healthcare Cybersecurity

At Nexus 2025, we sat down with Bruno Carvalho, IT manager for the Hospital Felicio Rocho in Belo Horizonte, Brazil, who describes the need to achieve greater…

Nexus Conference

Cyber Resilience

Risk Management

Debora Borel on IT/OT Convergence in Hospitals

In this interview from Nexus Conference 2025, Debora Borel, Cyber Security Coordinator, Einstein Hospital Israelita in Sao Paolo, Brazil, explains how the…

Adam Jurgensen, Medical Device Security Engineer at Valley Health Systems, brings us inside the roles and responsibilities of those experts overseeing connected devices inside healthcare organizations. Jurgensen describes the restrictions his role faces when it comes to updating and patching connected medical devices, the gamut of which may run from MRIs, CT, ultrasounds, to patient monitors, and defibrillators. Compensating controls, segmentation, and other cybersecurity strategies are key for keeping devices secure and patients safe in the event of an incident.

Nexus Conference

Vulnerability Management

Risk Management

Cyber Resilience

Adam Jurgensen on Medical Device Cybersecurity

Adam Jurgensen, Medical Device Security Engineer at Valley Health Systems, brings us inside the roles and responsibilities of those experts overseeing…

See all in Videos

On this episode of the Claroty Nexus Podcast, Dan Gunter, CEO and founder of Insane Cyber, lays out the challenges—and sometimes steep costs—of generating data that’s truly representative of the production environment rather than exclusively relying on a lab environment or emulation.

Operational Technology

Operational Resilience

Cyber Resilience

Risk Management

Nexus Podcast: Dan Gunter on Generating OT Data to Train Security Products

OT cybersecurity expert Mike Holcomb joins the Nexus Podcast live from S4 Conference in Miami to discuss how state actors may be leveraging hacktivists to target operational technology (OT). Holcomb has delineated these groups in what he calls a Converged Actor Framework that categorizes threat actors by the impact and frequency of their incidents. A converged actor is potentially the riskiest given the potential for high frequency high impact incidents.

Operational Technology

Risk Management

Cyber Resilience

Nexus Podcast: Mike Holcomb on the Intersection of Hacktivists and State Actors

In this episode of the Nexus Podcast, CISA ICS Cybersecurity Lead Matthew Rogers discusses new guidance from the agency on the use of security operational technology (OT) protocols, titled “Barriers to Secure OT Communication: Why Johnny Can’t Authenticate.” The paper advocates for the use of secure versions of legacy OT protocols, or the adoption of open standards by OEMs, in order to bring authentication and integrity to OT protocol communication.

Cyber Resilience

Operational Resilience

Operational Technology

Risk Management

Vulnerability Management

Nexus Podcast: CISA’s Matthew Rogers on Secure OT Protocol Communication

See all in Podcasts

Archive

All entries

Cyber Resilience

Risk Management

Vulnerability Management

CISA Alert on EOL Edge Devices Should Also Spark Enhanced CPS Defenses

ADM. Michael S. Rogers, USN (Ret.)

Risk Management

Operational Resilience

Cyber Resilience

Imminent National Cyber Strategy May Lean on Offense at the Expense of Defense

The Department of Defense has issued comprehensive guidance requiring all organizational units to implement zero-trust security principles across operational technology (OT) systems, marking a fundamental shift in how the military secures critical infrastructure from power grids to manufacturing control systems.

Operational Technology

Cyber Resilience

Pentagon Mandates Zero Trust Security Framework for Operational Technology Environments

George V. Hulme

The forthcoming National Cyber Strategy must aims to scale cyber disruptions of malicious threat actor activity, reduce friction points, and incentivize public-private collaboration that are essential to securing critical infrastructure and protecting American innovation.

Cyber Resilience

Risk Management

Scaling Disruption: What the Next Cyber Strategy Must Get Right

Cyber Resilience

Operational Resilience

Nexus Podcast: Megan Stifel on the Impact of the Ransomware Task Force

Joe Slowik, threat intelligence and detections lead at Gigamon, joins the Nexus podcast to discuss a Virus Bulletin paper and presentation he gave recently on XENOTIME.

Risk Management

Cyber Resilience

Operational Resilience

Nexus Podcast: Joe Slowik on Identifying Truly ‘Critical’ Infrastructure

Cyber Resilience

Operational Resilience

Operational Technology

Risk Management

Nexus Podcast: Danielle Jablanski on Critical Infrastructure Protection

Cyber Resilience

Operational Resilience

Vulnerability Management

Risk Management

Nexus Podcast: Cassie Crossley on Hardware Security, HBOMs

A diversified operational technology (OT) cybersecurity monitoring platform plays a key role in strengthening the protection of cyber-physical systems by providing clear visibility, real-time threat detection, and proactive risk mitigation. By integrating multiple monitoring tools and technologies, organizations can build a layered security approach that minimizes vulnerabilities, improves response times, and keeps critical systems resilient against cyber threats.

Operational Resilience

Operational Technology

Diversified Monitoring Essential to a Strong OT Cybersecurity Foundation

John Ballentine

Nexus Conference

Operational Technology

Daryl Haegley on Defending OT Against Advanced Cybersecurity Threats

Daryl Haegley, Technical Director, Control Systems Cybersecurity for the U.S. Air Force, brings his extensive federal cybersecurity experience to a discussion…

Cyber Resilience

Risk Management

Blunting the Risks of Private-Sector Ownership of CI

ADM. Michael S. Rogers, USN (Ret.)

The “Report to the President: Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World,” reaffirms that cyber-resilience-by-design should be the standard and urges a coalition of government leaders and private sector critical infrastructure asset owners and operators to refocus their energies to build resilient cyber-physical systems (CPS) that are designed to withstand attack.

Cyber Resilience

Risk Management

Applauding A Codified Strategy for CPS Resilience

1

Latest on Nexus Podcast

See all episodes

The Nexus podcast features conversations with security leaders, researchers, and experts sharing their expertise on cyber-physical systems security.

See all episodes

On this episode of the Claroty Nexus Podcast, Dan Gunter, CEO and founder of Insane Cyber, lays out the challenges—and sometimes steep costs—of generating data that’s truly representative of the production environment rather than exclusively relying on a lab environment or emulation.

Operational Technology

Operational Resilience

Cyber Resilience

Risk Management

Nexus Podcast: Dan Gunter on Generating OT Data to Train Security Products

OT cybersecurity expert Mike Holcomb joins the Nexus Podcast live from S4 Conference in Miami to discuss how state actors may be leveraging hacktivists to target operational technology (OT). Holcomb has delineated these groups in what he calls a Converged Actor Framework that categorizes threat actors by the impact and frequency of their incidents. A converged actor is potentially the riskiest given the potential for high frequency high impact incidents.

Operational Technology

Risk Management

Cyber Resilience

Nexus Podcast: Mike Holcomb on the Intersection of Hacktivists and State Actors

In this episode of the Nexus Podcast, CISA ICS Cybersecurity Lead Matthew Rogers discusses new guidance from the agency on the use of security operational technology (OT) protocols, titled “Barriers to Secure OT Communication: Why Johnny Can’t Authenticate.” The paper advocates for the use of secure versions of legacy OT protocols, or the adoption of open standards by OEMs, in order to bring authentication and integrity to OT protocol communication.

Cyber Resilience

Operational Resilience

Operational Technology

Risk Management

Vulnerability Management

Nexus Podcast: CISA’s Matthew Rogers on Secure OT Protocol Communication