Articles

Recent articles

nexus_labonty-manuf-and-cloud.jpg
Risk Management
Operational Resilience
Operational Technology
Cyber Resilience

Navigating Manufacturing Cybersecurity and the Cloud

Jim LaBonty
With Federal policy changes pushing more cybersecurity and AI regulation to the state level, CISOs should prepare for even more fragmentation of cybersecurity laws and more jurisdictions to contend with, writes Cristin Flynn Goodwin.
Risk Management
Cyber Resilience
Operational Resilience

50 States of Cybersecurity Complexity

Cristin Flynn Goodwin
The convergence of IT and OT systems, primarily driven by the deployment of IIoT (industrial Internet of Things), cloud computing, and the need for remote monitoring, has fundamentally altered the OT architecture that the Purdue Model was initially designed to help manage.
Zero Trust
Risk Management
Operational Resilience
Operational Technology

Is It Time to Rethink the Purdue Model?

George V. Hulme
OT cybersecurity expert Danielle Jablanski of STV makes her first contribution to Claroty Nexus. She writes about how OT cybersecurity programs should not compromise safety and reliability over the likelihood a vulnerability will be exploited.
Operational Technology
Cyber Resilience
Vulnerability Management
Risk Management

Throw Likelihood to the Wind: OT Cybersecurity is Categorical, Not Mathematical

Danielle Jablanski
Mike Ratliff, CISO at Providence, one of the country's largest not-for-profit healthcare providers, writes about his organization's attempt to re-think GRC as Governance, Risk, Attack Surface Management, and Compliance (GRAC). Ratliff describes five areas GRAC improves the overall security program, including the quantification and prioritization of risk, the integration of attack surface management, and an architecture that supports secure-by-design principles.
Healthcare
Risk Management
Cyber Resilience
Operational Resilience

Rebuilding Legacy GRC from the Ground Up

Mike Ratliff
Current OT cybersecurity budgeting approaches reflect a misalignment of prioritizing surface-level defenses over architectural shortcomings. Instead, CISOs should demand vendors deliver products that are secure by design, and address systemic failures over a reactive approach to the security of cyber-physical systems.
Industrial
Operational Technology
Risk Management
Technical Debt

The Economics of OT Cybersecurity: Are We Investing in the Wrong Priorities?

Dan Ricci
ASL Roma 1’s HOPE (Healthcare Operational Protection & Excellence) project stands as a cutting-edge initiative in healthcare cybersecurity, leveraging advanced technologies and innovative methodologies to strengthen organizational resilience. Here we lay the foundation for explaining how our CMDB becomes a key tool for proactively managing vulnerabilities, especially during waves of CVEs (Common Vulnerabilities and Exposures) that can quickly disrupt complex environments.
Healthcare
Operational Resilience
Cyber Resilience
Vulnerability Management

ASL Roma 1’s HOPE: Innovation and Resilience to Vulnerability Waves

Stefano Scaramuzzino
Fabio Battelli
A new Information Risk Insights Study by Cyentia Institute puts real data behind the likelihood of attacks against critical infrastructure sectors enabled by digital transformation. CISOs need to understand the expanded attack surfaces and other risks within smart factories, healthcare, and other sectors connected devices online.
Operational Resilience
Cyber Resilience
Operational Technology
Risk Management

Study Warns: Digital Transformation Amps up Cyber Risks in Manufacturing

George V. Hulme
U.S. critical infrastructure operators are urged to be vigilant in hardening operational technology and ICS cybersecurity in expectation of a retaliatory response from Iran for last week’s missile strikes.
Cyber Resilience
Operational Technology
Industrial
Internet of Things
Healthcare
Risk Management

Experts: Expect Iran’s Cyber Tactics to be Disruptive

George V. Hulme
nexus_underfunded-healthcare.jpg
Healthcare
Risk Management
Vulnerability Management
Cyber Resilience

Bridging the Cybersecurity Gap Among America's Underfunded Healthcare Providers

George V. Hulme
nexus_fabela-ur-e26.jpg
Cyber Resilience
Risk Management

E26: More Than Just a Maritime Cybersecurity Regulation—It's a Fundamental Shift

Ron Fabela
shutterstock_1489100678-(3)-(1).jpg
Industrial
Operational Technology
Vulnerability Management

Managing Serial-to-Ethernet Exposures in Modern OT Networks

Alessio Rosas
Latest on Nexus Podcast