Articles

Recent articles

An OIG report critical of the water and wastewater industry's cybersecurity practices and posture illuminates endemic security issues within this critical infrastructure sector, from unpatched vulnerabilities to a lack of sharing of incident data.
Cyber Resilience
Industrial
Vulnerability Management
Risk Management

Water, Wastewater Cybersecurity Still Has Long Way to Go

George V. Hulme
ASL Roma 1's implementation of an advanced security operation center called HyperSOC allows it to convert its cybersecurity approach from reactive to proactive, ensuring effective management of cyber threats. The adoption of this safeguard has led to a significant reduction in security incidents, despite the growing number of attacks at national and European level, because of the continuous monitoring of the attack surface of the infrastructure, which guarantees a higher level of security than other peers in the sector.
Healthcare
Cyber Resilience
Risk Management

ASL Roma 1 HyperSOC Approach Secures Patient Safety, Operational Efficiency

Stefano Scaramuzzino
Fabio Battelli
In an increasingly interconnected and constantly evolving healthcare environment, there are numerous cybersecurity challenges that hospitals must face to guarantee patients high-quality health services, avoid interruptions in supply, optimize the use of devices, and effectively manage cyber risks. These challenges require the use of cutting-edge technologies and real-time availability of diverse data and information.
Healthcare
Risk Management
Cyber Resilience

A Predictive, Proactive Approach to the Governance of Medical Devices

Stefano Scaramuzzino
Fabio Battelli
Enterprise CISOs must consider disinformation and misinformation campaigns targeting their companies and industries as part of their threat model. Organizations must also develop disinformation response plans, similar to incident response actions.
Operational Resilience
Cyber Resilience
Risk Management

CISOs Urged to Prepare for Evolving Disinformation Tactics

George V. Hulme
Securing connectivity in operational technology (OT) environments is crucial for the safety of critical infrastructure and maintaining the uninterrupted service it provides. Leaving unnecessary open ports, protocols, and services exposed, along with directly connected devices to the internet, such as programmable logic controllers (PLCs) and human machine interfaces (HMIs), greatly increases the risks of cyberattacks.
Industrial
Operational Technology
Risk Management

Explaining the Importance of Secure Connectivity in OT

Dan Ricci
nexus_secure-by-design-labonty.jpg
Operational Technology
Cyber Resilience

Secure by Design in Manufacturing is Not an Empty Concept

Jim LaBonty
The HHS Office for Civil Rights proposes substantial rule changes to the long-standing Health Insurance Portability and Accountability Act (HIPAA) Security Rule. While details on the proposed rule changes remain unclear, HHS plans to issue a Notice of Proposed Rulemaking (NPRM) by the end of the year. These changes are believed to be the most substantial changes since the HIPAA Security rule went into effect in 2003
Healthcare
Ransomware

Significant Changes to HIPAA Security Rule on the Way

George V. Hulme
nexus_sec.jpg
Risk Management

Court Ruling on SEC v. SolarWinds Good News for CISOs—For Now

Cristin Flynn Goodwin
accuray-s34fezwt6ee-unsplash.jpg
Healthcare

How Under-Resourced Healthcare Providers Can Up Their Cybersecurity Game

George V. Hulme
nexus_med-dev-classification.jpg
Healthcare
Vulnerability Management
Risk Management

Better Medical Device Classification for Enhanced Risk Management

Manan Kakkar
Sam Templeton
nexus_red-lines-rogers-deterrence.jpg
Cyber Resilience
Healthcare
Industrial
Risk Management

Deterrence in Cyberspace Proving to be a Difficult Exercise

ADM. Michael S. Rogers, USN (Ret.)
nexus_devops-geo.jpg
Operational Technology

Does DevOps have a place in OT/ICS Development?

George V. Hulme
Latest on Nexus Podcast