Articles

Recent articles

Exploitable cybersecurity vulnerabilities in Contec's CMS8000 patient monitors may be an insecure design choice rather than a backdoor as labeled by CISA. But regardless, the risk of leaked patients' protected health information (PHI) and remote code execution remains a real possibility.
Healthcare
Risk Management
Vulnerability Management
Cyber Resilience

Insecure Design Choice Puts Patient Safety, Data at Risk

George V. Hulme
Exploitable cybersecurity vulnerabilities in Contec's CMS8000 patient monitors may be an insecure design choice rather than a backdoor as labeled by CISA. But regardless, the risk of leaked patients' protected health information (PHI) and remote code execution remains a real possibility.
Risk Management
Operational Resilience
Cyber Resilience

Outgoing Biden EO Takes Aim at Improved Software Security

George V. Hulme
IT cybersecurity team members bring a fresh set of experience and perspective to the protection of cyber-physical systems and industrial and automation control system production environments.
Industrial
Operational Technology
Cyber Resilience

Accelerating IACS/OT Cybersecurity Improvements

Don C. Weber
Five cybersecurity trends for operational technology (OT) figure to dominate in 2025. They include: increased government and regulatory scrutiny on OT, the need for new strategies to secure once air-gapped OT, and OT specialization for CISOs and others in cybersecurity leadership roles.
Cyber Resilience
Operational Technology
Operational Resilience
Risk Management

Five Trends Driving OT Cybersecurity in 2025

George V. Hulme
nexus_rogers-reflection.jpg
Cyber Resilience
Operational Resilience
Risk Management
Vulnerability Management

Nexus Reflections and Predictions: Adm. Michael Rogers

ADM. Michael S. Rogers, USN (Ret.)
nexus_goodwin-reflection.jpg
Risk Management
Cyber Resilience

Nexus Reflections and Predictions: Cristin Flynn Goodwin

Cristin Flynn Goodwin
nexus_ricci-reflection.jpg
Operational Technology
Cyber Resilience
Operational Resilience
Vulnerability Management

Nexus Reflections and Predictions: Dan Ricci

Dan Ricci
nexus_ballentine-reflection.jpg
Cyber Resilience
Operational Technology
Operational Resilience
Vulnerability Management

Nexus Reflections and Predictions: John Ballentine

John Ballentine
While software bills of materials (SBOMs) promise to help streamline software vulnerability mitigation and software supply chain security efforts, in order for enterprises to succeed, they must  pick the right SBOM data exchange standard for their use cases and understand how to consume several SBOM standards when necessary.
Cyber Resilience
Vulnerability Management

SPDX, CycloneDX, or SWID: Navigating the SBOM Standard Landscape

George V. Hulme
An OIG report critical of the water and wastewater industry's cybersecurity practices and posture illuminates endemic security issues within this critical infrastructure sector, from unpatched vulnerabilities to a lack of sharing of incident data.
Cyber Resilience
Industrial
Vulnerability Management
Risk Management

Water, Wastewater Cybersecurity Still Has Long Way to Go

George V. Hulme
ASL Roma 1's implementation of an advanced security operation center called HyperSOC allows it to convert its cybersecurity approach from reactive to proactive, ensuring effective management of cyber threats. The adoption of this safeguard has led to a significant reduction in security incidents, despite the growing number of attacks at national and European level, because of the continuous monitoring of the attack surface of the infrastructure, which guarantees a higher level of security than other peers in the sector.
Healthcare
Cyber Resilience
Risk Management

ASL Roma 1 HyperSOC Approach Secures Patient Safety, Operational Efficiency

Stefano Scaramuzzino
Fabio Battelli
In an increasingly interconnected and constantly evolving healthcare environment, there are numerous cybersecurity challenges that hospitals must face to guarantee patients high-quality health services, avoid interruptions in supply, optimize the use of devices, and effectively manage cyber risks. These challenges require the use of cutting-edge technologies and real-time availability of diverse data and information.
Healthcare
Risk Management
Cyber Resilience

A Predictive, Proactive Approach to the Governance of Medical Devices

Stefano Scaramuzzino
Fabio Battelli
Latest on Nexus Podcast