Articles

Recent articles

The U.K.'s enhanced Cyber Assessment Framework is designed to help critical infrastructure organizations comprehensively assess and improve their ability to defend against, and respond to, cyberattacks.
Cyber Resilience
Operational Technology
Operational Resilience

UK Critical Infrastructure Sectors Brace for Enhanced Cyber Assessment Framework

George V. Hulme
Cyber Resilience
Risk Management
Federal

Blunting the Risks of Private-Sector Ownership of CI

ADM. Michael S. Rogers, USN (Ret.)
The “Report to the President: Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World,” reaffirms that cyber-resilience-by-design should be the standard and urges a coalition of government leaders and private sector critical infrastructure asset owners and operators to refocus their energies to build resilient cyber-physical systems (CPS) that are designed to withstand attack.
Federal
Cyber Resilience
Risk Management

Applauding A Codified Strategy for CPS Resilience

Chris Inglis
The Volt Typhoon takedown highlights the challenges the world faces in defending against such threats and the private industry/government collaboration that's necessary to succeed.
Operational Technology
Cyber Resilience
Risk Management

Volt Typhoon Takedown Highlights Critical Infrastructure Security Complexities

George V. Hulme
Cyber Resilience
Healthcare

Managing Clinical Engineering Supply Chain Risk, Part 2

Adam Zoller
Cyber Resilience
Healthcare

Clinical Engineering Vendor Management Wins, Part 1

Adam Zoller
Operational Technology
Cyber Resilience

Hardening Open Source Software Use in Critical Infrastructure Environments

George V. Hulme
NIS2 addresses limitations from NIS1 where some areas of improvement were needed to counter risk introduced by digital transformation and by evolving cyber threats, that exposed a lack of resilience within systems supporting businesses in the EU.
Risk Management
Cyber Resilience

Inside the EU's Toughened NIS2 Cybersecurity Directive

Roberto De Paolis
Cyber-informed engineering ensures the design, manufacture, and deployment of new OT and critical infrastructure assets — enough that these assets are reasonably secure from cyberattacks and remain reliable and resilient.
Cyber Resilience
Operational Technology

Cyber-Informed Engineering: A Way Toward More Resilient OT Systems

George V. Hulme
Ransomware may be past its hey-day, and it is a malware threat that will not fade away. But are attackers ready to move past it to more human attack vectors?
Cyber Resilience
Ransomware

Is Ransomware Still Sexy?

John Frushour
Compensating controls are often the only cybersecurity options available to offset risk in operational technology environments still supporting legacy technology or end-of-life industrial control systems or field devices.
Industrial
Cyber Resilience

When Compensating Controls are Your Only Security Option

Dan Ricci
The E.U.'s NIS2 directive and the U.S.'s National Cybersecurity Strategy have aligned critical infrastructure's focus on cyber resilience.
Cyber Resilience

US, EU Authorities Increase Regulatory Focus on Critical Infrastructure Cybersecurity

George V. Hulme

Latest on Nexus Podcast