Articles

Recent articles

The UK's National Cyber Security Centre (NCSC) reacts to growing cloud implementations for operational technology, SCADA, and industrial control systems. The shift to cloud computing has caused the NCSC to be concerned that organizations aren't properly managing the new connectivity, including security boundaries and access control mechanisms.
Risk Management
Cyber Resilience
Operational Technology

UK NCSC Urges OT/ICS Operators to Secure Cloud Migrations

George V. Hulme
Cyber Resilience
Operational Resilience
Risk Management

Think Like an Attacker: Be Frogger

John Frushour
The U.K.'s enhanced Cyber Assessment Framework is designed to help critical infrastructure organizations comprehensively assess and improve their ability to defend against, and respond to, cyberattacks.
Cyber Resilience
Operational Technology
Operational Resilience

UK Critical Infrastructure Sectors Brace for Enhanced Cyber Assessment Framework

George V. Hulme
Cyber Resilience
Risk Management
Federal

Blunting the Risks of Private-Sector Ownership of CI

ADM. Michael S. Rogers, USN (Ret.)
The “Report to the President: Strategy for Cyber-Physical Resilience: Fortifying Our Critical Infrastructure for a Digital World,” reaffirms that cyber-resilience-by-design should be the standard and urges a coalition of government leaders and private sector critical infrastructure asset owners and operators to refocus their energies to build resilient cyber-physical systems (CPS) that are designed to withstand attack.
Federal
Cyber Resilience
Risk Management

Applauding A Codified Strategy for CPS Resilience

Chris Inglis
The Volt Typhoon takedown highlights the challenges the world faces in defending against such threats and the private industry/government collaboration that's necessary to succeed.
Operational Technology
Cyber Resilience
Risk Management

Volt Typhoon Takedown Highlights Critical Infrastructure Security Complexities

George V. Hulme
Cyber Resilience
Healthcare

Managing Clinical Engineering Supply Chain Risk, Part 2

Adam Zoller
Cyber Resilience
Healthcare

Clinical Engineering Vendor Management Wins, Part 1

Adam Zoller
Operational Technology
Cyber Resilience

Hardening Open Source Software Use in Critical Infrastructure Environments

George V. Hulme
NIS2 addresses limitations from NIS1 where some areas of improvement were needed to counter risk introduced by digital transformation and by evolving cyber threats, that exposed a lack of resilience within systems supporting businesses in the EU.
Risk Management
Cyber Resilience

Inside the EU's Toughened NIS2 Cybersecurity Directive

Roberto De Paolis
Cyber-informed engineering ensures the design, manufacture, and deployment of new OT and critical infrastructure assets — enough that these assets are reasonably secure from cyberattacks and remain reliable and resilient.
Cyber Resilience
Operational Technology

Cyber-Informed Engineering: A Way Toward More Resilient OT Systems

George V. Hulme
Ransomware may be past its hey-day, and it is a malware threat that will not fade away. But are attackers ready to move past it to more human attack vectors?
Cyber Resilience
Ransomware

Is Ransomware Still Sexy?

John Frushour

Latest on Nexus Podcast