Articles

Recent articles

An OIG report critical of the water and wastewater industry's cybersecurity practices and posture illuminates endemic security issues within this critical infrastructure sector, from unpatched vulnerabilities to a lack of sharing of incident data.
Cyber Resilience
Industrial
Vulnerability Management
Risk Management

Water, Wastewater Cybersecurity Still Has Long Way to Go

George V. Hulme
Securing connectivity in operational technology (OT) environments is crucial for the safety of critical infrastructure and maintaining the uninterrupted service it provides. Leaving unnecessary open ports, protocols, and services exposed, along with directly connected devices to the internet, such as programmable logic controllers (PLCs) and human machine interfaces (HMIs), greatly increases the risks of cyberattacks.
Industrial
Operational Technology
Risk Management

Explaining the Importance of Secure Connectivity in OT

Dan Ricci
nexus_red-lines-rogers-deterrence.jpg
Cyber Resilience
Healthcare
Industrial
Risk Management

Deterrence in Cyberspace Proving to be a Difficult Exercise

ADM. Michael S. Rogers, USN (Ret.)
nexus_cranes-hulme.jpg
Cyber Resilience
Risk Management
Industrial

US Government Expands Tech Restrictions to Safeguard Critical Infrastructure

George V. Hulme
nexus_sign.jpg
Cyber Resilience
Healthcare
Industrial
Operational Technology
Risk Management

CPS Security Leaders Convene on One Goal: Protect Mission-Critical Infrastructure

Upa Campbell
In OT and ICS cybersecurity, living off the land (LOTL) techniques refer to the practice of attackers using the existing tools and processes in a target system to carry out their malicious activities. This approach is particularly dangerous because it allows the attacker to blend in with everyday activities, making detection significantly more challenging.
Operational Technology
Cyber Resilience
Industrial

How Living-Off-The-Land Techniques Impact OT and ICS

Dan Ricci
Typical OT network
Operational Technology
Industrial

The Purdue Model's Risky Blindspot

George V. Hulme
nexus_nsa-ot-sigs.jpg
Operational Technology
Industrial

NSA's ELITEWOLF Signatures Detect Malicious Activity in OT Environments

George V. Hulme
nexus_secure-design.jpg
Operational Technology
Industrial
Operational Resilience

Overcoming Inherent Design and Security Limitations of OT Devices

Juan Piacquadio
Tim Hall
nexus_weber-cloud.jpg
Industrial

Conducting Gap Assessments to Secure Control Environments’ Cloud-based Solutions

Don C. Weber
nexus_poor-visibility.jpg
Operational Technology
Industrial

OT Asset Visibility: A Foundation for Secure Operations

George V. Hulme
The inherent security of new devices and software associated with managing the grid is shipping natively with better code and design quality, cutting down on commodity vulnerabilities.
Industrial
Operational Technology

Bulk Power System Risks Span Complexity, Vulnerabilities, Advanced Actors

George V. Hulme
Latest on Nexus Podcast