Articles

Recent articles

The U.S. Dept of Health and Human Services Cybersecurity Performance Goals sets expectations on healthcare delivery organizations to protect their data and technology environments.
Healthcare
Operational Resilience
Risk Management

What HHS's New Cybersecurity Performance Goals Mean to Healthcare Organizations

George V. Hulme
Operational Technology
Cyber Resilience
Risk Management

Volt Typhoon Takedown Highlights Critical Infrastructure Security Complexities

George V. Hulme
Operational Technology
Operational Resilience
Vulnerability Management
Risk Management

What IT Cybersecurity Teams Need to Know about OT Vulnerabilities (Part 1)

Dan Ricci
With more than a dozen cybersecurity incident notification laws in effect around the world, it’s time for Chief Information Security Officers (CISOs) and incident response teams to think about the consequences of declaring an incident: timing is everything.
Risk Management

Don’t Call it an Incident–Yet: Managing Liability in a New Era of Incident Reporting and Compliance

Cristin Flynn Goodwin
Risk Management
Vulnerability Management
Zero Trust
Operational Technology

A Strategic Necessity: Compensating Controls in ICS, OT

George V. Hulme
Risk Management

CISO Strategies in a Time of Geopolitical, Kinetic Conflict

ADM. Michael S. Rogers, USN (Ret.)
Risk Management

Contentious Debates in Wake of SEC Action Against SolarWinds, CISO

George V. Hulme
Risk Management

Do U.S. Boards of Directors Have Adequate CISO Representation?

George V. Hulme
Risk Management

How to Get a Job in Cybersecurity–A Survival Guide

John Frushour
The Securities and Exchange Commission's (SEC) new cybersecurity rules create concern among CISOs and security experts about what will ultimately constitute a material cyber incident.
Risk Management

CISOs Play a Critical Role in Compliance with New SEC Cybersecurity Disclosure Rules

George V. Hulme
NIS2 addresses limitations from NIS1 where some areas of improvement were needed to counter risk introduced by digital transformation and by evolving cyber threats, that exposed a lack of resilience within systems supporting businesses in the EU.
Risk Management
Cyber Resilience

Inside the EU's Toughened NIS2 Cybersecurity Directive

Roberto De Paolis
In part two of Nexus' series on vulnerability remediation and patch management challenges related to industrial automation and control systems, we cover patching challenges, downtime, and the governance and oversight required to reduce risk.
Risk Management
Industrial

IT/OT Convergence Challenges, Part 2: Vulnerability Management Course of Action to Reduce Risk

Juan Piacquadio
Tim Hall

Latest on Nexus Podcast