The Port Authority of New York and New Jersey is a major transportation hub that oversees regional infrastructure. Initially lacking an OT security program, John Ballentine of PANYNJ recognized the need to adapt security strategies to the unique demands of operational technology environments.
Joseph Couture, regional information security officer for the Americas and CISO for the United States at Ørsted, discusses the unique regulatory challenges in the energy sector, the importance of risk management, and how Ørsted addresses cybersecurity to ensure safe and reliable energy delivery.
As the Biden administration pours money into grid-enhancing technologies and announces a new federal-state initiative to modernize the U.S. electric grid, experts say security should be considered at every stage to avoid potentially creating even worse problems for the already-strained grid.
Durgesh Kalya, OT network security expert at Covestro LLC, emphasizes the need for robust incident management and life cycle upgrades for critical infrastructures. He shares insights on integrating the incident command system with industrial automation.
Australian critical infrastructure organizations must enable greater convergence between their information technology and operational technology teams to better respond to cybersecurity threats to their OT infrastructure, according to a new study by Palo Alto Networks.
Defenders of operational technology environments should look beyond the technical controls and incident response plans they've put in place. They also need to consider how attackers might undermine confidence in the service itself, says Ian Thornton-Trump, CISO of Cyjax.
Chuck Markarian, CISO, PACCAR, and Jerry Cochran, deputy CIO, Pacific Northwest National Laboratory, discuss practical approaches to bolstering cyber resilience in manufacturing, including mitigating risks, enhancing preparedness and fostering collaboration across technical and nontechnical teams.
Edgard Capdevielle, president and CEO, Nozomi Networks, discusses how new SEC disclosure regulations are reshaping cybersecurity strategies in industrial organizations. He also shares insight on legacy OT systems, IT-OT convergence and the need for industry collaboration.
The widespread use of internet of things devices today presents challenges, as most of those devices are insecure. IoT devices are different from IT devices, but artificial intelligence can address IoT security challenges, said May Wang, CTO of IoT security at Palo Alto Networks.
While critical infrastructure operators have historically focused on securing their operational technology networks by preventing intrusions, the ongoing increase in nation-state attacks demands they master the ability to "identify, detect, respond and recover," said Robert M. Lee, CEO of Dragos.
Security researchers have found 11 vulnerabilities in certain GE HealthCare ultrasound products that could allow malicious actors to physically implant ransomware or manipulate patient data stored on the affected devices. GE said the risks can be mitigated through best security practices.
In the wake of geopolitical tensions, nation-state threats have "crossed the line more often than they ever have," said Dawn Cappelli, head of OT-CERT at Dragos, warning of the growing threat to critical infrastructure and emerging challenges for small and medium enterprises.
Legacy systems that coexist with modern cloud-based applications complicate the arduous process of implementing cybersecurity measures. "When you get a company that is over 100 years old, you get some things that came along at different eras of the business," said Vaughn Hazen, CISO of CN Rail.
Censys CEO Brad Brooks discussed the alarming reality of heightened cyberthreats and how organizations are reassessing their cybersecurity needs when shopping for cyber insurance, seeking solutions that align with their evolving security strategies.
Updating software as new vulnerabilities are discovered persistently remains a top medical device cybersecurity challenge, said David Brumley, a cybersecurity professor at Carnegie Mellon University and CEO of security firm ForAllSecure. Solving this requires a major mindset shift, he said.
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing paymentsecurity.io, you agree to our use of cookies.