Critical Infrastructure

Critical Infrastructure | News, how-tos, features, reviews, and videos

Election secuity / ballot boxes / binary code

Secure elections scorecard: Grading the candidate and Congressional proposals

After 2016's election security debacle, there's a push to secure America's electronic voting infrastructure. Some of the proposals are good. Others fall short. CSO investigates.

mike assante cyber security guru by ryan g poirier

Mike Assante’s lasting impact on critical infrastructure security (and me)

Thanks to Mike Assante, critical infrastructure stakeholders have a better understanding of and ability to respond to cybersecurity risks.

CSO slideshow - Insider Security Breaches - Flag of China, binary code

Why the Huawei ban is bad for security

Many believe the ban on exporting U.S. technology to Chinese company Huawei could hurt American tech vendors and do little to mitigate supply chain threats.

6 industrial iot oil rig oil drilling cranes

Group behind TRITON industrial sabotage malware made more victims

The attackers stayed undetected on the victim's network for more than a year and sought out operational technology networks.

industrial iot connected city

New CISA director outlines top 5 priorities for protecting U.S. critical infrastructure

CISA’s Christopher Krebs has a two-year plan for his new cybersecurity agency, with China, supply chain and 5G as top priorities.

capitol dome congress

The cybersecurity legislation agenda: 5 areas to watch

The 116th Congress is only a few months old, but far-reaching cybersecurity bills to protect infrastructure and the supply chain, ensure election integrity, and build a security workforce are now being considered. Here’s the list.

hackathon contest computer competition hacking

Fear and loathing defending ICS security at DoE's CyberForce Competition

Defending critical infrastructure from determined attackers is not an easy task, CSO reporter J.M. Porup learned competing in the Department of Energy's CyberForce Competition 2018, a cyber security training initiative.

security threats and vulnerabilities

Why I don’t believe Bloomberg’s Chinese spy chip report

China can and has stolen the information it wants from US companies without using secretly embedded hardware, so why would it jeopardize its massive semiconductor industry?

supply chain management logistics - ERP - Enterprise Resource Planning

8 questions to ask about your industrial control systems security

Do you have a real cybersecurity-focused ICS strategy in place, or are you force-fitting IT security policies on your industrial control systems?

coal power station

Critical Infrastructure Protection (CIP): Security problems exist despite compliance

CIP is just one of 14 mandatory NERC standards that are subject to enforcement in the U.S. However, it gets a good deal of attention because this regulation is centered around the cybersecurity of assets deemed to be critical to the...

thayer public library braintree ma

Report: some small cities have surprisingly high number of exposed devices

This morning, Trend Micro released a report about the exposed cyberassets in the top U.S. cities and most critical industry segments -- and in many cases, it was the smaller municipalities that had the largest number of problems.

nuclear power plant

Is critical infrastructure the next DDoS target?

DDoS attacks are vastly bigger now, thanks to botnets composed of Internet of Things devices. A recent attack that took down a portion of the internet has led to questions about whether something similar could shut down critical...

power transmission towers

Catastrophic cyber attack on U.S. grid possible, but not likely

U.S. critical infrastructure systems still need major security improvements. But experts say that predictions of catastrophe from portions of the electric grid being taken down for months or more by a cyber attack, are overblown.

security threats and vulnerabilities

Why I don’t believe Bloomberg’s Chinese spy chip report

China can and has stolen the information it wants from US companies without using secretly embedded hardware, so why would it jeopardize its massive semiconductor industry?

supply chain management logistics - ERP - Enterprise Resource Planning

8 questions to ask about your industrial control systems security

Do you have a real cybersecurity-focused ICS strategy in place, or are you force-fitting IT security policies on your industrial control systems?

coal power station

Critical Infrastructure Protection (CIP): Security problems exist despite compliance

CIP is just one of 14 mandatory NERC standards that are subject to enforcement in the U.S. However, it gets a good deal of attention because this regulation is centered around the cybersecurity of assets deemed to be critical to the...

thayer public library braintree ma

Report: some small cities have surprisingly high number of exposed devices

This morning, Trend Micro released a report about the exposed cyberassets in the top U.S. cities and most critical industry segments -- and in many cases, it was the smaller municipalities that had the largest number of problems.

nuclear power plant

Is critical infrastructure the next DDoS target?

DDoS attacks are vastly bigger now, thanks to botnets composed of Internet of Things devices. A recent attack that took down a portion of the internet has led to questions about whether something similar could shut down critical...

power transmission towers

Catastrophic cyber attack on U.S. grid possible, but not likely

U.S. critical infrastructure systems still need major security improvements. But experts say that predictions of catastrophe from portions of the electric grid being taken down for months or more by a cyber attack, are overblown.

Load More