Critical Infrastructure

Latest Headlines

Latest Headlines

Spotlight: Pro-Iranian hackers infiltrate critical networks in US, 15 other nations

Operation Cleaver, undertaken by pro-Iranian hackers, has infiltrated critical networks in the U.S. and 15 other countries, reports Ars Technica, citing researchers from Cylance.

With 50B connected devices, the security challenges can seem insurmountable

With the proliferation of machine-to-machine (M2M) devices and connections, some estimates putting the number as high as 50 billion devices by 2020, security pros are trying to come to grips with the security implications of all those endpoints.

Infographic: Critical infrastructure is a cybersecurity sieve

Critical infrastructure upon which the industrial world depends is a cybersecurity sieve. That is one conclusion that can be drawn from a survey of nearly 600 security executives at critical infrastructure companies by The Ponemon Institute on behalf of Unisys.

NIST wants your feedback on its cybersecurity framework

The National Institute of Standards and Technology, or NIST, wants feedback from U.S. industry about how its voluntary cybersecurity framework for critical infrastructure published earlier this year is working.

Critical infrastructure: All together now

Vertical industries are clubby. They tend to band together and create industry bodies and associations. NERC, FERC, TIA and so on. This is good and natural and, in the context of security, creates some basis for sharing threat intelligence and effective practices. But the real magic word in critical infrastructure security today is this: Interdependency.

NIST unveils final version of cybersecurity framework for critical infrastructure

After a year of work that included a series of workshops with private sector representatives, the National Institute of Standards and Technology released on Wednesday the final version of its cybersecurity framework for critical infrastructure.

Time to stand up and be counted

I encourage the private sector to attend the NIST workshop next week and participate fully in the process of developing its cybersecurity framework for critical infrastructure. It will serve not only as a security guideline for critical infrastructure firms, but also as a model for all industries.

Speedier process needed for CI security fixes

The process for fixing security holes in critical infrastructure systems is broken and needs to be fixed.

Schneider Electric took nearly two years to fix critical ICS security bugs

Schneider Electric, which supplies industrial control systems for critical infrastructure facilities, took nearly two years to fix critical security holes in hard-coded credentials used in a number of ICS products, according to advisory by the Department of Homeland Security.

Cyberattacks against critical infrastructure doubled in first half of FY 2013

The first half of fiscal year 2013 produced more cyberattacks against critical infrastructure facilities than all of FY 2012, according to the Homeland Security Department's ICS-CERT Monitor released last week. Of the 200 attacks, a majority were against the energy sector, followed by critical manufacturing with 17 percent of the attacks.