Companies like Siemens, GE, Schneider Electric and Rockwell make systems that control critical infrastructure, such as nuclear power plants, electric grids, and oil and gas platforms. When a security vulnerability was uncovered in a Rockwell Automation industrial control system, the U.S. Department of Homeland Security took notice.
A "perfect storm" is brewing in cybersecurity that threatens to disrupt the corporate world. That is the assessment of George Wrenn, Cyber Security Officer with Schneider Electric, which provide energy systems for critical infrastructure firms.
President Barack Obama's new executive order could mean severe sanctions against foreign hackers, if they can be clearly identified.
Operation Cleaver, undertaken by pro-Iranian hackers, has infiltrated critical networks in the U.S. and 15 other countries, reports Ars Technica, citing researchers from Cylance.
With the proliferation of machine-to-machine (M2M) devices and connections, some estimates putting the number as high as 50 billion devices by 2020, security pros are trying to come to grips with the security implications of all those endpoints.
Critical infrastructure upon which the industrial world depends is a cybersecurity sieve. That is one conclusion that can be drawn from a survey of nearly 600 security executives at critical infrastructure companies by The Ponemon Institute on behalf of Unisys.
The National Institute of Standards and Technology, or NIST, wants feedback from U.S. industry about how its voluntary cybersecurity framework for critical infrastructure published earlier this year is working.
Vertical industries are clubby. They tend to band together and create industry bodies and associations. NERC, FERC, TIA and so on. This is good and natural and, in the context of security, creates some basis for sharing threat intelligence and effective practices. But the real magic word in critical infrastructure security today is this: Interdependency.
After a year of work that included a series of workshops with private sector representatives, the National Institute of Standards and Technology released on Wednesday the final version of its cybersecurity framework for critical infrastructure.
I encourage the private sector to attend the NIST workshop next week and participate fully in the process of developing its cybersecurity framework for critical infrastructure. It will serve not only as a security guideline for critical infrastructure firms, but also as a model for all industries.