Security Experts:

long dotted


A US energy company, identified by some as Duke Energy, received a $10 million fine from the North American Electric Reliability Corporation (NERC) for nearly 130 violations of Critical Infrastructure Protection standards. [Read More]
The Industrial Internet Consortium (IIC) and the OpenFog Consortium this week announced they finalized the details to merge into a single entity. [Read More]
The US intelligence community’s latest worldwide threat assessment warns that Russia and China are capable of disrupting critical infrastructure and Iran is not far behind. [Read More]
The official Call for Presenations (CFP) for SecurityWeek’s 2019 Singapore Industrial Control Systems (ICS) Cyber Security Conference, being held April 16–18 at the Fairmont Singapore & Swissôtel The Stamford closes January 31. [Read More]
Phoenix Contact industrial switches are affected by vulnerabilities that can be exploited to obtain credentials for the web interface, conduct unauthorized activities, cause a DoS condition, and launch MitM attacks. [Read More]
A group of United States Senators have written a letter to the Washington Metropolitan Area Transit Authority (WMATA) to express safety and security concerns regarding the acquisition of metro rail cars built by a Chinese company. [Read More]
Serious vulnerabilities found by Kaspersky researchers in Moxa’s ThingsPro 2 product could allow malicious actors to launch remote attacks on industrial networks. [Read More]
Mitsubishi Electric develops cybersecurity technology designed to protect connected cars, including their automotive head unit and control systems, against hacker attacks. [Read More]
Omron’s CX-Supervisor HMI/SCADA designer is affected by several vulnerabilities that can be exploited for DoS attacks and remote code execution using specially crafted project files. [Read More]
High severity DoS and XSS vulnerabilities discovered by researchers in an industrial-grade weather station made by ControlByWeb. A firmware update that patches the flaws has been released. [Read More]


rss icon

Seema Haji's picture
With the new year underway, it’s time for CISOs to see their security resolutions through from the factory floor, SOCs and across the entire enterprise.
Jalal Bouhdada's picture
The Secure Development Lifecycle (SDL) process is still notable by its absence in many new deployments of Industrial Internet of Things (IIoT) technologies.
Galina Antova's picture
The next year will surprise all of us in at least one way or another. How we deal with these surprises, both individually and collectively, will, in the end, define the next twelve months.
Justin Fier's picture
Against the ongoing backdrop of cyber conflict between nation states and escalating warnings from the Department of Homeland Security, critical infrastructure is becoming a central target for threat actors.
Jalal Bouhdada's picture
In the event of a cybersecurity incident in an industrial environment, you should follow a well-established seven step response process.
Galina Antova's picture
From a communications and technical standpoint, the Onslow Water and Sewer Authority (ONWASA) turned a malicious cyber incident into a strong success story on many fronts.
Justin Fier's picture
The rapid shift toward hyper-connected “smart” ports is rendering physical harbors susceptible to traditionally digital threats.
Barak Perelman's picture
Many organizations with OT networks face a massive challenge to maintain operational efficiency and improve network security at the same time.
Jalal Bouhdada's picture
It pays to be ahead of regulators, because if you’re aiming to be truly secure then you’ll already be meeting many of the key requirements of any local law.
Galina Antova's picture
The most successful organizations will be the ones that look at cyber risk holistically and build bridges between the IT, OT, and Security organizations.