critical infrastructure Telekom Slovenije works on EU project to enhance critical infrastructure resilience By www.telecompaper.com Published On :: Wed, 13 Nov 2024 11:26:00 +0100 (Telecompaper) Telekom Slovenije announced it is actively participating in the Endurance project, a new initiative funded by the European Commission's Horizon... Full Article
critical infrastructure ASSA ABLOY Global Solutions — Critical Infrastructure Features ALWIN Security Management Software By www.sdmmag.com Published On :: Thu, 30 Mar 2023 01:41:09 -0400 ASSA ABLOY Global Solutions — Critical Infrastructure (Booth #8101) is showcasing its robust ALWIN security management software as part of a total access management solution for critical infrastructure customers in the U.S. at ISC West. Full Article
critical infrastructure Pradeep Kumar Recognized for Contributions to the Fields of Critical Infrastructure, Transportation & Intelligent Transportation Systems (ITS) By www.24-7pressrelease.com Published On :: Fri, 23 Aug 2024 08:00:00 GMT Pradeep Kumar assists several vital railroad projects across the United States and holds various leadership roles to implement operation and revenue services into the transit system Full Article
critical infrastructure Critical Infrastructure Risk Assessment: The Definitive Threat Identification and Threat Reduction Handbook by Ernie Hayden, Selected as the 2021 ASIS Security Industry Book of the Year By www.24-7pressrelease.com Published On :: Tue, 13 Jul 2021 08:00:00 GMT Rothstein Publishing Wins 2 Top Books of the Year by ASIS International Full Article
critical infrastructure James Emil Chance Celebrated for Contributions to the Critical Infrastructure and Utility Sectors By www.24-7pressrelease.com Published On :: Fri, 18 Oct 2024 08:00:00 GMT James Emil Chance is a critical infrastructure compliance specialist at Pedernales Electric Cooperative Inc. Full Article
critical infrastructure ETSI Secures Critical Infrastructures against Cyber Quantum Attacks with new TETRA Algorithms By www.etsi.org Published On :: Mon, 07 Nov 2022 17:51:09 GMT ETSI Secures Critical Infrastructures against Cyber Quantum Attacks with new TETRA Algorithms Sophia Antipolis, 8 November 2022 With the world facing growing challenges including the war in Europe and a global energy crisis, it is essential that the mission- and business-critical communications networks used by the public safety, critical infrastructure and utilities sectors (including transportation, electricity, natural gas and water plants) are secured against third-party attacks, to protect communications and sensitive data. With more than 120 countries using dedicated TETRA (Terrestrial Trunked Radio) networks for these critical services, work has been undertaken to ensure the ETSI TETRA technology standard remains robust in the face of evolving threats. Read More... Full Article
critical infrastructure Cybersecurity Snapshot: Apply Zero Trust to Critical Infrastructure’s OT/ICS, CSA Advises, as Five Eyes Spotlight Tech Startups’ Security By www.tenable.com Published On :: Fri, 01 Nov 2024 09:00:00 -0400 Should critical infrastructure orgs boost OT/ICS systems’ security with zero trust? Absolutely, the CSA says. Meanwhile, the Five Eyes countries offer cyber advice to tech startups. Plus, a survey finds “shadow AI” weakening data governance. And get the latest on MFA methods, CISO trends and Uncle Sam’s AI strategy.Dive into six things that are top of mind for the week ending Nov. 1.1 - Securing OT/ICS in critical infrastructure with zero trustAs their operational technology (OT) computing environments become more digitized, converged with IT systems and cloud-based, critical infrastructure organizations should beef up their cybersecurity by adopting zero trust principles.That’s the key message of the Cloud Security Alliance’s “Zero Trust Guidance for Critical Infrastructure,” which focuses on applying zero trust methods to OT and industrial control system (ICS) systems.While OT/ICS environments were historically air gapped, that’s rarely the case anymore. “Modern systems are often interconnected via embedded wireless access, cloud and other internet-connected services, and software-as-a-service (SaaS) applications,” reads the 64-page white paper, which was published this week.The CSA hopes the document will help cybersecurity teams and OT/ICS operators enhance the way they communicate and collaborate. Among the topics covered are:Critical infrastructure’s unique threat vectorsThe convergence of IT/OT with digital transformationArchitecture and technology differences between OT and ITThe guide also outlines this five-step process for implementing zero trust in OT/ICS environments:Define the surface to be protectedMap operational flowsBuild a zero trust architectureDraft a zero trust policyMonitor and maintain the environmentA zero trust strategy boosts the security of critical OT/ICS systems by helping teams “keep pace with rapid technological advancements and the evolving threat landscape,” Jennifer Minella, the paper’s lead author, said in a statement.To get more details, read:The report’s announcement “New Paper from Cloud Security Alliance Examines Considerations and Application of Zero Trust Principles for Critical Infrastructure”The full report “Zero Trust Guidance for Critical Infrastructure”A complementary slide presentationFor more information about OT systems cybersecurity, check out these Tenable resources: “What is operational technology (OT)?” (guide)“Discover, Measure, and Minimize the Risk Posed by Your Interconnected IT/OT/IoT Environments” (on-demand webinar)“How To Secure All of Your Assets - IT, OT and IoT - With an Exposure Management Platform” (blog)“Blackbox to blueprint: The security leader’s guidebook to managing OT and IT risk” (white paper)“Tenable Cloud Risk Report 2024” (white paper)2 - Five Eyes publish cyber guidance for tech startupsStartup tech companies can be attractive targets for hackers, especially if they have weak cybersecurity and valuable intellectual property (IP).To help startups prevent cyberattacks, the Five Eyes countries this week published cybersecurity guides tailored for these companies and their investors.“This guidance is designed to help tech startups protect their innovation, reputation, and growth, while also helping tech investors fortify their portfolio companies against security risks," Mike Casey, U.S. National Counterintelligence and Security Center Director, said in a statement.These are the top five cybersecurity recommendations from Australia, Canada, New Zealand, the U.S. and the U.K. for tech startups:Be aware of threat vectors, including malicious insiders, insecure IT and supply chain risk.Identify your most critical assets and conduct a risk assessment to pinpoint vulnerabilities.Build security into your products by managing intellectual assets and IP; monitoring who has access to sensitive information; and ensuring this information’s protection.Conduct due diligence when choosing partners and make sure they’re equipped to protect the data you share with them.Before you expand abroad, prepare and become informed about these new markets by, for example, understanding local laws in areas such as IP protection and data protection. “Sophisticated nation-state adversaries, like China, are working hard to steal the intellectual property held by some of our countries’ most innovative and exciting startups,” Ken McCallum, Director General of the U.K.’s MI5, said in a statement.To get more details, check out these Five Eyes’ cybersecurity resources for tech startups:The announcement “Five Eyes Launch Shared Security Advice Campaign for Tech Startups”The main guides: “Secure Innovation: Security Advice for Emerging Technology Companies”“Secure Innovation: Security Advice for Emerging Technology Investors”These complementary documents:“Secure Innovation: Scenarios and Mitigations”“Secure Innovation: Travel Security Guidance”“Secure Innovation: Due Diligence Guidance”“Secure Innovation: Companies Summary”3 - Survey: Unapproved AI use impacting data governanceEmployees’ use of unauthorized AI tools is creating compliance issues in a majority of organizations. Specifically, it makes it harder to control data governance and compliance, according to almost 60% of organizations surveyed by market researcher Vanson Bourne.“Amid all the investment and adoption enthusiasm, many organisations are struggling for control and visibility over its use,” reads the firm’s “AI Barometer: October 2024” publication. Vanson Bourne polls 100 IT and business executives each month about their AI investment plans.To what extent do you think the unsanctioned use of AI tools is impacting your organisation's ability to maintain control over data governance and compliance?(Source: Vanson Bourne’s “AI Barometer: October 2024”)Close to half of organizations surveyed (44%) believe that at least 10% of their employees are using unapproved AI tools.On a related front, organizations are also grappling with the issue of software vendors that unilaterally and silently add AI features to their products, especially to their SaaS applications.While surveyed organizations say they’re reaping advantages from their AI usage, “such benefits are dependent on IT teams having the tools to address the control and visibility challenges they face,” the publication reads.For more information about the use of unapproved AI tools, an issue also known as “shadow AI,” check out:“Do You Think You Have No AI Exposures? Think Again” (Tenable)“Shadow AI poses new generation of threats to enterprise IT” (TechTarget)“10 ways to prevent shadow AI disaster” (CIO)“Never Trust User Inputs -- And AI Isn't an Exception: A Security-First Approach” (Tenable)“Shadow AI in the ‘dark corners’ of work is becoming a big problem for companies” (CNBC)VIDEOShadow AI Risks in Your Company 4 - NCSC explains nuances of multi-factor authenticationMulti-factor authentication (MFA) comes in a variety of flavors, and understanding the differences is critical for choosing the right option for each use case in your organization.To help cybersecurity teams better understand the different MFA types and their pluses and minuses, the U.K. National Cyber Security Centre (NCSC) has updated its MFA guidance.“The new guidance explains the benefits that come with strong authentication, while also minimising the friction that some users associate with MFA,” reads an NCSC blog. In other words, what type of MFA method to use depends on people’s roles, how they work, the devices they use, the applications or services they’re accessing and so on.Topics covered include:Recommended types of MFA, such as FIDO2 credentials, app-based and hardware-based code generators and message-based methodsThe importance of using strong MFA to secure users’ access to sensitive dataThe role of trusted devices in boosting and simplifying MFABad practices that weaken MFA’s effectiveness, such as:Retaining weaker, password-only authentication protocols for legacy servicesExcluding certain accounts from MFA requirements because their users, usually high-ranking officials, find MFA inconvenientTo get more details, read:The NCSC blog “Not all types of MFA are created equal”The NCSC guide “Multi-factor authentication for your corporate online services”For more information about MFA:“Multifactor Authentication Cheat Sheet” (OWASP)“Deploying Multi Factor Authentication – The What, How, and Why” (SANS Institute)“How MFA gets hacked — and strategies to prevent it” (CSO)“How Multifactor Authentication Supports Growth for Businesses Focused on Zero Trust” (BizTech)“What is multi-factor authentication?” (TechTarget)5 - U.S. gov’t outlines AI strategy, ties it to national security The White House has laid out its expectations for how the federal government ought to promote the development of AI in order to safeguard U.S. national security.In the country’s first-ever National Security Memorandum (NSM) on AI, the Biden administration said the federal government must accomplish the following:Ensure the U.S. is the leader in the development of safe, secure and trustworthy AILeverage advanced AI technologies to boost national securityAdvance global AI consensus and governance“The NSM’s fundamental premise is that advances at the frontier of AI will have significant implications for national security and foreign policy in the near future,” reads a White House statement. The NSM’s directives to federal agencies include:Help improve the security of chips and support the development of powerful supercomputers to be used by AI systems.Help AI developers protect their work against foreign spies by providing them with cybersecurity and counterintelligence information.Collaborate with international partners to create a governance framework for using AI in a way that is ethical, responsible and respects human rights. The White House also published a complementary document titled “Framework To Advance AI Governance and Risk Management in National Security,” which adds implementation details and guidance for the NSM.6 - State CISOs on the frontlines of AI securityAs the cybersecurity risks and benefits of AI multiply, most U.S. state CISOs find themselves at the center of their governments' efforts to craft AI security strategies and policies.That’s according to the “2024 Deloitte-NASCIO Cybersecurity Study,” which surveyed CISOs from all 50 states and the District of Columbia.Specifically, 88% of state CISOs reported being involved in the development of a generative AI strategy, while 96% are involved with creating a generative AI security policy.However, their involvement in AI cybersecurity matters isn’t necessarily making them optimistic about their states’ ability to fend off AI-boosted attacks.None said they feel “extremely confident” that their state can prevent AI-boosted attacks, while only 10% reported feeling “very confident.” The majority (43%) said they feel “somewhat confident” while the rest said they are either “not very confident” or “not confident at all.” Naturally, most state CISOs see AI-enabled cyberthreats as significant, with 71% categorizing them as either “very high threat” (18%) or “somewhat high threat” (53%).At the same time, state CISOs see the potential for AI to help their cybersecurity efforts, as 41% are already using generative AI for cybersecurity, and another 43% have plans to do so by mid-2025.Other findings from the "2024 Deloitte-NASCIO Cybersecurity Study" include:4 in 10 state CISOs feel their budget is insufficient.Almost half of respondents rank cybersecurity staffing as one of the top challenges.In the past two years, 23 states have hired new CISOs, as the median tenure of a state CISO has dropped to 23 months, down from 30 months in 2022.More state CISOs are taking on privacy protection duties — 86% are responsible for privacy protection, up from 60% two years ago.For more information about CISO trends:“What’s important to CISOs in 2024” (PwC)“The CISO’s Tightrope: Balancing Security, Business, and Legal Risks in 2024” (The National CIO Review)“State of CISO Leadership: 2024” (SC World)“4 Trends That Will Define the CISO's Role in 2024” (SANS Institute) Full Article
critical infrastructure Critical Infrastructures: Risk and Vulnerability Assessment in Transportation of Dangerous Goods Transportation by Road and Rail By search.lib.uiowa.edu Published On :: Location: Electronic Resource- Full Article
critical infrastructure MS Tech Showcases Unique Nanotechnology Sensors and Solutions for Detection of Explosives, Narcotics, and TIC's for the HLS, Military, Law Enforcement, and Critical Infrastructure Sectors at AUSA 2018 By www.24-7pressrelease.com Published On :: Sat, 06 Oct 2018 07:00:00 GMT These globally-deployed products, integrated with the company's innovative sensors, enable rapid detection and identification of various threats Full Article
critical infrastructure New Ransomware Doesn't Just Encrypt Data. It Also Meddles With Critical Infrastructure By packetstormsecurity.com Published On :: Tue, 04 Feb 2020 14:39:11 GMT Full Article headline malware scada cryptography
critical infrastructure Sidewalks are critical infrastructure and should be a civic responsibility By www.treehugger.com Published On :: Tue, 08 Nov 2016 11:30:03 -0500 It is appalling that in much of America, they are considered a frill. Full Article Design
critical infrastructure Consumer Brands Association introduces Critical Infrastructure Supply Chain Council By www.logisticsmgmt.com Published On :: 2020-05-07T16:16:00+00:00 The CBA said that the objective of the CISCC is to advance uniform national policies that will strengthen United States supply chains and also ensure the timely flow of critical goods in various ways. Full Article
critical infrastructure Electrical Transmission and Substation Structures 2018: dedicated to strengthening our critical infrastructure: proceedings of the Electrical Transmission and Substation Structures Conference 2018: November 4-8, 2018, Atlanta, Georgia / sponsored by Struc By library.mit.edu Published On :: Sun, 2 Feb 2020 06:24:06 EST Online Resource Full Article