Industrial Cyber (2025)

22/11/2024

"The first consisted of Steve Lorincz, deputy executive assistant administrator for security operations at the TSA; Chad Gorman, deputy executive assistant administrator for operations support at the TSA; and Tina Won Sherman, director for Homeland Security and Justice at the Government Accountability Office."

https://industrialcyber.co/transport/house-subcommittee-reviews-tsas-cybersecurity-oversight-in-transportation-sector-amid-proposed-rule-changes/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

US House Homeland Security subcommittee reviews TSA's cybersecurity oversight in transportation sector amid proposed rule changes.

22/11/2024

"It calls for delivering essential services and emergency response; driving global AI norms; responsibly leveraging AI to improve the functioning of critical infrastructure; advancing standards of practice through law and regulation; engaging community leaders; enabling foundational research into AI safety and security; supporting critical infrastructure’s safe and secure adoption of AI; and developing oversight."

https://industrialcyber.co/ai/dhs-framework-offers-ai-security-guidelines-for-critical-infrastructure-highlights-secure-development-supply-chain-accountability/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

DHS framework offers AI security guidelines for critical infrastructure; highlights secure development, supply chain accountability.

22/11/2024

"In observance of National Critical Infrastructure Security and Resilience Month, the Cybersecurity and Infrastructure Security Agency CISA and the Office of the Director of National Intelligence, released guidance to assist critical infrastructure owners and operators to detect and mitigate efforts by foreign intelligence entities to disrupt U. S. critical infrastructure."

https://industrialcyber.co/cisa/cisa-odni-issue-guidance-to-safeguard-critical-infrastructure-installations-against-foreign-threats/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

CISA, ODNI release guidance to safeguard critical infrastructure installations against foreign threats, bolster cybersecurity posture.

22/11/2024

"By focusing on the initial packet processing, we bypass the complexities of maintaining the full TLS state machine during fuzzing, allowing us to effectively test the TLS implementation for vulnerabilities that could be triggered by malformed or unexpected initial packets, without needing to simulate the entire protocol sequence, the post added."

https://industrialcyber.co/critical-infrastructure/critical-vulnerabilities-found-in-mongoose-web-server-library-updating-to-v7-15-remediates-issues/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

Nozomi reveals Critical Vulnerabilities Discovered in Mongoose Web Server Library: Immediate Update Required to Version 7.15.

22/11/2024

"These include targeting organizations operating in countries associated with China’s Belt and Road Initiative BRI, a national-level strategy seeking to establish economic opportunities aligned with Beijing’s prioritized interests outlined in China’s 13th and 14th Five-Year Plans."

https://industrialcyber.co/threat-landscape/chinas-liminal-panda-hackers-target-global-telecom-networks-in-stealthy-cyber-espionage-campaign/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

CrowdStrike details China's LIMINAL PANDA hackers targeting global telecom networks in stealthy cyber-espionage campaign.

22/11/2024

"COTPs and District Commanders will require individuals requesting a MARSEC Directive to prove that they meet the standards for a ‘covered person,’ have a ‘need to know’ the information, and that they will safeguard the SSI in MARSEC Directive 105-5."

https://industrialcyber.co/transport/us-coast-guard-issues-marsec-directive-105-5-for-chinese-made-sts-cranes-amid-rising-security-concerns/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

The US Coast Guard issues MARSEC Directive 105-5 for Chinese-made STS cranes amid rising security concerns.

22/11/2024

"In terms of post-incident activity, lessons learned from the cyber incident are documented and integrated back into the preparation stage of the cyber incident response phase cycle including in medical product manufacturer’s cyber and enterprise risk management processes."

https://industrialcyber.co/medical/new-hscc-playbook-empowers-medical-product-manufacturers-to-tackle-cyber-incidents-effectively/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

New HSCC playbook empowers medical product manufacturers to tackle cyber incidents effectively, bolster cybersecurity posture.

21/11/2024

Shield Your Critical Infrastructure from Foreign Threats ️

Cybersecurity and Infrastructure Security Agency & ODNI join forces to provide crucial guidance on safeguarding critical infrastructure from foreign cyberattacks! This includes fortifying your defenses against:

- Insider threats: Learn how to build a strong training program to mitigate this risk.

- Supply chain vulnerabilities: Discover strategies for ensuring vendor security and managing risks.

Don't wait – secure your critical infrastructure today! Click the link for CISA's actionable guidance: https://industrialcyber.co/cisa/cisa-odni-issue-guidance-to-safeguard-critical-infrastructure-installations-against-foreign-threats/

CISA, ODNI release guidance to safeguard critical infrastructure installations against foreign threats, bolster cybersecurity posture.

21/11/2024

Attention Telecom Providers!

Are Chinese hackers targeting your network? A recent campaign by LIMINAL PANDA hackers shows a concerning level of expertise in exploiting telecom vulnerabilities.

Click the link to learn more about this espionage campaign & how to protect your networks! https://industrialcyber.co/threat-landscape/chinas-liminal-panda-hackers-target-global-telecom-networks-in-stealthy-cyber-espionage-campaign/

CrowdStrike details China's LIMINAL PANDA hackers targeting global telecom networks in stealthy cyber-espionage campaign.

21/11/2024

"In the U. S., the DoD Zero Trust Strategy for defense and intelligence agencies and Zero Trust Maturity Model for executive branch agencies mandate Zero Trust adoption across the federal government, but both documents focus on IT environments, with only a nod to OT and IoT security, Lota remarked."

https://industrialcyber.co/features/bridging-the-gap-by-integrating-zero-trust-strategies-in-it-and-ot-environments-for-enhanced-cybersecurity/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

Bridging the gap by integrating zero trust strategies in IT and OT environments for enhanced cybersecurity

21/11/2024

"TSA required all owners or operators subject to the SD’s requirements to report actual or potential cybersecurity incidents affecting their information technology and operational technology systems to the Cybersecurity and Infrastructure Security Agency CISA within 24 hours of discovery, using the CISA Incident Reporting System."

https://industrialcyber.co/regulation-standards-and-compliance/us-dhs-seeks-public-input-on-pipeline-security-measures-and-inspections-in-60-day-comment-period/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

US DHS seeks public input on pipeline security measures and inspections to assess implementation in 60-day comment period.

21/11/2024

"To increase the overall level of cybersecurity of all products with digital elements placed on the internal market, the EU Cyber Resilience Act identifies that it is necessary to introduce objective-oriented and technology-neutral essential cybersecurity requirements for those products that apply horizontally."

https://industrialcyber.co/regulation-standards-and-compliance/eu-cyber-resilience-act-focuses-on-elevating-cybersecurity-standards-for-digital-products-across-europe/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

EU Cyber Resilience Act focuses on elevating cybersecurity standards for digital products across Europe, bolsters cybersecurity posture.

21/11/2024

"DNV, an assurance and risk management provider, published research that finds industry awareness of cyber risk and investment has grown rapidly and maritime organizations are maturing in their approach to cybersecurity."

https://industrialcyber.co/transport/new-dnv-research-highlights-higher-cyber-risk-appetite-in-maritime-industry-than-in-sectors/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

New DNV research report highlights higher cyber risk appetite in maritime industry than other critical infrastructure sectors.

21/11/2024

"It continues TSA’s commitment to performance-based requirements, builds on TSA’s previously issued cybersecurity requirements from the SDs, and seeks to establish a sustainable and comprehensive cyber risk management program for owners and operators that have higher cybersecurity risk profiles."

https://industrialcyber.co/transport/house-subcommittee-reviews-tsas-cybersecurity-oversight-in-transportation-sector-amid-proposed-rule-changes/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

US House Homeland Security subcommittee reviews TSA's cybersecurity oversight in transportation sector amid proposed rule changes.

21/11/2024

"Also, the framework will succeed if, among other achievements, it further strengthens the harmonization of AI safety and security practices, improves the delivery of critical services enabled by AI, enhances trust and transparency across the AI ecosystem, advances research into safe and secure AI for critical infrastructure, and ensures that civil rights and civil liberties are protected by all entities."

https://industrialcyber.co/ai/dhs-framework-offers-ai-security-guidelines-for-critical-infrastructure-highlights-secure-development-supply-chain-accountability/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

DHS framework offers AI security guidelines for critical infrastructure; highlights secure development, supply chain accountability.

21/11/2024

"Recognizing the critical role Mongoose plays in many devices, Nozomi Networks Labs conducted an in-depth analysis to improve the security posture of all products using this library for essential features like HTTPS servers, which are crucial for securing data transmissions and protecting sensitive information."

https://industrialcyber.co/critical-infrastructure/critical-vulnerabilities-found-in-mongoose-web-server-library-updating-to-v7-15-remediates-issues/?utm_campaign=meetedgar&utm_medium=social&utm_source=meetedgar.com

Nozomi reveals Critical Vulnerabilities Discovered in Mongoose Web Server Library: Immediate Update Required to Version 7.15.

20/11/2024

Calling all European manufacturers & retailers!

The EU Cyber Resilience Act is shaking things up! This new regulation raises the bar for cybersecurity standards of products with digital elements.

Ready to learn how to comply & stay ahead of the curve? Click the link below for a deep dive into the Act's implications and how it can benefit your business.

https://industrialcyber.co/regulation-standards-and-compliance/eu-cyber-resilience-act-focuses-on-elevating-cybersecurity-standards-for-digital-products-across-europe/

EU Cyber Resilience Act focuses on elevating cybersecurity standards for digital products across Europe, bolsters cybersecurity posture.

20/11/2024

The U.S. House Homeland Security Subcommittee on Transportation and Maritime Security held a hearing to examine how the Transportation Security Administration (TSA) manages cybersecurity risks within the transportation sector.

This article explores the recent release of a Notice of Proposed Rulemaking (NOPR) affecting cybersecurity practices in rail, pipeline, and bus transportation.

Stay informed on the latest cybersecurity developments in the transportation sector! https://industrialcyber.co/transport/house-subcommittee-reviews-tsas-cybersecurity-oversight-in-transportation-sector-amid-proposed-rule-changes/

US House Homeland Security subcommittee reviews TSA's cybersecurity oversight in transportation sector amid proposed rule changes.

Industrial Cyber

22/11/2024

22/11/2024

22/11/2024

22/11/2024

22/11/2024

22/11/2024

22/11/2024

21/11/2024

21/11/2024

21/11/2024

21/11/2024

21/11/2024

21/11/2024

21/11/2024

21/11/2024

21/11/2024

20/11/2024

20/11/2024

Address

Website

Alerts

Contact The Business

Shortcuts

Share