News September 21, 2022

DOE Invests $12M in Cybersecurity Research for Energy Grid

2 min read - In June 2021, CNN asked U.S. Secretary of Energy Jennifer Granholm if U.S. enemies could shut down the power grid. She said they could. Meanwhile, the concern over energy grid attacks has increased with the Russian attack on Ukraine. Attackers…

Energy & Utility August 16, 2022

X-Force 2022 Insights: An Expanding OT Threat Landscape

9 min read - This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of…

News June 1, 2022

Federal Director Warns Against Possible Russian Cyberattacks

2 min read - U.S. Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly highlighted the importance of defending against Russian cyberattacks in a recent interview.  “We are seeing evolving intelligence about Russians planning for potential attacks,” she told 60 Minutes. “We have to…

Application Security May 26, 2022

Lessons Learned by 2022 Cyberattacks: X-Force Threat Intelligence Report

3 min read - Every year, the IBM Security X-Force team of cybersecurity experts mines billions of data points to reveal today’s most urgent security statistics and trends. This year’s X-Force Threat Intelligence Index 2022 digs into attack types, infection vectors, top threat actors,…

Data Protection November 3, 2021

Report: Cost of a Data Breach in Energy and Utilities

4 min read - On average, the cost of a data breach rose by 10% from 2020 to 2021. The energy industry ranked fifth in data breach costs, surpassed only by the health care, financial, pharmaceutical and technology verticals, according to the 17th annual…

CISO August 11, 2021

A New Directive for Pipeline Operators Puts Cybersecurity in the Spotlight

3 min read - It’s no secret that cyberattacks against critical infrastructure are increasing. The recent attacks against water treatment plants, pipelines, vital hospital systems and food processing facilities have all made recent headlines and demonstrate the vulnerability of all types of critical infrastructure…

Energy & Utility May 4, 2021

It’s an Operational Technology World, and Attackers Are Living in It

5 min read - In April 2021, the U.S. government announced a new effort to protect industrial control systems (ICS) from cyberattacks. For the cybersecurity community, the announcement may come as no surprise. Vulnerabilities in critical infrastructure such as ICS and the operational technologies…

Energy & Utility July 15, 2020

A Quick Guide to Using the ONG-C2M2 Model

3 min read - The Oil and Natural Gas Subsector Cybersecurity Capability Maturity Model (ONG-C2M2) can help oil and natural gas (ONG) organizations evaluate their cybersecurity programs and make improvements. These tools allow owners and operators in the electricity and ONG sectors to assess…

Endpoint March 4, 2020

Modernizing Threat Management for the Evolving Attack Surfaces of OT, IoT and IoMT

5 min read - The combination of digital transformation and the "Internet of Everything" is reshaping the modern landscape of OT, IoT and IoMT, meaning threat management must evolve in response.

February 12, 2020

FBI Warns Supply Sector Software Providers to Watch Out for Kwampirs Malware

2 min read - An ongoing campaign to infect supply chain software firms with the Kwampirs malware has led the FBI to issue a formal warning to private sector firms, according to published reports.