Vulnerabilities in our critical infrastructure aren't only caused by failure to comply with security standards.A big part of the problem is that many of the key computer systems that run critical infrastructure are legacy not fit for purpose.
There is enough information now available from the NCSC to allow organisations to start identifying the gaps in their NIS directive approach and understand the risks these pose.
UK and US nuclear weapons systems - along with the rest of our critical infrastructure - suffer from dependency on legacy systems, leaving them at risk of cyber-attack according to a new report.
The latest research suggests, within just two years, the security situation for SCADA has got worse to the tune of an average increase of 1.6 vulnerabilities per application tested.
Expert members of the European Cyber-security Forum - CYBERSEC community representing the public and private sectors plus academia share their opinions on the top challenges we are going to face this year.
Last Thursday saw the official launch of the International Operation Technology Security Association (Iotsa) where John Noble, director of network management at the UK's NCSC called for industry cooperation and incident reporting.
Under an (NIS) directive being adopted by the UK, CNI providers will face fines of £17 million or up to four percent of annual turnover if they fail to protect critical infrastructure from loss of services due to cyber-attacks.
Kinetic attacks have come off the movie screen and into reality, and you are likely to be vulnerable - if not directly, then via collateral damage if CNI is hit - so include the possibility on your risk register and prepare says Graeme Park.
With the incoming Brexit negotiations, the Queen said her ministers will seek to "provide certainty for individuals and businesses".
San Francisco's Municipal Transportation Agency was caught with a HDDCryptor Ransomware infection over the weekend, leaving the agency unable to sell tickets or charge customers for transport, unless they pay the hackers demands of 100 Bitcoin.
Slovakia is in the process of drafting its first cyber-security law which will address not only the security of finance and health but also critical utilities infrastructure.
ICYMI: Morrisons breach; Worldpay card data; power attack losses; Russian EU targets; criminal capability
The latest In Case You Missed It (ICYMI) looks at Morrisons lawsuit; Wordpay vulnerabilities; Critical scenario costs; EU Banks targeted; Cyber-crime capabilities.
Operation Cleaver is a global data gathering exercise still underway by Iranian hackers in key infrastructure sectors, a possible precursor to a major attack.
UK oil firms warned to guard against new campaign as Russian malware exploits Scottish independende vote.
The weather, or even simple mis-configuration, are threats to critical infrastructure, but in an emergency, could government now run privatised utilities?
Nation-state attacks on CNI will be faciliated by the internet of things, and government regulation is needed to set standards, but the actual likelihood of CNI attacks remains very low says Raimund Genes.
The Obama administration has launched the Cybersecurity Framework, which aims to educate organisations on the risks facing critical infrastructure systems.
A survey of connected Scada computers identified that 500,000 machines could potentially be targeted.