The Security of Network Information Systems (NIS) Directive, which aims to ensure that critical infrastructure is protected from cyber-attacks and computer network failure, has come into force today with fines for non-compliance.
Compliance with new NIS (network and information systems) regulations that come into force next month could cost large essential service providers around £278,000 each.
Triton malware joins Stuxnet, Havex / Dragonfly, Blackenergy2/3, and Industroyer / CrashOverridet specifically targeting industrial networks: Passive network monitoring with hybrid threat detection needs to be implemented now.
Vulnerabilities in our critical infrastructure aren't only caused by failure to comply with security standards.A big part of the problem is that many of the key computer systems that run critical infrastructure are legacy not fit for purpose.
"This type of attack (ie cyber-attacks by Russia on Western critical infrastructure) isn't anything new, and the real story here is that the US is choosing to acknowledge it (and in extreme detail),"
There is enough information now available from the NCSC to allow organisations to start identifying the gaps in their NIS directive approach and understand the risks these pose.
Today the risk to industrials is digital. It comes through knowing specific technical protocols and manipulating them to control an asset. Or obfuscating digital machine readings, blinding operators to thresholds being exceeded.
Cyber-attacks on critical infrastructure are now the biggest threat to humanity and more action and collaboration is needed to defeat nation state actors and terrorists threatening essential systems.
Energy, transport, water and health firms could face penalties of up to £17 million if they do not have effective cyber-security measures and suffer service outages as a result, the UK government announced.
It is a matter of "When, not if" a major cyber-attack on the UK will happen says Ciaran Martin, head of the NCSC. This statement raises the prospect of huge disruptions to the British government and critical infrastructure.
Expert members of the European Cyber-security Forum - CYBERSEC community representing the public and private sectors plus academia share their opinions on the top challenges we are going to face this year.
Attacks on critical national infrastructure are growing in number and sophistication. So how big is the UK's risk?
The head of the UK GCHQ's National Cyber Security Centre (NCSC) on Wednesday accused Russia of staging attacks on critical infrastructure and other sectors within the past year.
Until their company has been attacked and suffered a tangible business loss, most organisations regard DNS as simply plumbing rather than critical infrastructure that requires proactive defence says Dr Malcolm Murphy.
Six key vulnerabilities have been identified within industrial control systems that adversaries can use to undermine critical infrastructure operations.
Moreno Carullo examines how machine learning and AI can be deployed to protect physical infrastructures from cyber-attack.
Will Culbert delves into the Industrial Internet of Things, touching on how digital technology may define industrial control operations and maintenance almost as much as the physical engineering itself.
Attacks on critical infrastructure - a natural progression, or a symptom of poor security practices?
Cyber-attackers are increasingly targeting unsecured industrial environments. Jalal Bouhdada, looks at why the IIoT has led to critical infrastructure becoming a more lucrative opportunity for hackers.
Updated: The president's Commission on Enhancing National Cyber-security today released a 100-page report that called for greater cooperation between the government, the private sector, educational institutions and even individual Americans with the goal of protecting and defending the nation's critical cyber infrastructure.
Mark Carolan outlines why IT security managers should be worried about ICS in their Infrastructure
Jan Rochat, CTO of AET technologies, reminded an ISSE 2016 audience that the security boundaries of critical infrastructure are not quite as concrete at they seem
A senior UN official has told press that a nuclear power plant was disrupted several years ago by a cyber-attack
"Where bits and bytes meet flesh and blood" was the main area of concern for industry panelists, ranging from Critical Infrastructure - where strict controls may be impossed, to consumer IOT goods - where they can't.
An association of state officials has published an open letter that seeks to strengthen public confidence in the electoral process, in light of research that has raised questions about the security of voting machines.
The Israeli Knesset waits on the passage of a bill which would see the amalgamation of Israel's cyber-defences into one central authority
Power stations in Germany, Italy and Israeli smart building could be accessed by criminal hackers
The European Parliament has passed this morning the new network and information security (NIS) directive, placing minimum standards for cyber-security on critical infrastructure operators.
Chinese suspected of APT attack on Japanese critical infrastructure.