An illustration of why it’s so difficult to comply with the patch management requirements in NERC CIP-007 R2 and what you can do to make it easier.

NIST has released a new draft of the NISTIR 8374 Cybersecurity Framework Profile for Ransomware Risk Management which provides updated guidance for preventing and recovering from ransomware.

The U.S. House Homeland Security Committee has introduced the Cyber Incident Reporting for Critical Infrastructure Act of 2021, which would require critical infrastructure firms to disclose cybersecurity incidents to CISA within 72 hours of discovery.

Proposed revisions to two NERC CIP standards have been submitted to the Federal Energy Regulatory Commission (FERC) for consideration. The two affected standards are CIP-004 and CIP-011.

Learn what the NIS Directive is, who it applies to, potential penalties for non-compliance and best practices for complying with the Directive.

NERC CIP 002-5.1a can be divided into three steps: identify systems, inventory assets, categorize risk. This can serve as a helpful model for approaching and maintaining compliance.

Learn how to enable SOAR in your OT environment and gain access to contextual asset data in this webinar featuring Splunk.

Combining asset visibility and asset management results in robust asset awareness. Each is a distinct concept but relies upon the other to be effective.

SOAR technologies are used to automate parts of the security investigation process, and access to the right contextual data is vital when using these tools in operational technology (OT) environments.