In today’s perpetually connected world, reliable energy delivery requires cyber-resilient delivery systems. The nation’s security, economic prosperity, and the well-being of our citizens depend on reliable energy infrastructure. Operational Technology (OT) networks are increasingly converging with IT networks as critical-infrastructure companies modernize to enhance functionality and lower costs. But rapid digital transformation and convergence also […]
Originally published on Forbes, August 4th, 2021 Automotive cybersecurity is finally getting its time to shine. The upcoming launch of new regulations and standards, alongside the ever-increasing scale of automotive cyberattacks, is prioritizing the establishment of cybersecurity operations among leading OEMs across the world. And OEMs are rising to the challenge, with many either already […]
The SolarWinds hack of 2020 allowed attackers to dig deep into many major businesses and government agencies. This high-profile attack called into question supply chain security, and the implicit trust enterprises place in suppliers of software and devices. This post explores the challenges of protecting the supply chain, and how the new Vulnerability Exploitability Exchange […]
These days, product security teams face incredible challenges when it comes to their vulnerability management program. Embedded software is more prevalent, made up of open-source software (OSS), commercial software and sometimes also proprietary code, and it is far more complex.
Originally published on Forbes, April 29th, 2021 As awareness regarding the widespread devastation caused by supply chain attacks increases, one thing is becoming clear: An organization’s cybersecurity defenses are only as strong as its weakest link. Successful supply chain attacks are considered especially dangerous because of their high potential for widespread contagion. With just one […]
Newly discovered supply-chain vulnerabilities in common communication stacks can be exploited to take full remote control of connected devices, putting at risk millions of devices around the globe. Security researchers from Forescout and JSOF Research Labs have discovered nine vulnerabilities in four widely-used TCP/IP stacks affecting Domain Name Systems (DNS) implementations. Dubbed NAME:WRECK due to […]
Originally published on Forbes, February 25th, 2021 In the space of just a few short years, many of the machines around us have become smarter than we are. Technology and progress wait for no one, and the widespread adoption of IoT has injected intelligent, autonomous capabilities into everything from vending machines and robots to refrigerators […]