Kathy Stershic, Principal

8th January 2023

A CYBERSECURITY TIPPING POINT FOR MIDDLE EASTERN OIL COMPANIES

FederalNewsNetwork.com • 28th December 2022

4 pillars of high performing federal agencies

Positioning employees for success is inextricably linked to providing them with the right tools and technologies to enable their work. As with operational activities like technology or infrastructure planning, building successful,... The federal government is facing the same talent crunch as private sector organizations. Particularly with pending government retirements, it is more important than ever for agencies to build effective team environments that empower employees and offer career roadm

GCN • 26th September 2022

3 steps to help new CISOs to hit the ground running

Today’s chief information security officers face rampant cyber threats, an expanded attack surface and the pandemic-related explosion of remote workers connecting to agency networks from everywhere. As the purview of CISOs has grown in recent years, these committed individuals shoulder the responsibility for managing new and increased risks to keep their governments secure. New CISOs have no time to waste. Whether they are just starting with their organization or promoted from within, focusing

Hstoday • 1st June 2022

Securing Critical Infrastructure to the Cloud: Why Federal Operators Need Hardware-Enforced Cyber Defense - HS Today

There is a large and growing volume of data generated within critical infrastructure operational technology (OT) environments. While OT networks are traditionally air-gapped for the highest level of security, that network separation prevents the exchange of mission-critical data with untrusted external networks like the cloud. Every connected asset, after all, represents a potential point of compromise for cyber adversaries, including nation-state attackers. But this OT separation prevents gover

Manufacturing.net • 23rd August 2022

3 Steps to Tackling Cybersecurity in Manufacturing

The increasing convergence of Operational Technology (OT) and Information Technology (IT) in modern manufacturing environments enables big gains in productivity, efficiency and innovation. Until just a few years ago, every plant was a silo unto itself. Now, data from geographically disbursed plants can be easily shared through the cloud; detailed information about production inputs and output yields can be accurately measured across the entire enterprise; automated machine learning models can a

2nd September 2022

The Imperative to Integrate Security and Privacy on Modern Campuses

The Imperative to Integrate Security and Privacy on Modern Campuses Imagine it is homecoming weekend, and visiting alumni have flooded a college campus for the big football game. From the moment they park in the campus garage to when they leave the grounds, the visitors enter a new digital world that current students encounter every day. They use an app to pay for lunch in the student union, another app to buy a sweatshirt in the bookstore, and still another that holds their game tickets. The

2nd September 2022

Plugging Cyber Holes in Federal Acquisition

Government agencies are under siege from ransomware and incredibly sophisticated cybersecurity threats, such as the 2020 SolarWinds supply chain attack. To help fight back, lawmakers are introducing steps to broaden defenses through non-traditional approaches. The Supply Chain Security Training Act (SCSTA) bill, recently passed in the U.S. Senate, would extend cyber responsibilities to federal employees with supply chain risk management responsibilities, like program managers and procurement pro

Security Boulevard • 25th February 2022

How Critical Infrastructure Providers Can Securely Connect OT to the Cloud

Cloud connectivity offers tremendous benefits for critical infrastructure operators. Sending data from operational technology (OT) devices to the cloud opens the door for asset owners to use remote diagnostic and analysis tools, improve supply chain management, adopt predictive maintenance and schedule planned downtime—improving the efficiency and resilience of operations in ways not possible before. While beneficial, new cloud connections also introduce new risks. Every additional connected as

Hstoday • 17th February 2022

Partnerships, Proactive Approach Needed to Close Port Cybersecurity Gaps - HS Today

The current global backlog of container ships waiting to be unloaded showcases the criticality of large ports to world commerce and national economies. This logjam will eventually be broken and things will go back to a relative normal. But what if a port becomes a conduit to a far more serious threat? The safety and security of port operations is critical to both a nation’s economy and its sovereignty. Consider the impacts of the immense August 2020 explosion at the Port of Beirut, Lebanon. Tra

1st February 2022

Data Diodes Offer Practical Way To Improve Pipeline Cybersecurity

In response to the growing number of cyberattacks on critical infrastructure entities, the Department of Homeland Security (DHS) issued security directives in May 2021 and July 2021 for critical pipeline owners and operators. The first directive requires owners and operators to report confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA), designate a cybersecurity coordinator, and prepare reports on cybersecurity risks and mitigation proc

29th October 2021

5 Steps to Prepare an Effective Threat Intelligence Plan

3rd September 2021

New Rules for Sharing Data with High Threat Networks

Thank you for your feedback. There was a problem submitting your feedback. Please make sure you have filled out all fields completely. When will my subscription end? Please indicate the type of request. We could not find your subscription. Please try again. If you are a current subscriber, log in here to view the full edition.

13th August 2021

An Energy Company’s Approach to Proactive Critical Infrastructure Security

Recent headlines show that threats to critical infrastructure are accelerating. Adversaries’ offensive capabilities currently exceed industry’s traditional defenses, creating a need to increase plant security while keeping pace with modern business demands. When computers were first used to run Operational Technology (OT), systems like valves, pumps, and actuators were analog and isolated. Since they couldn’t be remotely reached, operators saw no need to put security infrastructure in place. A

automation.com • 31st July 2021

Bridging the Air Gap: How to Harness Your Data and Protect Your OT Network

Original equipment manufacturers (OEMs) serving the Critical Infrastructure sector have a new opportunity to bundle advanced data analytics with their products. Innovative services like predictive maintenance and automatic ordering of supplies and spare parts are driven by data that must be delivered from an operating machine back to the OEM. But Critical Infrastructure operators have long been concerned about introducing potential threats from opening their operational networks for OEMs to

Washington Technology • 31st July 2021

JEDI cancellation offers multiple benefits for DOD, industry --

As DOD moves on from JEDI, the department embraces a multi-cloud future The cancellation of the single-source $10B Joint Enterprise Defense Infrastructure (JEDI) project came as surprising, but perhaps not fully unexpected news. From its beginnings in 2017, the proposition of awarding such a massive program to a single vendor caused controversy. Protests and litigation led to significant programmatic delays that would likely have stretched on. So, after four long years, everybody lost – or did

4th May 2021

Preparing for 5G: A Security Primer

C4ISRNET • 14th April 2021

Simplifying Security in Multi-Cloud Environments

Federal agencies are moving from Cloud First to Cloud Smart policies. In doing so, they have adopted one of the top Cloud Service Providers (CSPs). Most agencies already use more than one of the major cloud providers – like AWS and Microsoft – with others set to join the landscape. With this in mind, Palo Alto Networks launched their FedRAMP-authorized Prisma Cloud Solution, offering a comprehensive security platform covering cloud-native and multi-cloud environments. Multi-cloud environments a

CPO Magazine • 2nd March 2021

Amping Data Security Can Boost Your Privacy Strategy

When large technology companies take out full page newspaper ads to talk about their commitment to privacy, and they proactively ask for government privacy legislation, you know we’ve crossed a threshold. Data Privacy is a hot topic. Consumers are ever more concerned about how their data is being used. In response, governments around the world are issuing new regulations to rein-in aggressive data collection and usage practices that so many vendors have adopted throughout the digital era. New

New York Law Journal • 28th August 2020

Beyond Data: Function Is the New Cyber Attack Surface

• With this subscription you will receive unlimited access to high quality, online, on-demand premium content from well-respected faculty in the legal industry. This is perfect for attorneys licensed in multiple jurisdictions or for attorneys that have fulfilled their CLE requirement but need to access resourceful information for their practice areas. • Our Team Account subscription service is for legal teams of four or more attorneys. Each attorney is granted unlimited access to high quality,

World Economic Forum • 28th August 2020

A three-step path to securing critical infrastructure

We need to rethink cybersecurity for a post-pandemic world. Here's how The pandemic has created a new set of opportunities for cybercriminals, and as such we need to rethink our approach to cybersecurity. Here's where to start.