December 2022, the US Government Accountability Office (GAO) issued Critical Infrastructure Actions Needed to Better Secure Internet-Connected Devices (GAO-23-105327). According to GAO, the scope of the report was governed by a legislative mandate in The Internet of Things Cybersecurity Improvement Act of 2020, which (along with conversations with GAO’s Congressional clients), which dictated the terms […]
Category: Building
Control system cyber incidents are much more plentiful than people realize
Control systems are systems of systems. Consequently, when one device or system is compromised, it can impact many others, potentially numbered in the tens to thousands. If I were to have counted all of the individual cases, my database would have almost 12 million control system cyber incidents. The insurance industry and credit rating agencies […]