Category: Agency News

Commission Communication to strengthen the resilience of critical entities across the EU adopted

Agency News, Industry News

On 11 September 2025, a Commission Communication to strengthen the resilience of critical entities across the EU was adopted. It provides non-binding guidance to EU countries to identify their critical entities and a risk assessment reporting template.

Directive (EU) 2022/2557 on the resilience of critical entities1 (‘the Directive’) aims to ensure that services essential for the maintenance of vital societal functions or economic activities are provided in an unobstructed manner in the internal market. The Directive enhances the resilience of the critical entities providing such services and creates an overarching framework of resilience of critical entities in respect of all hazards (natural and man-made, accidental or intentional).
To achieve a high level of resilience, Member States have obligations under the Directive. The Commission was mandated to develop recommendations, non-binding guidelines and a voluntary common reporting template to support them in fulfilling some of these obligations. Specifically, this Communication gives effect to Article 5(5) of the Directive regarding the development of a template for the provision of certain information to the Commission, to Article 6(6) of the Directive regarding the development of recommendations and guidelines to support Member States in identifying critical entities, and to Article 7(3) of the Directive regarding the adoption of guidelines to facilitate the application of the criteria for determining the significance of a disruptive effect, taking into account the information that Member States must submit in accordance with Article 7(2) of the Directive.
Before the adoption of this Communication, in accordance with the aforementioned provisions, Member States were consulted in a workshop that took place on 3-4 October 2024 and the Critical Entities Resilience Group (CERG) was consulted on 12 February 2025. Further bilateral consultations of CERG delegates took place in writing in March 2025 and an updated version was shared with the CERG on 7 April 2025.
The present Communication is not legally binding and does not affect the interpretation of EU law by the Court of Justice of the European Union.
The voluntary common reporting template for Member States to provide certain information related to the risk assessment to the Commission, as provided for in Article 5(5) of the Directive, is set out in the Annex.
Although this reporting template is voluntary in nature, Member States are encouraged to use it when providing information pursuant to Article 5(4) of the Directive.
Further details can be found in the 'Commission Guidelines and reporting template developed pursuant to Articles 5(5), 6(6) and 7(3) of Directive (EU) 2022/2557 on the resilience of critical entities'.
Leave a comment

Standards Australia adopts world’s foremost standard for operational technology

Agency News, Cyber Security CII sector, Industry News
Australia has officially adopted the AS IEC 62443 series as national standards for protecting Operational Technology (OT) in critical infrastructure from cyber threats. This decision comes as cyberattacks grow more frequent and sophisticated, increasingly targeting the systems that support our daily lives.
OT systems are the backbone of essential services such as energy, water, transport, medical devices, and building automation. A successful cyberattack on these systems could disrupt communities, threaten public safety, and harm the environment. The AS IEC 62443 standards help prevent this by offering a clear, structured approach to cybersecurity that supports safety, reliability, and resilience throughout the life of these systems.
A Practical Framework for Securing OT Systems
OT environments face unique cybersecurity challenges that differ from traditional IT systems. To address these, specialised standards were developed for Industrial Automation and Control Systems (IACS). In response, the IEC/Technical Committee 65 Industrial-process measurement, control and automation developed the IEC 62443 series – Security for industrial automation and control systems. These standards are now recognised in Australia as AS IEC 62443, with the support and contributions from our national committee IT-006.
These standards are modular and role-based, allowing users to select only the parts relevant to their responsibilities or the stage of the system lifecycle they’re working in. They are designed for asset owners, service providers, and product suppliers, and they align with local regulatory requirements—making implementation practical and effective across sectors.
The benefits of adopting AS IEC 62443 are wide-reaching:
- Protects public health by helping to reduce the risk of system failures caused by cyberattacks
- Supports social stability by safeguarding the essential services communities rely on
- Boosts economic opportunities by allowing consumers to safely participate in energy markets, such as selling power back to the grid
- Reduces reputational risk by minimising the chance of prolonged outages and public fallout for organisations managing critical infrastructure
The IEC continues to evolve these standards to meet the needs of emerging technologies and smart systems. A new addition – Part 1-6 – will address the application of the series to the Industrial Internet of Things, further supporting the safety, reliability, and performance of smart energy, smart manufacturing, and smart cities.
By adopting AS IEC 62443, Australia is taking a proactive step to ensure its critical infrastructure is secure, resilient, and ready for the future.
Leave a comment ,

Thorium Platform Public Availability

Agency News, Cyber Security CII sector, Industry News
CISA, in partnership with Sandia National Laboratories, announced the public availability of Thorium, a scalable and distributed platform for automated file analysis and result aggregation. Thorium enhances cybersecurity teams' capabilities by automating analysis workflows through seamless integration of commercial, open-source, and custom tools. It supports various mission functions, including software analysis, digital forensics, and incident response, allowing analysts to efficiently assess complex malware threats.
Thorium enables teams that frequently analyze files to achieve scalable automation and results indexing within a unified platform. Analysts can integrate command-line tools as Docker images, filter results using tags and full-text search, and manage access with strict group-based permissions.
Designed to scale with hardware using Kubernetes and ScyllaDB, Thorium can ingest over 10 million files per hour per permission group while maintaining rapid query performance. It also allows users to define event triggers and tool execution sequences, control the platform via RESTful API, and aggregate outputs for further analysis or integration with downstream processes.
CISA encourages cybersecurity teams to use Thorium and provide feedback to enhance its capabilities. For more information on Thorium and how it can improve your cybersecurity operations, see CISA’s Thorium resource webpage.
One comment

CISA and USCG Issue Joint Advisory to Strengthen Cyber Hygiene in Critical Infrastructure

Agency News, Cyber Security CII sector, Industry News
CISA, in partnership with the U.S. Coast Guard (USCG), released a joint Cybersecurity Advisory aimed at helping critical infrastructure organizations improve their cyber hygiene. This follows a proactive threat hunt engagement conducted at a U.S. critical infrastructure facility.
During this engagement, CISA and USCG did not find evidence of malicious cyber activity or actor presence on the organization’s network but did identify several cybersecurity risks. CISA and USCG are sharing their findings and associated mitigations to assist other critical infrastructure organizations identify potential similar issues and take proactive measures to improve their cybersecurity posture. The mitigations include best practices such as not storing passwords or credentials in plaintext, avoiding sharing local administrator account credentials, and implementing comprehensive logging.
In coordination with the organization where the hunt was conducted, CISA and USCG are sharing cybersecurity risk findings and associated mitigations to assist other critical infrastructure organizations with improving their cybersecurity posture. Recommendations are listed for each of CISA’s findings, as well as general practices to strengthen cybersecurity for OT environments. These mitigations align with CISA and the National Institute for Standards and Technology’s (NIST) Cross-Sector Cybersecurity Performance Goals (CPGs), and with mitigations provided in the USCG Cyber Command’s (CGCYBER) 2024 Cyber Trends and Insights in the Marine Environment (CTIME) Report.
Although no malicious activity was identified during this engagement, critical infrastructure organizations are advised to review and implement the mitigations listed in this advisory to prevent potential compromises and better protect our national infrastructure. These mitigations include the following (listed in order of importance):
- Do not store passwords or credentials in plaintext. Instead, use secure password and credential management solutions such as encrypted password vaults, managed service accounts, or built-in secure features of deployment tools.
- Ensure that all credentials are encrypted both at rest and in transit. Implement strict access controls and regular audits to securely manage scripts or tools accessing credentials.
- Use code reviews and automated scanning tools to detect and eliminate any instances of plaintext credentials on hosts or workstations.
- Enforce the principle of least privilege, only granting users and processes the access necessary to perform their functions.
- Avoid sharing local administrator account credentials. Instead, provision unique, complex passwords for each account using tools like Microsoft’s Local Administrator Password Solution (LAPS) that automate password management and rotation.
- Enforce multifactor authentication (MFA) for all administrative access, including local and domain accounts, and for remote access methods such as Remote Desktop Protocol (RDP) and virtual private network (VPN) connections.
- Implement and enforce strict policies to only use hardened bastion hosts isolated from IT networks equipped with phishing-resistant MFA to access industrial control systems (ICS)/OT networks, and ensure regular workstations (i.e., workstations used for accessing IT networks and applications) cannot be used to access ICS/OT networks.
- Implement comprehensive (i.e., large coverage) and detailed logging across all systems, including workstations, servers, network devices, and security appliances.
- Ensure logs capture information such as authentication attempts, command-line executions with arguments, and network connections.
- Retain logs for an appropriate period to enable thorough historical analysis (adhering to organizational policies and compliance requirements) and aggregate logs in an out-of-band, centralized location, such as a security information event management (SIEM) tool, to protect them from tampering and facilitate efficient analysis.
Leave a comment

CISA and Partners Release Updated Advisory on Scattered Spider Group

Agency News, Cyber Security CII sector, Industry News
CISA, along with the Federal Bureau of Investigation, Canadian Centre for Cyber Security, Royal Canadian Mounted Police, the Australian Cyber Security Centre’s Australian Signals Directorate, and the Australian Federal Police and National Cyber Security Centre, released an updated joint Cybersecurity Advisory on Scattered Spider—a cybercriminal group targeting commercial facilities sectors and subsectors. This advisory provides updated tactics, techniques, and procedures (TTPs) obtained through FBI investigations conducted through June 2025.
Scattered Spider threat actors have been known to use various ransomware variants in data extortion attacks, most recently including DragonForce ransomware. While Scattered Spider often changes TTPs to remain undetected, some TTPs remain consistent. These actors frequently use social engineering techniques such as phishing, push bombing, and subscriber identity module swap attacks to obtain credentials, install remote access tools, and bypass multi-factor authentication.
The Mitigations section of the Scattered Spider joint Cybersecurity Advisory offers critical infrastructure organizations and commercial facilities recommendations to fortify their defenses.
Leave a comment

Critical Infrastructure Protection & Resilience Europe announces Preliminary Conference Programme

Agency News, Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector, Telecomms sector, Transport sector
The 10th Critical Infrastructure Protection & Resilience Europe, taking place in Brindisi, Italy on 14th-16th October, has announced its Preliminary Conference Programme, with a fantastic line up of international expert speakers sharing their thoughts, experiences and expertise at this premier conference.
Download your guide at www.cipre-expo.com/guide
The second ‘Critical Infrastructure Protection Week in Europe’ will take place in Italy, Brindisi and will see the International Association for CIP Professionals (IACIPP) host the ‘Critical Infrastructure Protection & Resilience Europe’ conference and exhibition and ‘The International Emergency Management Society (TIEMS)’ conference as the two key events as part of the initiative.
Download your preliminary conference guide now
The Preliminary Conference Programme guide provides you with the latest conference agenda, speakers and information to plan your attendance to the premier conference for the critical infrastructure protection, civil contingencies and safer cities professionals.
Download your guide at www.cipre-expo.com/guide
Register online today at: https://www.cipre-expo.com/buy-tickets/
#criticalinfrastructure #criticalinfrastructureprotection #cybersecurity #resilience #emergencymanagement #transport #energy #communications #security #criticalassets #criticalcommunications #firstresponders #nis2 #cerdirective #uas #drones #riskmanagement #riskmitigation
Leave a comment

CISA and Partners Urge Critical Infrastructure to Stay Vigilant in the Current Geopolitical Environment

Agency News, Cyber Security CII sector, Industry News
CISA, in collaboration with the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA), released a Fact Sheet urging organizations to remain vigilant against potential targeted cyber operations by Iranian state-sponsored or affiliated threat actors.
Over the past several months, there has been increasing activity from hacktivists and Iranian government-affiliated actors, which is expected to escalate due to recent events. These cyber actors often exploit targets of opportunity based on the use of unpatched or outdated software with known Common Vulnerabilities and Exposures or the use of default or common passwords on internet-connected accounts and devices.
At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. However, CISA, FBI, DC3, and NSA strongly urge critical infrastructure asset owners and operators to implement the mitigations recommended in the joint Fact Sheet, which include:
• Identifying and disconnecting operational technology and industrial control systems devices from the public internet,
• Protecting devices and accounts with strong, unique passwords,
• Applying the latest software patches, and
• Implementing phishing-resistant multifactor authentication for access to OT networks.
Review the joint Fact Sheet: Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest and act now to understand the Iranian state-backed cyber threat, assess and mitigate cybersecurity weaknesses, and review and update incident response plans to strengthen your network against malicious cyber actors.
Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest
CISA, the Federal Bureau of Investigation (FBI), the Department of Defense Cyber Crime Center (DC3), and the National Security Agency (NSA) published Iranian Cyber Actors May Target Vulnerable US Networks and Entities of Interest. This joint fact sheet details the need for increased vigilance for potential cyber activity against U.S. critical infrastructure by Iranian state-sponsored or affiliated threat actors.
Defense Industrial Base companies, particularly those possessing holdings or relationships with Israeli research and defense firms, are at increased risk.
At this time, we have not seen indications of a coordinated campaign of malicious cyber activity in the U.S. that can be attributed to Iran. However, CISA urges owners and operators of critical infrastructure organizations and other potentially targeted entities to review this fact sheet to learn more about the Iranian state-backed cyber threat and actionable mitigations to harden cyber defenses.
Leave a comment

DHS S&T Releases New Tool to Strengthen Global Navigation Satellite Systems for Critical Infrastructure

Agency News, Industry News, Space Sector
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) launched an important new resource on GitHub to help safeguard critical infrastructure: the Global Navigation Satellite System (GNSS) Test Vector Suite and Distribution Methodology. This effort supports Executive Order 13905, which aims to protect essential Positioning, Navigation and Timing (PNT) systems used in industries like energy, transportation and telecommunications.
PNT systems rely on accurate GNSS signals to function properly. If these signals are disrupted – whether by natural events, technical failures, or cyber threats – critical services could be impacted. To address this risk, the GNSS Test Vector Suite and Distribution Methodology provides critical infrastructure owners and operators the tools to independently identify and define appropriate test scenarios that support standards conformity assessments, to help evaluate and improve the resilience of their systems.
“Accurate and precise Positioning, Navigation, and Timing information is vital to the nation’s critical infrastructure and is the backbone of the many services we depend on daily, from keeping our lights on to ensuring planes land safely,” said Julie Brewer, DHS Acting Under Secretary for Science and Technology. “This new toolset gives people responsible for safeguarding these systems a way to independently test and strengthen them, ensuring our nation’s infrastructure is more secure against potential disruptions.”
The GNSS Test Vector Suite includes a standardized set of test scenarios and tools that allow developers and testers to assess how well their equipment can handle challenges like signal interference or spoofing attempts. The process works as follows:
- The GNSS Test Vector Suite generates simulated data - The data is converted into signals that mimic real-world GNSS systems - These signals are fed into designated GNSS devices or other PNT equipment, enabling users to evaluate how their systems respond to simulated disruptions
By offering this testing capability, S&T is helping critical infrastructure operators identify vulnerabilities in PNT systems and ensure they meet established resilience standards. This is a critical step in protecting the essential systems that Americans rely on every day.
Leave a comment

Unlocking the Potential of Public-Private Partnerships for Enhanced Security

Agency News, Industry News
Public-Private Partnerships (PPPs) are essential in enhancing security across various environments, including critical infrastructure. In its new White Paper, CoESS, the European Private Security Employers’ Representation, demonstrates how collaboration between Law Enforcement Agencies (LEAs) and Private Security Companies (PSCs) can strengthen overall security and societal resilience.
The paper draws on theoretical sources and showcases best practices to highlight the benefits of PPPs but also describe the challenges that hinder their effectiveness. It offers recommendations for all stakeholders involved to overcome barriers, implement key success criteria and optimise the potential of PPPs. The White Paper is jointly published by CoESS and its Dutch member, Nederlandse Veiligheidsbranche, with the support of the International Security Ligue.
The White Paper was officially launched at the European Security Summit, on 10 October 2024 in The Hague.
This article outlines the key takeaways from the White Paper, which will drive the policy and advocacy actions of CoESS, among others when contributing to EU policies such as the Preparedness Union and the Internal Security Strategy.
An Opportunity for Complementarity and Increased Efficiency
Public-Private Partnerships considered in this paper are all forms of cooperation between LEAs and PSCs. As such, they combine the strengths and resources of public security forces with the specialized capabilities of private security companies. This collaboration addresses complex security challenges efficiently, ensuring a comprehensive approach to the protection of people, assets and infrastructure, and thus society as a whole. The synergy allows for an extended security reach, leverages advanced technologies, and enhances the strategic allocation of resources across the security spectrum.
Significance and Impact
PPPs are shown to optimize the use of resources, allowing LEAs to focus on their core tasks while PSCs address the prevention and detection dimensions. The partnerships enhance operational capabilities, provide scalability in response to changing security demands, and introduce innovative solutions to security management. This strategic collaboration leads to improved flexibility in operations and a proactive stance in security planning.
Highlights
Surprisingly, PPPs are legally possible in only 9 out of 27 EU Member States and mostly in Western European countries, where they cover different realities. While some Member States have advanced partnerships based on formal frameworks, others are informal, local and temporary. The type of protected objects and events also vary, as do the missions that are given to the PSCs.
There is a correlation between the level of professionalism of the industry, the maturity of the legal framework, and the depth of cooperation between LEAs and PSCs. The White Paper describes the advantages in operating PPPs, including:
• Resource Efficiency: Private companies support LEAs by handling preventive and surveillance tasks, freeing up public resources for LEAs to concentrate on their core missions.
• Advanced Specialization: PPPs bring state of-the-art technology and specialized skills, particularly valuable in areas in which they have developed particular know-how, such as access control, distance surveillance and monitoring, protecting certain infrastructure (critical and others), etc.
• Strategic Flexibility: The ability to dynamically scale security measures in response to situational analyses enhances both proactive and reactive capabilities.
Implications for the Security Landscape
The increased complexity and diversity of threats require a shift towards a more integrated and responsive security framework. This approach not only improves immediate responses to threats but also supports a sustained security strategy that adapts to future challenges. The implications extend beyond immediate security enhancements, suggesting long-term benefits in public safety and trust.
Challenges and Strategies for Overcoming Obstacles in PPPs
While Public-Private Partnerships offer substantial benefits, they also face specific challenges that can hinder their effectiveness. Key obstacles include issues of trust and information sharing, differing operational cultures between public and private entities, and regulatory constraints that can stifle collaborative efforts.
To overcome these challenges, the White Paper recommends several measures, of which the following are particularly important:
1. Enhancing Trust and Transparency: Building trust is fundamental. Initiatives such as joint training sessions, shared operational planning, and regular stakeholder meetings can foster a mutual understanding and strengthen trust. Clear communication and transparency in operations and decision-making processes are crucial for developing a reliable partnership.
2. Harmonizing Standards and Practices: Developing common standards and practices across public and private sectors within PPPs can alleviate cultural and operational discrepancies. Areas to look into may include training, security protocols, data interoperability, vulnerability assessments and complementarity in response strategies to optimise cooperation.
3. Regulatory Adjustments: Modifying existing laws and regulations to support PPP frameworks and allow for the exchange of information between PSCs and LEAs is essential. Legislation should support best value procurement, collaborative actions and facilitate rather than inhibit information sharing, ensuring that both public and private entities operate under a supportive legal framework that will help reinforce mutual trust and promote cooperation. Finally, legislation should also provide that LEAs have a good understanding of what PSCs can and can’t do. This could be included in basic LEA staff training.
By addressing these challenges through targeted strategies, PPPs can not only enhance their operational effectiveness but also achieve a more resilient and adaptive security infrastructure. These efforts require ongoing commitment and adaptation from all stakeholders involved to ensure the continued success and evolution of PPPs in the security sector.
In conclusion, Public-Private Partnerships are indispensable in the modern security apparatus. By effectively combining the unique strengths of LEAs and PSCs, PPPs not only enhance current security measures but also prepare organizations for emerging threats. This White Paper supports the continued development and refinement of PPP frameworks to maximize their positive impact on public security.
About the Author:
Catherine Piana is the Director General of both CoESS and the Aviation Security Services Association – international (in short ASSA-i) and the co-owner and Managing Director of the internationally acclaimed e-learning platform on the Insider Threat, Help2Protect.
The White Paper can be downloaded free of charge at https://coess.org
Leave a comment

EU Space Act - Strengthening Safety, Resilience and Sustainability in Space

Agency News, Industry News, Space Sector
The EU Space Act is a legislative initiative by the European Commission that introduces a harmonised framework for space activities across the Union. The proposal, launched on 25 June 2025, aims to ensure safety, resilience, and environmental sustainability, while boosting the competitiveness of the EU space sector.
Europe’s current regulatory landscape is fragmented—13 different national approaches increase complexity and costs for businesses. The EU Space Act will create a single market for space activities, making it easier for companies, particularly start-ups and SMEs, to grow and operate across borders.
What will the EU Space Act do?
The proposal is structured around three key pillars:
- Safety
The Act introduces robust rules for tracking space objects and mitigating space debris, preserving Europe’s secure and uninterrupted access to space.
- Resilience
Tailored cybersecurity requirements will strengthen protection of European space infrastructure and ensure business continuity.
- Sustainability
Operators will need to assess and reduce the environmental impact of their space activities, while benefiting from support for innovation in emerging technologies like in-orbit servicing and debris removal.
The new rules will apply to both EU and non-EU operators providing space services in Europe. Proportional requirements will be scaled based on company size and risk profile, ensuring a fair, innovation-friendly regulatory environment.
Support for Industry and Member States
A targeted support package will help businesses and Member States transition smoothly. Special attention is given to reducing administrative burdens and facilitating compliance, especially for start-ups, SMEs and small mid-caps.
Next Steps
The legislative proposal will be negotiated under the ordinary legislative procedure by the European Parliament and the Council.
For more details visit: EU Space Act - European Commission
Leave a comment
1 2 3 44