Category: Cyber Security CII sector

Cyber Security CII sector

CISA Helps Johnny Secure Operational Technology: New Guidance Addresses Cyber Risks from Legacy Protocols

Cyber Security CII sector, Industry News
CISA released the guidance Barriers to Secure OT Communication: Why Johnny Can’t Authenticate. This guidance highlights the known issues with insecure-by-design legacy industrial protocols and seeks to understand why the technology to secure these protocols is not widely adopted. CISA developed this guidance in partnership with operational technology (OT) equipment manufacturers and standard development organizations, by interviewing OT asset owners and operators to understand:
1. What motivates owners and operators to secure communication, and
2. What barriers prevent successful adoption from design through deployment and operations.
Legacy OT protocols lack strong protections against data alteration, device impersonation, and unauthorized access, making critical infrastructure vulnerable to cyber threats. Securing these protocols requires solutions that are practical for current operators as well as cyber experts. Based on the research conducted, CISA provides recommendations for how owners and operators can avoid the negative experiences of their peers, as well as recommendations to OT manufacturers to drive sustainable, more usable capabilities.
For OT Owners and Operators:
• Learn why message signing is the foundation for secure OT communication and when encryption is essential.
• Discover practical strategies for phased adoption of secure protocols to minimize operational risk.
• Identify which OT communications should be prioritized for enhanced security and resilience.
• Explore ways to simplify secure workflows and key management for easier implementation.
For Manufacturers:
• Gain insights from customer research to reduce customer friction and deliver more usable, secure products.
• Explore actionable recommendations to address cost and complexity barriers to secure communication.
• Learn how usability metrics like deployment time and ease of integration can differentiate your solutions and accelerate adoption.
CISA encourages critical infrastructure organizations and OT manufacturers to review and implement the recommendations in this guidance.
Leave a comment

Ignitis Gamyba Allocates €1.1 Million in Humanitarian Aid for Ukraine’s Critical Infrastructure

Cyber Security CII sector, Industry News, Power/Energy/Oil & Gas sector
From September 2024 to this October, Ignitis Gamyba allocated €1.1 million in humanitarian aid to support the restoration of Ukraine’s war‑damaged energy infrastructure. According to the European Commission, this is the largest logistical operation it has ever coordinated.
In just over a year, 145 lorries loaded with equipment were dispatched from the Vilnius TE‑3 Combined Heat and Power Plant. According to the company’s calculations, a total of 2,681 tonnes of equipment have been allocated for humanitarian aid.
“In this challenging period, as Ukraine experiences continued russian aggression and the destruction of its energy infrastructure, we remain firmly committed to supporting the Ukrainian people. Lithuania’s initiative to relocate a full thermal power plant, with a combined heat and electricity capacity of nearly 1,000 MW, to Ukraine through the EU Civil Protection Mechanism is a powerful example of solidarity and cooperation. A thermal power plant of this size can provide heating for approximately half of Vilnius households. This support is necessary to rebuild the energy sector, which is vital to the daily lives of Ukrainians. I am sincerely grateful to all the countries, companies and institutions involved in this massive project. This operation only became possible through the efforts of all of our partners,” says Minister of Energy Žygimantas Vaičiūnas.
The principal activities of Ignitis Gamyba’s TE‑3 were suspended in 2015 due to high operating costs and an assessment that operation of the power units would not have a significant impact on the stability of the electric power system.
“For more than 30 years, this power plant provided heating for roughly half of Vilnius households. Now it is no longer being used, but the equipment we preserved and kept operational was able to contribute to restoring vital functions in Ukraine,” said Ignitis Group CEO Darius Maikštėnas.
The transfer of equipment was officially confirmed on 15 July 2024, following the signing of a support agreement between Ignitis Gamyba and the electricity distribution network operator in Ukraine. For security reasons, more detailed information about the aid being provided, including the exact names of the equipment as well as the power plants it will be going to, cannot be disclosed.
Leave a comment

Poland Energy Sector Cyber Incident Highlights OT and ICS Security Gaps

Agency News, Cyber Security CII sector, Industry News
In December 2025, a malicious cyber actor(s) targeted and compromised operational technology (OT) and industrial control systems (ICS) in Poland’s Energy Sector—specifically renewable energy plants, a combined heat and power plant, and a manufacturing sector company—in a cyber incident. The malicious cyber activity highlights the need for critical infrastructure entities with vulnerable edge devices to act now to strengthen their cybersecurity posture against cyber threat activities targeting OT and ICS.
A malicious cyber actor(s) gained initial access in this incident through vulnerable internet-facing edge devices, subsequently deploying wiper malware and causing damage to remote terminal units (RTUs). The malicious cyber activity caused loss of view and control between facilities and distribution system operators, destroyed data on human machine interfaces (HMIs), and corrupted system firmware on OT devices. While the affected renewable energy systems continued production, the system operator could not control or monitor them according to their intended design.
CERT Polska’s incident report highlights:
- Vulnerable edge devices remain a prime target for threat actors.
  - As indicated by CISA’s Binding Operational Directive (BOD) 26-02: Mitigating Risk From End-of-Support Edge Devices, end-of-support edge devices pose significant risks.
- OT devices without firmware verification can be permanently damaged.
  - Operators should prioritize updates that allow firmware verification when available; if updates are not immediately feasible, ensure that cyber incident response plans account for inoperative OT devices to mitigate prolonged outages.
- Threat actors leveraged default credentials, a vulnerability not limited to specific vendors, to pivot onto the HMI and RTUs.
  - Operators should immediately change default passwords and establish requirements for integrators or OT suppliers to enforce password changes in the future.
CISA and the Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response (DOE CESER) urge OT asset owners and operators to review the following resources for more information about the malicious activity and mitigations:
- CERT Polska’s Energy Sector Incident Report - 29 December 2025.
- CISA’s joint fact sheet with FBI, EPA, and DOE Primary Mitigations to Reduce Cyber Threats to Operational Technology.
- DOE’s Energy Threat Analysis Center’s threat advisories.
Leave a comment

Draft NIST Guidelines Rethink Cybersecurity for the AI Era

Agency News, Cyber Security CII sector, Industry News
Artificial intelligence (AI) is impacting many organizations’ activities, and cybersecurity is no exception. For anyone interested in the opportunities and risks at the intersection of cybersecurity and AI, the National Institute of Standards and Technology (NIST) has released a preliminary draft of its Cyber AI Profile.
The publication, whose full title is the Cybersecurity Framework Profile for Artificial Intelligence (NISTIR 8596), offers guidelines for using the NIST Cybersecurity Framework (CSF 2.0) to accelerate the secure adoption of AI. The profile helps organizations think about how to strategically adopt AI while addressing emerging cybersecurity risks that stem from AI’s rapid advance.
“Regardless of where organizations are on their AI journey, they need cybersecurity strategies that acknowledge the realities of AI’s advancement,” said Barbara Cuthill, one of the profile’s authors.
The draft resulted from a yearlong effort on the part of NIST cybersecurity and AI experts. Over that time, more than 6,500 individuals have joined the community of interest to contribute to NIST’s development of the profile. After releasing an initial concept paper in February 2025, conducting a workshop the following April, and hosting a series of community of interest meetings in the summer, NIST is now releasing the preliminary draft of the profile for a 45-day public comment period.
The Cyber AI Profile centers on three focus areas:
- Securing AI systems: identifying cybersecurity challenges when integrating AI into organizational ecosystems and infrastructure
- Conducting AI-enabled cyber defense: identifying opportunities to use AI to enhance cybersecurity, and understanding challenges when leveraging AI to support defensive operations
- Thwarting AI-enabled cyberattacks: building resilience to protect against new AI-enabled threats
“The three focus areas reflect the fact that AI is entering organizations’ awareness in different ways,” Cuthill said. “But ultimately every organization will have to deal with all three.”
The Cyber AI Profile can help organizations use the CSF to crystallize their cybersecurity goals with respect to AI and CSF 2.0. The profile offers insights to help organizations understand, examine and address the cybersecurity concerns related to AI and thoughtfully integrate AI into their cybersecurity strategies.
NIST uses the term “community profile” to describe the application of CSF 2.0 to address shared interests and goals among organizations. The Cyber AI Profile joins other community profiles that NIST has created for the manufacturing, financial and telecommunications communities, among others.
The preliminary draft release is intended to seek feedback from the public to inform an initial public draft, which Cuthill says will further refine the profile and include mapping of additional relevant resources to the CSF. Following the 45-day comment period, NIST plans to develop the initial public draft for release in 2026.
When finalized, the profile will help organizations incorporate AI into their cybersecurity planning by suggesting key actions to prioritize, highlighting special considerations from specific parts of the CSF when considering AI, and providing mappings to other NIST resources, including the AI Risk Management Framework.
Cuthill said the authors hope to continue developing the profile as a tool that will prove useful to the community.
“The Cyber AI Profile is all about enabling organizations to gain confidence on their AI journey,” she said. “We hope it will help them feel equipped to have conversations about how their cybersecurity environment will change with AI and to augment what they are already doing with their cybersecurity programs.”
Leave a comment

NIST Launches Centers for AI in Manufacturing and Critical Infrastructure

Agency News, Cyber Security CII sector, Industry News
The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) has expanded its collaboration with the nonprofit MITRE Corporation as part of its efforts to ensure U.S. leadership in artificial intelligence (AI). Through this award, NIST is investing $20 million to establish two centers to advance the delivery of AI-based technology solutions to strengthen U.S. manufacturing and cybersecurity for critical infrastructure.
“This investment will help accelerate the application of AI in American manufacturing and help drive the American manufacturing renaissance,” said Deputy Secretary of Commerce Paul Dabbar. “We can harness AI to increase the competitiveness of our manufacturers and attract investment in America.”
The award is an important step in implementing NIST’s Strategy for American Technology Leadership in the 21st Century to accelerate the progress of critical and emerging technologies from development to adoption, in close partnership with U.S. industry.
“Our goal is to remove barriers to American AI innovation and accelerate the application of our AI technologies around the world,” said Acting Under Secretary of Commerce for Standards and Technology and Acting NIST Director Craig Burkhardt. “This new agreement with MITRE will focus on enhancing the ability of U.S. companies to make high-value products more efficiently, meet market demands domestically and internationally, and catalyze discovery and commercialization of new technologies and devices.”
The AI Economic Security Center for U.S. Manufacturing Productivity and the AI Economic Security Center to Secure U.S. Critical Infrastructure from Cyberthreats will drive the development and adoption of AI-driven tools, or “agents,” in these two national priority areas. The centers will develop the technology evaluations and advancements that are necessary to effectively protect U.S. dominance in AI innovation, address threats from adversaries’ use of AI, and reduce risks from reliance on insecure AI.
NIST will rely on existing resources to build on its expertise and carry forward recommendations in the White House’s July 2025 America’s AI Action Plan, including Pillar I: Accelerate AI Innovation and Pillar II: Build American AI Infrastructure.
These are important first steps in NIST’s programmatic plan to coordinate innovation-based research efforts for accelerating the development and deployment of critical technologies in areas of national priority. Building on its long history of public-private collaboration, NIST plans to use adaptive and flexible partnerships to develop, pilot and implement new advances to establish U.S. leadership and innovation in critical and emerging technologies such as AI, quantum information science and technology, and biotechnology.
The partnership will leverage MITRE’s long-standing mission to operate federally funded research and development centers. NIST expects the AI centers to enable breakthroughs in applied science and advanced technology and deliver disruptive innovative solutions to tackle the most pressing challenges facing the nation.
This agreement expands NIST’s portfolio of AI-focused programs and builds on the private-public partnerships leveraged by the Center for AI Standards and Innovation (CAISI), which leads evaluations of U.S. and adversary systems and contributes to NIST’s efforts to develop best practices. CAISI has established voluntary agreements with multiple developers of leading-edge or “frontier” AI models to enable collaborative research and voluntary testing of industry models for priority national security capabilities.
In the coming months, NIST plans to announce its award for the AI for Resilient Manufacturing Institute, through the Manufacturing USA program. With up to $70 million in investment over a five-year period from NIST and at least that much in nonfederal funding, the institute will bring together expertise in AI, manufacturing and supply chain networks to promote manufacturing resilience.
Combined, these efforts will enhance NIST’s core research, standards and technology mission to tackle barriers preventing U.S. innovation and leadership in AI.
Leave a comment

NSA Releases First in Series of Zero Trust Implementation Guidelines

Agency News, Cyber Security CII sector, Industry News
The National Security Agency (NSA) is releasing the first two products in a series of Zero Trust Implementation Guidelines (ZIGs) to provide practical, actionable recommendations to facilitate the implementation of Zero Trust (ZT).
This series of reports outlines the steps to implement the technologies and processes that support achieving the Target-level ZT Capabilities, Activities, and Expected Outcomes described in the Department of War (DoW) CIO ZT Framework.
The Primer and Discovery Phase are the gateway to ZT implementation, providing guidance and direction to ensure organizations are fully equipped to digest and implement the Phase 1 and Phase 2 ZIGs upon their release.
The Primer outlines the strategy and principles used to develop the ZIGs and provides a holistic approach to maximizing the usage of the series. Notably, the ZIGs are designed to be modular, allowing organizations at different levels of ZT maturity to select and implement the capabilities most relevant to the needs of their environment.
The Discovery Phase is intended to help organizations establish foundational visibility and understand the critical data, applications, assets, and services, as well as access and authorization activity existing within the architecture. The goal of this initial phase is to enable informed prioritization and planning by creating a reliable baseline that supports effective ZT implementation.
System owners, cybersecurity professionals, and stakeholders should review these foundational guidelines to gain a deeper understanding of ZT activities and their organization’s operational landscape in preparation for the release of the Phase 1 and Phase 2 ZIGs.
Leave a comment

CISA Unveils Enhanced Cross-Sector Cybersecurity Performance Goals

Agency News, Cyber Security CII sector, Industry News
New Benchmarks Empower Organizations to Counter Emerging Threats, Build Cyber Resilience, and Strengthen Governance
the Cybersecurity and Infrastructure Security Agency (CISA) released version 2.0 of its Cross-Sector Cybersecurity Performance Goals (CPGs), offering organizations a more robust framework for integrating cybersecurity into daily operations. The updated CPGs align with the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) 2.0, incorporates three years of operational insights, and address emerging threats through data-driven, actionable guidance. These enhancements are designed to promote accountability, improve risk management, and support strategic cybersecurity governance across sectors.
The Cross-Sector CPGs represent a targeted subset of best practices, carefully selected through extensive consultation with industry leaders, government stakeholders, and cybersecurity experts. Designed to meaningfully reduce risks to critical infrastructure and safeguard the American public, these goals offer a practical starting point for small and medium-sized organizations. By focusing on a limited set of high-impact actions, the CPGs help prioritize cybersecurity investments that deliver measurable improvements in resilience and risk reduction.
The updated goals offer expanded and clarified guidance across key cybersecurity domains—including account and device security, data protection, governance, vulnerability management, supply chain risk, and incident response and recovery. Building on the foundation of version 1.0.1, CPG 2.0 introduces several notable improvements:
- Governance Emphasis: A new “Govern” function underscores the critical role of organizational leadership in cybersecurity, regrouping existing goals and introducing two new ones focused on risk management strategy, policy development, and executive accountability.
- Unified Goal Structure: Operational Technology (OT) and Information Technology (IT) goals are now consolidated into universal goals, eliminating silos across IT, Internet of Things (IoT), and OT environments.
- Threat-Responsive Expansion: New goals address emerging threats, third-party risk, zero trust architecture, and incident communication protocols.
- Streamlined Framework: Redundant, unclear, or underutilized goals have been removed to improve clarity and usability.
- Enhanced Documentation: Each goal now includes clearer methodology and supporting materials to reduce guesswork and improve implementation.
“Over the past year, CISA has engaged extensively with hundreds of stakeholders across both the public and private sectors to ensure the updated goals reflect real-world challenges and operational realities,” said Madhu Gottumukkala, Acting CISA Director. “Version 2.0 demonstrates our commitment to listening to and incorporating partner feedback to deliver practical, outcome-driven guidance that organizations can act on. These goals are applicable across all critical infrastructure sectors and offer foundational protection for organizations regardless of their cybersecurity maturity. We encourage all organizations to adopt the new CPGs and continue sharing feedback to help us refine future iterations.”
The Cross-Sector CPGs serve three primary purposes:
- Provide measurable actions that critical infrastructure entities can take to achieve a basic level of cybersecurity.
- Bridge communication gaps between IT/OT technical staff and organizational leadership to align on cybersecurity priorities.
- Support strategic planning by offering clear guidance that informs both near- and long-term cybersecurity investments.
CISA encourages organizations to adopt the voluntary Cross-Sector CPGs. To learn more about the updated Cybersecurity Performance Goals and how they can support your organization’s cybersecurity program, visit Cross-Sector Cybersecurity Performance Goals and Objectives.
Leave a comment

Mistaking AI vulnerability could lead to large-scale breaches, NCSC warns

Agency News, Cyber Security CII sector, Industry News
NCSC raises alert on “dangerous” misunderstanding of emergent class of vulnerability in generative artificial intelligence (AI) applications.
The National Cyber Security Centre (NCSC) – a part of GCHQ – has shared critical insights cautioning cyber security professionals against comparing prompt injection and more classical application vulnerabilities classed as SQL injection.
A new blog advises that, contrary to first impressions, prompt injection attacks against generative artificial intelligence applications may never be totally mitigated in the way SQL injection attacks can be.
Unlike SQL mitigation techniques, which hinge on enforcing a clear separation between data and instructions, prompt injection exploits the inability of large language models (LLMs) to distinguish between the two.
Without action addressing this misconception, the NCSC warns, websites risk falling victim to data breaches exceeding those seen from SQL injection attacks in the 2010s, impacting UK businesses and citizens into the next decade.
Backing proactive adoption of cyber risk management standards, the NCSC challenges claims that prompt injections can be ‘stopped’.
Instead, it suggests efforts should turn to reducing the risk and impact of prompt injection and driving up resilience across AI supply chains.
As AI technologies become embedded in more UK business operations, the NCSC calls on AI system designers, builders and operators to take control of manageable variables, acknowledging that LLM systems are “inherently confusable” and their risks managed in different ways.
Leave a comment

CISA Launches New Platform to Strengthen Industry Engagement and Collaboration

Agency News, Cyber Security CII sector, Industry News
The Cybersecurity and Infrastructure Security Agency (CISA) launched a new Industry Engagement Platform (IEP) designed to facilitate structured, two-way communication between the agency and companies developing innovative and security technologies. The IEP enables CISA to better understand emerging solutions across the technology ecosystem while giving industry a clear, transparent pathway to engage with the agency.
“With the launch of this new platform, we’re opening the door wider to innovation—giving industry a direct line to share the tools and technologies that can help CISA stay ahead of evolving threats,” said CISA Acting Director Madhu Gottumukkala. “The private sector drives innovation and this collaboration is essential to our national resilience.”
The IEP allows organizations – including industry, non-profits, academia, government partners at all and the research community – with a structured process to request conversations with CISA subject matter experts to describe new technologies and capabilities. These engagements give innovators the opportunity to present solutions that may strengthen our nation’s cyber and infrastructure security.
Through customizable technology profiles, the IEP helps connect organizations to the right CISA experts by capturing areas of expertise and specific topics organizations wish to discuss. Participants may also upload capability overviews for CISA to reference in market research and in understanding emerging technologies across sectors.
While participation in the IEP does not provide preferential consideration for future federal contracts, it serves as a key channel for CISA to gain insight into new capabilities and market trends that support mission needs.
CISA encourages organizations with new, emerging, or advanced technology solutions to visit the Industry Engagement Platform. Current areas of interest include:
- Information technology and security controls
- Data, analytics, storage, and data management
- Communications technologies
- Any emerging technologies that advance CISA’s mission, including post-quantum cryptography and other next-generation capabilities
“Strategic collaboration is essential to strengthening national security and resilience,” Gottumukkala added. “The IEP is one of the ways CISA is aligning innovation with mission needs to advance the defense of our nation’s cyber and critical infrastructure.”
Leave a comment

Key international organizations align on AI standards

Cyber Security CII sector, Industry News
International standardization bodies have pledged to cooperate on standards for artificial intelligence (AI), aiming to help build an open, sustainable and secure future for all.
The International Electrotechnical Commission (IEC), the International Organization for Standardization (ISO), and the International Telecommunication Union (ITU), at their latest global meeting in Seoul, Republic of Korea, issued a joint commitment to advance the well-being of humanity through AI standards.
The International Summit on AI Standards explores the complex challenges posed by AI and the opportunity to bridge digital divides through effective international standards.
The Seoul Statement enshrines a joint by the three organizations to advance AI standards for the benefit of everyone worldwide.
“Standards are technical tools to uphold the principles we want to live by,” said Seizo Onoe, Director of the Telecommunication Standardization Bureau at ITU. “The vision set out by this joint statement calls for diverse expertise and global commitment to collaboration and consensus – exactly what drives our standards work and exactly the spirit needed to create the future we want.”
A shared vision of AI for humanity
The statement sets out a joint vision and commitments from ITU, ISO and IEC on how technical standards can support the development and deployment of trustworthy AI systems that benefit society, drive innovation, and uphold fundamental rights.
“AI has the potential to bring profound benefits to people and economies across the globe,” said ISO President Sung Hwan Cho. “But to ensure this potential is realized equitably and responsibly, International Standards are essential. This joint statement reflects our commitment to strengthening cooperation across our organizations to deliver relevant, robust and human-centric standards that guide the responsible design and use of AI technologies.”
The summit brought together over 300 participants from 65 countries to share perspectives from government, industry, academia, civil society, the public and private sectors, international organizations and UN agencies.
Reliability and sustainability are crucial for standards to advance the global good. So is respect for human rights.
“The rapid rise of AI confirms a basic truth: technology is always about people,” said IEC President Jo Cops. “As AI becomes central to the global economy, we must urgently establish a guiding framework. This joint commitment underscores the value of international standards as the blueprint for safe, trustworthy, and people-centered AI development.”
Key commitments
The Seoul Statement outlines four key commitments to advance sustainable development and allow everyone to benefit from the AI revolution.
Together, IEC, ISO and ITU have pledged to:
- Actively incorporate socio-technical dimensions in standards development.
- Deepen the understanding of the interplay between international standards and human rights, recognizing both their importance and universality.
- Strengthen an inclusive, dynamic multistakeholder community to develop and apply international standards for the design, deployment, and governance of AI.
- Enhance public-private collaboration on AI capacity building.
Leave a comment
1 2 3 35