Articles Third-Party Access One vendor credential. Every operator they serve. The supply chain cascade. 7 May 2026 One vendor credential. Every operator they serve. The supply chain cascade. When hackers breached Colonial Pipeline in May 2021, shutting down America's largest fuel pipeline for six days, investigators…
Articles Manufacturing & Industrial NotPetya 7 May 2026 NotPetya: How a Supply Chain Credential Compromise Cost Manufacturers $10 Billion On 27 June 2017, a routine software update from Ukrainian accounting firm M.E.Doc became the vector for the…
Articles Manufacturing & Industrial NIS2, IEC 62443, and CMMC 2.0 7 May 2026 NIS2, IEC 62443, and CMMC 2.0: what manufacturers must evidence on credential access When hackers infiltrated Toyota's supplier network in February 2022, stealing 296GB of technical drawings and blueprints, the attack…
Articles Critical Infrastructure NIS2 and IEC 62443 7 May 2026 NIS2 and IEC 62443: What They Require on Operational Technology Credential Access The December 2022 attack on Hydro-Québec's operational systems exposed a critical vulnerability that regulators had long feared: compromised…
Articles Critical Infrastructure NIS2 and Credential Control 7 May 2026 NIS2 and Credential Control — What Critical Infrastructure Operators Must Demonstrate Executive Summary The Network and Information Systems Directive 2 (NIS2), effective from October 2024, fundamentally transforms cybersecurity compliance…
Articles Managed Service Providers Kaseya 7 May 2026 Kaseya: how one MSP credential reached 1,500 downstream businesses in hours On July 2, 2021, attackers compromised a single Managed Service Provider credential at Kaseya, triggering the largest supply…
Articles Healthcare HIPAA, HITECH, and NIS2 7 May 2026 HIPAA, HITECH, and NIS2: what they actually require on credential access The €9.7 million fine levied against French healthcare technology company Dedalus in October 2024 under GDPR exposed a…
Articles Healthcare HIPAA Credential Access Requirements 7 May 2026 HIPAA Credential Access Requirements — The Structural Compliance Gap Healthcare Must Close Executive Summary Healthcare organizations face an unprecedented compliance crisis in credential management that extends far beyond surface-level security…
Articles Financial Services DORA and Credential Access 7 May 2026 DORA and Credential Access — The Structural Compliance Gap Financial Entities Must Close Executive Summary The Digital Operational Resilience Act (DORA), effective January 17, 2025, introduces unprecedented credential access requirements for…
Articles Defense & Government Defense Supply Chain Credential Assurance 7 May 2026 Defense Supply Chain Credential Assurance: the structural answer to SolarWinds When Russian intelligence operatives infiltrated SolarWinds in 2020, compromising 18,000 organizations including nine federal agencies, they did not…
Articles Critical Infrastructure Colonial Pipeline 7 May 2026 Colonial Pipeline: how one credential shut down fuel supply for the eastern United States On 7 May 2021, a single compromised password brought America's largest fuel pipeline to its knees. Colonial Pipeline,…
Articles Defense & Government CMMC 2.0 and NIST 800-171 7 May 2026 CMMC 2.0 and NIST 800-171: what contractors must evidence on credential access The Pentagon's recent directive to suspend Booz Allen Hamilton from new classified contracts following a credential breach that…