I very much recommend the CISA ICSJWG event coming up in Salt Lake City May 9-11. There is no charge to attend, the cross-industry steering committee assures a solid agenda, and the attendees are a who's who of industrial / OT cybersecurity who are there as much for the networking as for the agenda.
To most of us, “air gap” has only one meaning, and truly air gapped networks became a thing of the past in the late 1990’s. In fact, a material minority of practitioners define the term differently and insist that their kind of air gapped networks exist to this day. This inconsistency leads to
This is the OT security revolution. In the first decade of the OT / ICS security discipline, practitioners took inspiration from IT security, because that's all we had. Back then, the question was “how much like IT security can we make our OT / industrial security program?” Today, the world is a
ISO 27001 is all about protecting information. This is a source of great confusion in many industrial enterprises however, because as NIST 800-82 points out, the top priorities for physical industrial operations is almost always to protect safe and reliable operation of the physical process from cyb
NERC CIP is written in an abstract language – independent of technologies and network designs. Interpreting the standard for specific technologies and networks can be tricky. In this article, we look at one of the tricky bits in the standard: mixed-trust Active Directory servers.
A look at OT Security Trends 2022: OT-impacting ransomware more than doubling, new TSA directives and a promising development - Cyber-Informed Engineering
The new version of the US TSA Security Directive Pipeline 2021-02C is out. In this blog post, we look at what is likely to change in the future and explore some “future-proofing” ideas for security programs
Many boards are not convinced that their businesses have a problem with industrial cybersecurity. But anything that makes individual board members personally liable gets their attention. Andrew Ginter suggests 3 key take aways for persuading the board
Simplifying Network Segmentation for the TSA Pipeline Security Directive -understand the TSA directives. Learn how to protect pipelines using Unidirectional Security Gateways
The attack on the Belarusian rail system is yet another example of an attack that cripples IT systems, and so brings about OT consequences, like the Colonial Pipeline attack, and the JBS meatpacking attack
Effective the end of December 2021, new security directives require that railroad carriers, as well as owner/operator of a passenger railroad carrier or rail transit system, perform 4 critical actions. In this blog, post we are clarifying all the new information
Why is it, that the Colonial pipeline had to be shut down? Targeted ransomware can affect physical operations in one of three ways
Multi-factor authentication is held up as a 'silver bullet' for protecting remote access systems, but Pulse VPN MFA was just breached. What does this mean for industrial security?
The threat environment continues to evolve with Russian Sandworm group breaching Centreon monitoring system installations with targeted attacks. New blog post by Andrew Ginter
The High-Tech Association of the Israeli Manufacturers Association has named Lior Frenkel, co-founder and CEO of Waterfall Security Solutions, to lead a newly established Cyber Companies Forum. Read more
Industrial/OT cybersecurity programs include people, processes and technology. We often talk about our technology, unidirectional security gateways, here, but that technology alone is not all that is needed. A full program includes all the elements from the NIST framework. Click here to explore secu
There are voices in the industrial security community advocating a return to hard-wired protective relays, discarding two decades of progress in this space. But, a practical solution is to protect the protection. In power plants, as in high voltage substations, protective relays can be connected to
Critical infrastructure OT equipment directly connected to the Internet is the focus of the just-issued and very long NSA/CISA AA20-205A alert. Surprises: this is the first alert recommending a manual-ops fall-back plan (resilience) and a tamper-proof repository for "gold" images (to use during manu
Honda shut down a number of manufacturing facilities on Monday June 8, 2020, with most, but not all facilities back up again Tuesday. The (unconfirmed) cause appears to be an infestation by the “Snake” ransomware
The US government acts to protect the electric grid - but there is only so much any government can do. Unlike physical conflicts, the only way to defeat the most sophisticated cyber attacks is for individual sites to take the lead
English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ