Best practice methodology for industrial network security: SEC-OT

Secure Operations Technology (SEC-OT) is a methodology and collection of best practices inspired by a decade of experience working with secure industrial sites. The SEC-OT approach is counter-intuitive to many IT and even industrial control system (ICS… Continue reading Best practice methodology for industrial network security: SEC-OT

IIoT technologies integration creates expansion opportunities in the industrial cybersecurity industry

High penetration of Industrial Internet of Things (IIoT) technology in critical infrastructure and the manufacturing sector has resulted in a growing number of potential cyber-attack surfaces. According to a recent analysis from Frost & Sullivan, … Continue reading IIoT technologies integration creates expansion opportunities in the industrial cybersecurity industry

Reddy Kilowatt Says, ‘Good Luck With That’

Image Credit: Courtesy of Busy Beaver Button Club – https://www.buttonmuseum.org/
via Lily Hay Newman, plying the scrvener trade for Condé Nast Inc. publication Wired, comes this superlative reportage, detailing the so-called ‘Hail Mary Plan to R… Continue reading Reddy Kilowatt Says, ‘Good Luck With That’

Closing the security gap will drive $125 billion critical infrastructure security spending

Critical infrastructures are radically transforming on an unprecedented scale, boosted by a rapid adoption of ‘smart’ operational technologies. Cybersecurity is a growing part of that evolution. ABI Research forecasts security spending for the protecti… Continue reading Closing the security gap will drive $125 billion critical infrastructure security spending

DerbyCon 2018, Justin Herman’s ‘Off-Grid Coms And Power’

Videography Credit: Irongeek (Adrian Crenshaw).
Permalink
The post DerbyCon 2018, Justin Herman’s ‘Off-Grid Coms And Power’ appeared first on Security Boulevard.
Continue reading DerbyCon 2018, Justin Herman’s ‘Off-Grid Coms And Power’

USB threat vector trends and implications for industrial operators

In an attempt to make industrial control systems less accessible to attackers, industrial players are limiting network access and increasingly using USB media devices to transfer patches, updates and files to those systems. But that choice is not devoi… Continue reading USB threat vector trends and implications for industrial operators

Many water and energy systems vulnerable to significant cyber risk

New Trend Micro research revealed how exposed human machine interface (HMI) systems in thousands of critical water and energy organizations around the world could be exploited, causing significant real-world impacts, such as contaminating the water sup… Continue reading Many water and energy systems vulnerable to significant cyber risk

Safeguarding global critical networks now and in the future

Lior Frenkel is the CEO and co-founder of Waterfall Security Solutions, a provider of unidirectional security gateways, stronger-than-firewalls perimeter security solutions for industrial control networks and critical infrastructures. In this interview… Continue reading Safeguarding global critical networks now and in the future

The risk to OT networks is real, and it’s dangerous for business leaders to ignore

Data from the new CyberX CyberX Global ICS & IIoT Risk Report shows major security gaps remain in key areas such as plain-text passwords, direct connections to the internet, and weak anti-virus protections. Although the prevalence of Windows XP an… Continue reading The risk to OT networks is real, and it’s dangerous for business leaders to ignore

GreyEnergy group targeting critical infrastructure with espionage

ESET has uncovered details of a successor to the BlackEnergy APT group. Named GreyEnergy by ESET, this threat actor focuses on espionage and reconnaissance, quite possibly in preparation for future cyber-sabotage attacks. BlackEnergy has been terrorizi… Continue reading GreyEnergy group targeting critical infrastructure with espionage