Why Operational Technology Security Cannot Be Avoided

Operational technology (OT) includes any hardware and software that directly monitors and controls industrial equipment and all its assets, processes and events to detect or initiate a change. Yet despite occupying a critical role in a large number of essential industries, OT security is also uniquely vulnerable to attack. From power grids to nuclear plants, […]

The post Why Operational Technology Security Cannot Be Avoided appeared first on Security Intelligence.

Continue reading Why Operational Technology Security Cannot Be Avoided

Watchdog: Agency overseeing cybersecurity for offshore energy falling short

The Government Accountability Office said that a worst-case scenario for an offshore oil and gas facility could lead to fatalities.

The post Watchdog: Agency overseeing cybersecurity for offshore energy falling short appeared first on CyberScoop.

Continue reading Watchdog: Agency overseeing cybersecurity for offshore energy falling short

CISA’s critical infrastructure performance goals win praise, but questions remain about effectiveness

The performance goals that industrial cybersecurity experts welcomed could be overshadowed by incoming mandates.

The post CISA’s critical infrastructure performance goals win praise, but questions remain about effectiveness appeared first on CyberScoop.

Continue reading CISA’s critical infrastructure performance goals win praise, but questions remain about effectiveness

White House announces 100-day cyber sprint for chemical sector

The sprint is the latest effort from the White House to improve cybersecurity and monitoring in industrial control systems.

The post White House announces 100-day cyber sprint for chemical sector appeared first on CyberScoop.

Continue reading White House announces 100-day cyber sprint for chemical sector

Operational technology asset visibility fuels a capable cybersecurity program

New report offers insights into the vital role of asset visibility in protecting the entire operational technology environment.

The post Operational technology asset visibility fuels a capable cybersecurity program appeared first on CyberScoop.

Continue reading Operational technology asset visibility fuels a capable cybersecurity program

X-Force 2022 Insights: An Expanding OT Threat Landscape

This post was written with contributions from Dave McMillen. So far 2022 has seen international cyber security agencies issuing multiple alerts about malicious Russian cyber operations and potential attacks on critical infrastructure, the discovery of two new OT-specific pieces of malware, Industroyer2 and InController/PipeDream, and the disclosure of many operational technology (OT) vulnerabilities. The OT cyber threat landscape […]

The post X-Force 2022 Insights: An Expanding OT Threat Landscape appeared first on Security Intelligence.

Continue reading X-Force 2022 Insights: An Expanding OT Threat Landscape

U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack

More than a year ago, a ransomware attack made the news across the nation. The Colonial Pipeline Company announced on May 7, 2021, that the DarkSide Ransomware-as-a-Service group, based in eastern Europe, had hit it. The FBI has since confirmed DarkSide, which has since shut down, as the threat actors. What’s changed about U.S. cyber […]

The post U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack appeared first on Security Intelligence.

Continue reading U.S. Cybersecurity Policy Has Changed Since the Colonial Pipeline Attack

One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem

The Colonial Pipeline cyberattack is still causing ripples. Some of these federal mandates may mark major changes for operational technology (OT) cybersecurity. The privately held Colonial Pipeline company, which provides nearly half of the fuel used by the East Coast — gasoline, heating oil, jet fuel and fuel for the military totaling around 100 million […]

The post One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem appeared first on Security Intelligence.

Continue reading One Year After the Colonial Pipeline Attack, Regulation Is Still a Problem

Combatting emerging-malware aimed at industrial control systems

New report offers insights on CHERNOVITE and the PIPEDREAM malware that threatens industrial control systems.

The post Combatting emerging-malware aimed at industrial control systems appeared first on CyberScoop.

Continue reading Combatting emerging-malware aimed at industrial control systems