operational technology – Page 5

DOJ unseals charges against Russians in attempted hacks of infrastructure, including Trisis case

Posted on March 24, 2022 by AJ Vicens

One indictment alleges hacking attempts on industrial control systems, and the other involves a separate spree from 2012-17.

The post DOJ unseals charges against Russians in attempted hacks of infrastructure, including Trisis case appeared first on CyberScoop.

Continue reading DOJ unseals charges against Russians in attempted hacks of infrastructure, including Trisis case→

Strengthening industrial cybersecurity

Posted on March 24, 2022 by marielaecheverria

Dragos’ analysis and recommendations to combat global threat activity targeting industrial environments.

The post Strengthening industrial cybersecurity appeared first on CyberScoop.

Continue reading Strengthening industrial cybersecurity→

New security threats target industrial control and OT environments

Posted on March 10, 2022 by marielaecheverria

A new Dragos report highlights recent threats targeting industrial control systems and operational technology environments and identifies strategies to address them.

The post New security threats target industrial control and OT environments appeared first on CyberScoop.

Continue reading New security threats target industrial control and OT environments→

New security threats target industrial control and OT environments

Posted on March 10, 2022 by Philip Reynolds

A new Dragos report highlights recent threats targeting industrial control systems and operational technology environments and identifies strategies to address them.

The post New security threats target industrial control and OT environments appeared first on CyberScoop.

Continue reading New security threats target industrial control and OT environments→

The Cyberspace Solarium Commission pushed some major policies into law. So what now?

Posted on March 8, 2022 by Tim Starks

A little more than a year removed from its role in advancing some of the most significant cybersecurity legislation ever enacted, the Cyberspace Solarium Commission is transforming into version 2.0 of itself. With some of its key recommendations now law — such as the creation of the Office of the National Cyber Director in the White House — the remnant of the congressionally created panel is turning its attention to tracking how those ideas are implemented, while studying some of the issues it didn’t get to fully examine before releasing its final report. Those areas of study include protecting the water, maritime transport and health care sectors, as well as strengthening the federal and private sector workforce and ensuring plans to avert disruptions to the economy caused by cyberattacks. Now housed within the Foundation for Defense of Democracies (FDD) think tank, the commission’s 2.0 work should take another two years, […]

The post The Cyberspace Solarium Commission pushed some major policies into law. So what now? appeared first on CyberScoop.

Continue reading The Cyberspace Solarium Commission pushed some major policies into law. So what now?→

New research analyzes industrial cybersecurity maturity

Posted on January 11, 2022 by Julia Weaver

As the frequency and severity of cyberattacks on industrial organizations increase, defenders struggle to keep ahead of threats. Security leaders know that a unified IT and operational technology (OT) approach is key to protecting the safety and availability of operations but are faced with cultural and technical differences between IT best practices and OT. A new report, “The 2021 State of Industrial Cybersecurity,” produced by the Ponemon Institute — sponsored by Dragos — reveals key challenges industrial organizations face today and provides actionable solutions on how they can mature their cybersecurity strategies. The report covers: Cybersecurity maturity level for industrial control systems (ICS) and OT How organizations secure their ICS/OT OT cybersecurity investment, priorities and accountability The cause and consequences of an ICS/OT ransomware and cybersecurity incident Learn more on building a unified strategy that secures both IT and OT environments. This article was produced by CyberScoop for, and sponsored by, […]

The post New research analyzes industrial cybersecurity maturity appeared first on CyberScoop.

Continue reading New research analyzes industrial cybersecurity maturity→

Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them

Posted on December 18, 2021 by Dereck Stubbs

You’d have to look far and wide to find an IT professional who isn’t aware of (and probably responding to) the Log4Shell vulnerability. The Operational Technology (OT) sector is no exception, yet the exact exposure the vulnerability poses to OT technology is yet to be fully uncovered. The vulnerability was first made public earlier this […]

The post Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them appeared first on Security Intelligence.

Continue reading Log4Shell Vulnerability Risks for OT Environments — and How You Can Better Protect Against Them→

Using evolutionary game theory to mitigate ransomware risks

Posted on December 14, 2021 by marielaecheverria

Ransomware attacks on enterprise IT systems — especially those that are integrated with operational technology (OT) — can cause major disruptions for critical industry sectors, cautions a new cybersecurity whitepaper. Not only does ransomware create unusable file systems, but these attacks disrupt production and distribution of goods, and services and end up costing industries millions of dollars in total losses. The whitepaper, produced by Dragos, describes how IT security leaders can apply evolutionary game theory (EGT) to the complex series of events that lead to a ransomware attack. The paper proposes a mathematical approach to predict behaviors and understand how relationships between a system’s parts give rise to its collective behaviors. “Ransomware has become the primary attack vector for many industrial organizations during 2021,” shares the white paper, and “incidents like Colonial Pipeline, Honeywell and JB Foods showed the world that even when industrial control systems, which are integrated with […]

The post Using evolutionary game theory to mitigate ransomware risks appeared first on CyberScoop.

Continue reading Using evolutionary game theory to mitigate ransomware risks→

IoT Security: Protecting Food and Agriculture Organizations

Posted on December 10, 2021 by David Bisson

Ransomware actors are targeting food and agriculture organizations, potentially disrupting business. Luckily, there are already formal structures in place to boost the IoT security defenses they need. Knowing them keeps the lifeblood of industrial farms and food delivery going. Businesses in the sector could “suffer significant financial loss,” the FBI said. That loss is “resulting […]

The post IoT Security: Protecting Food and Agriculture Organizations appeared first on Security Intelligence.

Continue reading IoT Security: Protecting Food and Agriculture Organizations→

IAM OT Security Risks Call for Strategic Defenses

Posted on December 9, 2021 by Spyros Rapsomanikis

Today’s technology requires today’s identity and access management (IAM). In the past, operational technology (OT) systems were physically and logically separated from a company’s enterprise corporate business environment and the external world. That served as a control to protect them from common cyberattacks. Starting in the 1970s, serial-based analog processes controlled, managed and monitored these […]

The post IAM OT Security Risks Call for Strategic Defenses appeared first on Security Intelligence.

Continue reading IAM OT Security Risks Call for Strategic Defenses→