Author: Andrew Ginter

This is the OT security revolution. In the first decade of the OT / ICS security discipline, practitioners took inspiration from IT security, because that's all we had. Back then, the question was “how much like IT security can we make our OT / industrial security program?” Today, the world is a

ISO 27001 is all about protecting information. This is a source of great confusion in many industrial enterprises however, because as NIST 800-82 points out, the top priorities for physical industrial operations is almost always to protect safe and reliable operation of the physical process from cyb

Many boards are not convinced that their businesses have a problem with industrial cybersecurity. But anything that makes individual board members personally liable gets their attention. Andrew Ginter suggests 3 key take aways for persuading the board

Industrial/OT cybersecurity programs include people, processes and technology. We often talk about our technology, unidirectional security gateways, here, but that technology alone is not all that is needed. A full program includes all the elements from the NIST framework. Click here to explore secu

There are voices in the industrial security community advocating a return to hard-wired protective relays, discarding two decades of progress in this space. But, a practical solution is to protect the protection. In power plants, as in high voltage substations, protective relays can be connected to

Critical infrastructure OT equipment directly connected to the Internet is the focus of the just-issued and very long NSA/CISA AA20-205A alert. Surprises: this is the first alert recommending a manual-ops fall-back plan (resilience) and a tamper-proof repository for "gold" images (to use during manu

Honda shut down a number of manufacturing facilities on Monday June 8, 2020, with most, but not all facilities back up again Tuesday. The (unconfirmed) cause appears to be an infestation by the “Snake” ransomware

The US government acts to protect the electric grid - but there is only so much any government can do. Unlike physical conflicts, the only way to defeat the most sophisticated cyber attacks is for individual sites to take the lead