English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ
Attacks on refineries threaten public safety. The cost of the damage is extreme. Download our new guide on oil and gas cyber security!
Attacks on refineries threaten public safety. The cost of the damage is extreme. Download our new guide on oil and gas cyber security!
ICS Cyber Security Engineering is emerging as a new discipline. Learn more about cyber security engineering and network engineering
As a trusted AVEVA partner for over eight years, Waterfall’s products and solutions enable businesses to completely eliminate the risk of remote cyber attacks entering their industrial control systems. Read More
The 2nd annual survey of (CS)²AI’s industry members has been released. Read more for a sneak preview into the trends and analysis of OT security programs around the globe
Almost all 2021 cyber attacks were the result of targeted ransomware and impacted multiple sites. These findings and others are documented in a new report: OT Security Incidents – 2021 Trends and Analyses, a cooperation of ICSSTRIVE and Waterfall Security Solutions. Read a summary of the report an
Learn Why it’s Important to Protect Power Generating Units the Right Way. A new blog post by Courtney Schneider
Why do some incident response programs work effectively, while others don’t? In this blog post, we examine the essential building blocks of an enterprise-level cyber incident response program, as well as the common mistakes and pitfalls that may lead such a program to fail just when you need it mo
In August 2019 the US Government Accountability Office (GAO) published a Report to Congressional Requesters expressing concern regarding the current state of security and resilience for the US power grid. In this article Courtney Schneider focuses on the GAO recommendation to the Federal Energy Regu
In this post, we explain the unique structure and context of a modern IT/OT DMZ, and why a traditional IT DMZ model doesn’t cut muster for secure integration with ICS networks.
Threats to operations control systems are no longer theoretical. With manufacturing control networks connectivity steadily increasing, a unidirectional IIoT architecture reflects a robust and trustworthy way of achieving the increased efficiencies and other business benefits of the IIoT’s central.
The essence of today’s OT security problem is that the data-centric, IT-class protections are simply not enough for operational security and control system security needs. A cyber breach to physical processes and powerful tools can have disastrous consequences. Preventing misuse and protecting cor
Over the last few decades, the clear path to securing operational technology has been difficult to forge as so much has come from the vast world of IT data protection, encryption and authentication. On the other hand, practitioners on the OT side of the digital network speak about the risks and unwa
Waterfall Security is pleased to announce our Industrial Security Podcast featuring interviews with world-recognized experts on a wide range of industrial cybersecurity topics. The podcast will address current and developing ICS topics such as: Do expert ICS penetration testers target live/running s
Much has been written and debated regarding communicating cyber risk to boards and other key corporate decision makers. Conveying to a non-technical audience the criticality of cyber vulnerabilities in IT systems that support business functions can be a daunting task; but what if the systems don’t
Governments all over the world are beginning to toughen cyber regulations imposed on industry to respond to the increasing threat of cyber attacks on national critical infrastructure. This class of cyber attack does not just limit itself to enterprise systems. If the control systems of a digitized p
Different continents point to similar concerns The Black Hat Asia 2018 attendee survey polled IT and security professionals from 12 East Asian countries, Australia and elsewhere, asking about the threats and challenges they are most concerned with, the attacks and attackers they fear most, as well
Written into law The Directive on the Security of Network Information Systems (NIS) represents the first pan-European law covering requirements for cybersecurity. It aims to achieve a common security posture for European countries by means of strengthening 1) cybersecurity capabilities at a nationa
Cybersecurity best practice according to ANSSI, France’s National Agency for the Security of Information Systems, points to unidirectional data flow solutions. Why? Because it’s the safest and most reliable way to segregate and protect your critical network from less trusted networks and cyber t
AGC Partners recently released an in-depth report detailing the growing market for manufacturing analytics, and the companies that currently make up its booming ecosystem. The subject is timely, as advancements in the Industrial Internet of things (IIoT), Big Data, and Machine Learning have opened t
Recently, a major Canadian company suffered a targeted ransomware attack and was forced to pay $425,000 to restore the encrypted data of both its production base and back-up servers. We have spoken and warned of ransomware in the past, particularly in the aftermath of the global WannaCry attack. Mos