OT Insights Center

Welcome to OT Insights Center
We have compiled a collection of useful information, tools, and resources to help you find the information you are looking for.

Search
Blog

Where does IT Security END and OT Security BEGIN?

The standard answer to this questions is "The Consequence Boundary"...but which kind of consequences are we talking about? And aren't there different levels of consequence? We help define these to answer the question....
Podcast

Insights into Nation State Threats – Podcast Episode 134

Nation state threats are often portrayed as the "irresistible forces" of cyber threats, with little qualification. Joseph Price of Deloitte joins us to dig deeper - what are nation states capable of, what are they up to, and how should we interpret the information that is available to the public?...
Infographic

Infographic: Top 10 OT Cyberattacks of 2024

Infographic mapping out the top 10 OT cyberattacks of 2024 including WHEN it happened, WHICH industry, WHAT happened and also covering the consequences and significance of each attack...
Blog

Andrew Ginter’s Top 3 Webinars of 2024

Get up to speed on key trends and strategies in industrial security with Andrew Ginter’s favorite webinars of 2024,...
Blog

Andrew Ginter’s Top 3 Podcast Episodes of 2024

Sit back and enjoy Andrew Ginter's top 3 picks from 2024's Industrial Security Podcast series....
Podcast

OT Security Data Science – A Better Vulnerability Database – Episode 133

Security automation needs a machine-readable vulnerability database. Carmit Yadin of Device Total joins us to look at limitations of the widely-used National Vulnerability Database (NVD), and explore a new "data science" alternative....

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Blog

Where does IT Security END and OT Security BEGIN?

The standard answer to this questions is "The Consequence Boundary"...but which kind of consequences are we talking about? And aren't there different levels of consequence? We help define these to answer the question....
Blog

Andrew Ginter’s Top 3 Webinars of 2024

Get up to speed on key trends and strategies in industrial security with Andrew Ginter’s favorite webinars of 2024,...
Blog

Andrew Ginter’s Top 3 Podcast Episodes of 2024

Sit back and enjoy Andrew Ginter's top 3 picks from 2024's Industrial Security Podcast series....
Blog

Are OT Security Investments Worth It?

Spoiler Alert: Yes, investing in OT security is very much “worth it”. It helps prevent financial losses, operational disruptions, and compliance penalties far exceeding initial costs. The average ROI can reach up to 400%, ensuring both protection and operational continuity....
Blog

Expert Impressions of Cyber-Informed Engineering

I recently had opportunity to ask experts @Marc Sachs, @Sarah Fluchs and @Aaron Crow about their experience with the new Cyber-Informed Engineering (CIE) initiative....
Blog

TSA NOPR for Pipelines, Rail & Bussing – Enhancing Surface Cyber Risk Management

The TSA Notice of Proposed Rulemaking for Enhancing Surface Cyber Risk Management is out. This is the long-awaited regulation that replaces the temporary security directives issued after the Colonial Pipeline incident....

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Books and eBooks

eBook: Cybersecurity in Power Generation – Applying and Interpreting ISA/IEC 62443 Standards

Books and eBooks

BMS Use-Case eBook: Impenetrable Cyber Defense for Data Center Infrastructure

This eBook explores the best-practices for protecting the BMS (Building Management System) from internet-based cyberattacks and similar threats. Get your copy today...
Books and eBooks

2024 Threat Report – OT Cyberattacks with Physical Consequences

Report on 68 cyberattacks that caused physical consequences to industrial control systems (ICS) and Operational Technology (OT) in 2023 that are in public records....
Books and eBooks

eBook: Unidirectional Security Gateways for Government Networks

The cyber threat environment is getting worse, and our adversaries are developing more powerful attack tools. Government agencies need to increase automation and network connectivity to maintain strategic military, governance, and economic advantages....
Books and eBooks

Engineering-grade OT Security – A Manager’s Guide

Waterfall is pleased to make free copies of the book available to qualified practitioners when the book releases. Request your copy now...
Books and eBooks

Cybersecurity for the rail industry eBook

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Case studies

Cybersecurity for Government Networks

Securing a classified/high-security network with a Unidirectional Security Gateway, ensuring continuous and secure cross-domain data flow, while preventing sensitive data from leaking into or being exfiltrated from external, low-security/unclassified networks....
Case studies

UAE Based Oil & Gas Refinery 

How a UAE-based refinery was able to protect their legacy system to the extent it could safely be connected to the internet, IT networks, and the Cloud....
Case studies

Securing a European TSO

Protecting a regional Transmission System Operator (TSO) in Europe from outside cyber threats....
Case studies

Cybersecurity for LNG Ports

Protect liquefied natural gas (LNG) infrastructure from external cyber threats while complying with local cybersecurity regulations....
Case studies

Unidirectional Protection For Railway Signaling Networks

Enabling 100% secure remote monitoring of rail signaling and control networks, enabling SOC and corporate IT systems with secure visibility into signaling networks....
Case studies

Enabling The Digital Refinery

Protecting critical equipment of a highly sensitive petrochemicals processing plant, while improving production performance with real-time, actionable, and predictive analytics....

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Infographic

Infographic: Top 10 OT Cyberattacks of 2024

Infographic mapping out the top 10 OT cyberattacks of 2024 including WHEN it happened, WHICH industry, WHAT happened and also covering the consequences and significance of each attack...
Infographic

Checklist: 9 Best Practices to Safeguard Upstream Oil & Gas Operations from Cyber Attacks

Upstream Oil & Gas production has a unique range of threats and risks to consider when compared to other industrial operations. Our checklist infographic takes a dive into what to consider and secure when it comes to Upstream operations....
Infographic

Top 10 Cyberattacks of 2023

2023 saw an uptick of cyberattacks across many industries. Our infographic focuses on cyberattacks in 2023 that impacted industrial operations, specifically Operational Technology (OT) and Industrial Controls Systems (ICS) that are commonly used within critical and important infrastructure....
Infographic

Ransomware Attack on Data Center Infrastructure (Infographic)

Learn how legacy approaches for Data Center infrastructure protection still leave critical networks exposed to attacks....
Infographic

Get the Checklist | EPA Cybersecurity Guidelines for the Water Sector

Infographic

Oil and Gas Cyber Attacks

What cyber crime threats to oil & gas infrastructures are top of mind for government and business leaders?...

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Podcast

Insights into Nation State Threats – Podcast Episode 134

Nation state threats are often portrayed as the "irresistible forces" of cyber threats, with little qualification. Joseph Price of Deloitte joins us to dig deeper - what are nation states capable of, what are they up to, and how should we interpret the information that is available to the public?...
Blog

Andrew Ginter’s Top 3 Podcast Episodes of 2024

Sit back and enjoy Andrew Ginter's top 3 picks from 2024's Industrial Security Podcast series....
Podcast

OT Security Data Science – A Better Vulnerability Database – Episode 133

Security automation needs a machine-readable vulnerability database. Carmit Yadin of Device Total joins us to look at limitations of the widely-used National Vulnerability Database (NVD), and explore a new "data science" alternative....
Podcast

Driving Change – Cloud Systems and Japanese CCE | Episode 132

Tomomi Ayoyama translated the book Countering Cyber Sabotage - Consequence-Driven, Cyber-Informed Engineering - to Japanese. Tomomi recalls the effort of translating CCE to Japanese and looks forward to applying CCE and OT security principles to industrial cloud systems at Cognite....
Podcast

Hitting Tens of Thousands of Vehicles At Once | Episode 131

Compromise a cloud service and tens thousands of vehicles can be affected all at once. Matt MacKinnon of Upstream Security walks us through the world of cloud security for connected vehicles, transport trucks, tractors, and other "stuff that moves."...
Podcast

AI Takes on Polymorphic Malware | Episode 130

Gary Southwell of Aria Cyber joins us on The Industrial Security Podcast as we have a look at using AI to get ahead of constantly-changing malware....

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Video

Top 10 Cyberattacks on Industrial and Critical Infrastructure of 2024

Watch the webinar to review the top 10 cyber incidents that impacted physical operations in critical infrastructure and heavy industry in 2024....
Video

Webinar: Evolving Global OT Cyber Guidelines, Recent Developments and What is Driving it

Watch the webinar for a look into the recent evolution of OT security standards...
Video

Webinar: Navigating OT Remote Access – Technologies, Limitations, and the Latest Recommendations

Watch for an insightful webinar as we delve into the rapidly evolving landscape of OT remote access. With the surge in remote access to OT networks, industrial operations and critical infrastructures are under pressure to enhance their security measures....
Video

Webinar: Industry-Specific 62443 Insights for Power Generation

An in-depth webinar that goes beyond the buzzwords and provides practical, industry-specific guidance on applying the ISA/IEC 62443 standards to safeguard critical power infrastructure...
Video

Webinar: HERA – Hardware-Enforced Remote Access

Recorded webinar as we took a look at solutions enforced by dedicated hardware, and what benefits such solutions offer for OT security....
Video

Webinar Recording: Engineering Cybersecurity Mitigations for Municipal Water Systems

Mariano Martín Tirado, from Acciona, and Rees Machtemes, from Waterfall, discuss the risks and threat environment that Water Utilities face and how to counter against them....

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Consult with a unidirectional
solutions architect