Pointing fingers at vendors is easy. Creating "secure" products is a real challenge, supply chain is a big part of that challenge, and vendors cannot solve the problem in isolation. Kenneth Crowther, a Product Security Leader at GE explores what a leader in this space is doing. Click PLAY
The popular Waterfall Industrial Security Podcast has passed the 100,000 downloads mark
Rick Driggers of CISA describes cyber, physical and industrial security priorities at the new US DHS CISA agency. Tune in now
This infographic summarizes the "The Top 20 CyberAttacks On Industrial Control Systems" whitepaper. Click here to see the full infographic
Andrew Ginter was a guest on the Energy Exchange (Enernex) podcast. Tune in to hear what the world's most secure industrial sites do and how that differs from conventional security programs. Click here to listen
How do we estimate the probability of an attack that has never happened? Ron Brash of Verve Industrial explains. Tune in now
Safely extending the visibility of central IT security operations centers into operations technology (OT) networks. Read more
The information security website "Help Net Security", has published an interview with Andrew Ginter "How can security teams effectively monitor OT and ICS networks?". Click here to read it
The digital publisher "Government Europa", has published a new article written by Courtney Schneider "Industrial rail cybersecurity imperative for the future of transport". Click here to read it
Jens Wiesner returns to the Industrial Security Podcast to discuss the German BSI's commitment to the new "Malcolm" OT network visibility tool. PLAY NOW
Build, break & secure with a 1000-lb portable lab - Matthew Luallen of Cybati explores modern industrial security training
The information security website "Help Net Security", has published a new article written by Andrew Ginter "Microsegmentation for refining safety systems". Click here to read it
If you missed the latest webinar hosted by CS2AI with Andrew Ginter, here’s your chance to catch up
Industrial security pioneer Joe Weiss explains how there are 3 networks, not two - IT, OT and Engineering, with examples from the 2007 aurora test.
In this post, we explain the unique structure and context of a modern IT/OT DMZ, and why a traditional IT DMZ model doesn’t cut muster for secure integration with ICS networks.
Explore out of band security and operational anomaly detection with Ilan Gendelman and Hadas Levine of SIGA OT Solutions. Click PLAY
Waterfall Security Solutions announces release of Version7 (V7) software platform. A major rewrite to support thin-client configuration and management tools. Read more
Industrial security pioneer Eric Byres, CEO of aDolus, speaks to software supply chain trust issues & some of the technology his new venture
Elisha Olivestone, sales director at Waterfall Security, made a presentation to the Japanese delegation and answered questions
The partnership between the 2 companies enables a safe exchange of operational technology data with IT security monitoring systems
Mark Fabro, from Lofty Perch, explores how robust cyber/physical risk assessments help “stay left of boom” at industrial sites
Lyndon Hall is routinely called on for the first-ever security assessment at industrial sites. On this episode of the Industrial Security Podcast, he explains how he does that and what he finds
Threats to operations control systems are no longer theoretical. With manufacturing control networks connectivity steadily increasing, a unidirectional IIoT architecture reflects a robust and trustworthy way of achieving the increased efficiencies and other business benefits of the IIoT’s central.
Asset inventory is the foundation of industrial security, which is essential to IT/OT convergence. Tune in to our new podcast with Rick Kaun
Watch Waterfall Security’s video for a brief explanation on how to achieve safe IT/OT integration and 100% protection from remote cyber threats with Unidirectional Security Gateways. Protect your industrial and OT network perimeter from remote cyber threats using the strongest cyber protection ava
A wide-ranging conversation with Greg Hale, Editor and Founder of Industrial Safety and Security Source (ISSSource), about where we are today, how security relates to safety, how to sell security as improving efficiency and other topics.
The essence of today’s OT security problem is that the data-centric, IT-class protections are simply not enough for operational security and control system security needs. A cyber breach to physical processes and powerful tools can have disastrous consequences. Preventing misuse and protecting cor
Meg Duba, a recruiter at Idaho National Labs talks about techniques, tips, and challenges for industrial security recruitment and job hunting. Tune in to the new episode of the Industrial Security Podcast
The GoldBrute botnet is showing us all the dangers of remote access to industrial sites. GoldBrute targets Internet-exposed Remote Desktop (RDP) servers.
Mark Lindike explores industrial systems and security challenges at the Munich International Airport, as well as how the new Munich ISH training facility is helping the airport and others.
"Even as railroads continue to roll out their positive train control solutions, one question remains front and center: Are the systems vulnerable to a cyber-attack? Can there be a safety issue?
In a recent Industrial Security podcast, Patrick Miller was asked about IT vs OT approaches to security. He replied, “We've always characterized it in terms of OT and IT
Over the last few decades, the clear path to securing operational technology has been difficult to forge as so much has come from the vast world of IT data protection, encryption and authentication. On the other hand, practitioners on the OT side of the digital network speak about the risks and unwa
FireEye reports that the Triton (aka Trisys) malware targeting safety instrumented systems has been discovered at another undisclosed target in the Middle East. As a result of investigating that intrusion, FireEye reports that the threat actors behind Triton are a government-sponsored Russian agency
Aluminum manufacturing giant Norsk Hydro shut down by ransomware. What lesson can we learn from this? Enter to Read More>>
Waterfall Security is pleased to announce our Industrial Security Podcast featuring interviews with world-recognized experts on a wide range of industrial cybersecurity topics. The podcast will address current and developing ICS topics such as: Do expert ICS penetration testers target live/running s
SECURE OPERATIONS TECHNOLOGY: THE MISSING LINK TO A SECURE INDUSTRIAL SITE - A new book by Andrew Ginter. Get your free copy now
Much has been written and debated regarding communicating cyber risk to boards and other key corporate decision makers. Conveying to a non-technical audience the criticality of cyber vulnerabilities in IT systems that support business functions can be a daunting task; but what if the systems don’t
The Carbon Black Quarterly Incident Response Threat Report for 2018 shows that destroying forensic evidence to hide attack sources and attack capabilities is becoming increasingly common. The report quotes an incident response professional as observing that “We’ve seen a lot of destruction of lo
Governments all over the world are beginning to toughen cyber regulations imposed on industry to respond to the increasing threat of cyber attacks on national critical infrastructure. This class of cyber attack does not just limit itself to enterprise systems. If the control systems of a digitized p
The CEO of TSMC - the manufacturer of key chipsets for Apple's iPhones, and for many other global companies - reported Monday that the company was forecasting a drop of 2% in Q3 revenues, or about $160M, due to an infection of its manufacturing facilities by a variant of the Wannacry ransomware. T
OT remote access is efficient and convenient - for attackers Remote access might look like a good idea. Every computer on an enterprise network certainly has some sort of Remote Desktop capability: tech support takes control of my laptop routinely to install new software or to fix issues. Sometime
“The beginning of wisdom is the definition of terms.” - Socrates (470 – 399 B.C.) Definitions are important - good ones shape our understanding of concepts while poor ones impair that understanding. Consider the definition: pen: a tube of ink with a tiny ball bearing at the tipHow useful is
Different continents point to similar concerns The Black Hat Asia 2018 attendee survey polled IT and security professionals from 12 East Asian countries, Australia and elsewhere, asking about the threats and challenges they are most concerned with, the attacks and attackers they fear most, as well
Written into law The Directive on the Security of Network Information Systems (NIS) represents the first pan-European law covering requirements for cybersecurity. It aims to achieve a common security posture for European countries by means of strengthening 1) cybersecurity capabilities at a nationa
The Meltdown / Spectre saga continues. Ulf Frisk just posted a description of a vulnerability he has coined "Total Meltdown". It seems that Microsoft developers introduced an even worse vulnerability while fixing the Meltdown vulnerability in Windows 7 and Windows 2008 Server R2. With this broken Me
Consider a prolonged power outage over a large metropolitan area, or a cyber attack targeting a nuclear power plant. These are real attacks, not hypothetical ones, that affected people’s lives, and cost owners and operators both monetary and reputational damages. A key problem with modernization
Cybersecurity best practice according to ANSSI, France’s National Agency for the Security of Information Systems, points to unidirectional data flow solutions. Why? Because it’s the safest and most reliable way to segregate and protect your critical network from less trusted networks and cyber t
A chronic complaint of industrial control system (ICS) security practitioners is under-funding, and funding decisions for security programs are frequently made by business decision-makers with a limited understanding of cybersecurity and cyber risk issues. Waterfall Security Solutions has just relea
Black Hat and Dark Reading’s attendee survey from their recent 2017 Black Hat Europe event is a wake-up call to company stakeholders, boards, and information and operational security practitioners; yielding some significant findings about the perceptions of the current threat landscape. Survey par
The big news today is the Spectre and Meltdown bugs. These vulnerabilities let attack code such as Javascript steal passwords, encryption keys and session cookies from kernel memory and/or browser windows on nearly all modern computers. The performance hits and code changes needed to fix these bugs
TRITON/TRISIS is the fifth industrial malware found in the wild and the third malware specifically designed to cause damage to physical equipment and jeopardize safety. The malware warrants a stern warning to owners and operators: segment networks properly or face the consequences. The target of t
Waterfall Security Solutions is of course an industrial cybersecurity technology provider, but technology is only part of any industrial security program – policies, procedures and training are also essential. This means that the advancement of security education has always been essential to Water
The Industrial Internet of Things (IIoT) is forecast to bring untold value to industrial operations. The IIoT introduces a new network architecture which greatly expands the traditional manufacturing systems paradigm – by increasing the interoperability and optimization of a large number of contro
AGC Partners recently released an in-depth report detailing the growing market for manufacturing analytics, and the companies that currently make up its booming ecosystem. The subject is timely, as advancements in the Industrial Internet of things (IIoT), Big Data, and Machine Learning have opened t
Recently, a major Canadian company suffered a targeted ransomware attack and was forced to pay $425,000 to restore the encrypted data of both its production base and back-up servers. We have spoken and warned of ransomware in the past, particularly in the aftermath of the global WannaCry attack. Mos
Recently, Waterfall announced a global partnership with intelligence-led security company FireEye, in a push to deliver comprehensive cybersecurity solutions for businesses with industrial sites. The partnership seamlessly integrates FireEye’s cloud-based Threat Analytics Platform (TAP) with relia
Recent reports of cyber attacks on U.S. nuclear reactors have brought upon public doubt on the strength of cyber protections at nuclear power plants. The response from nuclear plants has resoundingly been "no need to panic, nothing to see here," but other pundits are saying "I’m not sure I believe
I recently attended the NERC CIP Emerging Technologies Round Table meeting on Cloud & IoT, where a primary focus was Bulk Electric System (BES) Cyber Systems in the cloud. BES Cyber Systems are systems with an adverse effect on the BES within 15 minutes of failure or compromise. Interestingly, t
This is the largest safety and environmental protection effort BSEE have undertaken. But as with any new regulation the industry has its concerns
Guest blog The recent WannaCry/WannaCrypt, attacks received global attention in the news and social media. Its widespread impact and rapid propagation shocked and scared people around the world. Concern was amplified by reports that it involved a stolen NSA exploit (EternalBlue). Existing Microso
A short while back, I was asked to speak at an event held by The Cyber Resilient Energy Delivery Consortium (CREDC), a research and development initiative funded by the U.S. Department of Energy. Its research focuses on cybersecurity and cyber-resiliency of energy delivery systems for the electric p
Guest Blog To the non-expert, cyber security can look tantalizingly simple: Just put a guard in front of your stuff and use it to keep the bad guys out. This observation tracks closely with the non-computing analogy of facility entry guards, a favorite comparison brought up during coffee at Board d
Recently, Waterfall joined 24 vendors from Industrie 4.0 (I4.0) and the Industrial Internet Consortium (IIC) in demonstrating secure cloud interconnectivity at the Hannover Messe industrial event. Unidirectional gateway technology and strong encryption was at the heart of this outsourced security de
When covering for risk, best practice teaches us to categorize, measure and profile our vulnerabilities. Intel - the world’s largest and most highly valued semiconductor chip maker and inventor of the processors found in most personal computers - knows this process well. Countless tests are run by
"WannaCrypt" or “WannaCry” is the latest ransomware variant responsible for shutting down countless organizations, including critical infrastructures and manufacturing sites as large as Renault and Nissan. The cybersecurity advice most probably followed by all these sites was to use firewalls to
The Department of Homeland Security recently stated that it had received reports of 59 cyber incidents at energy facilities last year- up nearly a third from the previous year. Those 59 were only a fraction of the 290 incidents the DHS combatted last year across industrial sectors including oil and
Recently we’ve received a lot of interest from water and waste management facilities regarding our Unidirectional Security Gateway- which is making me wonder what’s brought this on? Let’s look at the facts. The primary source for cyber risks in water and waste management facilities comes fro
This is a question that might not even emerge initially in the minds of IT security professionals. However, when we take a closer look, the differences are clear. Consider the history of IT and SCADA networks. The original "killer app" for IT networks was mainframe transaction processing. The origin
[vc_row css_animation="" row_type="row" use_row_as_full_screen_section="no" type="full_width" angled_section="no" text_align="left" background_image_as_pattern="without_pattern"][vc_column][vc_column_text] This past month we have witnessed another win in the world of ICS security standards coming f
by Mike Firstenberg At the annual EnergySec Conference, no less than 8 speakers used a phrase akin to “It’s not if
The Ukraine power grid cyberattack continued to dominate cybersecurity news in February as various researchers reported findings from their investigations of the incident. In other news, researchers discovered sustained cyberattacks against Japan’s critical infrastructure, most likely perpetrated
It’s no surprise the cyberattack on Ukraine’s power grid dominated industrial control system (ICS) cybersecurity news in January. Following the news of the power outages and subsequent discovery of malware and other signs of a purposeful network intrusion, cybersecurity experts, DHS and others h
Recent reports from the Nuclear Threat Initiative and Chatham House, both find that nuclear facilities in many countries are “easy targets for cyberattacks.” Among problems cited in the reports are a significant nuclear presence, few government regulations, and inadequate or corrupt oversight of
Three of the seven strategies in the December 2015 report from the DHS NCCIC/ICS-CERT, “Seven Strategies To Secure Industrial Control Systems,” recommend unidirectional gateways for maximum protection from cyberattacks.The report points to an increase in the frequency and complexity of cyber
Paul Feldman, director of Midcontinent ISO, and Dan Hill, board member for the New York ISO, recently published “Cybersecurity: IT vs. OT, and the Pursuit of Best Practices” in the January 2016 edition of Electricity Policy. The article reviews the state of control system security in the power g
December’s cybersecurity news further illustrated the reality that foreign state hackers are targeting U.S. critical infrastructure. Of greater concern is the fact that much of our infrastructure security is inadequate to protect against a targeted attack. With outdated security and the growing ad
The threat of terrorism is top of mind for many, and of increasing concern to those tasked with protecting industrial control systems (ICS). ISIS has issued threats against the North American electric grid, for example. While the cyber capability of ISIS is thus far unsophisticated, advanced attack
November news roundup: Why the energy sector is at the heart of cybersecurity discussions In the wake of the ISIS-perpetrated Paris attacks and cyber threats against the U.K., government agencies are stepping up cybersecurity in a bid to detect and defend their critical infrastructure against a cyb
English
Français
Español
Deutsch
日本語
한국어
中文