Welcome to the resources page! We have compiled a collection of useful information, tools, and resources to help you
Power generation is a critical sector facing unique cybersecurity challenges. However, as I researched, it became clear that no document existed to bridge the gap between the general, industry-agnostic ISA/IEC 62443 standards and the specific needs of power generation facilities. In response, I decided to write this ebook.
Tomomi Ayoyama translated the book Countering Cyber Sabotage – Consequence-Driven, Cyber-Informed Engineering – to Japanese. Tomomi recalls the effort of translating CCE to Japanese and looks forward to applying CCE and OT security principles to industrial cloud systems at Cognite.
Ireland’s NCSC has taken a very positive first step in protecting its national critical infrastructure and OT systems by addressing the essential characteristics that make OT networks different, encouraging engineering-based principles and tasks to effectively mitigate the risk of physical consequences of compromise.
Watch the webinar for a look into the recent evolution of OT security standards
Security product vendors sometimes make outrageous claims – in this article we look at cloud-rendezvous style remote access systems for OT networks and how they work. We debunk the most outrageous claims, we look at residual risk that we accept when deploying these systems, and we suggest circumstances where deploying these kinds of systems actually does make sense.
Watch for an insightful webinar as we delve into the rapidly evolving landscape of OT remote access. With the surge in remote access to OT networks, industrial operations and critical infrastructures are under pressure to enhance their security measures.
Waterfall’s latest 2024 Threat Report document credible attacks with physical consequences on industrial and critical infrastructures. Credible attacks not only inform defensive designs, but also help prioritize new investments in OT security.
IT teams newly responsible for OT security are often appalled with the results of an initial vulnerability assessment. “Patch everything! Patch it now!” is often the directive issued to engineering teams. The correct response to such a directive is “How likely is that to kill anyone?” Engineering teams cannot proceed with any change to a system until they have a clear understanding of the answer. And the answer is almost never “zero likelihood.”
Compromise a cloud service and tens thousands of vehicles can be affected all at once. Matt MacKinnon of Upstream Security walks us through the world of cloud security for connected vehicles, transport trucks, tractors, and other “stuff that moves.”
Singapore has set in motion its vision for protecting critical national infrastructure and OT networks with its newly released 2024 OT Cybersecurity Masterplan.
