Category: OT cybersecurity insights center

Welcome to the resources page! We have compiled a collection of useful information, tools, and resources to help you

Andrew Ginter's top 3 podcasts from 2024

Andrew Ginter’s Top 3 Podcast Episodes of 2024

Sit back and enjoy Andrew Ginter’s top 3 picks from 2024’s Industrial Security Podcast series.

December 16, 2024

OT Security Data Science – A Better Vulnerability Database – Episode 133

Security automation needs a machine-readable vulnerability database. Carmit Yadin of Device Total joins us to look at limitations of the widely-used National Vulnerability Database (NVD), and explore a new “data science” alternative.

December 15, 2024

Are OT Security Investments Worth It?

Spoiler Alert: Yes, investing in OT security is very much “worth it”. It helps prevent financial losses, operational disruptions, and compliance penalties far exceeding initial costs. The average ROI can reach up to 400%, ensuring both protection and operational continuity.

December 8, 2024

Expert Impressions of Cyber-Informed Engineering

I recently had opportunity to ask experts @Marc Sachs, @Sarah Fluchs and @Aaron Crow about their experience with the new Cyber-Informed Engineering (CIE) initiative.

November 27, 2024

TSA NOPR for Pipelines, Rail & Bussing – Enhancing Surface Cyber Risk Management

The TSA Notice of Proposed Rulemaking for Enhancing Surface Cyber Risk Management is out. This is the long-awaited regulation that replaces the temporary security directives issued after the Colonial Pipeline incident.

November 26, 2024

Top 10 Cyberattacks on Industrial and Critical Infrastructure of 2024

Watch the webinar to review the top 10 cyber incidents that impacted physical operations in critical infrastructure and heavy industry in 2024.

November 25, 2024

Saudi Arabia Strengthens National Cyber Posture with OT Cybersecurity Controls Regulations

Saudi Arabia’s National Cybersecurity Authority (NCA) has fulfilled the strategic priority of updating cybersecurity guidance from 2018 to include cutting edge measures to protect national critical infrastructure and industrial sites from cyberattacks.

November 20, 2024

Why I Wrote Power Generation OT Security: Applying and Interpreting ISA/IEC 62443 Standards

Power generation is a critical sector facing unique cybersecurity challenges. However, as I researched, it became clear that no document existed to bridge the gap between the general, industry-agnostic ISA/IEC 62443 standards and the specific needs of power generation facilities. In response, I decided to write this ebook.

November 19, 2024

Driving Change - Cloud Systems and Japanese CCE - Industrial Security Podcast Episode 132

Driving Change – Cloud Systems and Japanese CCE | Episode 132

Tomomi Ayoyama translated the book Countering Cyber Sabotage – Consequence-Driven, Cyber-Informed Engineering – to Japanese. Tomomi recalls the effort of translating CCE to Japanese and looks forward to applying CCE and OT security principles to industrial cloud systems at Cognite.

November 19, 2024

Ireland make OT Security a top priority for their national security

Ireland Makes OT Security Top Priority

Ireland’s NCSC has taken a very positive first step in protecting its national critical infrastructure and OT systems by addressing the essential characteristics that make OT networks different, encouraging engineering-based principles and tasks to effectively mitigate the risk of physical consequences of compromise.

November 18, 2024