Welcome to the resources page! We have compiled a collection of useful information, tools, and resources to help you
Waterfall’s latest 2024 Threat Report document credible attacks with physical consequences on industrial and critical infrastructures. Credible attacks not only inform defensive designs, but also help prioritize new investments in OT security.
IT teams newly responsible for OT security are often appalled with the results of an initial vulnerability assessment. “Patch everything! Patch it now!” is often the directive issued to engineering teams. The correct response to such a directive is “How likely is that to kill anyone?” Engineering teams cannot proceed with any change to a system until they have a clear understanding of the answer. And the answer is almost never “zero likelihood.”
Singapore has set in motion its vision for protecting critical national infrastructure and OT networks with its newly released 2024 OT Cybersecurity Masterplan.
Gary Southwell of Aria Cyber joins us on The Industrial Security Podcast as we have a look at using AI to get ahead of constantly-changing malware.
Outline comparing key differences between remote access used in an IT environment, and remote access solutions that cater to an industrial OT environment
Jack Bliss of 1898 & Co. has adapted the CIS Top-18 list for OT/industrial, adding a lot of industrial context and lists of related OT-centric tools and technology.
Almost 10 years ago, I managed to take control of every appliance in a 200-room hotel. I could raise the blinds in each room, change the TV channels, adjust the outside lighting, modify the temperature settings, and more. I had complete control. In the years since, to my surprise, the number one question I was asked wasn’t “How did you do it?” but rather “With the control you had, what’s the worst thing you could have done?”
The engineering profession has powerful tools to address physical risk, tools that should be applied to OT cyber risks much more routinely than they are today. For example: mechanical over-pressure relief valves prevent boilers from exploding for any reason, cyber attack or otherwise. These powerful tools are too often neglected for cyber threats because they have no analogue in IT security – they not even mentioned in most cybersecurity standards, regulations and advice.
Waterfall’s HERA is a true interactive OT remote access with unidirectional protection for OT. How does it work?
Remote access for OT is vital for maintaining efficiencies, troubleshooting, and is also important for retaining remote workers. But most remote access solutions pose a range of security risks. We introduce HERA – Hardware-Enforced Remote Access – as a safer alternative.
