OT Insights CenterThe Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

Watch the webinar for an in-depth look at the data behind how OT-capable malware has changed over the last 15 years, what's driving this change and how our defenses should evolve to tackle these threats.

In 2024 alone, researchers discovered as many new OT-capable malware families (3) as were found in the previous six years combined—each with the potential to disrupt physical operations in ICS and OT environments. Altogether, in the past 15 years, 10 OT-capable malware were found in the wild.

What’s driving this sudden surge? Who’s behind these threats (none of which, by the way, use AI yet)? And how should our defenses evolve to keep pace with these changing threats?

In this webinar Andrew Ginter takes us through:

Look at the data from the ‘Top 10 ICS/OT-Capable Malware’ since 2010

Compare ransomware-grade OT malware with nation-state-grade OT malware

Examine the differences between autonomous and remote-control malware

Dig deeper into how AI can enable a new wave of autonomous malware in the near future

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

I don’t sign s**t – Episode 143

September 10, 2025

Secure Industrial Remote Access Solutions

August 28, 2025

Remoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation

August 28, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next appeared first on Waterfall Security Solutions.

OT Insights Center13 Ways to Break a Firewall (and alternatives for OT security)

13 Ways to Break a Firewall (and alternatives for OT security)

Firewalls are a go-to for OT security—but how much protection do they really offer? In this webinar, we explore 13+ real-world attack scenarios that defeat firewalls, show where firewalls fall short, and share smarter, stronger alternatives for securing industrial systems.

Firewalls are almost always the second technical step taken to secure
industrial / OT automation systems. But how much security do firewalls impart?

One way to compare the strength of different defensive technologies and designs is to compare the attacks those designs defeat reliably, vs the attacks they do not defeat. In this presentation, we look at firewalls, at attacks that defeat firewalls, and at mitigations, compensating measures and alternatives for and to firewalls.

And yes, the number “13” is a lucky ‘marketing’ number. We will in fact touch on closer to 18 or 19 kinds of attacks/scenarios.

In this webinar Andrew Ginter takes us through:

Which types of cyberattacks firewalls can and can’t stop in industrial environments

Real-world examples of firewall failures

Practical alternatives that strengthen OT security when firewalls fall short

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

NIS2 and the Cyber Resilience Act (CRA) – Episode 142

August 18, 2025

SCADA Security Fundamentals

August 14, 2025

What is OT Network Monitoring?

August 14, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post 13 Ways to Break a Firewall (and alternatives for OT security) appeared first on Waterfall Security Solutions.

OT Insights CenterRisks, Rules & Gaps: The Latest on NIS2 and CRA

Risks, Rules & Gaps: The Latest on NIS2 and CRA

Watch the webinar for a look at the latest developments in member state legislation to comply with NIS2, and at how the Cyber Resilience Act (CRA) is affecting both industrial automation manufacturers as well as owners and operators in different kinds of industries.

With the NIS 2 Directive and the Cyber Resilience Act (CRA), cybersecurity requirements are increasing for critical infrastructures as well as industrial automation and other products in the European Union.

But the road to stronger requirements is not all smooth. While NIS 2 has been in force since 2023, some Member States have not yet transposed the Directive into national law, even though the deadline for transposition has already passed. And the national laws implementing NIS-2 differ in each Member State, though with NIS-2 there is minimum degree of harmonization.

Finally, while the new CRA contains new harmonized requirements for products with digital elements, there are corner cases that seem to make little sense, especially when applying CRA-compliant products to change-controlled critical infrastructures.

Watch the webinar featuring Christine Kiefer LL.M from Reusch Law and Andrew Ginter from Waterfall Security, to learn more about the latest developments in cybersecurity law in the European Union. 

Christine Kiefer

Attorney-at-Law Christina Kiefer, LL.M. (Oslo) is a Senior Associate in the Digital Business Unit of reuschlaw in Saarbrücken, advising companies and public institutions on data protection and cybersecurity as well as IT and contract law.

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

What Is ICS (Industrial Control System) Security?

August 14, 2025

Network Duct Tape – Episode 141

August 13, 2025

Credibility, not Likelihood – Episode 140

August 6, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Risks, Rules & Gaps: The Latest on NIS2 and CRA appeared first on Waterfall Security Solutions.

OT Insights CenterSafety-Critical Clouds in Power Generation – 7 Designs Using Cyber-Informed Engineering

Safety-Critical Clouds in Power Generation – 7 Designs Using Cyber-Informed Engineering

The industrial internet is coming. Reap almost all the benefits with almost none of the risks.

The Industrial Internet of Things (IIoT) is the future of automation in power generation and many other industries. The IIoT promises huge gains in efficiency and flexibility, with cloud-based systems and decision-making at the heart of these gains. Today, even safety-critical and critical-infrastructure (CI) decision-making is moving steadily out into the cloud.

But safety-critical and CI systems deserve engineering-grade cybersecurity. So, how can we provide this for Internet-based clouds?

Watch the webinar where we will look at the problem from the perspective of the new Cyber-Informed Engineering (CIE) initiative and dig into 7 design patterns for different kinds of safety-critical, cloud-based systems. 

In this webinar Andrew Ginter takes us through:

Review the limitations of traditional IT-grade cyber protections for cloud systems.

Explore seven engineering-grade designs for protecting safety-critical and reliability-critical clouds.

Propose design principles for evaluating critical cloud designs.

For practitioners in power generation, OT security, or other critical infrastructures, this is an opportunity to explore two leading edges: the Industrial Internet (future of automation) and CIE (future of OT security).

We hope you can watch the webinar.

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

Rethinking Secure Remote Access for Industrial and OT Networks

August 6, 2025

Unidirectional vs Bidirectional: Complete Integration Guide

July 30, 2025

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

July 20, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Safety-Critical Clouds in Power Generation – 7 Designs Using Cyber-Informed Engineering appeared first on Waterfall Security Solutions.

OT Insights CenterBuilding a Game Plan for OT Remote Access

Building a Game Plan for OT Remote Access

Watch the webinar where we’ll provide an overview of the current landscape of OT remote access solutions and help you make the right decision for your OT network.

OT remote access is seen as essential for many industries – partly to save costs, and partly because physical travel to very distant substations, compressor stations, mine sites, and other physical assets is difficult, time-consuming, and sometimes even dangerous. 

The problem is that there is a bewildering variety of OT remote access solutions out there, with different kinds of needs in different kinds of industries and use cases.

In this webinar Andrew Ginter takes us through:

• Provide an overview of the current landscape of solutions and needs.
  
  
• Recommend a decision process – how to gather critical information, the steps required to make informed decisions in a specific order.
  
  
• Provide examples of the decision process across various industries and contexts – from municipal utilities to backbone / heavy infrastructure to manufacturing and building automation.

Watch the webinar as we "fly low and fast" - in 60 minutes see all the options in one place, and where and why each one makes sense, with concrete examples.

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

13 Ways to Break a Firewall

July 16, 2025

What Is Industrial Control System Software?

July 16, 2025

Cross-Domain Solutions: What They Are, How They Work, and Where You Use Them

July 14, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Building a Game Plan for OT Remote Access appeared first on Waterfall Security Solutions.

OT Insights CenterUnpacking the 2025 OT Cyber Threat Report

Unpacking the 2025 OT Cyber Threat Report

Watch the webinar where we’ll dive deep into the findings of the most credible report in the OT Security industry.

In 2024, there was 146% increase in the number of sites impacted by cyberattacks targeting heavy industry.

The Waterfall Threat Report 2025 brings you comprehensive, verifiable data on cyber attacks that makes it the most trusted resource in the field.

Watch the webinar and join Greg Hale, Editor of ISSSource and Co-founder of ICS Strive, and Andrew Ginter, VP of Industrial Security at Waterfall, as they talk us through today’s threat landscape.

In this webinar Andrew Ginter and Greg Hale take us through:

Discover the latest cybersecurity trends: From nation-state attacks to the explosion of ICS-capable malware, the report uncovers critical patterns.

Understand the shifting landscape: New incident disclosure rules may be hindering transparency, not helping it. Learn why.

Hear directly from the experts: Greg Hale, Editor of ISSSource and Co-founder of ICS Strive, alongside Andrew Ginter, VP of Industrial Security at Waterfall, will guide you through the most pressing findings.

About the speakers

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Greg Hale

Greg Hale is the founder and editor of Industrial Safety and Security Source (ISSSource.com), the website focused on sharing Safety and Security news in the manufacturing automation sector. Prior to starting up ISSSource.com 12 years ago, he was the chief editor of InTech magazine for more than 10 years

Trending posts

Lessons Learned From Incident Response – Episode 139

July 9, 2025

What is OT Cybersecurity?

July 6, 2025

How Industrial Cybersecurity Works in 2025

June 29, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

Share

The post Unpacking the 2025 OT Cyber Threat Report appeared first on Waterfall Security Solutions.

OT Insights Center‘Credibility’ vs. ‘Likelihood’ in OT Security

‘Credibility’ vs. ‘Likelihood’ in OT Security

New Perspectives on High Consequence Security

If we implement the highest 62443 SL4 throughout, have we addressed all credible threats? Do we need strong protections against all credible threats with serious consequences? These are important questions as our OT threat environment continues to deteriorate.

But if “risk = consequence x likelihood,” can we even ask these questions with the word “likelihood”?

In this webinar Andrew Ginter takes us through:

The argument that we need our high-consequence risk and security guidance to stop talking about “likelihood” and start talking about either “frequency” or “credibility,” depending on context.

The cutting-edge debate that is likely to change forever how we think about high-consequence threats

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

13 Ways to Break a Firewall (and alternatives for OT security)

June 25, 2025

Secure Remote Access: Everything You Need to Know in 2025

June 16, 2025

Cross Domain Solutions Explained

June 12, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post ‘Credibility’ vs. ‘Likelihood’ in OT Security appeared first on Waterfall Security Solutions.

Watch our first webinar of the new year as we discuss some of the biggest OT cyberthreats, and risks, that businesses face today.

We measure the strength of a security program by the attacks the program defeats with a high degree of confidence. We measure residual risk as the simplest attacks with significant consequences that the program does not defeat.

In many sites and industries, these residual risks have grown to the point where they are material threats to safe, reliable, and efficient physical operations. With widely available attack tools becoming ever more capable, credible and residual risks are increasing.

In this webinar, Andrew walks us through the attacks, blind spots and the potentially serious consequences for OT networks. If you’re also interested in how global OT security standards are evolving, check out our webinar on new OT cybersecurity guidelines.

Watch now to deepen your knowledge on:

How to identify and mitigate significant OT cyberthreats. For further insights, explore our session on navigating OT remote access technologies.

How to assess residual risk while prioritizing the severity of potential consequences.

Examples of ‘high-risk, severe-consequence threats’, often ignored due to their misleadingly low “severity score.”

Modern methods for effectively managing these blind spots.

About the Speaker

Share

The post From Blind Spots to Action: OT Threats Exposed appeared first on Waterfall Security Solutions.

OT Insights CenterTop 10 Cyberattacks on Industrial and Critical Infrastructure of 2024

Top 10 Cyberattacks on Industrial and Critical Infrastructure of 2024

Watch the webinar as Rees Machtemes takes us on an in-depth look at the most novel, notorious and impactful cyber incidents of 2024 on critical infrastructure around the globe.

As 2024 winds down, we wrap up and discuss the year’s most important cyber incidents that targeted physical operations – in both critical infrastructure and heavy industry. In this webinar, we outline the top ten most impactful incidents and important near-misses that every cybersecurity practitioner should be aware of.

In this webinar, Rees Machtemes takes us through:

The costliest incidents in terms of lost time and money

Incidents impacting safety and human life

How control systems and OT networks were targeted

Threat actors and TTP details

What we might see in the near future in these same themes.

About the Speaker

Rees Machtemes, P.Eng.

Rees is the lead threat researcher for the annual Waterfall / ICSStrive OT Threat Report and writes frequently on the topic of OT / ICS cybersecurity. Being solutions-focused, he champions INL’s Cyber-Informed Engineering program and regularly provides advice and commentary to government agencies and standards bodies issuing OT security guidance.

Rees is a professional engineer with 15 years of industry experience in: power engineering, substation automation design, plant automation, telecommunications, data centres, and IT. He holds a degree in Electrical Engineering from the University of Alberta.

Share

Trending posts

Risks, Rules & Gaps: The Latest on NIS2 and CRA

June 3, 2025

Experience & Challenges Using Asset Inventory Tools – Episode 138

May 27, 2025

Safety-Critical Clouds in Power Generation – 7 Designs Using Cyber-Informed Engineering

April 27, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Top 10 Cyberattacks on Industrial and Critical Infrastructure of 2024 appeared first on Waterfall Security Solutions.

OT Insights CenterOT security standardsWebinar: Evolving Global OT Cyber Guidelines, Recent Developments and What is Driving it

Webinar: Evolving Global OT Cyber Guidelines, Recent Developments and What is Driving it

Watch the webinar for a look into the recent evolution of OT security standards.

Watch the webinar for a look into the recent evolution of OT security standards. There are some common themes in the OT cyber security guidance published in recent years around the world. Governments and standards bodies are feeling the pressure to increase the level of protective measures and methodologies when it comes to highly consequential systems and infrastructure.

In this webinar, Andrew Ginter takes us through:

Who are the countries and standards bodies leading the way?

How Engineering and Security principles are influencing the approach to OT cyber?

What are consequence boundaries and how do they inform an OT security strategy?

Our prediction on the future of OT cyber best practices.

Meet Your Expert Guide:

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

Data Diodes vs. Unidirectional Gateways

April 14, 2025

Selecting OT “Secure” Remote Access Solutions – Options, Criteria & Examples

April 14, 2025

Building a Game Plan for OT Remote Access

March 17, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Webinar: Evolving Global OT Cyber Guidelines, Recent Developments and What is Driving it appeared first on Waterfall Security Solutions.