Webinar – Waterfall Security Solutions

Webinar: 2026 OT Cyber Threat Report

Andrew Ginter — Wed, 25 Feb 2026 11:01:05 +0000

OT Insights CenterWebinar: 2026 OT Cyber Threat Report

Webinar: 2026 OT Cyber Threat Report

Ransomware is down, nation state/hacktivists are up.

In 2025, 57 cyber attacks caused real-world damage in heavy industry, world-wide. This is a 25% drop from 2024, but that’s the tip of the iceberg

Most of this reduction is because of temporary factors affecting ransomware attacks. Nation-state and hacktivist attacks doubled, with most attacks targeting critical infrastructures.

This is the only industry report focused exclusively on verified cyber incidents with physical consequences. The data set is public, all the incidents we use are included in the report’s appendix with links to public news reports

Highlighted attacks include:

Jaguar / LandRover – the most costly production shutdown in a decade,
Colins Aerospace – a crippled software system caused flight cancellations and delays for weeks – highlighting the need for rapid recovery or manual fall-backs for critical systems operated and managed by third parties,
Grounded and mis-directed ships – again highlighted the need for multiple independent checks on important external inputs, such as GPS signals, and
Polish distributed generation – a near miss because the lights stayed on, an example of the Russian nation state targeting European critical infrastructures, and a cautionary tale about “bricking” control equipment.

On Wed. March 25th, join Greg Hale of ICS Strive and Andrew Ginter of Waterfall Security, to explore what lies beneath all of 2025's OT breaches with physical consequences.

Key Takeaways:

Record-breaking costs of consequences

What is behind the drop in ransomware attacks

Key defensive developments of 2025, in light of these threats

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 35,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Register Now

The post Webinar: 2026 OT Cyber Threat Report appeared first on Waterfall Security Solutions.

Applying the New NCSC / CISA Guidance

Andrew Ginter — Tue, 20 Jan 2026 14:09:48 +0000

OT Insights Center OT security standardsApplying the New NCSC / CISA Guidance

Applying the New NCSC / CISA Guidance

8 principles for secure OT connectivity

New guidance from the UK NCSC, co-signed by CISA, BSI, Australia’s ACSC and others,  introduces significant updates for securing critical infrastructure.

In this webinar we will review the 8 principles and dozens of sub-principles, while introducing a simple grid for visualizing coverage. We apply the grid to network architectures typically seen in power generation, pipelines and passenger metros, evaluating the residual risk for each architecture in light of this guidance.

In this webinar, Andrew Ginter takes us through:

Aggressive patching for Internet-exposed and IT-exposed equipment.

Centralizing dangerous IT and Internet connectivity

Designing communications to simplify inspection

Hardening the IT/OT interface with hardware-enforced remote access and unidirectional technologies

Firewalled micro-segmentation to control lateral movement

“Browsing down” for engineering workstations

Managing “break-glass” accounts

New designs for unidirectional hardware in emergency islanding / isolation scenarios

About the Speaker

Andrew Ginter

Waterfall Security Solutions recognized by Gartner®

March 9, 2026

Consequential OT Breaches Dropped in 2025 – What Happened?

March 5, 2026

How to Apply the NCSC/CISA 2026 Guidance

March 1, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Applying the New NCSC / CISA Guidance appeared first on Waterfall Security Solutions.

Bringing Engineering on Board and Resetting IT Expectations

Andrew Ginter — Thu, 25 Dec 2025 06:55:37 +0000

OT Insights CenterBringing Engineering on Board and Resetting IT Expectations

Bringing Engineering on Board and Resetting IT Expectations

Watch the webinar for a revealing deep dive into the real causes behind the dysfunctional relationship between IT security and OT engineering teams—and discover actionable strategies to build trust, alignment, and true cooperation.

In many organizations the relationship between IT/enterprise security and OT/engineering teams is dysfunctional. These teams work in the same organization, support the same mission, and even address many of the same threats, but when they sit down together it sounds like they need relationship counseling. Much has been written about the problem. Most of that writing misses the point, focusing on symptoms, not root causes. In this webinar we dig into causes, solutions and how to ask the right questions to guide the relationship into healthy cooperation.

In this webinar you will learn:

Consequence is one root cause of OT/IT differences – we cannot restore human lives and damaged equipment from backups

Another root cause – we defeat OT sabotage with many of the same tools as we defeat IT espionage, but we must use those tools differently

Who manages OT equipment is less important than how that equipment is managed

We need to avoid common mistakes regarding inertia, criticality, credibility, and consequences

About the Speaker

Andrew Ginter

Webinar: 2026 OT Cyber Threat Report

February 25, 2026

2026 OT Cyber Threat Report

February 18, 2026

Groundbreaking OT Security Guidance

February 5, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Bringing Engineering on Board and Resetting IT Expectations appeared first on Waterfall Security Solutions.

Top 10 OT Cyber Attacks of 2025

Andrew Ginter — Mon, 24 Nov 2025 12:40:42 +0000

OT Insights CenterTop 10 OT Cyber Attacks of 2025

Top 10 OT Cyber Attacks of 2025

In this webinar Andrew Ginter takes us through the most unusual and most consequential cyber attacks thus far in 2025 targeting critical infrastructures around the globe.

Watch the webinar for a comprehensive review of the cyber incidents that shaped the industrial landscape in 2025. We will analyze the year’s most disruptive attacks, breaking down the operational downtime, financial costs, and impacts on public safety. Beyond the damage reports, we will explore the specific targeting methods used by adversaries as documented in the public record. The session concludes with a first look at the preliminary findings from Waterfall’s highly anticipated 2026 OT Threat Report.

In the fading days of 2025, we look back at cyber attacks that impaired operations in heavy industry and critical industrial infrastructures in the year thus far. We look at:

The most consequential incidents in terms of downtime and dollar cost

Incidents affecting public safety and infrastructures

What is in the public record about how these systems were targeted

About the Speaker

Andrew Ginter

Applying the New NCSC / CISA Guidance

January 20, 2026

IT/OT Cyber Theory: Espionage vs. Sabotage

January 6, 2026

Ships Re-Routed, Ships Run Aground

January 6, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Top 10 OT Cyber Attacks of 2025 appeared first on Waterfall Security Solutions.

Security by Design- The New Imperative for Rail Systems

Waterfall team — Tue, 04 Nov 2025 07:00:36 +0000

OT Insights Center TransportationSecurity by Design- The New Imperative for Rail Systems

Security by Design- The New Imperative for Rail Systems

An introduction to the UITP Report & Real-World Applications

Watch the webinar for an in-depth exploration of the UITP “Design for Security of Safety-Critical Systems” report — a groundbreaking framework for integrating cybersecurity into rail Safety Instrumented Systems (SIL 1–SIL 4) across their entire lifecycle. Aligned with the soon-to-be-published IEC 63452 and other key safety standards, this session will provide rail operators, suppliers, and cybersecurity professionals with practical insights on applying security-by-design principles to real-world challenges. Discover how industry leaders are addressing the intersection of safety and cybersecurity, the growing impact of AI-driven threats, and the new engineering principles shaping the future of secure rail systems.

In the webinar, attendees will come away understanding:

Key findings from the UITP report and their impact on rail safety and cybersecurity

Real-world insights from Waterfall Security, MTA and Alstom on implementing recommendations

Open discussion on challenges, solutions, and best practices for embedding cybersecurity in safety-critical systems.

About the Speakers

Serge Van Themsche

Senior Consultant for Waterfall Security,
Co-Leader of the UITP Report

Eddy Thésée

Vice President Digital & Cyber Platform at Alstom

Shea McKinney

Deputy Chief Information Security Officer OT at MTA,
Contributor to the UITP Report

Michael J. Wong

Cybersecurity Director at MTA,
Contributor to the UITP Report

New CISA, CCCS et al Alert | Advice on Pro-Russian Hacktivists Targeting

January 6, 2026

Bringing Engineering on Board and Resetting IT Expectations

December 25, 2025

We can’t – and shouldn’t – fix everything – Episode 147

December 17, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Security by Design- The New Imperative for Rail Systems appeared first on Waterfall Security Solutions.

Analyzing Recent NIS2 Regulations – OT security is changing

Andrew Ginter — Sun, 05 Oct 2025 07:16:29 +0000

OT Insights Center OT security standardsAnalyzing Recent NIS2 Regulations – OT security is changing

Analyzing Recent NIS2 Regulations – OT security is changing

Watch the webinar with SecuriOT for an in-depth look at the Recent NIS2 Regulations

One EU nation after another is releasing new regulations for their energy infrastructures to comply with the NIS2 directive. Jørgen Hartig of SecuriOT in Denmark joins us to look at the recent Danish, Norwegian, Finnish and other rules. We compare the rules to each other, to long-standing NERC CIP regulations in North America, and to the IEC 62443 cross-industry standards. And we dig into what’s new – consequence boundaries, OT/IT dependencies and more – and we look at what are the new concepts and ways of thinking that are at the core these new security measures.

Attendees will come away understanding:

What are the rules, who do they apply to, and to what degree?

What’s new – for example requirements for manual operations, spare parts, IT/OT data flow inventories, OT isolation and IT/OT dependencies?

What are the unifying concepts underlying the new security requirements?

About the Speaker

Andrew Ginter

Jørgen Hartig

Jørgen Hartig (OT Security Specialist | Founder at SecuriOT) bring practical, hands-on experience to the complex challenges of operational technology (OT) security. Jørgen Hartig work closely with clients to ensure compliance with NIS2, IEC 62443, NIST CSF, etc., making sure that security strategies are not only compliant but also resilient, scalable, and tailored to the operational reality on the ground.

Medical Device Cybersecurity Is Tricky – Episode 146

December 11, 2025

Hardware Hacking – Essential OT Attack Knowledge – Episode 145

November 26, 2025

Top 10 OT Cyber Attacks of 2025

November 24, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Analyzing Recent NIS2 Regulations – OT security is changing appeared first on Waterfall Security Solutions.

Remoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation

Andrew Ginter — Thu, 28 Aug 2025 12:03:00 +0000

OT Insights Center PowerRemoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation

Remoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation

Watch the webinar to learn how secure access can enhance both safety and performance in renewable energy operations.

As renewable energy continues to dominate new power generation projects across North America and the EU, organizations must find ways to support remote operations without compromising cybersecurity. Wind and solar sites, often remote and digitally connected, demand secure access solutions that meet both operational and regulatory needs.

This webinar explores how energy leaders are balancing efficiency with cyber resilience. We’ll cover the latest guidance from CISA, CCCS, and others, with a spotlight on hardware-enforced, unidirectional remote access, now widely recommended for high-consequence OT environments.

Whether you're planning a new facility or optimizing an existing one, you'll gain insights into:

The business impact of secure remote access

Safe, scalable deployment strategies

Aligning cybersecurity with operational goals

Real-world adoption: how renewables operators are deploying these technologies today.

About the Speakers

Andrew Ginter

Lior Frenkel

With more than 20 years of hardware and software research and development experience, Mr. Frenkel leads Waterfall Security with extensive business and management expertise. As part of his thought leadership and contribution for the industry, Lior serves as member of management at Israeli High-Tech Association (HTA), of the Manufacturers’ Association of Israel and Chairman of the Cyber Forum of HTA.

Cyber Threats to the Manufacturing Industry: Risks, Impact, and Protection Strategies

November 11, 2025

Top Oil and Gas Security Challenges and Best Practices for Protection

November 11, 2025

Data Diode vs Firewall: Understanding the Key Differences in OT Security

November 4, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Remoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation appeared first on Waterfall Security Solutions.

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

Andrew Ginter — Sun, 20 Jul 2025 18:36:58 +0000

OT Insights CenterThe Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

Watch the webinar for an in-depth look at the data behind how OT-capable malware has changed over the last 15 years, what's driving this change and how our defenses should evolve to tackle these threats.

In 2024 alone, researchers discovered as many new OT-capable malware families (3) as were found in the previous six years combined—each with the potential to disrupt physical operations in ICS and OT environments. Altogether, in the past 15 years, 10 OT-capable malware were found in the wild.

What’s driving this sudden surge? Who’s behind these threats (none of which, by the way, use AI yet)? And how should our defenses evolve to keep pace with these changing threats?

In this webinar Andrew Ginter takes us through:

Look at the data from the ‘Top 10 ICS/OT-Capable Malware’ since 2010

Compare ransomware-grade OT malware with nation-state-grade OT malware

Examine the differences between autonomous and remote-control malware

Dig deeper into how AI can enable a new wave of autonomous malware in the near future

About the Speaker

Andrew Ginter

Security by Design- The New Imperative for Rail Systems

November 4, 2025

Cybersecurity Risk Assessment for Public Transport OT Environments: A Practical Guide

October 30, 2025

Managing Risk with Digital Twins – What Do We Do Next? – Episode 144

October 20, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next appeared first on Waterfall Security Solutions.

13 Ways to Break a Firewall (and alternatives for OT security)

Andrew Ginter — Wed, 25 Jun 2025 10:06:43 +0000

OT Insights Center13 Ways to Break a Firewall (and alternatives for OT security)

13 Ways to Break a Firewall (and alternatives for OT security)

Firewalls are a go-to for OT security—but how much protection do they really offer? In this webinar, we explore 13+ real-world attack scenarios that defeat firewalls, show where firewalls fall short, and share smarter, stronger alternatives for securing industrial systems.

Firewalls are almost always the second technical step taken to secure
industrial / OT automation systems. But how much security do firewalls impart?

One way to compare the strength of different defensive technologies and designs is to compare the attacks those designs defeat reliably, vs the attacks they do not defeat. In this presentation, we look at firewalls, at attacks that defeat firewalls, and at mitigations, compensating measures and alternatives for and to firewalls.

And yes, the number “13” is a lucky ‘marketing’ number. We will in fact touch on closer to 18 or 19 kinds of attacks/scenarios.

In this webinar Andrew Ginter takes us through:

Which types of cyberattacks firewalls can and can’t stop in industrial environments

Real-world examples of firewall failures

Practical alternatives that strengthen OT security when firewalls fall short

About the Speaker

Andrew Ginter

IT & OT Relationship Management

October 20, 2025

Analyzing Recent NIS2 Regulations – OT security is changing

October 5, 2025

Doing the Math – Remote Access at Wind Farms

September 22, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post 13 Ways to Break a Firewall (and alternatives for OT security) appeared first on Waterfall Security Solutions.

Risks, Rules & Gaps: The Latest on NIS2 and CRA

Andrew Ginter — Tue, 03 Jun 2025 09:05:07 +0000

OT Insights CenterRisks, Rules & Gaps: The Latest on NIS2 and CRA

Risks, Rules & Gaps: The Latest on NIS2 and CRA

Watch the webinar for a look at the latest developments in member state legislation to comply with NIS2, and at how the Cyber Resilience Act (CRA) is affecting both industrial automation manufacturers as well as owners and operators in different kinds of industries.

With the NIS 2 Directive and the Cyber Resilience Act (CRA), cybersecurity requirements are increasing for critical infrastructures as well as industrial automation and other products in the European Union.

But the road to stronger requirements is not all smooth. While NIS 2 has been in force since 2023, some Member States have not yet transposed the Directive into national law, even though the deadline for transposition has already passed. And the national laws implementing NIS-2 differ in each Member State, though with NIS-2 there is minimum degree of harmonization.

Finally, while the new CRA contains new harmonized requirements for products with digital elements, there are corner cases that seem to make little sense, especially when applying CRA-compliant products to change-controlled critical infrastructures.

Watch the webinar featuring Christine Kiefer LL.M from Reusch Law and Andrew Ginter from Waterfall Security, to learn more about the latest developments in cybersecurity law in the European Union.

Christine Kiefer

Attorney-at-Law Christina Kiefer, LL.M. (Oslo) is a Senior Associate in the Digital Business Unit of reuschlaw in Saarbrücken, advising companies and public institutions on data protection and cybersecurity as well as IT and contract law.

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Risks, Rules & Gaps: The Latest on NIS2 and CRA appeared first on Waterfall Security Solutions.

Webinar – Waterfall Security Solutions

Webinar: 2026 OT Cyber Threat Report

Webinar: 2026 OT Cyber Threat Report

Ransomware is down, nation state/hacktivists are up.

On Wed. March 25th, join Greg Hale of ICS Strive and Andrew Ginter of Waterfall Security, to explore what lies beneath all of 2025's OT breaches with physical consequences.Key Takeaways:

About the Speaker

Andrew Ginter

Register Now

Share

Applying the New NCSC / CISA Guidance

Applying the New NCSC / CISA Guidance

8 principles for secure OT connectivity

In this webinar, Andrew Ginter takes us through:

About the Speaker

Andrew Ginter

Share

Trending posts

Stay up to date

Tags

Bringing Engineering on Board and Resetting IT Expectations

Bringing Engineering on Board and Resetting IT Expectations

Watch the webinar for a revealing deep dive into the real causes behind the dysfunctional relationship between IT security and OT engineering teams—and discover actionable strategies to build trust, alignment, and true cooperation.

In this webinar you will learn:

About the Speaker

Andrew Ginter

Share

Trending posts

Stay up to date

Tags

Top 10 OT Cyber Attacks of 2025

Top 10 OT Cyber Attacks of 2025

In this webinar Andrew Ginter takes us through the most unusual and most consequential cyber attacks thus far in 2025 targeting critical infrastructures around the globe.

In the fading days of 2025, we look back at cyber attacks that impaired operations in heavy industry and critical industrial infrastructures in the year thus far. We look at:

About the Speaker

Andrew Ginter

Share

Trending posts

Stay up to date

Tags

Security by Design- The New Imperative for Rail Systems

Security by Design- The New Imperative for Rail Systems

An introduction to the UITP Report & Real-World Applications

In the webinar, attendees will come away understanding:

About the Speakers

Serge Van Themsche

Eddy Thésée

Shea McKinney

Michael J. Wong

Share

Trending posts

Stay up to date

Tags

Analyzing Recent NIS2 Regulations – OT security is changing

Analyzing Recent NIS2 Regulations – OT security is changing

Watch the webinar with SecuriOT for an in-depth look at the Recent NIS2 Regulations

Attendees will come away understanding:

About the Speaker

Andrew Ginter

Jørgen Hartig

Share

Trending posts

Stay up to date

Tags

Remoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation

Remoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation

Watch the webinar to learn how secure access can enhance both safety and performance in renewable energy operations.

Whether you're planning a new facility or optimizing an existing one, you'll gain insights into:

About the Speakers

Andrew Ginter

Lior Frenkel

Share

Trending posts

Stay up to date

Tags

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

Watch the webinar for an in-depth look at the data behind how OT-capable malware has changed over the last 15 years, what's driving this change and how our defenses should evolve to tackle these threats.

In this webinar Andrew Ginter takes us through:

About the Speaker

Andrew Ginter

On Wed. March 25th, join Greg Hale of ICS Strive and Andrew Ginter of Waterfall Security, to explore what lies beneath all of 2025's OT breaches with physical consequences.

Key Takeaways: