compliance – Waterfall Security Solutions https://waterfall-security.com Unbreachable OT security, unlimited OT connectivity Mon, 07 Jul 2025 08:10:34 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.3 https://waterfall-security.com/wp-content/uploads/2023/09/cropped-favicon2-2-32x32.png compliance – Waterfall Security Solutions https://waterfall-security.com 32 32 5 Ways Waterfall Central™ Improves Situational Awareness  https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/5-ways-waterfall-central-improves-situational-awareness/ Thu, 18 Jan 2024 12:07:55 +0000 https://waterfall-security.com/?p=17756 Introducing Waterfall Central: Come for simple remote monitoring of multiple devices, stay for operational awareness.

The post 5 Ways Waterfall Central™ Improves Situational Awareness  appeared first on Waterfall Security Solutions.

]]>
OT Insights CenterOT security standards5 Ways Waterfall Central™ Improves Situational Awareness 

5 Ways Waterfall Central™ Improves Situational Awareness 

Introducing Waterfall Central™: Come for simple remote monitoring of multiple devices, stay for the situational awareness.
Picture of Waterfall team

Waterfall team

WF Central Situational Awareness

Situational awareness (SA) is one of the most important facets when considering any form of security, and especially cybersecurity. Network Operation Centers (NOC) and Security Operation Centers (SOC) are keen to have a strong grasp of what is going on within their scope of responsibilities. This way, they can be proactive instead of reactive to threats, risks, and general operational incidents.  

Waterfall Central™ is a browser-based solution designed to enable personnel responsible for multiple Waterfall devices to easily monitor all their devices.  

Waterfall Central™ is a browser-based solution designed to enable personnel responsible for multiple Waterfall devices to easily monitor all their devices.  

Waterfall Central OT Security Device Dashboard

All Your Waterfall Devices on a Single Pane of Glass

Beyond simply allowing 1 person to monitor multiple Waterfall assets, the Waterfall Central delivers something else: Situational Awareness. If youre an analyst in a NOC (network operating center) or SOC (security operating center) and you need better operational awareness, Waterfall Central™ was designed for you. While Central primarily addresses the increasing demand for monitoring multiple Waterfall appliances, Central can serve other important purposes that facilitate added security. 

5 Examples of Improved Situational Awareness with Waterfall Central™

1. Heartbeat Signal Monitoring

In the event that a Waterfall device stops sending a heartbeat signal, Waterfall Central™ provides immediate awareness. This could be indicative of various issues, such as a loose cable, server room power failure, or a blown fuse. Identifying and addressing such issues promptly can prevent complications.  

2. Real-time Issue Resolution

Waterfall Central™ presents a clear picture of all Waterfall devices on a single screen, allowing for the swift identification and resolution of emerging issues. The built-in wizard generates issue tickets for prompt communication with the OEM, which saves time and helps resolve any issues faster.  

The opposite of situational awareness is ‘being distracted’, so by helping avoid the distraction of chasing down inconsequential incidents and OEM reporting, attention can be applied elsewhere. 

3. Confirmation of OT Connectivity

Central assists in confirming OT connectivity, ensuring that various IT systems are receiving data from Waterfall devices. This feature is particularly valuable when onboarding new solutions to optimize industrial processes, offering a quick way to verify proper integration and functionality. 

4. Automated Alerts for Anomalies

Waterfall Central™ is equipped with built-in alerts that notify users of device failures or abnormalities. These alerts can be configured to draw attention to anomalies that may indicate security incidents or other problems, providing an additional layer of proactive security measures.  

5. Rapid Incident Evaluation

One of the most useful capabilities that comes from having all your Waterfalls on a single pane of glass is knowing that an “incident” is nothing. A good example would be connectivity dropping across many devices at the same time for a few minutes, and then goes back up. Such a scenario is most often just IT resetting an internet router or switch. If such an incident was to be reviewed after-the-fact on each device’s logs, it would probably require a good amount of work before determining it was just an inconsequential event. By seeing all Waterfall devices in real-time, such conclusions can be reached quickly and easily.  

Centralized Security, Better Awareness

By keeping a centralized dashboard for all your Waterfall devices, it is easier to ensure that everything is running smoothly, while reducing the person hours needed to simply confirm certain details and knowing about important issues sooner. And keep in mind this is in addition to the primary benefits that Central has to offer, which is monitoring multiple Waterfalls 

Want to learn more? Contact us

Talk to an OT security expert
Share

Trending posts

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

The post 5 Ways Waterfall Central™ Improves Situational Awareness  appeared first on Waterfall Security Solutions.

]]> Securing Industrial Data Flow to AWS  https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/securing-industrial-data-flow-to-aws/ Tue, 09 Jan 2024 08:45:31 +0000 https://waterfall-security.com/?p=17326 Waterfall is proud to be recognized by Amazon as a validated industry standard for connecting OT systems to the AWS Cloud.

The post Securing Industrial Data Flow to AWS  appeared first on Waterfall Security Solutions.

]]>
OT Insights CenterOT security standardsSecuring Industrial Data Flow to AWS 

Securing Industrial Data Flow to AWS 

Waterfall is proud to be recognized as the industry standard for connecting OT systems to the AWS Cloud.
Picture of Waterfall team

Waterfall team

Connected OT to the Cloud with Waterfall and AWS

As industries embrace the power of the Industrial Internet of Things (IIoT) and other cloud-based technologies to enhance operational efficiencies, a challenge has emerged in bridging the gap between the need for digitization and the importance of securing critical infrastructure systems. The conventional approach of directly connecting Industrial Control Systems (ICS) and Operational Technology (OT) to external networks poses significant cybersecurity risks. After extensive joint lab testing and data validation, Amazon Web Services (AWS) now recommends using Waterfall Unidirectional Gateways as the preferred solution for securely connecting industrial systems to the AWS cloud. 

The delicate balance between digitization and security ​

Waterfall Security and Amazon Web Services both acknowledge the necessity for a balanced approach in advancing digitization, while safeguarding critical infrastructure systems. In line with AWS’s 10 security golden rules for IIoT solutions, AWS recommends deploying security appliances, particularly unidirectional gateways, to regulate the data flow and establish unbreachable one-way connections to external networks and cloud services. This way, data can securely flow to the AWS Cloud for access and function use within AWS’s IoT SiteWise and IoT Core, while any attempt to breach the industrial systems remains physically impossible. 

“AWS recommends deploying security appliances, particularly unidirectional gateways, to regulate the data flow and establish unbreachable one-way connections to external networks and cloud services.”

The power of Unidirectional Gateways

Unidirectional gateways, which are a much more secure alternative to traditional firewalls, ensure a one-way data flow from the OT network to the IT network and the cloud while being physically unable to send traffic in the reverse direction. Unidirectional gateways are compliant with many industry standards such as NERC CIP and ISA/IEC 62443. While deployed behind-the-scenes, these unidirectional gateways play a crucial role in protecting critical infrastructure systems. 

Waterfall Unidirectional Gateway to the AWS Cloud

Option 1 –> Sending OT/IIoT Data to AWS IoT SiteWise: 

Waterfall Security’s Unidirectional Cloud Gateway facilitates the secure transmission of OT/IIoT data to AWS IoT SiteWise. The gateway replicates OPC UA data from an OPC UA server, hosting a replica OPC UA server for the IT network. The AWS IoT SiteWise Edge gateway running on AWS IoT Greengrass collects and sends this data to AWS IoT SiteWise in the cloud, enabling efficient visualization and analysis

OT IIot Data to AWS using SiteWise
Click to enlarge

Option 2 –> Sending OT/IIoT Data to AWS IoT Core: 

Waterfall’s Unidirectional Gateway, acting as an MQTT broker on the industrial network, facilitates the transmission of industrial data to AWS IoT Core using the MQTT protocol. This data can then be routed to various AWS services for processing, such as AWS IoT Events, AWS Lambda, Amazon Kinesis, Amazon Simple Storage Service (Amazon S3), and Amazon Timestream. The Waterfall Unidirectional Gateway ensures a secure and one-way transfer of data, physically removing the possibility of inbound cybersecurity risks. 

Sending IIot data to AWS IoT Core
Click to enlarge

Let the OT data flow to AWS Cloud-based services

In conclusion, Waterfall Security offers a robust solution for securely streaming OT/IIoT data to AWS IoT SiteWise and AWS IoT Core. By leveraging unidirectional gateways, industrial operations can harness the power of AWS cloud services without risks to their ICS/OT environments. This approach not only simplifies OT/IT integration, but also aligns with AWS’s multi-layered security approach outlined in the ten security golden rules for IIoT solutions. Waterfall Security remains committed to enhancing the security of critical infrastructure sectors, providing a foundation for secure, efficient, and digitized industrial operations. 

Talk to an OT security expert
Share

Trending posts

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

The post Securing Industrial Data Flow to AWS  appeared first on Waterfall Security Solutions.

]]> NIS2 Compliance for ICS https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/nis2-compliance-for-ics/ Tue, 17 Oct 2023 11:57:28 +0000 https://waterfall-security.com/?p=12889 The NIS2 Directive is a directive by the European Parliament on the measures that need to be taken for a high common level of cybersecurity across the European Union.

The post NIS2 Compliance for ICS appeared first on Waterfall Security Solutions.

]]>
OT Insights CenterOT security standardsNIS2 Compliance for ICS

NIS2 Compliance for ICS

What are the main takeaways from the new NIS2 Directive and what are the main requirements for compliance?
Picture of Waterfall team

Waterfall team

NIS2 compliance cheat sheet

The NIS2 Directive is a directive by the European Parliament on the measures that need to be taken for a high common level of cybersecurity across the European Union. The NIS2 Directive replaces the previous NIS Directive (EU Directive 2016/1148) and aims to improve the security of crucial services by protecting the networks and information systems of critical and important entities across the EU.

The NIS2 Directive applies to a wide range of organizations, including:

  • Essential entities: These are organizations that provide essential services, such as energy, water, transport, and financial services.

  • Important entities: These are organizations that are not essential entities, but that could have a significant impact on the economy or society if they were to be disrupted by a cyberattack.

  • 3rd parties: Providers and suppliers that want to work with entities that provide essential or important services such as the above two.

The NIS2 Directive applies to “Essential” entities, “Important” entities, and 3rd party providers/suppliers that want to work with those “essential” and “important” entities.

Cybersecurity Measures Required by the NIS2 Directive

The NIS2 Directive is a complex piece of legislation, and there are several different ways that organizations can comply with it. However, the key principles of the directive are risk management, incident response, vulnerability management, security awareness training, and supply chain security.

  • Risk management: Organizations must identify and assess the risks to their networks and information systems. This also includes a person or team that is responsible for handling the decisions that need to be made regarding risk, with the blame falling on them if something goes wrong.

  • Incident response: Organizations must have a plan in place to respond to cybersecurity incidents within 24-hours of the incident. NIS2 also requires organizations to report certain types of cybersecurity incidents to their national authorities.

  • Vulnerability management: Organizations must identify and patch vulnerabilities in their systems in a way that is appropriate for their devices and networks. This use of the term “appropriate” is somewhat ambiguous and it is probably best to err on the side of caution and provide more protection instead of less protection whenever there is any doubt.

  • Security awareness training: Organizations must train their employees on cybersecurity best practices. Sometimes the most secure networks can be compromised by an employee clicking on some phishing link or using a weak password. Avoiding these issues can be greatly mitigated if everyone with access has a good understanding of the type of threats that exist and how to avoid them.

  • Supply chain security: Organizations must also ensure that their 3rd party vendors are taking appropriate cybersecurity measures. This means that not only does the entire internal operation need to comply with NIS2, but also any 3rd party vendors that provide products or services need to comply too.

Overall, the NIS2 Directive represents a significant step forward in the fight against Europe’s cyber threats. By requiring organizations, and their supply chains, to implement stronger cybersecurity measures, the directive will help in protecting critical infrastructure and other important assets from cyberattacks throughout the European Union.

 

Get the NIS2 Compliance Guide for OT Systems
Share

Trending posts

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

The post NIS2 Compliance for ICS appeared first on Waterfall Security Solutions.

]]>