ics security Archives - Waterfall Security Solutions

Lessons Learned From Incident Response – Episode 139

Tune in to ‘Lessons Learned From Incident Response’, the latest episode of Waterfall Security’s OT cybersecurity Podcast.

July 9, 2025

Experience & Challenges Using Asset Inventory Tools – Episode 138

In this episode, Brian Derrico of Trident Cyber Partners walks us through what it’s like to use inventory tools – different kinds of tools in different environments – which have become almost ubiquitous as main offerings or add-ons to OT security solutions.

May 27, 2025

Andrew Ginter’s Top 3 Webinars of 2024

Get up to speed on key trends and strategies in industrial security with Andrew Ginter’s favorite webinars of 2024,

December 17, 2024

Andrew Ginter's top 3 podcasts from 2024

Andrew Ginter’s Top 3 Podcast Episodes of 2024

Sit back and enjoy Andrew Ginter’s top 3 picks from 2024’s Industrial Security Podcast series.

December 16, 2024

Are OT Security Investments Worth It?

Spoiler Alert: Yes, investing in OT security is very much “worth it”. It helps prevent financial losses, operational disruptions, and compliance penalties far exceeding initial costs. The average ROI can reach up to 400%, ensuring both protection and operational continuity.

December 8, 2024

Expert Impressions of Cyber-Informed Engineering

I recently had opportunity to ask experts @Marc Sachs, @Sarah Fluchs and @Aaron Crow about their experience with the new Cyber-Informed Engineering (CIE) initiative.

November 27, 2024

Why I Wrote Power Generation OT Security: Applying and Interpreting ISA/IEC 62443 Standards

Power generation is a critical sector facing unique cybersecurity challenges. However, as I researched, it became clear that no document existed to bridge the gap between the general, industry-agnostic ISA/IEC 62443 standards and the specific needs of power generation facilities. In response, I decided to write this ebook.

November 19, 2024

OT Security blog post about how likely a security flaw might end up unaliving someone

How Likely Is That To Kill Anyone?

IT teams newly responsible for OT security are often appalled with the results of an initial vulnerability assessment. “Patch everything! Patch it now!” is often the directive issued to engineering teams. The correct response to such a directive is “How likely is that to kill anyone?” Engineering teams cannot proceed with any change to a system until they have a clear understanding of the answer. And the answer is almost never “zero likelihood.”

September 26, 2024

Abstraction for Safe Closed-Loop Control by Cloud Systems in Mining

What happens when we close the loop in mining operations? How can we prevent Internet-exposed services being compromised?

May 23, 2024

Susan Farrell joins to discuss weaknesses vs vulnerabilities

CWE for Zero Days – not CVE | Episode 126

The Mitre CWE – Common Weakness Enumeration is database talks about kinds of problems that can show up in the future – future zero days – rather than CVE that talks about what vulnerabilities were discovered in the past. Susan Farrell walks us through the CWE and how both vendors and owners and operators use it.

May 19, 2024

Tag: ics security