
Lessons Learned From Incident Response – Episode 139
Tune in to ‘Lessons Learned From Incident Response’, the latest episode of Waterfall Security’s OT cybersecurity Podcast.
Welcome to the resources page! We have compiled a collection of useful information, tools, and resources to help you
Tune in to ‘Lessons Learned From Incident Response’, the latest episode of Waterfall Security’s OT cybersecurity Podcast.
In this episode, Brian Derrico of Trident Cyber Partners walks us through what it’s like to use inventory tools – different kinds of tools in different environments – which have become almost ubiquitous as main offerings or add-ons to OT security solutions.
Get up to speed on key trends and strategies in industrial security with Andrew Ginter’s favorite webinars of 2024,
Sit back and enjoy Andrew Ginter’s top 3 picks from 2024’s Industrial Security Podcast series.
Spoiler Alert: Yes, investing in OT security is very much “worth it”. It helps prevent financial losses, operational disruptions, and compliance penalties far exceeding initial costs. The average ROI can reach up to 400%, ensuring both protection and operational continuity.
I recently had opportunity to ask experts @Marc Sachs, @Sarah Fluchs and @Aaron Crow about their experience with the new Cyber-Informed Engineering (CIE) initiative.
Power generation is a critical sector facing unique cybersecurity challenges. However, as I researched, it became clear that no document existed to bridge the gap between the general, industry-agnostic ISA/IEC 62443 standards and the specific needs of power generation facilities. In response, I decided to write this ebook.
IT teams newly responsible for OT security are often appalled with the results of an initial vulnerability assessment. “Patch everything! Patch it now!” is often the directive issued to engineering teams. The correct response to such a directive is “How likely is that to kill anyone?” Engineering teams cannot proceed with any change to a system until they have a clear understanding of the answer. And the answer is almost never “zero likelihood.”
What happens when we close the loop in mining operations? How can we prevent Internet-exposed services being compromised?
The Mitre CWE – Common Weakness Enumeration is database talks about kinds of problems that can show up in the future – future zero days – rather than CVE that talks about what vulnerabilities were discovered in the past. Susan Farrell walks us through the CWE and how both vendors and owners and operators use it.