Expert Impressions of Cyber-Informed Engineering
I recently had opportunity to ask experts @Marc Sachs, @Sarah Fluchs and @Aaron Crow about their experience with the new Cyber-Informed Engineering (CIE) initiative.
November 27, 2024
Tag: ics security
Welcome to the resources page! We have compiled a collection of useful information, tools, and resources to help you
Why I Wrote Power Generation OT Security: Applying and Interpreting ISA/IEC 62443 Standards
Power generation is a critical sector facing unique cybersecurity challenges. However, as I researched, it became clear that no document existed to bridge the gap between the general, industry-agnostic ISA/IEC 62443 standards and the specific needs of power generation facilities. In response, I decided to write this ebook.
November 19, 2024
How Likely Is That To Kill Anyone?
IT teams newly responsible for OT security are often appalled with the results of an initial vulnerability assessment. “Patch everything! Patch it now!” is often the directive issued to engineering teams. The correct response to such a directive is “How likely is that to kill anyone?” Engineering teams cannot proceed with any change to a system until they have a clear understanding of the answer. And the answer is almost never “zero likelihood.”
September 26, 2024
Abstraction for Safe Closed-Loop Control by Cloud Systems in Mining
What happens when we close the loop in mining operations? How can we prevent Internet-exposed services being compromised?
May 23, 2024
CWE for Zero Days – not CVE | Episode 126
The Mitre CWE – Common Weakness Enumeration is database talks about kinds of problems that can show up in the future – future zero days – rather than CVE that talks about what vulnerabilities were discovered in the past. Susan Farrell walks us through the CWE and how both vendors and owners and operators use it.
May 19, 2024
Securing OPC DA With Unidirectional Gateways
When it comes to securing OPC DA, nothing compares to the security that a unidirectional gateway provides.
April 18, 2024
Checklist: 9 Best Practices to Safeguard Upstream Oil & Gas Operations from Cyber Attacks
Upstream Oil & Gas production has a unique range of threats and risks to consider when compared to other industrial operations.
Our checklist infographic takes a dive into what to consider and secure when it comes to Upstream operations.
February 14, 2024
How to Properly Cyber Secure an Upstream Oil & Gas Operation
The Waterfall Unidirectional Security Gateway and how it has been applied at Oil & Gas production sites such as oil fields and offshore platforms.
February 13, 2024
Cyber-Informed Engineering Transforms IT/OT Convergence in Oil & Gas Operations
IT/OT integration introduces threats to reliable operations. Connected networks move both data, malware, and remote-control cyber attacks along their wires and cables. In the Oil & Gas industry, E&P, pipelines, and refineries have found that securing IT/OT connections involves more than just having Enterprise Security telling Engineering what to do and Engineering saying “no” to IT over and over.
February 1, 2024
Managing Trust in Massive IIoT Systems | Episode 119
Smart meters, smart cities and the IIoT – when thousands of systems of millions of low-power devices need to talk to each other, and talk between systems, managing trust is hard. Dr. Chris Gorog of BlockFrame walks us through the problem and the work BlockFrame and the University of Colorado have been doing to solve the problem.
January 21, 2024
