Tag: ot security

Welcome to the resources page! We have compiled a collection of useful information, tools, and resources to help you

OT Security blog post about how likely a security flaw might end up unaliving someone

How Likely Is That To Kill Anyone?

IT teams newly responsible for OT security are often appalled with the results of an initial vulnerability assessment. “Patch everything! Patch it now!” is often the directive issued to engineering teams. The correct response to such a directive is “How likely is that to kill anyone?” Engineering teams cannot proceed with any change to a system until they have a clear understanding of the answer. And the answer is almost never “zero likelihood.”

Read More »
AI Generated OT Payloads - Jesus Molina Blog

The Art of AI-Generated OT Payloads: From Mischief to Existential Threat

Almost 10 years ago, I managed to take control of every appliance in a 200-room hotel. I could raise the blinds in each room, change the TV channels, adjust the outside lighting, modify the temperature settings, and more. I had complete control. In the years since, to my surprise, the number one question I was asked wasn’t “How did you do it?” but rather “With the control you had, what’s the worst thing you could have done?”

Read More »
Cybersecurity approaches unique to OT security

Cybersecurity Approaches Unique to OT Security

The engineering profession has powerful tools to address physical risk, tools that should be applied to OT cyber risks much more routinely than they are today. For example: mechanical over-pressure relief valves prevent boilers from exploding for any reason, cyber attack or otherwise. These powerful tools are too often neglected for cyber threats because they have no analogue in IT security – they not even mentioned in most cybersecurity standards, regulations and advice.

Read More »
are we still trying to protect industrial information

OT Security: Are We Protecting the Information?

Industrial network engineers have always been uneasy with the task of “protecting information”. The real priority for OT security is in stopping inbound malicious information from entering the system and threatening machinery and workers.

Read More »