OT Insights CenterThe Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

Watch the webinar for an in-depth look at the data behind how OT-capable malware has changed over the last 15 years, what's driving this change and how our defenses should evolve to tackle these threats.

In 2024 alone, researchers discovered as many new OT-capable malware families (3) as were found in the previous six years combined—each with the potential to disrupt physical operations in ICS and OT environments. Altogether, in the past 15 years, 10 OT-capable malware were found in the wild.

What’s driving this sudden surge? Who’s behind these threats (none of which, by the way, use AI yet)? And how should our defenses evolve to keep pace with these changing threats?

In this webinar Andrew Ginter takes us through:

Look at the data from the ‘Top 10 ICS/OT-Capable Malware’ since 2010

Compare ransomware-grade OT malware with nation-state-grade OT malware

Examine the differences between autonomous and remote-control malware

Dig deeper into how AI can enable a new wave of autonomous malware in the near future

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

I don’t sign s**t – Episode 143

September 10, 2025

Secure Industrial Remote Access Solutions

August 28, 2025

Remoting Into Renewables – the latest guidelines for secure remote access applied to renewables generation

August 28, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next appeared first on Waterfall Security Solutions.

OT Insights Center13 Ways to Break a Firewall (and alternatives for OT security)

13 Ways to Break a Firewall (and alternatives for OT security)

Firewalls are a go-to for OT security—but how much protection do they really offer? In this webinar, we explore 13+ real-world attack scenarios that defeat firewalls, show where firewalls fall short, and share smarter, stronger alternatives for securing industrial systems.

Firewalls are almost always the second technical step taken to secure
industrial / OT automation systems. But how much security do firewalls impart?

One way to compare the strength of different defensive technologies and designs is to compare the attacks those designs defeat reliably, vs the attacks they do not defeat. In this presentation, we look at firewalls, at attacks that defeat firewalls, and at mitigations, compensating measures and alternatives for and to firewalls.

And yes, the number “13” is a lucky ‘marketing’ number. We will in fact touch on closer to 18 or 19 kinds of attacks/scenarios.

In this webinar Andrew Ginter takes us through:

Which types of cyberattacks firewalls can and can’t stop in industrial environments

Real-world examples of firewall failures

Practical alternatives that strengthen OT security when firewalls fall short

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

NIS2 and the Cyber Resilience Act (CRA) – Episode 142

August 18, 2025

SCADA Security Fundamentals

August 14, 2025

What is OT Network Monitoring?

August 14, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post 13 Ways to Break a Firewall (and alternatives for OT security) appeared first on Waterfall Security Solutions.

OT Insights CenterSafety-Critical Clouds in Power Generation – 7 Designs Using Cyber-Informed Engineering

Safety-Critical Clouds in Power Generation – 7 Designs Using Cyber-Informed Engineering

The industrial internet is coming. Reap almost all the benefits with almost none of the risks.

The Industrial Internet of Things (IIoT) is the future of automation in power generation and many other industries. The IIoT promises huge gains in efficiency and flexibility, with cloud-based systems and decision-making at the heart of these gains. Today, even safety-critical and critical-infrastructure (CI) decision-making is moving steadily out into the cloud.

But safety-critical and CI systems deserve engineering-grade cybersecurity. So, how can we provide this for Internet-based clouds?

Watch the webinar where we will look at the problem from the perspective of the new Cyber-Informed Engineering (CIE) initiative and dig into 7 design patterns for different kinds of safety-critical, cloud-based systems. 

In this webinar Andrew Ginter takes us through:

Review the limitations of traditional IT-grade cyber protections for cloud systems.

Explore seven engineering-grade designs for protecting safety-critical and reliability-critical clouds.

Propose design principles for evaluating critical cloud designs.

For practitioners in power generation, OT security, or other critical infrastructures, this is an opportunity to explore two leading edges: the Industrial Internet (future of automation) and CIE (future of OT security).

We hope you can watch the webinar.

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

What Is ICS (Industrial Control System) Security?

August 14, 2025

Network Duct Tape – Episode 141

August 13, 2025

Credibility, not Likelihood – Episode 140

August 6, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Safety-Critical Clouds in Power Generation – 7 Designs Using Cyber-Informed Engineering appeared first on Waterfall Security Solutions.

OT Insights CenterBuilding a Game Plan for OT Remote Access

Building a Game Plan for OT Remote Access

Watch the webinar where we’ll provide an overview of the current landscape of OT remote access solutions and help you make the right decision for your OT network.

OT remote access is seen as essential for many industries – partly to save costs, and partly because physical travel to very distant substations, compressor stations, mine sites, and other physical assets is difficult, time-consuming, and sometimes even dangerous. 

The problem is that there is a bewildering variety of OT remote access solutions out there, with different kinds of needs in different kinds of industries and use cases.

In this webinar Andrew Ginter takes us through:

• Provide an overview of the current landscape of solutions and needs.
  
  
• Recommend a decision process – how to gather critical information, the steps required to make informed decisions in a specific order.
  
  
• Provide examples of the decision process across various industries and contexts – from municipal utilities to backbone / heavy infrastructure to manufacturing and building automation.

Watch the webinar as we "fly low and fast" - in 60 minutes see all the options in one place, and where and why each one makes sense, with concrete examples.

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

Rethinking Secure Remote Access for Industrial and OT Networks

August 6, 2025

Unidirectional vs Bidirectional: Complete Integration Guide

July 30, 2025

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

July 20, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Building a Game Plan for OT Remote Access appeared first on Waterfall Security Solutions.

OT Insights CenterUnpacking the 2025 OT Cyber Threat Report

Unpacking the 2025 OT Cyber Threat Report

Watch the webinar where we’ll dive deep into the findings of the most credible report in the OT Security industry.

In 2024, there was 146% increase in the number of sites impacted by cyberattacks targeting heavy industry.

The Waterfall Threat Report 2025 brings you comprehensive, verifiable data on cyber attacks that makes it the most trusted resource in the field.

Watch the webinar and join Greg Hale, Editor of ISSSource and Co-founder of ICS Strive, and Andrew Ginter, VP of Industrial Security at Waterfall, as they talk us through today’s threat landscape.

In this webinar Andrew Ginter and Greg Hale take us through:

Discover the latest cybersecurity trends: From nation-state attacks to the explosion of ICS-capable malware, the report uncovers critical patterns.

Understand the shifting landscape: New incident disclosure rules may be hindering transparency, not helping it. Learn why.

Hear directly from the experts: Greg Hale, Editor of ISSSource and Co-founder of ICS Strive, alongside Andrew Ginter, VP of Industrial Security at Waterfall, will guide you through the most pressing findings.

About the speakers

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Greg Hale

Greg Hale is the founder and editor of Industrial Safety and Security Source (ISSSource.com), the website focused on sharing Safety and Security news in the manufacturing automation sector. Prior to starting up ISSSource.com 12 years ago, he was the chief editor of InTech magazine for more than 10 years

Trending posts

13 Ways to Break a Firewall

July 16, 2025

What Is Industrial Control System Software?

July 16, 2025

Cross-Domain Solutions: What They Are, How They Work, and Where You Use Them

July 14, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

Share

The post Unpacking the 2025 OT Cyber Threat Report appeared first on Waterfall Security Solutions.

Watch our first webinar of the new year as we discuss some of the biggest OT cyberthreats, and risks, that businesses face today.

We measure the strength of a security program by the attacks the program defeats with a high degree of confidence. We measure residual risk as the simplest attacks with significant consequences that the program does not defeat.

In many sites and industries, these residual risks have grown to the point where they are material threats to safe, reliable, and efficient physical operations. With widely available attack tools becoming ever more capable, credible and residual risks are increasing.

In this webinar, Andrew walks us through the attacks, blind spots and the potentially serious consequences for OT networks. If you’re also interested in how global OT security standards are evolving, check out our webinar on new OT cybersecurity guidelines.

Watch now to deepen your knowledge on:

How to identify and mitigate significant OT cyberthreats. For further insights, explore our session on navigating OT remote access technologies.

How to assess residual risk while prioritizing the severity of potential consequences.

Examples of ‘high-risk, severe-consequence threats’, often ignored due to their misleadingly low “severity score.”

Modern methods for effectively managing these blind spots.

About the Speaker

Share

The post From Blind Spots to Action: OT Threats Exposed appeared first on Waterfall Security Solutions.

OT Insights CenterOT security standardsAndrew Ginter’s Top 3 Webinars of 2024

Andrew Ginter’s Top 3 Webinars of 2024

Discover Andrew Ginter’s top picks for the most insightful and engaging webinars of 2024, covering key trends and strategies in industrial security.

Andrew Ginter

• December 17, 2024

As 2024 comes to a close, it’s traditional to reflect on the and maybe catch up on bits of reading and events that we missed throughout the year because of our busy schedules. To this end, I recommend to you three of this year’s Waterfall webinars, each an overview of Waterfall or other authors’ reports that read faster when we’ve seen an overview, so each of us can skip faster to the material we find most potentially useful.

My Top Three Webinars of 2024:

1) Cyber Attacks with Physical Consequences – 2024 Threat Report

By the numbers –Waterfall & ICS Strive produce the world’s most conservative and most credible OT / industrial security threat report. In this webinar the authors review the numbers – public disclosures of attacks with physical consequences. And we look at what the numbers mean for the practice and future of industrial cybersecurity.

To read further, the threat report is available here.

2) IEC 62443 for Power Generation

The IEC 62443 standards are cross industry, somewhat out of date, and deliberately vague in many areas – and so need to be interpreted to apply them successfully. In this webinar, Dr. Jesus Molina provides an overview of his report that shows how to interpret and apply the standards to conventional electric power plants.

To read further, the IEC 62443 for Power Generation report is available here.

3) Evolving Global OT Cyber Guidelines

This webinar is a favorite of mine because of big turnout and the thoughtful questions and comments from the audience. In this webinar, we explore the latest developments in OT cybersecurity regulations, standards and guidance worldwide and what these developments mean for industries navigating this complex landscape.

If you would like to read more, I recommend the brand new, multi-national Principles of OT Security – it’s good, and with only 9 pages of payload, it’s an easy read over the holidays.

These are my top 3. If you would like to see even more of our videos, I encourage you to subscribe to the Waterfall Youtube channel where we upload new videos regularly.

Share

Trending posts

Lessons Learned From Incident Response – Episode 139

July 9, 2025

What is OT Cybersecurity?

July 6, 2025

How Industrial Cybersecurity Works in 2025

June 29, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Andrew Ginter’s Top 3 Webinars of 2024 appeared first on Waterfall Security Solutions.

OT Insights CenterOT security standardsWebinar: Evolving Global OT Cyber Guidelines, Recent Developments and What is Driving it

Webinar: Evolving Global OT Cyber Guidelines, Recent Developments and What is Driving it

Watch the webinar for a look into the recent evolution of OT security standards.

Watch the webinar for a look into the recent evolution of OT security standards. There are some common themes in the OT cyber security guidance published in recent years around the world. Governments and standards bodies are feeling the pressure to increase the level of protective measures and methodologies when it comes to highly consequential systems and infrastructure.

In this webinar, Andrew Ginter takes us through:

Who are the countries and standards bodies leading the way?

How Engineering and Security principles are influencing the approach to OT cyber?

What are consequence boundaries and how do they inform an OT security strategy?

Our prediction on the future of OT cyber best practices.

Meet Your Expert Guide:

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 23,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Share

Trending posts

13 Ways to Break a Firewall (and alternatives for OT security)

June 25, 2025

Secure Remote Access: Everything You Need to Know in 2025

June 16, 2025

Cross Domain Solutions Explained

June 12, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Webinar: Evolving Global OT Cyber Guidelines, Recent Developments and What is Driving it appeared first on Waterfall Security Solutions.

OT Insights CenterWebinar: HERA – Hardware-Enforced Remote Access

Webinar: HERA – Hardware-Enforced Remote Access

Watch now the webinar as we look at solutions that are enforced by dedicated hardware, and what benefits such solutions offer over comparable software-only solutions.

Software-based remote access — VPNs, 2FA, firewalls, jump hosts, and more all have vulnerabilities and potential zero-days that are exploited routinely by sophisticated threat actors. In this webinar, we look at problems with and attacks that breach conventional “secure” remote access, and we introduce Waterfall’s HERA — Hardware-Enforced Remote Access. With a layer of hardware-enforced protection, in addition to layers of software protection, HERA represents a material improvement in the security of remote access systems for OT networks, even at unattended sites. With strong client protections, TPM support, session recording, moderated access, moderated sessions, zero trust controls, and many other powerful features, HERA opens up a new era for protected remote access to critical networks.

Please watch our webinar to learn about problems with “secure” remote access and a new, powerful capability for safer remote access to OT systems.

In this webinar, Andrew Ginter takes us through:

What attacks have been breaching 2FA, VPNs and other conventional “secure” remote access solutions? What attacks have been breaching 2FA, VPNs and other conventional “secure” remote access solutions? What attacks have been breaching 2FA, VPNs and other conventional “secure” remote access solutions?

How are these attacks and risks neutralized by hardware enforcement?

How can HERA contribute to strong OT network segmentation and physical segmentation requirements?

And examples of how Hardware Enforced Remote Access would be used day-to-day in an industrial setting.

About the Speaker

Andrew Ginter

VP Industrial Security at Waterfall Security Solutions

Greg Hale

Editor/Founder at ISSSource and co-author of the annual Waterfall / ICS Strive Threat Report

Jim McGlone

CTO at Automation, Strategy & Performance and co-author of the highly-regarded Security PHA Review text

Share

Trending posts

Risks, Rules & Gaps: The Latest on NIS2 and CRA

June 3, 2025

Experience & Challenges Using Asset Inventory Tools – Episode 138

May 27, 2025

Safety-Critical Clouds in Power Generation – 7 Designs Using Cyber-Informed Engineering

April 27, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Webinar: HERA – Hardware-Enforced Remote Access appeared first on Waterfall Security Solutions.

OT Insights CenterMetals & MiningWebinar Recording: Cyber-securing Safety and Equipment Protection Systems in Mining

Webinar Recording: Cyber-securing Safety and Equipment Protection Systems in Mining

Recording of our webinar from May 29th 2024

Waterfall team

• May 30, 2024

Safety is the top priority in almost all mines, and reliable, efficient physical operations are close seconds. Cybersecurity is essential to all these priorities, in a world where automation is remotely accessible and where many mines are the targets of threats from sophisticated ransomware criminals to nation states. In addition, the trend towards cloud computing and cloud-based predictive maintenance services complicates cybersecurity and expands attack opportunities.

The good news is that Cyber-Informed Engineering (CIE) offers a new engineering-friendly approach to understanding and addressing cyber threats that have the potential to impair worker safety and damage long-lead-time equipment.

In this webinar recording, Andrew Ginter discusses:

 The latest cyberattack outage data as we introduce CIE and dig into consequences, blind spots, electro-mechanical mitigations, and network engineering. 

 Comparing engineering-grade designs to IT-grade designs such as “secure” remote access and “secure” by design initiatives – these IT-grade approaches work well for small shoe factories, but have serious limitations in the most consequential mining networks.

We’ll finish with a look at advanced topics – such as data abstraction for safer cloud-based remote control of mining operations.

Watch Now:

Share

Trending posts

Data Diodes vs. Unidirectional Gateways

April 14, 2025

Selecting OT “Secure” Remote Access Solutions – Options, Criteria & Examples

April 14, 2025

Building a Game Plan for OT Remote Access

March 17, 2025

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

• industrial cyber attacks
• NERC CIP
• IEC 62443
• NIST
• OT security Standards

The post Webinar Recording: Cyber-securing Safety and Equipment Protection Systems in Mining appeared first on Waterfall Security Solutions.