webinar – Waterfall Security Solutions

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

Andrew Ginter — Sun, 20 Jul 2025 18:36:58 +0000

OT Insights CenterThe Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

Watch the webinar for an in-depth look at the data behind how OT-capable malware has changed over the last 15 years, what's driving this change and how our defenses should evolve to tackle these threats.

In 2024 alone, researchers discovered as many new OT-capable malware families (3) as were found in the previous six years combined—each with the potential to disrupt physical operations in ICS and OT environments. Altogether, in the past 15 years, 10 OT-capable malware were found in the wild.

What’s driving this sudden surge? Who’s behind these threats (none of which, by the way, use AI yet)? And how should our defenses evolve to keep pace with these changing threats?

In this webinar Andrew Ginter takes us through:

Look at the data from the ‘Top 10 ICS/OT-Capable Malware’ since 2010

Compare ransomware-grade OT malware with nation-state-grade OT malware

Examine the differences between autonomous and remote-control malware

Dig deeper into how AI can enable a new wave of autonomous malware in the near future

About the Speaker

Andrew Ginter

Andrew Ginter is the most widely-read author in the industrial security space, with over 35,000 copies of his three books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

3 OT Security Myths

May 10, 2026

Webinar: Everything You Know About OT Security Is Wrong

May 5, 2026

8 (and a Half) Questions for Your OT “Secure” Remote Access Vendors

April 1, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next appeared first on Waterfall Security Solutions.

13 Ways to Break a Firewall (and alternatives for OT security)

Andrew Ginter — Wed, 25 Jun 2025 10:06:43 +0000

OT Insights Center13 Ways to Break a Firewall (and alternatives for OT security)

13 Ways to Break a Firewall (and alternatives for OT security)

Firewalls are a go-to for OT security—but how much protection do they really offer? In this webinar, we explore 13+ real-world attack scenarios that defeat firewalls, show where firewalls fall short, and share smarter, stronger alternatives for securing industrial systems.

Firewalls are almost always the second technical step taken to secure
industrial / OT automation systems. But how much security do firewalls impart?

One way to compare the strength of different defensive technologies and designs is to compare the attacks those designs defeat reliably, vs the attacks they do not defeat. In this presentation, we look at firewalls, at attacks that defeat firewalls, and at mitigations, compensating measures and alternatives for and to firewalls.

And yes, the number “13” is a lucky ‘marketing’ number. We will in fact touch on closer to 18 or 19 kinds of attacks/scenarios.

In this webinar Andrew Ginter takes us through:

Which types of cyberattacks firewalls can and can’t stop in industrial environments

Real-world examples of firewall failures

Practical alternatives that strengthen OT security when firewalls fall short

About the Speaker

Andrew Ginter

Webinar: 13 Ways To Break “Secure” OT Remote Access Systems

March 29, 2026

Webinar: 2026 OT Cyber Threat Report

March 25, 2026

80K Stryker Devices Wiped Following Iran-Attributed Attack

March 24, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post 13 Ways to Break a Firewall (and alternatives for OT security) appeared first on Waterfall Security Solutions.

Building a Game Plan for OT Remote Access

Andrew Ginter — Mon, 17 Mar 2025 09:39:41 +0000

OT Insights CenterBuilding a Game Plan for OT Remote Access

Building a Game Plan for OT Remote Access

Watch the webinar where we’ll provide an overview of the current landscape of OT remote access solutions and help you make the right decision for your OT network.

OT remote access is seen as essential for many industries – partly to save costs, and partly because physical travel to very distant substations, compressor stations, mine sites, and other physical assets is difficult, time-consuming, and sometimes even dangerous.

The problem is that there is a bewildering variety of OT remote access solutions out there, with different kinds of needs in different kinds of industries and use cases.

In this webinar Andrew Ginter takes us through:

Provide an overview of the current landscape of solutions and needs.
Recommend a decision process – how to gather critical information, the steps required to make informed decisions in a specific order.
Provide examples of the decision process across various industries and contexts – from municipal utilities to backbone / heavy infrastructure to manufacturing and building automation.

Watch the webinar as we "fly low and fast" - in 60 minutes see all the options in one place, and where and why each one makes sense, with concrete examples.

Andrew Ginter

Cyber-Informed Engineering Recognized with Cyber Policy Award for Research Impact

March 18, 2026

Waterfall Security Solutions recognized by Gartner®

March 9, 2026

Consequential OT Breaches Dropped in 2025 – What Happened?

March 5, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Building a Game Plan for OT Remote Access appeared first on Waterfall Security Solutions.

Unpacking the 2025 OT Cyber Threat Report

Andrew Ginter — Wed, 26 Feb 2025 09:31:45 +0000

OT Insights CenterUnpacking the 2025 OT Cyber Threat Report

Unpacking the 2025 OT Cyber Threat Report

Watch the webinar where we’ll dive deep into the findings of the most credible report in the OT Security industry.

In 2024, there was 146% increase in the number of sites impacted by cyberattacks targeting heavy industry.

The Waterfall Threat Report 2025 brings you comprehensive, verifiable data on cyber attacks that makes it the most trusted resource in the field.

Watch the webinar and join Greg Hale, Editor of ISSSource and Co-founder of ICS Strive, and Andrew Ginter, VP of Industrial Security at Waterfall, as they talk us through today’s threat landscape.

In this webinar Andrew Ginter and Greg Hale take us through:

Discover the latest cybersecurity trends: From nation-state attacks to the explosion of ICS-capable malware, the report uncovers critical patterns.

Understand the shifting landscape: New incident disclosure rules may be hindering transparency, not helping it. Learn why.

Hear directly from the experts: Greg Hale, Editor of ISSSource and Co-founder of ICS Strive, alongside Andrew Ginter, VP of Industrial Security at Waterfall, will guide you through the most pressing findings.

About the speakers

Andrew Ginter

Greg Hale

Greg Hale is the founder and editor of Industrial Safety and Security Source (ISSSource.com), the website focused on sharing Safety and Security news in the manufacturing automation sector. Prior to starting up ISSSource.com 12 years ago, he was the chief editor of InTech magazine for more than 10 years

How to Apply the NCSC/CISA 2026 Guidance

March 1, 2026

Webinar: 2026 OT Cyber Threat Report

February 25, 2026

2026 OT Cyber Threat Report

February 18, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Unpacking the 2025 OT Cyber Threat Report appeared first on Waterfall Security Solutions.

Andrew Ginter’s Top 3 Webinars of 2024

Andrew Ginter — Tue, 17 Dec 2024 11:38:14 +0000

OT Insights Center OT security standardsAndrew Ginter’s Top 3 Webinars of 2024

Andrew Ginter’s Top 3 Webinars of 2024

Discover Andrew Ginter’s top picks for the most insightful and engaging webinars of 2024, covering key trends and strategies in industrial security.

Andrew Ginter

December 17, 2024

As 2024 comes to a close, it’s traditional to reflect on the and maybe catch up on bits of reading and events that we missed throughout the year because of our busy schedules. To this end, I recommend to you three of this year’s Waterfall webinars, each an overview of Waterfall or other authors’ reports that read faster when we’ve seen an overview, so each of us can skip faster to the material we find most potentially useful.

My Top Three Webinars of 2024:

1) Cyber Attacks with Physical Consequences – 2024 Threat Report

By the numbers –Waterfall & ICS Strive produce the world’s most conservative and most credible OT / industrial security threat report. In this webinar the authors review the numbers – public disclosures of attacks with physical consequences. And we look at what the numbers mean for the practice and future of industrial cybersecurity.

To read further, the threat report is available here.

2) IEC 62443 for Power Generation

The IEC 62443 standards are cross industry, somewhat out of date, and deliberately vague in many areas – and so need to be interpreted to apply them successfully. In this webinar, Dr. Jesus Molina provides an overview of his report that shows how to interpret and apply the standards to conventional electric power plants.

To read further, the IEC 62443 for Power Generation report is available here.

3) Evolving Global OT Cyber Guidelines

This webinar is a favorite of mine because of big turnout and the thoughtful questions and comments from the audience. In this webinar, we explore the latest developments in OT cybersecurity regulations, standards and guidance worldwide and what these developments mean for industries navigating this complex landscape.

If you would like to read more, I recommend the brand new, multi-national Principles of OT Security – it’s good, and with only 9 pages of payload, it’s an easy read over the holidays.

These are my top 3. If you would like to see even more of our videos, I encourage you to subscribe to the Waterfall Youtube channel where we upload new videos regularly.

Groundbreaking OT Security Guidance

February 5, 2026

Applying the New NCSC / CISA Guidance

January 20, 2026

IT/OT Cyber Theory: Espionage vs. Sabotage

January 6, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post Andrew Ginter’s Top 3 Webinars of 2024 appeared first on Waterfall Security Solutions.

HERA – The New Standard for Hardware-Enforced Remote Access

Waterfall team — Tue, 16 Jul 2024 07:31:13 +0000

OT Insights CenterHERA – The New Standard for Hardware-Enforced Remote Access

HERA – The New Standard for Hardware-Enforced Remote Access

Software-Only Security is No Longer Enough

Every month, a new critical vulnerability is announced in major VPN and firewall providers. If your remote access relies entirely on software, you’re one stolen credential or zero-day exploit away from a total OT network compromise. As CISA recently warned, critical infrastructure requires something stronger than a password and an encrypted tunnel.

The Solution: Hardware-Enforced Remote Access (HERA)

In this exclusive technical deep dive, Waterfall Security experts – joined by industry veterans Jim McGlone (ASP) and Greg Hale (ISS Source) – unveil a paradigm shift in secure remote access.

What You Will Learn:

Beyond the VPN: Why traditional software mediated access (Jump hosts, VPNs, Firewalls) fails against modern ransomware.
The “Physics” of Security: How HERA’s hardware-based logic physically prevents attack propagation, even if credentials are stolen.
Maintaining Operational Continuity: How to provide vendors and remote teams full-featured access (RDP, SSH, Web) without risking the OT network.
Real-World Tactics: A roadmap for transitioning your critical sites to hardware-enforced protection.

Industrial networks are more connected than ever, making them “attractive targets” for nation-state actors and ransomware gangs. This session provides a practical, engineering-grade solution to the industry’s most pressing problem: How do we provide access without providing a path for an attack?

Originally recorded as a live launch event, this technical deep-dive remains the definitive guide to the architecture and hardware logic behind the HERA platform.

What attacks have been breaching 2FA, VPNs and other conventional “secure” remote access solutions?

How these attacks and risks are neutralized by hardware enforcement

How HERA contributes to strong OT network segmentation and physical segmentation requirements

Examples of how HERA can be used day-to-day in an industrial setting

Expert Panelists

Andrew Ginter

VP Industrial Security at Waterfall Security Solutions

Greg Hale

Editor/Founder at ISSSource and co-author of the annual Waterfall / ICS Strive Threat Report

Jim McGlone

CTO at Automation, Strategy & Performance and co-author of the highly-regarded Security PHA Review text

Ships Re-Routed, Ships Run Aground

January 6, 2026

New CISA, CCCS et al Alert | Advice on Pro-Russian Hacktivists Targeting

January 6, 2026

Securing Data Center OT Networks

January 5, 2026

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

The post HERA – The New Standard for Hardware-Enforced Remote Access appeared first on Waterfall Security Solutions.

Webinar: Cyber-securing Safety and Equipment Protection Systems in Mining

Waterfall team — Wed, 01 May 2024 08:16:00 +0000

OT Insights Center Metals & MiningWebinar: Cyber-securing Safety and Equipment Protection Systems in Mining

Webinar: Cyber-securing Safety and Equipment Protection Systems in Mining

Join us on May 29th, with 2 live webinar sessions at 9:00 AM Singapore time, and 11:00 AM New York time.

Safety is the top priority in almost all mines, and reliable, efficient physical operations are close seconds. Cybersecurity is essential to all these priorities, in a world where automation is remotely accessible and where many mines are the targets of threats from sophisticated ransomware criminals to nation states. In addition, the trend towards cloud computing and cloud-based predictive maintenance services complicates cybersecurity and expands attack opportunities.

The good news is that Cyber-Informed Engineering (CIE) offers a new engineering-friendly approach to understanding and addressing cyber threats that have the potential to impair worker safety and damage long-lead-time equipment.

Join our webinar on Wednesday May 29th where we'll look at:

The latest cyberattack outage data as we introduce CIE and dig into consequences, blind spots, electro-mechanical mitigations, and network engineering.

Comparing engineering-grade designs to IT-grade designs such as “secure” remote access and “secure” by design initiatives – these IT-grade approaches work well for small shoe factories, but have serious limitations in the most consequential mining networks.

We’ll finish with a look at advanced topics – such as data abstraction for safer cloud-based remote control of mining operations.

About the Speaker

Andrew Ginter, Waterfall VP Industrial Security

Andrew Ginter is the most widely-read author in the industrial security space, with over 20,000 copies of his first two books in print. He is a trusted advisor to the world's most secure industrial enterprises, and contributes regularly to industrial cybersecurity standards and guidance.

Register Now

The post Webinar: Cyber-securing Safety and Equipment Protection Systems in Mining appeared first on Waterfall Security Solutions.

Webinar: The Top 10 OT/ICS Cyberattacks of 2023

Waterfall team — Sun, 19 Nov 2023 12:53:41 +0000

OT Insights CenterWebinar: The Top 10 OT/ICS Cyberattacks of 2023

Webinar: The Top 10 OT/ICS Cyberattacks of 2023

Join our webinar for an in-depth look at the most novel, notorious and impactful cyber incidents of 2023 on critical infrastructure around the globe.

Join us on December 13, 2023, 11AM Eastern Time

As 2023 winds down it’s only natural to take stock of what happened and plan to make things better in the new year. For those of us who live and breathe OT or ICS cybersecurity, what better way to end the year than with an in-depth look at the most novel, notorious and impactful cyber incidents on critical infrastructure, industrial controls systems, and physical operations around the globe.

In a webinar on Wednesday December 13th, Rees Machtemes takes us through:

What happened in 2023?

How do this year’s incidents (thus far) compare with the past?

What does this tell us about what we expect in the near future?

What are 2023’s developments on the latest and most effective ways to prevent such incidents?

About the Speaker

Rees Machtemes, P.Eng.

Rees Machtemes is a Director of Industrial Security at Waterfall Security Solutions, and the lead researcher for Waterfall’s 2024 Threat Report. He is a professional engineer with 15 years of hands-on experience with both IT and OT systems. Rees has designed power generation and transmission substations, automated food and beverage plant, audited and tested private and government telecom solutions, and supported IT data centers and OT hardware vendors. This experience has led him to champion cyber-safe systems design and architecture.

An obsessive tinkerer and problem-solver, you’ll often spot him next to a soldering station, mechanic’s toolbox, or stack of UNIX servers. He holds a B.Sc. in Electrical Engineering from the University of Alberta.

Register Now

The post Webinar: The Top 10 OT/ICS Cyberattacks of 2023 appeared first on Waterfall Security Solutions.

webinar – Waterfall Security Solutions

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

The Top 10 OT-Capable Malware: What We’ve Learned and What Comes Next

Watch the webinar for an in-depth look at the data behind how OT-capable malware has changed over the last 15 years, what's driving this change and how our defenses should evolve to tackle these threats.

In this webinar Andrew Ginter takes us through:

About the Speaker

Andrew Ginter

Share

Trending posts

Stay up to date

Tags

13 Ways to Break a Firewall (and alternatives for OT security)

13 Ways to Break a Firewall (and alternatives for OT security)

Firewalls are a go-to for OT security—but how much protection do they really offer? In this webinar, we explore 13+ real-world attack scenarios that defeat firewalls, show where firewalls fall short, and share smarter, stronger alternatives for securing industrial systems.

In this webinar Andrew Ginter takes us through:

About the Speaker

Andrew Ginter

Share

Trending posts

Stay up to date

Tags

Building a Game Plan for OT Remote Access

Building a Game Plan for OT Remote Access

Watch the webinar where we’ll provide an overview of the current landscape of OT remote access solutions and help you make the right decision for your OT network.

In this webinar Andrew Ginter takes us through:

Watch the webinar as we "fly low and fast" - in 60 minutes see all the options in one place, and where and why each one makes sense, with concrete examples.

Andrew Ginter

Share

Trending posts

Stay up to date

Tags

Unpacking the 2025 OT Cyber Threat Report

Unpacking the 2025 OT Cyber Threat Report

Watch the webinar where we’ll dive deep into the findings of the most credible report in the OT Security industry.

In this webinar Andrew Ginter and Greg Hale take us through:

About the speakers

Andrew Ginter

Greg Hale

Trending posts

Stay up to date

Tags

Share

Andrew Ginter’s Top 3 Webinars of 2024

Andrew Ginter’s Top 3 Webinars of 2024

Discover Andrew Ginter’s top picks for the most insightful and engaging webinars of 2024, covering key trends and strategies in industrial security.

Andrew Ginter

My Top Three Webinars of 2024:

1) Cyber Attacks with Physical Consequences – 2024 Threat Report

2) IEC 62443 for Power Generation

3) Evolving Global OT Cyber Guidelines

Share

Trending posts

Stay up to date

Tags

HERA – The New Standard for Hardware-Enforced Remote Access

HERA – The New Standard for Hardware-Enforced Remote Access

Software-Only Security is No Longer Enough

Expert Panelists

Andrew Ginter

Greg Hale

Jim McGlone

Share

Trending posts

Stay up to date

Tags

Webinar: Cyber-securing Safety and Equipment Protection Systems in Mining

Webinar: Cyber-securing Safety and Equipment Protection Systems in Mining

Join us on May 29th, with 2 live webinar sessions at 9:00 AM Singapore time, and 11:00 AM New York time.

Join our webinar on Wednesday May 29th where we'll look at:

About the Speaker

Andrew Ginter, Waterfall VP Industrial Security

Share

Register Now

Webinar: The Top 10 OT/ICS Cyberattacks of 2023

Webinar: The Top 10 OT/ICS Cyberattacks of 2023

Join our webinar for an in-depth look at the most novel, notorious and impactful cyber incidents of 2023 on critical infrastructure around the globe.

In a webinar on Wednesday December 13th, Rees Machtemes takes us through:

About the Speaker

Rees Machtemes, P.Eng.

Share