OT Security
Key Differences Between Zero Trust OT Security and Traditional IT Security
How is Zero Trust for OT Security Different from Traditional IT Security? Zero Trust for operational technology (OT) security differs significantly from traditional IT security models in several ways. Here are some key differences: Security Method Traditional IT Security Zero Trust OT Security Trust Model – Assumes that everything inside the network can be trusted.…
Read MoreImproving Cyber Physical Security
Introduction This is the podcast audio, highlights, and key insights from a Lunch and Learn session about the importance of improving cyber-physical security in building automation systems, highlighting the challenges and solutions in the industry. The event was hosted by KMC Controls. Podcast Audio – Improving Cyber-Physical Security Your browser does not support the audio…
Read MoreDNP3 Security Risks
DNP3 Cybersecurity Risks DNP3 (Distributed Network Protocol version 3) is a widely used communications protocol for industrial control systems (ICS) and supervisory control and data acquisition (SCADA) systems. While DNP3 provides several features designed to enhance the reliability and efficiency of communication between control devices and data acquisition systems, it also poses certain security risks,…
Read MoreIncreasing Cyberattacks on Water Utilities
Water Utilities Cyberattacks Hacker groups from Russia, China, and Iran have all taken credit for recent cyberattacks on water utility companies in recent months, the EPA even warning smaller communities to take action. Water utility companies are on notice during federal inspections over the last year. Roughly 70% of them violated standards meant to prevent…
Read MoreIncreased Number of Cyber Exposed OT/ICS Devices
Exposed OT/ICS Devices Recent data from several tracking sources indicates there has been an increase in the number of public IP addresses with accessible devices using standard OT/ICS protocols – BACnet, Modbus, Fox, Ethernet/IP, S7, and more. Data from three different sources – Censys, ShadowServer, and Shodan – give insight into the number of publicly…
Read MoreZero Trust OT Security – Stopping Cyber Attacks on Industrial Control Systems (ICS/OT/SCADA)
Watch this webinar replay of “Zero Trust OT Security – Stopping Cyber Attacks on Industrial Control Systems (ICS /OT/SCADA)” to learn about applying zero trust security at the device level. This webinar addresses the following topics: ICS cybersecurity standards Existing ICS security approaches Zero Trust and device-level implementation Cybersecurity for existing ICS devices Zero Trust…
Read MoreZero Trust – A Virtual Air Gap for OT Security
Air-gapping computer and operational technology (OT) networks is a long-established method of protecting sensitive information and reducing the risk of operational disruption. A growing trend has been to provide connectivity from these networks to the Internet for remote monitoring and control, real-time data, data analysis, predictive maintenance, improving inventory and resource management, achieving faster decision-making,…
Read MoreZero Trust for OT Security – Shields Up vs Damage Report
In the original and newer Star Trek episodes and movies, the captain would order “shields up” or “raise shields” prior to an attack to prevent damage to the USS Enterprise. The shields were some sort of force field of which the physics is never fully described. During or after an attack the captain would request…
Read MoreZero Trust for OT Security – Overcoming Legacy Device Security Gaps and Technical Debt
The proliferation of interconnected Operational Technology (OT) devices in critical infrastructure and industrial sectors has ushered in new opportunities for increased efficiency and automation. However, this digital transformation also brings forth significant cybersecurity challenges. Perimeter security is not a sufficient solution and legacy devices and systems often lack robust security measures, leaving critical infrastructure vulnerable…
Read MoreModbus Security Issues and How to Mitigate Cyber Risks
Modbus is a commonly used protocol for industrial control systems (ICS), SCADA systems, and operational technology (OT), and is used to establish communication between various devices in a network. Because Modbus-based industrial systems were deployed in isolated (air-gapped) environments, Modbus was designed for reliability, availability, and speed – not security. Therefore, the millions of Modbus…
Read More