IT/OT

Cybersecurity advice for industrial networks

Cybersecurity advice for industrial networks

Cybersecurity Insights There is a greater risk of cybersecurity attack against operational technology (OT) targets as machines become integrated with information technology (IT) systems. Consulting with subject matter experts (SMEs) and system integrators who are […]

Courtesy: Brett Sayles

Cybersecurity Roundtable: IT and OT compliance

IT and OT Insights IT and OT should be assessed differently from one another. However, if there is a set list of tasks to do with them working together, it must get done, which allows […]

Courtesy of CFE Media and Technology

Assessing ransomware risk in IT and OT environments

Cybersecurity insights Ransomware is a type of cyberattack where a threat actor steals data from a company and holds it for ransom — although companies have been known to pay the ransom and get nothing […]

IT/OT convergence

How OT asset visibility enables effective threat detection

Solid asset management sits at the foundation of all cybersecurity activities. Enumerating assets into a solid inventory, tracking their current state – including configurations and versions deployed, and mapping their relationships all go a long […]

Back door to a building.

IBM Data Breach Report shows costs are rising

Cybersecurity insights The 2021 IBM Security Data Breach Report outlines key factors contributing to the rising costs of data breaches for industries all over the world. Health care has continued to be the most affected […]

Courtesy: Brett Sayles

What’s behind the IT/OT divide?

As cybersecurity risk and complexity continue to grow, how is the long-standing gap between IT and OT evolving? Dragos asked four industrial security leaders that question and more in our recent webinar, What’s Behind the […]

Courtesy: Brett Sayles

Improving your OT cybersecurity posture

The White House issued a statement by President Biden urging the critical infrastructure community to immediately strengthen their defenses based on their evolving understanding of Russian intent to use cyber attacks. Many of our customers are […]

Courtesy of: Verve Industrial

Four benefits of OT endpoint security asset management

In information technology (IT), organizations have options to choose from to discover and aggregate asset information. In operation technology (OT), security asset management – discovery, inventory, risk evaluation, etc. – is more difficult given the […]

Courtesy: CFE Media

Adapting XDR for OT cybersecurity

Chief information security officers (CISOs) and directors of cybersecurity at industrial organizations continue to be frustrated at the challenge of applying core information technology (IT) security principles to operational technology (OT) environments. This runs the […]

Image courtesy: Brett Sayles

EDR/MDR alternative for OT systems

To effectively combat pervasive cyberthreats like ransomware, organizations need to centralize their detection and response efforts. Oftentimes, they will turn to an endpoint detection and response (EDR) tool or managed detection and response (MDR) to achieve […]

Courtesy: Brett Sayles

Operational technology risk assessments and cybersecurity principles

Assessing and monitoring the security of operation technology (OT) systems can be aided by conducting an OT cybersecurity threat risk assessment (TRA). The process is fundamental to the protection of OT/critical infrastructure (CI) and key resources […]

Courtesy: CFE Media

Using defensive deception to prevent IT/OT manufacturing threats

Protecting information technology (IT) and operational technology (OT) networks is crucial to safeguarding the manufacturing industry. As part of the SecureAmerica’s Institute’s (SAI) nationwide initiative to empower the U.S. manufacturing enterprise, SAI and partners at […]

Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are some great places to start.

Operational technology risk assessments and security reviews

Protecting key resources and critical infrastructure (CI), such as healthcare, finance, transportation, telecommunications, energy, and water/wastewater is essential to security, public health and safety, economic vitality and our overall way of life. Recent ransomware attacks, […]

Log4j: Panic or lesson? How to protect deployed assets

Log4j: Panic or lesson? How to protect deployed assets

Nearly every week, the cybersecurity community buzzes around a newly discovered vulnerability or breach. December’s alert for the CVE-2021-4428 vulnerability in Apache Foundation’s Log4j software is no different. Also known as the Log4Shell vulnerability, it is present […]

A lightbulb

What you need to know about the NERC CIP standards

The NERC CIP standards are the mandatory security standards that apply to entities that own or manage facilities that are part of the U.S. and Canadian electric power grid. They were initially approved by the Federal […]

Five steps for OT endpoint security success

Five steps for OT endpoint security success

Operational technology (OT) has become a heightened target for cybersecurity attacks. The need to address OT cyber risks has never been greater. New threats are emerging every day – both targeted as well as untargeted […]

Image courtesy: CFE Media and Technology

The future of OT cybersecurity’s regulatory era

On July 20, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) and the Transportation Security Administration (TSA) sent a directive to the owner/operators of critical pipelines in the United States clarifying and further defining the initial […]

Image courtesy: Brett Sayles

Getting buy-in: Tips on presenting cybersecurity to the boardroom

As industrial cybersecurity and critical infrastructure breaches mount, senior information security officers (SISOs), information technology (IT) directors, heads of engineering and others who lead cybersecurity initiatives are increasingly required to explain their cyber risks and […]

The line between information technology (IT) and operational technology (OT) is blurred when OT data is used for further analysis and each side has different priorities, focuses and basic needs, which can complicate matters. Open communication is a must when using OT data. Courtesy: Moxa

Decoding OT data secrets

Amidst the COVID-19 pandemic, system integrators in the industrial sector moved toward one of the most influential changes in recent history, industrial digital transformation (industrial DX). However, before engaging, it is important to understand what […]

Figure 1: Cutting connections is only part of maintaining a sterile environment. There are many other paths into what is supposedly an isolated infrastructure. Courtesy: Tenable

Beware of accidental convergence

Modern industrial and critical infrastructure organizations rely on the operational technology (OT) environment to produce their goods and services. Beyond traditional information technology (IT) operations that use servers, routers, PCs and switches, these organizations also […]

Figure 2: Merging aspects of IT and OT systems requires designers to understand the distinct properties of each so they can craft a security and system design. Courtesy: Tesco

Cybersecurity demands coordinated tactics

Current industrial automation and control system (IACS) technology uses a blend of traditional control hardware and software with commercial off-the-shelf (COTS) information technology (IT) components (see Figure 1). This allows system designers to leverage an […]

Figure 1: Asset visibility and network monitoring. Courtesy: Velta Technology

What OT teams can learn from IT teams

Information technology (IT) and operational technology (OT) teams have historically been separated over the years — and for good reason. Their priorities are different. Their approaches and processes are different. They inhabit different worlds of […]

A guide to NIS Directive compliance

A guide to NIS Directive compliance

What is the NIS Directive? As part of the EU cybersecurity strategy, the European Commission first proposed the EU Network and Information Security (NIS) Directive in 2016, which was the first piece of EU-wide cybersecurity legislation. […]

Managing IT/OT systems and asset inventory tips

Managing IT/OT systems and asset inventory tips

Convergence between information technology (IT) and operational technology (OT) networks requires a wide approach in order to ensure proper visibility and security. The need to control OT processes to optimize business has led to a […]

Seven questions to ask when choosing an OT cybersecurity solution

Seven questions to ask when choosing an OT cybersecurity solution

Cyberattacks against industrial control systems (ICS) are growing in number and sophistication each year. The potential financial impacts from these attacks are growing in parallel. Major attacks, like the Colonial Pipeline and JBS meat plant incidents, have served as […]

Courtesy: Brett Sayles

Asset visibility vs. asset management

More than two thousand years ago, ancient tactician Sun Tzu famously observed that, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” While the world looks […]

Image of IT/OT convergence on a control panel

Five things IT can learn from OT about cybersecurity

It’s no secret that industrial organizations are at the forefront of cybersecurity attacks. A recent report by IBM X-force revealed the manufacturing industry jumped from the eighth most targeted industry to the second most targeted […]

Three ways to ask a CISO for an OT cybersecurity budget

Three ways to ask a CISO for an OT cybersecurity budget

There have been many papers and blogs written recently about how to ask your chief information security officer (CISO) for a cybersecurity budget or how operational technology (OT) personnel should engage with CISOs to ensure […]

Courtesy: Chris Vavra, CFE Media and Technology

System integrators’ role in the OT cybersecurity crisis

Whether it’s the shift toward remote work or the growing importance of digital business, trends that have been around for years have only been accelerated by the COVID-19 pandemic. This holds true for the digital […]

Courtesy: CFE Media

How to solve legacy OT security challenges

In the course of everyday life, many of the decisions we make about information technology (IT) in a business context are simpler than they may seem at first glance. If people are buying mobile phones […]

Securing OT in remote working conditions

Securing OT in remote working conditions

As organizations have been forced to transition to remote working, security professionals tasked with defending critical infrastructure and operational technology (OT) systems have been presented a broad set of challenges. New business measures, many of […]

Image contains wires plugged into a digital device.Image courtesy: Brett Sayles

How the EU Machinery Directive will change regulation

The Machinery Directive 2006/42 /EC had not been revised for 15 years and clearly needed updating. And so, a written proposal for the new machinery regulation was issued on April 21, 2021. However, since we do […]

Verve Industrial CEO John Livingston discusses increasing industrial cybersecurity threat

Four key steps to help your organization achieve IT/OT convergence

In many industrial organizations, information technology (IT) and operational technology (OT) teams are from different planets. They have separate objectives, priorities, skills, metrics and even language. IT/OT convergence, or better said “connected industries,” requires these […]

The IT/OT convergence conundrum

The IT/OT convergence conundrum

What does information technology/operational technology (IT/OT) convergence mean? In the OT/IT cyber workspace, there are two types of companies – those seeking to converge and those that have never diverged. Both must change and both […]

Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are some great places to start.

An overlooked ICS cybersecurity gap for companies

Cyber attacks on critical infrastructure’s industrial control systems (ICS) are still on the rise due, for the most part, to the increase in cybercrime and geopolitical tensions – tensions that ironically were fueled by a […]

Courtesy: Velta Technology

What OT teams can learn from IT strategies and structure

IT (information technology) and OT (operational technology) teams have historically and traditionally been separated over the years – and for good reason. Their priorities are different. Their approaches and processes are different. They are truly […]

Hardening acts by remediating known vulnerabilities, by positioning the system to reject certain classes of attack, and by documenting system activities. Courtesy: Maverick Technologies

Six steps to improve computer hardening

Learning Objectives Hardening is a process whereby a computer is made more resistant to cyber intrusion from malicious attack and from accidental infection. Companies should update and patch their systems as often as they can. […]

Image courtesy: Brett Sayles

Cybersecurity management tips for an organization

Analysis performed by insurance carriers indicate that cyberattacks faced by manufacturing companies have grown by 30 times and technology companies by about 20 times since 2012. Within the last year, iconic companies from practically every […]

eBook: IT/OT Cybersecurity, The Great Divide

eBook: IT/OT Cybersecurity, The Great Divide

Featured articles in this eBook include stories on extending IT security to the plant floor, IT/OT collaboration driving digitalization and lessons learned from the SolarWinds attack.

Image courtesy: Brett Sayles

Six steps to an effective cybersecurity plan

A Wall Street Journal article discusses a new set of attacks on electrical distribution providers. These attacks have targeted providers too small to be NERC regulated but may serve a critical infrastructure such as dams […]

Courtesy: Verve Industrial

Benefits of OT system management for cybersecurity plans

One of the clearest “coming attractions” for operational technology (OT) is the application of traditional information technology (IT) systems or security management (ITSM) into the industrial controls environment. For nearly 20 years, IT teams have […]

A team of Penn State researchers has developed a new hardware security device that takes advantage of microstructure variations to generate secure keys. Courtesy: Jennifer McCann/Penn State University

Graphene used to make encrypted keys harder to hack

As more private data is stored and shared digitally, researchers are exploring new ways to protect data against attacks from bad actors. Current silicon technology exploits microscopic differences between computing components to create secure keys, […]

Courtesy: Moxa

How to ensure OT cybersecurity

Securing operational technology (OT) networks and increasing network durability are key to enhancing operational resilience, as OT network protection still lags information technology (IT) cybersecurity. This article explains the reasons behind the lag, how this gap manifests […]

SolarWinds’ impact on OT for manufacturers

SolarWinds’ impact on OT for manufacturers

The SolarWinds hack has been a major topic of discussion of late. The software is used to monitor applications and networks at thousands of companies and most importantly US Federal and State government departments and […]

Image courtesy: Brett Sayles

Keeping OT environments cybersecure

The convergence of information technology (IT) and operational technology (OT), the wider connectivity of OT with external networks, and the growing number of Industrial IoT (IIoT) devices, is helping to boost the efficiency of industrial […]

Image courtesy: Brett Sayles

How to protect marine renewable energy devices from cyberattacks

As marine renewable energy (MRE) developers prepare to deploy these technologies, efforts are underway to guard against cybersecurity threats that could threaten the function of a device and connected systems. Pacific Northwest National Laboratory (PNNL) created […]

Securing OT systems from cybersecurity attacks

Securing OT systems from cybersecurity attacks

As the technologies to bridge the divide between the worlds of information technology (IT) and operational technology (OT) within a plant have become more established, the digitalization of businesses has accelerated. The goal of this […]

Image courtesy: Brett Sayles

The challenge of securing all network edges

Hybrid networks, multi-cloud, Internet of Things (IoT), remote work and digital innovations are all driving more distributed networks and a much more expansive attack surface. The network perimeter that used to be so clearly defined now extends […]

Understand the cyber-attack lifecycle

Understand the cyber-attack lifecycle

A cyber kill chain provides a model for understanding the lifecycle of a cyber attack and helps those involved with critical infrastructure improve cybersecurity policies, technologies, training, and industrial control system (ICS) design. Learn 8 steps of one model.

The task of cybersecurity often falls to the IT department. But here are five questions every CISO should ask about OT cybersecurity.

How to protect embedded systems in OT cybersecurity

Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are two pieces of information that can help guide you when understanding cybersecurity issues for embedded devices and the never-ending […]

Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are some great places to start.

Protecting the chip industry supply chain from cyberattacks

Intellectual property (IP) is the lifeblood of today’s globally integrated microelectronics supply chain. Protecting confidential information is vital to electronics companies around the world. The industry’s central role in ensuring the national security and economic […]

Mitigating OT cybersecurity risks, enforcing best practices

Mitigating OT cybersecurity risks, enforcing best practices

Cybersecurity has become one of the most significant financial and reputational risks for an organization. Examples of the ever-increasing cybersecurity threats include: More than 22 government entities in Texas, Florida, Maryland and Georgia faced recent […]

The task of cybersecurity often falls to the IT department. But here are five questions every CISO should ask about OT cybersecurity.

Five questions every CISO should ask about OT cybersecurity

Who should be involved in the OT cybersecurity program? This is the first question for a reason. In many information technology (IT) organizations, the answer is clear. Security requires networking, endpoint, cloud, regulatory and other […]

Extend IT security to the plant floor

Extend IT security to the plant floor

Cybersecurity is critical as information technology (IT) and operations technology (OT) converge, which is the first step in making the transition between the two sides almost seamless.

Industrial control system (ICS) cybersecurity threats are increasing. A cybersecurity management system (CSMS) overviews the elements required for an organization to evaluate its current risks, how to address them and keep its CSMS updated. Claroty research shows 70% of cybersecurity vulnerabilities derive from the network. Courtesy: Claroty

Growing ICS vulnerabilities mandate prioritization

Learning Objectives ICS cybersecurity threats are increasing. Industrial networked devices, engineering workstation, remote sites may be sources of cybersecurity vulnerabilities. Standards and best practices, consistently applied, can decrease cybersecurity risk. It’s no secret information technology […]

Four tips on cybersecurity risk assessments

Four tips on cybersecurity risk assessments

It’s hard to know how much cybersecurity spending is enough to lower risk to an acceptable level. What is enough and what else is needed? A cybersecurity risk assessment (CRA) can help. Four tips are highlighted.

IT/OT

IT/OT collaboration must drive digitalization

Converging information technology (IT) and operations technology (OT) does little to move end-to-end digitalization forward. What makes digitalization really work is successful OT and IT collaboration and an understanding of what the other side needs. See 7 tips for smarter OT and IT collaboration.

Physical and cybersecurity are converging

Physical and cybersecurity are converging

The distinction between digital and physical cybersecurity is vanishing, and the risks associated with connectivity have accelerated the need for new security protections in all aspects of manufacturing.

Cybersecurity advice for industrial networks

Cybersecurity advice for industrial networks

Cybersecurity Insights There is a greater risk of cybersecurity attack against operational technology (OT) targets as machines become integrated with information technology (IT) systems. Consulting with subject matter experts (SMEs) and system integrators who are […]

Courtesy: Brett Sayles

Cybersecurity Roundtable: IT and OT compliance

IT and OT Insights IT and OT should be assessed differently from one another. However, if there is a set list of tasks to do with them working together, it must get done, which allows […]

Courtesy of CFE Media and Technology

Assessing ransomware risk in IT and OT environments

Cybersecurity insights Ransomware is a type of cyberattack where a threat actor steals data from a company and holds it for ransom — although companies have been known to pay the ransom and get nothing […]

IT/OT convergence

How OT asset visibility enables effective threat detection

Solid asset management sits at the foundation of all cybersecurity activities. Enumerating assets into a solid inventory, tracking their current state – including configurations and versions deployed, and mapping their relationships all go a long […]

Back door to a building.

IBM Data Breach Report shows costs are rising

Cybersecurity insights The 2021 IBM Security Data Breach Report outlines key factors contributing to the rising costs of data breaches for industries all over the world. Health care has continued to be the most affected […]

Courtesy: Brett Sayles

What’s behind the IT/OT divide?

As cybersecurity risk and complexity continue to grow, how is the long-standing gap between IT and OT evolving? Dragos asked four industrial security leaders that question and more in our recent webinar, What’s Behind the […]

Courtesy: Brett Sayles

Improving your OT cybersecurity posture

The White House issued a statement by President Biden urging the critical infrastructure community to immediately strengthen their defenses based on their evolving understanding of Russian intent to use cyber attacks. Many of our customers are […]

Courtesy of: Verve Industrial

Four benefits of OT endpoint security asset management

In information technology (IT), organizations have options to choose from to discover and aggregate asset information. In operation technology (OT), security asset management – discovery, inventory, risk evaluation, etc. – is more difficult given the […]

Courtesy: CFE Media

Adapting XDR for OT cybersecurity

Chief information security officers (CISOs) and directors of cybersecurity at industrial organizations continue to be frustrated at the challenge of applying core information technology (IT) security principles to operational technology (OT) environments. This runs the […]

Image courtesy: Brett Sayles

EDR/MDR alternative for OT systems

To effectively combat pervasive cyberthreats like ransomware, organizations need to centralize their detection and response efforts. Oftentimes, they will turn to an endpoint detection and response (EDR) tool or managed detection and response (MDR) to achieve […]

Courtesy: Brett Sayles

Operational technology risk assessments and cybersecurity principles

Assessing and monitoring the security of operation technology (OT) systems can be aided by conducting an OT cybersecurity threat risk assessment (TRA). The process is fundamental to the protection of OT/critical infrastructure (CI) and key resources […]

Courtesy: CFE Media

Using defensive deception to prevent IT/OT manufacturing threats

Protecting information technology (IT) and operational technology (OT) networks is crucial to safeguarding the manufacturing industry. As part of the SecureAmerica’s Institute’s (SAI) nationwide initiative to empower the U.S. manufacturing enterprise, SAI and partners at […]

Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are some great places to start.

Operational technology risk assessments and security reviews

Protecting key resources and critical infrastructure (CI), such as healthcare, finance, transportation, telecommunications, energy, and water/wastewater is essential to security, public health and safety, economic vitality and our overall way of life. Recent ransomware attacks, […]

Log4j: Panic or lesson? How to protect deployed assets

Log4j: Panic or lesson? How to protect deployed assets

Nearly every week, the cybersecurity community buzzes around a newly discovered vulnerability or breach. December’s alert for the CVE-2021-4428 vulnerability in Apache Foundation’s Log4j software is no different. Also known as the Log4Shell vulnerability, it is present […]

A lightbulb

What you need to know about the NERC CIP standards

The NERC CIP standards are the mandatory security standards that apply to entities that own or manage facilities that are part of the U.S. and Canadian electric power grid. They were initially approved by the Federal […]

Five steps for OT endpoint security success

Five steps for OT endpoint security success

Operational technology (OT) has become a heightened target for cybersecurity attacks. The need to address OT cyber risks has never been greater. New threats are emerging every day – both targeted as well as untargeted […]

Image courtesy: CFE Media and Technology

The future of OT cybersecurity’s regulatory era

On July 20, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) and the Transportation Security Administration (TSA) sent a directive to the owner/operators of critical pipelines in the United States clarifying and further defining the initial […]

Image courtesy: Brett Sayles

Getting buy-in: Tips on presenting cybersecurity to the boardroom

As industrial cybersecurity and critical infrastructure breaches mount, senior information security officers (SISOs), information technology (IT) directors, heads of engineering and others who lead cybersecurity initiatives are increasingly required to explain their cyber risks and […]

The line between information technology (IT) and operational technology (OT) is blurred when OT data is used for further analysis and each side has different priorities, focuses and basic needs, which can complicate matters. Open communication is a must when using OT data. Courtesy: Moxa

Decoding OT data secrets

Amidst the COVID-19 pandemic, system integrators in the industrial sector moved toward one of the most influential changes in recent history, industrial digital transformation (industrial DX). However, before engaging, it is important to understand what […]

Figure 1: Cutting connections is only part of maintaining a sterile environment. There are many other paths into what is supposedly an isolated infrastructure. Courtesy: Tenable

Beware of accidental convergence

Modern industrial and critical infrastructure organizations rely on the operational technology (OT) environment to produce their goods and services. Beyond traditional information technology (IT) operations that use servers, routers, PCs and switches, these organizations also […]

Figure 2: Merging aspects of IT and OT systems requires designers to understand the distinct properties of each so they can craft a security and system design. Courtesy: Tesco

Cybersecurity demands coordinated tactics

Current industrial automation and control system (IACS) technology uses a blend of traditional control hardware and software with commercial off-the-shelf (COTS) information technology (IT) components (see Figure 1). This allows system designers to leverage an […]

Figure 1: Asset visibility and network monitoring. Courtesy: Velta Technology

What OT teams can learn from IT teams

Information technology (IT) and operational technology (OT) teams have historically been separated over the years — and for good reason. Their priorities are different. Their approaches and processes are different. They inhabit different worlds of […]

A guide to NIS Directive compliance

A guide to NIS Directive compliance

What is the NIS Directive? As part of the EU cybersecurity strategy, the European Commission first proposed the EU Network and Information Security (NIS) Directive in 2016, which was the first piece of EU-wide cybersecurity legislation. […]

Managing IT/OT systems and asset inventory tips

Managing IT/OT systems and asset inventory tips

Convergence between information technology (IT) and operational technology (OT) networks requires a wide approach in order to ensure proper visibility and security. The need to control OT processes to optimize business has led to a […]

Seven questions to ask when choosing an OT cybersecurity solution

Seven questions to ask when choosing an OT cybersecurity solution

Cyberattacks against industrial control systems (ICS) are growing in number and sophistication each year. The potential financial impacts from these attacks are growing in parallel. Major attacks, like the Colonial Pipeline and JBS meat plant incidents, have served as […]

Courtesy: Brett Sayles

Asset visibility vs. asset management

More than two thousand years ago, ancient tactician Sun Tzu famously observed that, “If you know the enemy and know yourself, you need not fear the result of a hundred battles.” While the world looks […]

Image of IT/OT convergence on a control panel

Five things IT can learn from OT about cybersecurity

It’s no secret that industrial organizations are at the forefront of cybersecurity attacks. A recent report by IBM X-force revealed the manufacturing industry jumped from the eighth most targeted industry to the second most targeted […]

Three ways to ask a CISO for an OT cybersecurity budget

Three ways to ask a CISO for an OT cybersecurity budget

There have been many papers and blogs written recently about how to ask your chief information security officer (CISO) for a cybersecurity budget or how operational technology (OT) personnel should engage with CISOs to ensure […]

Courtesy: Chris Vavra, CFE Media and Technology

System integrators’ role in the OT cybersecurity crisis

Whether it’s the shift toward remote work or the growing importance of digital business, trends that have been around for years have only been accelerated by the COVID-19 pandemic. This holds true for the digital […]

Courtesy: CFE Media

How to solve legacy OT security challenges

In the course of everyday life, many of the decisions we make about information technology (IT) in a business context are simpler than they may seem at first glance. If people are buying mobile phones […]

Securing OT in remote working conditions

Securing OT in remote working conditions

As organizations have been forced to transition to remote working, security professionals tasked with defending critical infrastructure and operational technology (OT) systems have been presented a broad set of challenges. New business measures, many of […]

Image contains wires plugged into a digital device.Image courtesy: Brett Sayles

How the EU Machinery Directive will change regulation

The Machinery Directive 2006/42 /EC had not been revised for 15 years and clearly needed updating. And so, a written proposal for the new machinery regulation was issued on April 21, 2021. However, since we do […]

Verve Industrial CEO John Livingston discusses increasing industrial cybersecurity threat

Four key steps to help your organization achieve IT/OT convergence

In many industrial organizations, information technology (IT) and operational technology (OT) teams are from different planets. They have separate objectives, priorities, skills, metrics and even language. IT/OT convergence, or better said “connected industries,” requires these […]

The IT/OT convergence conundrum

The IT/OT convergence conundrum

What does information technology/operational technology (IT/OT) convergence mean? In the OT/IT cyber workspace, there are two types of companies – those seeking to converge and those that have never diverged. Both must change and both […]

Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are some great places to start.

An overlooked ICS cybersecurity gap for companies

Cyber attacks on critical infrastructure’s industrial control systems (ICS) are still on the rise due, for the most part, to the increase in cybercrime and geopolitical tensions – tensions that ironically were fueled by a […]

Courtesy: Velta Technology

What OT teams can learn from IT strategies and structure

IT (information technology) and OT (operational technology) teams have historically and traditionally been separated over the years – and for good reason. Their priorities are different. Their approaches and processes are different. They are truly […]

Hardening acts by remediating known vulnerabilities, by positioning the system to reject certain classes of attack, and by documenting system activities. Courtesy: Maverick Technologies

Six steps to improve computer hardening

Learning Objectives Hardening is a process whereby a computer is made more resistant to cyber intrusion from malicious attack and from accidental infection. Companies should update and patch their systems as often as they can. […]

Image courtesy: Brett Sayles

Cybersecurity management tips for an organization

Analysis performed by insurance carriers indicate that cyberattacks faced by manufacturing companies have grown by 30 times and technology companies by about 20 times since 2012. Within the last year, iconic companies from practically every […]

eBook: IT/OT Cybersecurity, The Great Divide

eBook: IT/OT Cybersecurity, The Great Divide

Featured articles in this eBook include stories on extending IT security to the plant floor, IT/OT collaboration driving digitalization and lessons learned from the SolarWinds attack.

Image courtesy: Brett Sayles

Six steps to an effective cybersecurity plan

A Wall Street Journal article discusses a new set of attacks on electrical distribution providers. These attacks have targeted providers too small to be NERC regulated but may serve a critical infrastructure such as dams […]

Courtesy: Verve Industrial

Benefits of OT system management for cybersecurity plans

One of the clearest “coming attractions” for operational technology (OT) is the application of traditional information technology (IT) systems or security management (ITSM) into the industrial controls environment. For nearly 20 years, IT teams have […]

A team of Penn State researchers has developed a new hardware security device that takes advantage of microstructure variations to generate secure keys. Courtesy: Jennifer McCann/Penn State University

Graphene used to make encrypted keys harder to hack

As more private data is stored and shared digitally, researchers are exploring new ways to protect data against attacks from bad actors. Current silicon technology exploits microscopic differences between computing components to create secure keys, […]

Courtesy: Moxa

How to ensure OT cybersecurity

Securing operational technology (OT) networks and increasing network durability are key to enhancing operational resilience, as OT network protection still lags information technology (IT) cybersecurity. This article explains the reasons behind the lag, how this gap manifests […]

SolarWinds’ impact on OT for manufacturers

SolarWinds’ impact on OT for manufacturers

The SolarWinds hack has been a major topic of discussion of late. The software is used to monitor applications and networks at thousands of companies and most importantly US Federal and State government departments and […]

Image courtesy: Brett Sayles

Keeping OT environments cybersecure

The convergence of information technology (IT) and operational technology (OT), the wider connectivity of OT with external networks, and the growing number of Industrial IoT (IIoT) devices, is helping to boost the efficiency of industrial […]

Image courtesy: Brett Sayles

How to protect marine renewable energy devices from cyberattacks

As marine renewable energy (MRE) developers prepare to deploy these technologies, efforts are underway to guard against cybersecurity threats that could threaten the function of a device and connected systems. Pacific Northwest National Laboratory (PNNL) created […]

Securing OT systems from cybersecurity attacks

Securing OT systems from cybersecurity attacks

As the technologies to bridge the divide between the worlds of information technology (IT) and operational technology (OT) within a plant have become more established, the digitalization of businesses has accelerated. The goal of this […]

Image courtesy: Brett Sayles

The challenge of securing all network edges

Hybrid networks, multi-cloud, Internet of Things (IoT), remote work and digital innovations are all driving more distributed networks and a much more expansive attack surface. The network perimeter that used to be so clearly defined now extends […]

Understand the cyber-attack lifecycle

Understand the cyber-attack lifecycle

A cyber kill chain provides a model for understanding the lifecycle of a cyber attack and helps those involved with critical infrastructure improve cybersecurity policies, technologies, training, and industrial control system (ICS) design. Learn 8 steps of one model.

The task of cybersecurity often falls to the IT department. But here are five questions every CISO should ask about OT cybersecurity.

How to protect embedded systems in OT cybersecurity

Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are two pieces of information that can help guide you when understanding cybersecurity issues for embedded devices and the never-ending […]

Many wonder where to start when attempting to protect embedded systems in OT cybersecurity? Here are some great places to start.

Protecting the chip industry supply chain from cyberattacks

Intellectual property (IP) is the lifeblood of today’s globally integrated microelectronics supply chain. Protecting confidential information is vital to electronics companies around the world. The industry’s central role in ensuring the national security and economic […]

Mitigating OT cybersecurity risks, enforcing best practices

Mitigating OT cybersecurity risks, enforcing best practices

Cybersecurity has become one of the most significant financial and reputational risks for an organization. Examples of the ever-increasing cybersecurity threats include: More than 22 government entities in Texas, Florida, Maryland and Georgia faced recent […]

The task of cybersecurity often falls to the IT department. But here are five questions every CISO should ask about OT cybersecurity.

Five questions every CISO should ask about OT cybersecurity

Who should be involved in the OT cybersecurity program? This is the first question for a reason. In many information technology (IT) organizations, the answer is clear. Security requires networking, endpoint, cloud, regulatory and other […]

Extend IT security to the plant floor

Extend IT security to the plant floor

Cybersecurity is critical as information technology (IT) and operations technology (OT) converge, which is the first step in making the transition between the two sides almost seamless.

Industrial control system (ICS) cybersecurity threats are increasing. A cybersecurity management system (CSMS) overviews the elements required for an organization to evaluate its current risks, how to address them and keep its CSMS updated. Claroty research shows 70% of cybersecurity vulnerabilities derive from the network. Courtesy: Claroty

Growing ICS vulnerabilities mandate prioritization

Learning Objectives ICS cybersecurity threats are increasing. Industrial networked devices, engineering workstation, remote sites may be sources of cybersecurity vulnerabilities. Standards and best practices, consistently applied, can decrease cybersecurity risk. It’s no secret information technology […]

Four tips on cybersecurity risk assessments

Four tips on cybersecurity risk assessments

It’s hard to know how much cybersecurity spending is enough to lower risk to an acceptable level. What is enough and what else is needed? A cybersecurity risk assessment (CRA) can help. Four tips are highlighted.

IT/OT

IT/OT collaboration must drive digitalization

Converging information technology (IT) and operations technology (OT) does little to move end-to-end digitalization forward. What makes digitalization really work is successful OT and IT collaboration and an understanding of what the other side needs. See 7 tips for smarter OT and IT collaboration.

Physical and cybersecurity are converging

Physical and cybersecurity are converging

The distinction between digital and physical cybersecurity is vanishing, and the risks associated with connectivity have accelerated the need for new security protections in all aspects of manufacturing.

SUBSCRIBE

GET ON THE BEAT

 

Keep your finger on the pulse of top industry news

RECENT NEWS
HACKS & ATTACKS
RESOURCES