Leveraging Tabletop exercises to Enhance OT security maturity
Has your organization tested its OT security incident response plan in the last 6 months? Do you remember when you last checked your institutional OT security awareness levels? Are your OT security programs running in compliance with IEC 62443? If your answer is no for any of the above questions, ... Read More
How to evaluate OT security program maturity
An OT security program can lead to better resource use, improved security operations, and tangible gains for the security posture of an OT operator. The benefits of running an OT security program include: At a fundamental level, an OT security program provides a strong foundation for an enterprise to adopt ... Read More
Launching a critical infrastructure security program in 4 phases
As per the Cybersecurity and Infrastructure Security Agency (CISA), threat actors were still leveraging brute force intrusions, default credentials, and other unsophisticated attack methods to target internet-exposed operational technology and industrial control systems of critical infrastructure organizations. Organizations that are running their ICS infrastructure without adequate visibility into their networks ... Read More
Simple yet essential cybersecurity strategies for ensuring robust OT security
At the heart of an OT security strategy lies the ability to clearly distinguish IT and OT security. Since both share tech, operational goals, and to some extent an enabling mission, it is easy to think of them as a single entity and worse – treat their security requirements in ... Read More
10 steps for reducing ICS asset risk exposure
The level of asset risks that OT operators are exposed to varies according to industries and the asset security management practices that they have adopted. Assets lie at the heart of almost every security measure an OT operator adopts. So it is essential to get your asset security strategy right ... Read More
Why is Chinese threat actor APT 41 in a tearing hurry?
Since June 1st 2024, Chinese frontline threat actor APT 41 has been linked to as many as 63 events globally. These include attacks on Taiwanese research agencies in August and attacks on the shipping and logistics, utilities, media and entertainment, technology, and automobile sectors in countries such as Taiwan, Thailand, ... Read More
Leveraging IEC 62443 for securing critical industrial assets
IEC 62443 is a gold standard when it comes to cybersecuring industrial infrastructure. In addition to that, a encrusted approach can be adopted using IEC 62443 and NIST CSF to provide an added layer of cybersecurity to critical assets. How can that be done, let’s find out. Three IEC 62443 ... Read More
ICS Security strategy for manufacturing
With increasing attacks on OT/ICS infrastructure and the rising need to secure industrial output, the focus on ICS security has never been greater. Beyond attacks, manufacturers are also reaping the benefits of higher asset and network visibility and zoning elsewhere. So how can manufacturers go about putting in place an ... Read More
Securing the OT supply chain, ensuring third-party vendors adhere to cybersecurity best practices
Third-party vendors and OEMs do have a significant role to play when it comes to the overall risk exposure of an enterprise. In complex ICS environments with multiple OEMs and point solutions, it is easy to lose track of hardware and application origin. This could lead to the emergence of ... Read More
Exploding pagers and the new face of asset-centric warfare
Attacks on critical infrastructure The explosion of the Soviet gas pipeline in 1982 was one of the first well-known instances of critical infrastructure being targeted through a software modification that contained a hidden malfunction. In this instance, the Soviets were stealing Western technology and the CIA slipped the flawed software ... Read More
