Industrial Control Systems Cybersecurity Blog

Industrial Control Systems Cybersecurity Blog

See the latest industrial control systems cybersecurity news and views from the Industrial Defender team.

A Guide to NIS Directive Compliance

Learn what the NIS Directive is, who it applies to, potential penalties for non-compliance and best practices for complying with the Directive.

NERC CIP Checklist for Identification and Categorization of BES Cyber Assets

NERC CIP 002-5.1a can be divided into three steps: identify systems, inventory assets, categorize risk. This can serve as a helpful model for approaching and maintaining compliance.


Webinar – Why Hasn’t SOAR Taken Off in OT?

Learn how to enable SOAR in your OT environment and gain access to contextual asset data in this webinar featuring Splunk.

Asset Visibility vs. Asset Management

Combining asset visibility and asset management results in robust asset awareness. Each is a distinct concept but relies upon the other to be effective.

How Contextual Asset Data Makes SOAR Possible in OT Environments

SOAR technologies are used to automate parts of the security investigation process, and access to the right contextual data is vital when using these tools in operational technology (OT) environments.

7 Questions to Ask When Choosing an OT Cybersecurity Solution

Matching individual needs with a specific OT cybersecurity solution is difficult. These seven questions will help inform the search for an OT cybersecurity solution.

How Quality Data Builds the Foundation for Machine Learning in Cybersecurity

Machine learning mimics the way humans make decisions using data and algorithms. Feeding the proper data to ML algorithms can help companies avoid falling victim to cyberattacks.

How to Ask Your CISO for OT Cybersecurity Budget

Tips for how operational technology (OT) engineers can engage with CISOs to make a strong case for their OT cybersecurity budget.

Defending the Industrial Internet of Things

The Industrial Internet of Things is creating a merging of OT and IT systems, leading to an increase in vulnerabilities and a greater need for asset monitoring and threat detection.

Understanding the Importance of Operational Technology Security in the Maritime Industry

Maritime operations are a critical aspect of national and global economies. The maritime sector must start educating themselves about operational technology security to prevent potential impacts from a cyber incident.


How to Navigate Operational Technology (OT) Cybersecurity in Port Environments

Learn how to manage the complexities of connected OT systems and their cybersecurity needs in port and marine environments.

Using the NIST CSF Security Controls to Prevent and Recover from Ransomware

How applying the Five Functions of NIST CSF, Identify, Protect, Detect, Respond, and Recover, can help organizations prevent or recover from a ransomware attack.

Colonial Testimony Highlights Importance of Asset Awareness

Testimony from CEO Joseph Blount shows that limited asset knowledge allowed for the ransomware exploit and constrained the company’s response.

Addressing Pipeline Cybersecurity Regulations: Lessons from NERC CIP

The Colonial Pipeline attack reflects weak pipeline cybersecurity. The NERC CIP consequence-driven analysis model provides a model for potential pipeline security regulations.


Webinar – Breaking Down TSA’s Cybersecurity Requirements for Pipeline Operators: What to Do Now

Learn what pipeline operators should do now to deal with this new Security Directive and satisfy TSA’s Pipeline Security Guidelines.

Meat Packing Giant JBS Hit with Cyberattack

Earlier this week, a targeted cyberattack hit JBS, a global meat processor, which resulted in the closure of several processing plants in the US and Australia.

DHS Issues Pipeline Cybersecurity Directive

The Department of Homeland Security (DHS) will soon issue cybersecurity regulations for the pipeline industry as a result of the Colonial Pipeline incident.


Industrial Defender Named Hot Company in OT Vulnerability Management by Cyber Defense Magazine in the Global InfoSec Awards

Industrial Defender has received the “Hot Company in Operational Technology Vulnerability Management” award from Cyber Defense Magazine (CDM).

Biden Extends Huawei Ban and Issues New Guidance on Improving Cybersecurity

On May 11, 2021, the Biden Administration issued an Executive Order aimed at strengthening both IT and OT cybersecurity in the United States.

A Tale of Two Buildings: Why Preparation Is Vital When Responding to a Cyber Attack

This theoretical scenario where an HVAC technician accidentally exposes customers’ building automation systems to a cyber attack shows the importance of incident response preparation.

How to Maintain a Cyber Secure Building Infrastructure

Building automation systems include the full scope of operational technology in large buildings. Learn the best practices for maintaining a cyber secure building infrastructure after it has been commissioned.

How to Overcome Vulnerability & Patch Management Challenges in Your OT Environment

OT environments present unique challenges for vulnerability and patch management. Learn more about these challenges and how to overcome them.

What Role Do Vendors Play in Building Automation System Cybersecurity?

Supporting building systems involves a cast of third-party vendors. Each must play a role in improving building automation system cybersecurity.

A Guide to NEI 08-09 Compliance for Nuclear Power Operators

Nuclear operators are subject to NEI 08-09 Cyber Security Plan for Nuclear Power Reactors compliance to protect the public from radiological sabotage resulting from a cyberattack.


Webinar – Squashing Spreadsheets: How to Orchestrate OEM Patch & Vulnerability Management

Learn how to automate your OEM patch & vulnerability monitoring processes to make smarter patching decisions in this webinar featuring FoxGuard Solutions.

Biden Administration Announces Plan for Electric System Cybersecurity

On April 20, 2021, the Biden Administration announced a new approach to address cybersecurity risks to safeguard critical energy infrastructure.

Video: Monitoring Building Management Systems with Industrial Defender and Splunk

Learn how to leverage Splunk and Industrial Defender to give IT teams and SOC analysts visibility into the traditionally hard to reach building management and building automation environments.

How to Establish Defense in Depth for Building Automation Systems

Establishing defense in depth to protect building management systems is critical, but tensions over cybersecurity between IT and Facilities can hinder cooperation.

TAP vs. SPAN in OT Environments

Access points for network visibility in OT environments are SPAN ports or network TAPs. Learn the differences between the two and when to use one over the other.


Webinar: What’s Hiding in Your Software? How SBOMs Reduce Supply Chain Risk

Learn how to read and understand a Software Bill of Materials (SBOM) to implement data-driven decisions around supply chain risk reduction.

What’s Behind Weak Smart Building Cybersecurity? People, Process & Technology Challenges

Weak smart building cybersecurity comes from increased connectivity and complex human factors which create a perfect storm of people, process and technology challenges.

The Expanding Cyber Threat Landscape in Smart Buildings

The expanding cyber threat landscape in building management systems makes them vulnerable to attack. This problem is widespread, mission-critical, and demands attention.

A Risk-Based Approach to Cybersecurity Without Cyber Hygiene Is a Fool’s Errand

A risk-based approach to cybersecurity without basic cyber hygiene is a fool’s errand because one cannot exist without the other.

Creating a Threat-Informed Defense with the MITRE ATT&CK for ICS Matrix

Using a real-life threat scenario, learn how to leverage diverse data collection methods to create a threat-informed defense with the MITRE ATT&CK for ICS Matrix.


Webinar: Are You Using MITRE ATT&CK for ICS Correctly?

Learn how ICS asset owners can leverage diverse data collection methods to create a threat-informed defense using the MITRE ATT&CK for ICS Matrix.

An Overview of CISA’s ICSA-21-056-03 Advisory for Rockwell Automation Logix Controllers

On February 25, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released ICS Advisory ICSA-21-056-03 related to vulnerabilities in Rockwell Automation Logix Controllers.


Industrial Defender and Technomak Partner to Secure Critical Infrastructure in the Middle East

Organizations in the Middle East will benefit from Industrial Defender’s comprehensive OT security and compliance platform as part of Technomak’s award-winning engineering services.

How a Security by Design Approach Might Have Stopped the Florida Water Facility HMI Attack

How using a security by design approach could have lessened the severity of the attack on the Florida water treatment facility or even prevented it altogether.

Summary of NERC CIP Requirements

A summary of NERC CIP requirements in Haiku poetry format, as an aid to remembering the subject area for each requirement.

Why Passive Network Monitoring Isn’t Truly “Passive”

The reasons why OT passive monitoring solutions are not truly passive and alternative cybersecurity and compliance technologies to consider.


Industrial Defender Launches CopilOT Service™ to Address Cybersecurity Talent Shortage for Critical Infrastructure Companies

CopilOT™ provides a specialized team of analysts to summarize security issues and recommend best practices, allowing internal teams to focus on strategic initiatives.

Florida Water Treatment Plant Hit With Cyber Attack

A recent cyber attack on a Florida water treatment plant further reinforces the need for proactive cybersecurity measures at critical infrastructure facilities.

What Is NERC CIP: The Ultimate Guide

An overview of how the North American Electric Reliability Corporation (NERC) came into existence and why CIP requirements have changed over the years

Managing Cybersecurity for Renewable Energy Resources

To address the climate crisis, the Biden Administration launched a major effort to expand renewable energy resources. Cybersecurity for these new additions to the grid will be critical.

How to Approach IoT Cybersecurity for Smart Buildings

IT and facility management teams must consider people, process and technology when addressing cybersecurity risks from the IoT in smart buildings.


Industrial Defender Establishes IT-OT Integration Lab to Virtually Research, Develop and Evaluate ICS Cybersecurity Technologies

The IT-OT Integration Lab eliminates traditional physical and economic barriers to experiencing ICS security technologies for Industrial Defender’s end users and trusted partners.


Webinar: Prioritizing Risk Mitigations for Renewable Energy Assets

This learning session will teach you how to perform an accurate cost/benefit analysis using OT asset data to prioritize risk remediations for renewable energy projects.


Industrial Defender and aDolus Partner to Secure ICS Supply Chain with Independent File Validation

aDolus and Industrial Defender announce a partnership to mitigate the risk of supply chain attacks in ICS environments.

What Does the National Maritime Cybersecurity Plan Mean for the MTS?

The National Maritime Cybersecurity Plan highlights the role of the MTS in national security and the supply chain and the need to keep it cyber resilient.

What Does the SolarWinds’ Sunburst Backdoor Mean for ICS?

While SolarWinds’ Sunburst backdoor is primarily an “IT problem”, what does it mean for ICS and supply chain security?

MITRE ATT&CK for ICS Matrix: What It Is and How Its Used

The MITRE ATT&CK for ICS Matrix helps security teams make their overall risk discussion more meaningful. This primer discusses what it is and how it’s used.

Cold Chain Cybersecurity Critical for Effective COVID-19 Vaccine Distribution

With the COVID-19 vaccine distribution right around the corner, it’s critical for stakeholders throughout the cold chain to put cybersecurity protections in place for refrigeration facilities.

Feature Focus: Building Management System (BMS) Security and Risk Monitoring

Preview threat detection features we’ve built into the Industrial Defender for building management systems (BMS), including risk scoring, security monitoring and network analytics.


Industrial Defender and FoxGuard Solutions Team Up to Transform Patch and Vulnerability Management for OT Security Teams

This partnership combines Industrial Defender’s depth and breadth of asset data collection with FoxGuard’s ability to report, acquire, validate and deploy vendor-approved patch and vulnerability information.

A Guide to Preventative and Detective Controls for NERC CIP-013 Compliance

The NERC CIP-013 standard addresses cyber threats to the Bulk Electric System (BES) that come from third party vendors in the supply chain.

Top 5 ICS Security Best Practices

Industrial control systems (ICS) are the heart of our world’s critical infrastructure and must be protected. These are 5 ICS security best practices to consider.


Industrial Defender and Waterfall Security Solutions Partner to Safely Transmit Cybersecurity Data in Operational Technology Environments

This partnership combines Industrial Defender’s deep expertise in operational technology (OT) data collection and normalization with Waterfall’s industry-leading Unidirectional Gateways to secure OT environments.

Feature Focus: Asset Risk Scoring Methodology & Netflow Application

Preview the new asset risk scoring and Netflow features in Industrial Defender 7.3. Each OT endpoint automatically receives an overall asset risk score calculated using threat vectors including security events, compliance status, vulnerabilities and health. The methodology we use is completely transparent and allows users to choose the threat vectors that matter most to them. Our Netflow app lets you drill into asset status and communications at a glance to better understand your passive network monitoring data.

How to Apply the NIST Cybersecurity Framework in ICS

The NIST Cybersecurity Framework is the most popular framework in use today. Learn how to apply the NIST CSF in ICS environments and demonstrate cyber risk reduction.

Establishing OT Cybersecurity Fundamentals with the CIS Controls

The CIS Controls help security practitioners build the foundation of a sound OT cybersecurity program. Learn what these controls are and how they can benefit you.

Making Smarter Risk Management Decisions with OT Endpoint Data

Industrial control system environments pose unique risk management challenges. Having accurate OT endpoint data is critical to make smarter decisions.

4 Benefits of Implementing a Cybersecurity Solution for Building Management Systems

Cyber threats and vulnerabilities in critical building management systems are increasing every year. Learn why you should implement a cybersecurity solution.


Industrial Defender Strengthens OT Asset Anomaly Detection Platform and Assisted Passive Network Monitoring Engine to Automate Risk Quantification and Reporting

Industrial Defender announces enhancements to their ASM product, including automated risk scoring for operational technology (OT) assets, new Assisted Passive Monitoring (APM) technology, and simplified executive-level NIST CSF reporting.

CodeMeter Vulns: Why Complete Software Inventory Data Is Critical for ICS

CodeMeter is a software licensing program that is a critical component to the operation of many ICS. Severe vulnerabilities were recently found in this program.


Industrial Defender Announces Strategic Partnership with DeNexus

Industrial Defender and DeNexus announce a strategic partnership to mitigate cybersecurity risk in mission-critical networks across the world.

CVE-2020-1350 “Wormable” Flaw in Microsoft Windows Server Could Cause Major Issues for ICS/OT World

Every Microsoft Windows Server OS back to 2003 is impacted by CVE-2020-1350. Even worse, it’s being a called a “wormable” flaw, meaning it can transmit system to system all by itself. No emails, no user interaction, just good old fashioned TCP/IP.

Video: How To Monitor High-Value OT Assets in Microsoft Power BI

Learn how to leverage Microsoft Power BI and Industrial Defender for executive level dashboarding, high-value asset identification and enhanced insight into OT operations.

Video: OT SOC Enablement with Splunk

Learn how Industrial Defender can assist CISOs with their IT/OT convergence and SOC operational strategies, and help SOC Analysts and ICS Engineers quickly diagnose security events.

DefenderSphere 2020 – Mapping the ICS Market

The world of industrial control systems is very complex. As you are already aware, there is no silver bullet for managing and securing ICS environments. At Industrial Defender, our belief is that knowing what (and who) you have in your environment is key to solving these challenges, and that is why we created the DefenderSphere.

Video: Deploying Industrial Defender Agents on ICS and SCADA Systems (Part 2)

Learn how Industrial Defender overcomes complex endpoint ICS and SCADA system asset visibility challenges including data diodes, unsupported protocols, and air-gapped operations.

Video: Deploying Industrial Defender Agents on ICS and SCADA Systems (Part 1)

Learn how Industrial Defender’s agents can be deployed on any ICS or SCADA system environment, regardless of endpoint type or granularity of network segmentation, and the steps our experts recommend taking when tackling an OT security improvement project.

Video: Integrating 3rd Party Monitoring Tools with Industrial Defender

Learn how Industrial Defender integrates with 3rd party applications like Splunk, ServiceNow & IBMQRadar in order to share ICS security data with more members of your security team.

Operationalizing Cyber Programs for Industrial Control Systems – 5 Real World Use Cases

Learn how Industrial Defender executes ICS cybersecurity monitoring and compliance programs in the natural gas, electrical distribution and chemical processing industries in these 5 real world use cases.

Podcast: CTO Phil Dunbar Talks About the Return of Industrial Defender on the Waterfall ICS Security Podcast

In this edition of the Waterfall ICS Security podcast, CTO Phil Dunbar talks about the birth and rebirth of Industrial Defender with Andrew Ginter, Waterfall’s VP Industrial Security.

Video: Scanless Vulnerability Monitoring for ICS Environments

Learn how Industrial Defender ASM® protects against ICS vulnerabilities in a new way in this 5-minute demonstration by Peter Lund, Director of Product Management at Industrial Defender.


Teleo Capital Completes Acquisition of Industrial Defender from CapGemini America

Teleo Capital Management announces the acquisition of the Automated System Management (ASM) product platform and related products company Industrial Defender from CapGemini America.

Introducing Industrial Defender ASM 7.1 with New Passive Monitoring Capabilities

Industrial Defender has integrated passive monitoring technology into our already capable Network Intrusion Detection Sensor (NIDS) making ASM the single most comprehensive vendor for active and passive views into your ICS environment.

Critical Infrastructure targeted by Russian Government Cyber Activity

The Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) – TA18-074A providing information on Russian government actions targeting U.S. critical infrastructure organizations including energy, nuclear, water, aviation and critical manufacturing sectors.