Industrial Control Systems Cybersecurity Blog

Establishing defense in depth to protect building management systems is critical, but tensions over cybersecurity between IT and Facilities can hinder cooperation.

Access points for network visibility in OT environments are SPAN ports or network TAPs. Learn the differences between the two and when to use one over the other.

Learn how to read and understand a Software Bill of Materials (SBOM) to implement data-driven decisions around supply chain risk reduction.

Weak smart building cybersecurity comes from increased connectivity and complex human factors which create a perfect storm of people, process and technology challenges.

The expanding cyber threat landscape in building management systems makes them vulnerable to attack. This problem is widespread, mission-critical, and demands attention.

A risk-based approach to cybersecurity without basic cyber hygiene is a fool’s errand because one cannot exist without the other.

Using a real-life threat scenario, learn how to leverage diverse data collection methods to create a threat-informed defense with the MITRE ATT&CK for ICS Matrix.

Learn how ICS asset owners can leverage diverse data collection methods to create a threat-informed defense using the MITRE ATT&CK for ICS Matrix.

On February 25, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released ICS Advisory ICSA-21-056-03 related to vulnerabilities in Rockwell Automation Logix Controllers.

Organizations in the Middle East will benefit from Industrial Defender’s comprehensive OT security and compliance platform as part of Technomak’s award-winning engineering services.

How using a security by design approach could have lessened the severity of the attack on the Florida water treatment facility or even prevented it altogether.

A summary of NERC CIP requirements in Haiku poetry format, as an aid to remembering the subject area for each requirement.

The reasons why OT passive monitoring solutions are not truly passive and alternative cybersecurity and compliance technologies to consider.

ASM CopilOT™ provides a specialized team of analysts to summarize security issues and recommend best practices, allowing internal teams to focus on strategic initiatives.

A recent cyber attack on a Florida water treatment plant further reinforces the need for proactive cybersecurity measures at critical infrastructure facilities.

An overview of how the National Electric Reliability Council (NERC) came into existence and why CIP requirements have changed over the years

To address the climate crisis, the Biden Administration launched a major effort to expand renewable energy resources. Cybersecurity for these new additions to the grid will be critical.

IT and facility management teams must consider people, process and technology when addressing cybersecurity risks from the IoT in smart buildings.

The IT-OT Integration Lab eliminates traditional physical and economic barriers to experiencing ICS security technologies for Industrial Defender’s end users and trusted partners.

This learning session will teach you how to perform an accurate cost/benefit analysis using OT asset data to prioritize risk remediations for renewable energy projects.

aDolus and Industrial Defender announce a partnership to mitigate the risk of supply chain attacks in ICS environments.

The National Maritime Cybersecurity Plan highlights the role of the MTS in national security and the supply chain and the need to keep it cyber resilient.

While SolarWinds’ Sunburst backdoor is primarily an “IT problem”, what does it mean for ICS and supply chain security?

The MITRE ATT&CK for ICS Matrix helps security teams make their overall risk discussion more meaningful. This primer discusses what it is and how it’s used.

With the COVID-19 vaccine distribution right around the corner, it’s critical for stakeholders throughout the cold chain to put cybersecurity protections in place for refrigeration facilities.

Preview threat detection features we’ve built into the ASM for building management systems (BMS), including risk scoring, security monitoring and network analytics.

This partnership combines Industrial Defender’s depth and breadth of asset data collection with FoxGuard’s ability to report, acquire, validate and deploy vendor-approved patch and vulnerability information.

The NERC CIP-013 standard addresses cyber threats to the Bulk Electric System (BES) that come from third party vendors in the supply chain.

Industrial control systems (ICS) are the heart of our world’s critical infrastructure and must be protected. These are 5 ICS security best practices to consider.

This partnership combines Industrial Defender’s deep expertise in operational technology (OT) data collection and normalization with Waterfall’s industry-leading Unidirectional Gateways to secure OT environments.

Preview the new asset risk scoring and Netflow features in Industrial Defender ASM 7.3. Each OT endpoint automatically receives an overall asset risk score calculated using threat vectors including security events, compliance status, vulnerabilities and health. The methodology we use is completely transparent and allows users to choose the threat vectors that matter most to them. Our Netflow app lets you drill into asset status and communications at a glance to better understand your passive network monitoring data.

The NIST Cybersecurity Framework is the most popular framework in use today. Learn how to apply the NIST CSF in ICS environments and demonstrate cyber risk reduction.

The 20 CIS Controls help security practitioners build the foundation of a sound OT cybersecurity program. Learn what these controls are and how they can benefit you.

Industrial control system environments pose unique risk management challenges. Having accurate OT endpoint data is critical to make smarter decisions.

Cyber threats and vulnerabilities in critical building management systems are increasing every year. Learn why you should implement a cybersecurity solution.

Industrial Defender announces enhancements to their ASM product, including automated risk scoring for operational technology (OT) assets, new Assisted Passive Monitoring (APM) technology, and simplified executive-level NIST CSF reporting.

CodeMeter is a software licensing program that is a critical component to the operation of many ICS. Severe vulnerabilities were recently found in this program.

Industrial Defender and DeNexus announce a strategic partnership to mitigate cybersecurity risk in mission-critical networks across the world.

Every Microsoft Windows Server OS back to 2003 is impacted by CVE-2020-1350. Even worse, it’s being a called a “wormable” flaw, meaning it can transmit system to system all by itself. No emails, no user interaction, just good old fashioned TCP/IP.

Learn how to leverage Microsoft Power BI and Industrial Defender for executive level dashboarding, high-value asset identification and enhanced insight into OT operations.