Industrial Control Systems Cybersecurity Blog

Learn what the NIS Directive is, who it applies to, potential penalties for non-compliance and best practices for complying with the Directive.

NERC CIP 002-5.1a can be divided into three steps: identify systems, inventory assets, categorize risk. This can serve as a helpful model for approaching and maintaining compliance.

Learn how to enable SOAR in your OT environment and gain access to contextual asset data in this webinar featuring Splunk.

Combining asset visibility and asset management results in robust asset awareness. Each is a distinct concept but relies upon the other to be effective.

SOAR technologies are used to automate parts of the security investigation process, and access to the right contextual data is vital when using these tools in operational technology (OT) environments.

Matching individual needs with a specific OT cybersecurity solution is difficult. These seven questions will help inform the search for an OT cybersecurity solution.

Machine learning mimics the way humans make decisions using data and algorithms. Feeding the proper data to ML algorithms can help companies avoid falling victim to cyberattacks.

Tips for how operational technology (OT) engineers can engage with CISOs to make a strong case for their OT cybersecurity budget.

The Industrial Internet of Things is creating a merging of OT and IT systems, leading to an increase in vulnerabilities and a greater need for asset monitoring and threat detection.

Maritime operations are a critical aspect of national and global economies. The maritime sector must start educating themselves about operational technology security to prevent potential impacts from a cyber incident.

Learn how to manage the complexities of connected OT systems and their cybersecurity needs in port and marine environments.

How applying the Five Functions of NIST CSF, Identify, Protect, Detect, Respond, and Recover, can help organizations prevent or recover from a ransomware attack.

Testimony from CEO Joseph Blount shows that limited asset knowledge allowed for the ransomware exploit and constrained the company’s response.

The Colonial Pipeline attack reflects weak pipeline cybersecurity. The NERC CIP consequence-driven analysis model provides a model for potential pipeline security regulations.

Learn what pipeline operators should do now to deal with this new Security Directive and satisfy TSA’s Pipeline Security Guidelines.

Earlier this week, a targeted cyberattack hit JBS, a global meat processor, which resulted in the closure of several processing plants in the US and Australia.

The Department of Homeland Security (DHS) will soon issue cybersecurity regulations for the pipeline industry as a result of the Colonial Pipeline incident.

Industrial Defender has received the “Hot Company in Operational Technology Vulnerability Management” award from Cyber Defense Magazine (CDM).

On May 11, 2021, the Biden Administration issued an Executive Order aimed at strengthening both IT and OT cybersecurity in the United States.

This theoretical scenario where an HVAC technician accidentally exposes customers’ building automation systems to a cyber attack shows the importance of incident response preparation.

Building automation systems include the full scope of operational technology in large buildings. Learn the best practices for maintaining a cyber secure building infrastructure after it has been commissioned.

OT environments present unique challenges for vulnerability and patch management. Learn more about these challenges and how to overcome them.

Supporting building systems involves a cast of third-party vendors. Each must play a role in improving building automation system cybersecurity.

Nuclear operators are subject to NEI 08-09 Cyber Security Plan for Nuclear Power Reactors compliance to protect the public from radiological sabotage resulting from a cyberattack.

Learn how to automate your OEM patch & vulnerability monitoring processes to make smarter patching decisions in this webinar featuring FoxGuard Solutions.

On April 20, 2021, the Biden Administration announced a new approach to address cybersecurity risks to safeguard critical energy infrastructure.

Learn how to leverage Splunk and Industrial Defender to give IT teams and SOC analysts visibility into the traditionally hard to reach building management and building automation environments.

Establishing defense in depth to protect building management systems is critical, but tensions over cybersecurity between IT and Facilities can hinder cooperation.

Access points for network visibility in OT environments are SPAN ports or network TAPs. Learn the differences between the two and when to use one over the other.

Learn how to read and understand a Software Bill of Materials (SBOM) to implement data-driven decisions around supply chain risk reduction.

Weak smart building cybersecurity comes from increased connectivity and complex human factors which create a perfect storm of people, process and technology challenges.

The expanding cyber threat landscape in building management systems makes them vulnerable to attack. This problem is widespread, mission-critical, and demands attention.

A risk-based approach to cybersecurity without basic cyber hygiene is a fool’s errand because one cannot exist without the other.

Using a real-life threat scenario, learn how to leverage diverse data collection methods to create a threat-informed defense with the MITRE ATT&CK for ICS Matrix.

Learn how ICS asset owners can leverage diverse data collection methods to create a threat-informed defense using the MITRE ATT&CK for ICS Matrix.

On February 25, 2021, the Cybersecurity and Infrastructure Security Agency (CISA) released ICS Advisory ICSA-21-056-03 related to vulnerabilities in Rockwell Automation Logix Controllers.

Organizations in the Middle East will benefit from Industrial Defender’s comprehensive OT security and compliance platform as part of Technomak’s award-winning engineering services.

How using a security by design approach could have lessened the severity of the attack on the Florida water treatment facility or even prevented it altogether.

A summary of NERC CIP requirements in Haiku poetry format, as an aid to remembering the subject area for each requirement.

The reasons why OT passive monitoring solutions are not truly passive and alternative cybersecurity and compliance technologies to consider.

CopilOT™ provides a specialized team of analysts to summarize security issues and recommend best practices, allowing internal teams to focus on strategic initiatives.

A recent cyber attack on a Florida water treatment plant further reinforces the need for proactive cybersecurity measures at critical infrastructure facilities.

An overview of how the North American Electric Reliability Corporation (NERC) came into existence and why CIP requirements have changed over the years

To address the climate crisis, the Biden Administration launched a major effort to expand renewable energy resources. Cybersecurity for these new additions to the grid will be critical.

IT and facility management teams must consider people, process and technology when addressing cybersecurity risks from the IoT in smart buildings.

The IT-OT Integration Lab eliminates traditional physical and economic barriers to experiencing ICS security technologies for Industrial Defender’s end users and trusted partners.

This learning session will teach you how to perform an accurate cost/benefit analysis using OT asset data to prioritize risk remediations for renewable energy projects.

aDolus and Industrial Defender announce a partnership to mitigate the risk of supply chain attacks in ICS environments.

The National Maritime Cybersecurity Plan highlights the role of the MTS in national security and the supply chain and the need to keep it cyber resilient.

While SolarWinds’ Sunburst backdoor is primarily an “IT problem”, what does it mean for ICS and supply chain security?

The MITRE ATT&CK for ICS Matrix helps security teams make their overall risk discussion more meaningful. This primer discusses what it is and how it’s used.

With the COVID-19 vaccine distribution right around the corner, it’s critical for stakeholders throughout the cold chain to put cybersecurity protections in place for refrigeration facilities.

Preview threat detection features we’ve built into the Industrial Defender for building management systems (BMS), including risk scoring, security monitoring and network analytics.

This partnership combines Industrial Defender’s depth and breadth of asset data collection with FoxGuard’s ability to report, acquire, validate and deploy vendor-approved patch and vulnerability information.

The NERC CIP-013 standard addresses cyber threats to the Bulk Electric System (BES) that come from third party vendors in the supply chain.

Industrial control systems (ICS) are the heart of our world’s critical infrastructure and must be protected. These are 5 ICS security best practices to consider.

This partnership combines Industrial Defender’s deep expertise in operational technology (OT) data collection and normalization with Waterfall’s industry-leading Unidirectional Gateways to secure OT environments.

Preview the new asset risk scoring and Netflow features in Industrial Defender 7.3. Each OT endpoint automatically receives an overall asset risk score calculated using threat vectors including security events, compliance status, vulnerabilities and health. The methodology we use is completely transparent and allows users to choose the threat vectors that matter most to them. Our Netflow app lets you drill into asset status and communications at a glance to better understand your passive network monitoring data.

The NIST Cybersecurity Framework is the most popular framework in use today. Learn how to apply the NIST CSF in ICS environments and demonstrate cyber risk reduction.

The CIS Controls help security practitioners build the foundation of a sound OT cybersecurity program. Learn what these controls are and how they can benefit you.

Industrial control system environments pose unique risk management challenges. Having accurate OT endpoint data is critical to make smarter decisions.

Cyber threats and vulnerabilities in critical building management systems are increasing every year. Learn why you should implement a cybersecurity solution.

Industrial Defender announces enhancements to their ASM product, including automated risk scoring for operational technology (OT) assets, new Assisted Passive Monitoring (APM) technology, and simplified executive-level NIST CSF reporting.

CodeMeter is a software licensing program that is a critical component to the operation of many ICS. Severe vulnerabilities were recently found in this program.

Industrial Defender and DeNexus announce a strategic partnership to mitigate cybersecurity risk in mission-critical networks across the world.

Every Microsoft Windows Server OS back to 2003 is impacted by CVE-2020-1350. Even worse, it’s being a called a “wormable” flaw, meaning it can transmit system to system all by itself. No emails, no user interaction, just good old fashioned TCP/IP.

Learn how to leverage Microsoft Power BI and Industrial Defender for executive level dashboarding, high-value asset identification and enhanced insight into OT operations.

Learn how Industrial Defender can assist CISOs with their IT/OT convergence and SOC operational strategies, and help SOC Analysts and ICS Engineers quickly diagnose security events.

The world of industrial control systems is very complex. As you are already aware, there is no silver bullet for managing and securing ICS environments. At Industrial Defender, our belief is that knowing what (and who) you have in your environment is key to solving these challenges, and that is why we created the DefenderSphere.

Learn how Industrial Defender overcomes complex endpoint ICS and SCADA system asset visibility challenges including data diodes, unsupported protocols, and air-gapped operations.

Learn how Industrial Defender’s agents can be deployed on any ICS or SCADA system environment, regardless of endpoint type or granularity of network segmentation, and the steps our experts recommend taking when tackling an OT security improvement project.

Learn how Industrial Defender integrates with 3rd party applications like Splunk, ServiceNow & IBMQRadar in order to share ICS security data with more members of your security team.

Learn how Industrial Defender executes ICS cybersecurity monitoring and compliance programs in the natural gas, electrical distribution and chemical processing industries in these 5 real world use cases.

In this edition of the Waterfall ICS Security podcast, CTO Phil Dunbar talks about the birth and rebirth of Industrial Defender with Andrew Ginter, Waterfall’s VP Industrial Security.

Learn how Industrial Defender ASM® protects against ICS vulnerabilities in a new way in this 5-minute demonstration by Peter Lund, Director of Product Management at Industrial Defender.

Teleo Capital Management announces the acquisition of the Automated System Management (ASM) product platform and related products company Industrial Defender from CapGemini America.

Industrial Defender has integrated passive monitoring technology into our already capable Network Intrusion Detection Sensor (NIDS) making ASM the single most comprehensive vendor for active and passive views into your ICS environment.

The Department of Homeland Security (DHS) and Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) – TA18-074A providing information on Russian government actions targeting U.S. critical infrastructure organizations including energy, nuclear, water, aviation and critical manufacturing sectors.