Last week I attended the ISA Water/Wastewater and Automatic Controls Symposium in Bethesda, Maryland. The conference was attended by equipment manufacturers and municipalities, but system integrators composed the largest group. The technical sessions mainly discussed new opportunities for implementing the industrial internet of things (IoT) and cybersecurity…
exida explains Blog
Entries tagged with: IACS
- by Patrick O'Brien
- Thursday, August 16, 2018
- Industrial Cybersecurity
An Integrator’s Guide to Managing the Cybersecurity Risks of Remote Access
- by Patrick O'Brien
- Thursday, February 18, 2021
- Industrial Cybersecurity
Attack on Florida Water System Highlights Weak Security Protections for Critical Infrastructure
The Oldsmar Water Treatment Facility in Pinellas County Florida was compromised by hackers on February 5th. Hackers took advantage of the TeamViewer application that was still installed on the water facilities network to gain remote access1. The TeamViewer was originally installed to allow for status checks and troubleshooting of…
- by Patrick O'Brien
- Wednesday, June 07, 2023
- Industrial Cybersecurity
Automation Cybersecurity: IT vs OT - Differing Priorities
Before you can dive in and look at the core concept of automation cybersecurity, it's helpful to first define it. Automation cybersecurity is the prevention of intentional or unintentional interference with proper operation of automation systems including industrial controls, smart manufacturing, and IIOT systems through the use of computers,…
- by Patrick O'Brien
- Monday, April 15, 2019
- Industrial Cybersecurity
CACE Specialties, Now That’s New!
Cyberattacks have become the new norm for industrial control systems. A recent study found that 54% (more than half) of companies surveyed had experienced a cyber-attack on their Industrial control system within the last two years[1].
The need for well-trained, competent individuals to address cybersecurity for industrial control systems…
- by Dr. William Goble, CFSE
- Thursday, August 30, 2018
- Industrial Cybersecurity
How Much Cybersecurity Do I Need?
During an IACS cybersecurity risk analysis, each zone of a network is given a target security level. The levels are one to four, with one being the least amount of protection and four giving the most protection. For each zone we ask, “How much cybersecurity protection do we…
- by Jeff Davis
- Thursday, November 08, 2018
- Industrial Cybersecurity
IACS Cybersecurity IEC 62443: Agile Lifecycle and Documentation
Industrial Automation Control Systems (IACS) Cybersecurity based on IEC 62443 was created to be compatible with agile development methodology. The standard deliberately talks about processes and not phases, such as those in the waterfall model. The processes defined can be met simultaneously and are, most likely, already being followed…
- by Michael Medoff , CFSE, CISA
- Thursday, October 29, 2020
- Industrial Cybersecurity
IEC 62443 Cybersecurity Certification for Medical Devices
exida has traditionally been involved in industries such as oil and gas, chemicals, power generation and automotive. While these are a diverse set of industries, many of the techniques that we use such as FMEDA (Failure Modes Effects and Diagnostic Analysis), Risk Assessment, Threat Modelling, etc.…
- by Bill Thomson
- Tuesday, October 08, 2024
- Industrial Cybersecurity
Threat Modeling: How to Succeed at this High Value and High Effort Cybersecurity Activity
Threat Modeling (TM) is a process for identifying and prioritizing potential cybersecurity threats to software, hardware or a system. Contributing to the high value of TM is:
- The ability to identify threats early in the design process when they are less expensive to address
- Methodically prioritizing threats helps…