Cyberattacks have become the new norm for industrial control systems. A recent study found that 54% (more than half) of companies surveyed had experienced a cyber-attack on their Industrial control system within the last two years[1].
The need for well-trained, competent individuals to address cybersecurity for industrial control systems…
Industrial Automation Control Systems (IACS) Cybersecurity based on IEC 62443 was created to be compatible with agile development methodology. The standard deliberately talks about processes and not phases, such as those in the waterfall model. The processes defined can be met simultaneously and are, most likely, already being followed…
Over the last couple of blogs, I mapped out the importance of ISA/IEC-62443/ISA-99 based cybersecurity and how it applies to your work environment.
For part 1, I started from the beginning and outlined what exactly ICS cybersecurity is and why it is important.
For part 2, I explained the difference between…
Information Technology (IT) is the personnel, hardware, and software that controls non-physical devices and/or processes such as websites, financial data, personal information, etc.
Operation Technology (OT) is the personnel, hardware, and software that controls physical devices and/or processes such as manufacturing, oil & gas, power, etc. Today, OT has many…
Threat Modeling (TM) is a process for identifying and prioritizing potential cybersecurity threats to software, hardware or a system. Contributing to the high value of TM is:
One of the commonly targeted pathways into an Industrial Automation and Control System (IACS) is through compromised remote access such as Virtual Private Networks (VPNs) and Remote Desktop Protocol (RDP). During the Stay at Home Orders and other self-quarantining measures around the globe to combat the COVID-19 pandemic, many…