- by Patrick O'Brien
- Thursday, August 16, 2018
- Industrial Cybersecurity
An Integrator’s Guide to Managing the Cybersecurity Risks of Remote Access
Last week I attended the ISA Water/Wastewater and Automatic Controls Symposium in Bethesda, Maryland. The conference was attended by equipment manufacturers and municipalities, but system integrators composed the largest group. The technical sessions mainly discussed new opportunities for implementing the industrial internet of things (IoT) and cybersecurity…
Read More...
- by Patrick O'Brien
- Thursday, February 18, 2021
- Industrial Cybersecurity
Attack on Florida Water System Highlights Weak Security Protections for Critical Infrastructure
The Oldsmar Water Treatment Facility in Pinellas County Florida was compromised by hackers on February 5th. Hackers took advantage of the TeamViewer application that was still installed on the water facilities network to gain remote access1. The TeamViewer was originally installed to allow for status checks and troubleshooting of…
Read More...
- by Patrick O'Brien
- Thursday, June 15, 2023
- Industrial Cybersecurity
Automation Cybersecurity - Myths vs. Reality
In today’s automation systems environment, certain myths continue to persist. For example, "cyber attacks are only a concern for big companies". Although it may be less likely to be targeted by, say, a nation state attack, we’ve seen that malware can cause a shutdown of a system or trigger a…
Read More...
- by Patrick O'Brien
- Wednesday, June 07, 2023
- Industrial Cybersecurity
Automation Cybersecurity: IT vs OT - Differing Priorities
Before you can dive in and look at the core concept of automation cybersecurity, it's helpful to first define it. Automation cybersecurity is the prevention of intentional or unintentional interference with proper operation of automation systems including industrial controls, smart manufacturing, and IIOT systems through the use of computers,…
Read More...
- by Patrick O'Brien
- Thursday, August 17, 2023
- Functional Safety
Benefits of Using IEC 62061 Machine Safety Templates
Why would someone consider purchasing templates as a starting point? First off, it decreases the amount of time and energy it takes to build out the program. If you think about starting from a blank page, as opposed to starting with something that is 80 to 90% of the…
Read More...
- by Patrick O'Brien
- Monday, April 15, 2019
- Industrial Cybersecurity
CACE Specialties, Now That’s New!
Cyberattacks have become the new norm for industrial control systems. A recent study found that 54% (more than half) of companies surveyed had experienced a cyber-attack on their Industrial control system within the last two years[1].
The need for well-trained, competent individuals to address cybersecurity for industrial control systems…
Read More...
- by Patrick O'Brien
- Tuesday, November 20, 2018
- Industrial Cybersecurity
Cyber Risk Assessments and Security Level Verification: Detailed Risk Assessments (Part 2 of 3)
The exposure of industrial facilities to cybersecurity threats has never been higher. An analysis performed by IBM security found that the number of attacks on SCADA systems increased 636% from 2012 to 2014, with 675,816 cybersecurity incidents in January 20141. Finding an effective method for evaluating the current level…
Read More...
- by Patrick O'Brien
- Tuesday, September 18, 2018
- Industrial Cybersecurity
Cyber Risk Assessments and Security Level Verification: High-Level Risk Assessments (Part 1 of 3)
As the number, scale, and connectivity of industrial automation systems continues to grow, it becomes increasingly crucial to fundamentally understand, evaluate, and manage cybersecurity risks. The objective of an effective cybersecurity management program should be to maintain the industrial automation system consistent with corporate risk criteria.
Ownership for industrial…
Read More...
- by Patrick O'Brien
- Thursday, December 06, 2018
- Industrial Cybersecurity
Cyber Risk Assessments and Security Level Verification: Security Level Verification (Part 3 of 3)
The exposure of industrial facilities to cybersecurity threats has never been higher. An analysis performed by IBM security found that the number of attacks on SCADA systems increased 636% from 2012 to 2014, with 675,816 cybersecurity incidents in January 2014 [1]. Finding an effective method for evaluating the current…
Read More...
- by Patrick O'Brien
- Wednesday, September 06, 2023
- Functional Safety
Forces Influencing Machine Safety Adoption
What is driving machine safety adoption? What are some of the key questions that companies are trying to answer when it comes to machine safety? For industrial facilities, whether it's a chemical plant, or a machine application, it ultimately comes down to facility risk management. Companies want to provide…
Read More...
- by Patrick O'Brien
- Tuesday, September 12, 2023
- Functional Safety
Machine Safety Goals
From a machine safety management perspective, what goals are you looking to establish? Building a company safety culture, building awareness of the hazards, building the "buy in" to do things right and do things consistently is very important. It can't be done by a single person. It takes the…
Read More...
- by Patrick O'Brien
- Monday, July 03, 2023
- Functional Safety
Machinery Accidents - Today’s Harsh Reality
During 2017, there were over 36,000 injuries related to machinery in the United States. There were 6200 non-fatal amputations, nearly 60% involving machinery. There were close to 3000 fatalities in 2019. Machine accidents are often overlooked because there aren't multiple fatality explosions or major news events like you see…
Read More...
- by Patrick O'Brien
- Wednesday, January 12, 2022
- Functional Safety
Machinery Hazards and Risk Assessment Techniques
Machinery related hazards continue to result in hundreds of deaths and thousands of serious injuries each year. In 2019, 2,963 deaths occurred in the construction, transportation and warehousing, agriculture, forestry, fishing and hunting, and manufacturing industries in the United States1. Additionally, serious injuries continue to pose a major challenge…
Read More...
- by Patrick O'Brien
- Wednesday, November 15, 2023
- Industrial Cybersecurity
Many Different Forces are Influencing ICS Cybersecurity Adoption
When we look at some of the challenges that are facing control systems, we also have to think about what forces are influencing how asset owners adopt cybersecurity. We'll talk about four of those main drivers that play a role in cybersecurity implementation.
National Standards…
Read More...
- by Patrick O'Brien
- Tuesday, January 10, 2023
- Industrial Cybersecurity
New Year’s Resolution: Plan for OT Cybersecurity
The New Year is a great time to make resolutions, but often as the weeks pass, these resolutions fall to the back burner. A study completed in 2016 showed that less than 25% of those who set a resolution successfully followed that resolution for a year.1 When we think about…
Read More...
- by Patrick O'Brien
- Monday, November 27, 2023
- Industrial Cybersecurity
What is a Pragmatic Approach to Cybersecurity?
Now that we have a little bit of context on what's driving our current cybersecurity landscape. The next question is, “where does this pragmatic approach come in? What is a pragmatic approach? What does the word pragmatic mean? The dictionary definition is dealing with things sensibly and realistically in a…
Read More...
- by Patrick O'Brien
- Wednesday, July 12, 2023
- Functional Safety
Why Functional Safety Management is Important for Machine Safety
Functional Safety Management (FSM) is important for a few key reasons. First, it governs the entire machine safety lifecycle. Regardless of which standards we pick, we need to have the management plan in place to make sure we follow those steps and that we do them consistently.
Allocating lifecycle…
Read More...
- by Patrick O'Brien
- Thursday, May 07, 2020
- Industrial Cybersecurity
With Many Automation Professionals Working From Home Cybersecurity Exposure is Rising
One of the commonly targeted pathways into an Industrial Automation and Control System (IACS) is through compromised remote access such as Virtual Private Networks (VPNs) and Remote Desktop Protocol (RDP). During the Stay at Home Orders and other self-quarantining measures around the globe to combat the COVID-19 pandemic, many…
Read More...