Stephen GoldsworthJul 17, 2020Attention Industrial Control System Owners: "Lay some pavement and soon a road begins to form!"Benefits of a Cybersecurity Risk Assessment approach to developing a solid Cybersecurity Plan vs. moving immediately to best practices.
Stephen GoldsworthApr 18, 2020Cyber-Psychology in the Water and Wastewater IndustriesPsychology is one of the biggest obstacles to overcome in making Cybersecurity a substantial part of the Water and Wastewater Business Case.
Stephen GoldsworthApr 7, 202015 Cybersecurity FundamentalsGreat list originally published by WaterISAC on the 15 Cybersecurity Fundamentals for Water and Wastewater Utilities
Stephen GoldsworthMar 31, 2020Cover your ASSets when it comes to CybersecurityThe foundation of an effective operational technology (OT) Cybersecurity strategy is documented knowledge about the specific process cont...
Stephen GoldsworthMar 31, 2020Cybersecurity Risk Awareness FirstAwareness and acknowledgement of risk must occur before you can manage it.
Stephen GoldsworthMar 31, 2020Funny, but too close to reality!Properly managed administrator credentials are one of the areas that has a low-cost but high-benefit impact to your Cybersecurity posture!
Stephen GoldsworthMar 24, 2020Considerations for New Remote Workforce...All the ears in your homeI don't think this is an irrational step, dependent of course on the sensitivity and confidentiality requirements of the information exch...
Stephen GoldsworthMar 18, 2020Changing passWORD habits to passPHRASE culture...long journey but we can smile along the way :)Use passphrases instead of passwords or complex nonsensical strings to strike the balance between easy to remember and adequate strength....
Stephen GoldsworthMar 10, 2020AWIA Fact Sheet from EPAPosting in case anyone is not yet aware of the drinking water utility requirement. Dates are approaching fast.
Stephen GoldsworthMar 10, 2020Impressive Move from NJ Board of Public Utilities: State Mandated CybersecurityA document was passed to me from an industry resource regarding state-mandated Cybersecurity program requirements. The document is from ...
Stephen GoldsworthMar 9, 20209 smart questions to ask when evaluating Cybersecurity certification programsGreat post by ISASecure on Cybersecurity certification programs! Original article can be found here #ics #ot #isa #industialcontrol #proc...
Stephen GoldsworthMar 9, 2020FBI recommends passphrases over password complexitySome practical knowledge that may not be so common regarding passwords, great info from FBI. Original article can be found here #cybersec...
Stephen GoldsworthMar 9, 2020Industrial Cybersecurity: Asking the right QuestionsI appreciate published works from major manufacturers like Rockwell on the subject of Cybersecurity for many reasons, not the least of wh...
Stephen GoldsworthMar 9, 2020First Industrial Controller Certified to IEC 62443-4-2 Demonstrates Strengthened SecurityISA 62443 is making a positive impact on ICS manufacturers who are following the Security Level model for Cybersecurity in development of...
Stephen GoldsworthMar 9, 2020Remote access according to IEC 62443 Architecture - Ignition forum postHelpful post from some Inductive Automation Ignition users about adhering to ISA 62443 Cybersecurity practices when setting up a secure I...
Stephen GoldsworthMar 9, 20202020 CrowdStrike Global Threat ReportThis is a must read for anyone that feels the ongoing threat of Cybersecurity is overstated. Page 22/23 documents the Dharma ransomware ...
Stephen GoldsworthMar 9, 2020IEC 62443: The New Gold Standard for Network Segmentation in ICS and SCADA NetworksIn relation to my previous post regarding the ransomware disruption to an OT system, this article was published by Palo Alto in 2014 desc...
Stephen GoldsworthMar 9, 2020Alert (AA20-049A) from CISA - Ransomware Impacting Pipeline OperationsThis recent alert from CISA discusses the immediate impact ransomware can have to an ICS environment when segmentation and data flow rest...
Stephen GoldsworthMar 9, 2020WinCC Open Architecture V3.17 achieves ISA/IEC 62443-4-2 Certification!Security enhancements V3.17 received IEC 62443-4-2 certification. Additionally, new security measures have been implemented, such as auto...