Attention Industrial Control System Owners: "Lay some pavement and soon a road begins to form!"
Benefits of a Cybersecurity Risk Assessment approach to developing a solid Cybersecurity Plan vs. moving immediately to best practices.
Search
Cyber-Psychology in the Water and Wastewater Industries
Psychology is one of the biggest obstacles to overcome in making Cybersecurity a substantial part of the Water and Wastewater Business Case.
15 Cybersecurity Fundamentals
Great list originally published by WaterISAC on the 15 Cybersecurity Fundamentals for Water and Wastewater Utilities
Cover your ASSets when it comes to Cybersecurity
The foundation of an effective operational technology (OT) Cybersecurity strategy is documented knowledge about the specific process...
Cybersecurity Risk Awareness First
Awareness and acknowledgement of risk must occur before you can manage it.
Funny, but too close to reality!
Properly managed administrator credentials are one of the areas that has a low-cost but high-benefit impact to your Cybersecurity posture!
Considerations for New Remote Workforce...All the ears in your home
I don't think this is an irrational step, dependent of course on the sensitivity and confidentiality requirements of the information...
Changing passWORD habits to passPHRASE culture...long journey but we can smile along the way :)
Use passphrases instead of passwords or complex nonsensical strings to strike the balance between easy to remember and adequate strength....
AWIA Fact Sheet from EPA
Posting in case anyone is not yet aware of the drinking water utility requirement. Dates are approaching fast.
Impressive Move from NJ Board of Public Utilities: State Mandated Cybersecurity
A document was passed to me from an industry resource regarding state-mandated Cybersecurity program requirements. The document is from...
9 smart questions to ask when evaluating Cybersecurity certification programs
Great post by ISASecure on Cybersecurity certification programs! Original article can be found here #ics #ot #isa #industialcontrol...
FBI recommends passphrases over password complexity
Some practical knowledge that may not be so common regarding passwords, great info from FBI. Original article can be found here...
Industrial Cybersecurity: Asking the right Questions
I appreciate published works from major manufacturers like Rockwell on the subject of Cybersecurity for many reasons, not the least of...
First Industrial Controller Certified to IEC 62443-4-2 Demonstrates Strengthened Security
ISA 62443 is making a positive impact on ICS manufacturers who are following the Security Level model for Cybersecurity in development of...
Remote access according to IEC 62443 Architecture - Ignition forum post
Helpful post from some Inductive Automation Ignition users about adhering to ISA 62443 Cybersecurity practices when setting up a secure...
2020 CrowdStrike Global Threat Report
This is a must read for anyone that feels the ongoing threat of Cybersecurity is overstated. Page 22/23 documents the Dharma ransomware...
IEC 62443: The New Gold Standard for Network Segmentation in ICS and SCADA Networks
In relation to my previous post regarding the ransomware disruption to an OT system, this article was published by Palo Alto in 2014...
Alert (AA20-049A) from CISA - Ransomware Impacting Pipeline Operations
This recent alert from CISA discusses the immediate impact ransomware can have to an ICS environment when segmentation and data flow...
WinCC Open Architecture V3.17 achieves ISA/IEC 62443-4-2 Certification!
Security enhancements V3.17 received IEC 62443-4-2 certification. Additionally, new security measures have been implemented, such as...
