Security News

Navigating OT/IT convergence and securing ICS environments
2023-10-23 04:30

Escalating threats to operational technology have prompted an increasing number of global enterprises to adopt sophisticated technologies and services to enhance the security of their assets. In this Help Net Security video, Christopher Warner, Senior GRC-OT Security Consultant at GuidePoint Security, discusses securing the control systems environment, as well as creating a cybersecurity roadmap.

ELITEWOLF: NSA’s repository of signatures and analytics to secure OT
2023-10-17 02:00

Cyber entities continue to show a persistent interest in targeting critical infrastructure by taking advantage of vulnerable OT assets. To counter this threat, NSA has released a repository for OT...

Rising OT/ICS cybersecurity incidents reveal alarming trend
2023-09-20 04:00

"Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents," said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000.

Rising OT/ICS cybersecurity incidents reveal alarming trend
2023-09-14 03:00

"Energy, critical manufacturing, water treatment and nuclear facilities are among the types of critical infrastructure industries under attack in the majority of reported incidents," said Mark Cristiano, commercial director of Global Cybersecurity Services at Rockwell Automation. OT/ICS cybersecurity incidents in the last three years have already exceeded the total number reported between 1991-2000.

MITRE Caldera for OT now available as extension to open-source platform
2023-09-06 06:21

MITRE Caldera for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology. The first Caldera for OT extensions were developed in partnership between the Homeland Security Systems Engineering and Development Institute, a federally funded research and development center that is managed and operated by MITRE for the Department of Homeland Security, and the Cybersecurity and Infrastructure Security Agency to increase the resiliency of critical infrastructure.

Reinventing OT security for dynamic landscapes
2023-08-18 04:00

From understanding the challenges of disparate OT protocols and the increasing convergence with IT to grappling with the monumental role of human error, our latest interview with Rohit Bohara, CTO at asvin, delves deep into the landscape of OT security. Can you comment on the challenge of creating disparate security systems for OT environments considering the variety of OT protocols? How does the difference in standardization between IT and OT systems add to this complexity?

16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks
2023-08-11 05:20

A set of 15 high-severity security flaws have been disclosed in the CODESYS V3 software development kit that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology environments. "Exploitation of the discovered vulnerabilities, which affect all versions of CODESYS V3 prior to version 3.5.19.0, could put operational technology infrastructure at risk of attacks, such as remote code execution and denial-of-service," Vladimir Tokarev of the Microsoft Threat Intelligence Community said in a report.

5 Things CISOs Need to Know About Securing OT Environments
2023-06-28 10:44

Still, most CISOs have made their mark securing IT environments - and IT security strategies and tools rarely translate to an OT context. While the soft skills of collaboration and team-building will certainly help CISOs as they bring the factory floor into their realm of responsibility, they must also make a concentrated effort to understand the OT landscape's unique topography and distinctive security challenges.

Researchers Expose New Severe Flaws in Wago and Schneider Electric OT Products
2023-06-20 19:08

Three security vulnerabilities have been disclosed in operational technology products from Wago and Schneider Electric. The flaws, per Forescout, are part of a broader set of shortcomings collectively called OT:ICEFALL, which now comprises a total of 61 issues spanning 13 different vendors.

5 Reasons Why IT Security Tools Don't Work For OT
2023-06-06 11:44

The landscape of OT security tools is far less developed than its information technology counterpart. With OT systems opening to the world and cyberthreats surging, the lack of OT-specific security tools has emerged as an urgent problem.