Blog
Blog
The Top 20 Secure PLC Coding Practices. Part 6 – Use cryptographic and / or checksum integrity checks for PLC code
Use cryptographic hashes, or checksums if cryptographic hashes are unavailable, to check PLC code integrity and raise an alarm when they change Security Objective Target Group Integrity of PLC Logic Product Supplier Integration / Maintenance Service...
Small Business Cyber Security Response and Recovery. Part V – Report the incident to the wider stakeholders
How to prepare for a cyber incident, from response through to recovery Part 5 - Report the incident to the wider stakeholders After the cyber security incident has been resolved, the next step is to report its particulars to relevant internal and external...
The Top 20 Secure PLC Coding Practices. Part 5 – Use PLC flags as integrity checks
Put counters on PLC error flags to capture any math problems Security Objective Target Group Integrity of PLC Logic Product SupplierIntegration /Maintenance Service Provider Guidance If the PLC code was working fine but suddenly does a divide by zero,...
Small Business Cyber Security Response and Recovery. Part IV – Resolve the incident
How to prepare for a cyber incident, from response through to recovery Part 4 - Resolve the incident Once you identified what type of cyber attack you have been subject to, collected all the necessary information on it, and contained the incident (these...
The Top 20 Secure PLC Coding Practices. Part 4 – Leave operational logic in the PLC wherever feasible
Leave as much operational logic e.g., totalising or integrating, as possible directly in the PLC. The HMI does not get enough updates to do this well. Security Objective Target Group Integrity of PLC Logic Product Supplier Integration /Maintenance Service...
Small Business Cyber Security Response and Recovery. Part III – Identify what’s happening
How to prepare for a cyber incident, from response through to recovery Part 3 - Identify what's happening In order to be able to mitigate a cyber incident one has to be aware in the first place that a cyber incident has taken or is taking place. It might...
The Top 20 Secure PLC Coding Practices. Part 3 – Track operating modes
Keep the PLC in RUN mode. If PLCs are not in RUN mode, there should be an alarm to the operators. Security Objective Target Group Integrity of PLC Logic Integration / Maintenance Service Provider Asset Owner Guidance If PLCs are not in RUN mode (e.g.,...
Small Business Cyber Security Response and Recovery. Part II – Prepare for incidents
How to prepare for a cyber incident, from response through to recovery Part 2 - Prepare for incidents Identify critical assets, systems, and contacts Critical assets Establish what type of digital information is necessary to allow your enterprise to continue...
The Top 20 Secure PLC Coding Practices. Part 2 – Modularise PLC code
Split PLC code into modules, using different function blocks (sub-routines). Test modules independently. Security Objective Target Group Integrity of PLC Logic Product Supplier Guidance Do not program the complete PLC logic in one place e.g., in the main...
Small Business Cyber Security Response and Recovery. Part I – Introduction
Part 1 - Introduction These days most businesses rely on computers and the internet to do business. As they do so they become more and more dependent on the digital information they store, use and exchange within the business and to interact with other...
News
Już dziś o 11:45 zapraszamy na wykład o bezpieczeństwie sterowników #PLC, który na #InfraSECForum poprowadzą @JozefSulwinski i Michał Stępień
Zapraszamy do zadawania pytań po wykładzie lub na wirtualnym stoisku Seqred.
#OTsecurity #InfraSEC #cybersecurity
🕵 #SharePointAdmin / #WebDesigner wanted for our international project in Belgium for a minimum 3 month period
Check the offer: https://lnkd.in/dcC6Ynz
apply to 📩 rekrutacja@seqred.pl
or share it with your colleague
#job #joboffer
Wie sicher ist die #Telematikinfrastruktur? Das zeigt eine #Sicherheitsanalyse der gematik. https://www.healthcare-computing.de/telematik-infrastruktur-auf-herz-und-nieren-geprueft-a-996678/
@gematik1 @sec_consult @Seqred_ #ITSicherheit
Jak wykorzystać model #MitreATTACK do analizy zagrożeń?
Jak wkomponować go w procesy bezpieczeństwa w firmie?
Przeczytaj artykuł: https://seqred.pl/mitre-attck-analiza-atakow-w-celu-skuteczniejszej-ochrony/
#ITsecurity #cybersecurity
Czy wiesz, co producent lub integrator zapisał w Twoim sterowniku #PLC?
Które obszary są ważne przy ocenie bezpieczeństwa i jakości kodu?
Zapraszamy na wykład "Bezpieczeństwo kodu sterowników PLC" @JozefSulwinski i Michał Stępień na #InfraSECForum
https://infrasecforum.pl/agenda-2021/