Blog
Blog
Industrial Network Security Architecture – Network Segmentation
The idea of network segmentation is an old concept in IT environments. It began as a way to improve network performance and bandwidth. Recently network segmentation is used proactively as a part of network security architecture. Segmenting the network into...
Software Defined Perimeter
A Software Defined Perimeter (SDP) is a network security architecture that uses user authentication and network segmentation in order to grant access to resources based on the principle of authentication first, access later. SDP is a way of implementing the...
Industrial Network Security Architecture – Introduction
The ubiquitous advance of communication technologies of the last two decades has been re-shaping the world as we know it impacts all aspects of our daily lives including the world of industrial automation. One of these advances was the adaptation of the...
Best Practices for Securing your Cloud
There is a good number of boxes for you to tick to make sure the security of your cloud environment is as robust against potential breaches as you can make it. 1. Compliance Follow at least one of the available security frameworks that describe what a secure...
Common Attack Vectors in the Cloud
Once a threat actor breaches the security of a cloud environment (see our post from last week on Common Cloud Vulnerabilities) it can freely use its resources allowing for scaling the attacks and wiping traces. According to the 2021 IBM Security X-Force...
Common Cloud Vulnerabilities
The increased popularity of cloud services in recent years goes only hand in hand with the increased interest of malicious actors in the opportunities that this new sphere of computing technology brings. Among the most common cloud attack vectors used by...
The Top 20 Secure PLC Coding Practices. Part 21 – Trap false negatives and false positives for critical alerts
Identify critical alerts and program a trap for those alerts. Set the trap to monitor the trigger conditions and the alert state for any deviation. Security Objective Target Group Monitoring Integration / Maintenance Service Provider Guidance In most cases,...
The Top 20 Secure PLC Coding Practices. Part 20 – Monitor PLC memory usage and trend it on the HMI
Measure and provide a baseline for memory usage for every controller deployed in the production environment and trend it on the HMI. Security Objective Target Group Monitoring Integration / Maintenance Service Provider Asset Owner Guidance Since the increase...
Cyber Threats – Detection, Response, Mitigation II
Mitigations The following advice can enhance organisations’ cyber resilience against cyber threats. Preparedness Establish Reporting Procedures and Ensure Cybersecurity staff continuity Establish your ‘go-to persons’ list for the case of a suspected incident...
The Top 20 Secure PLC Coding Practices. Part 19 – Log PLC hard stops and trend them on the HMI
Store PLC hard stop events from faults or shutdowns for retrieval by HMI alarm systems to consult before PLC restarts. Time sync for more accurate data. Security Objective Target Group Monitoring Integration / Maintenance Service Provider Guidance Fault...