Blog
Blog
Cyber Threats – Detection, Response, Mitigation I
The number of cyberattacks on businesses is constantly rising. According to surveys conducted by Accenture there were on average 270 attacks per company in 2021 which is a 31% increase compared with 2020. A heightened state of awareness and ability to...
The Top 20 Secure PLC Coding Practices. Part 18 – Log PLC uptime and trend it on the HMI
Log PLC uptime to know when it’s been restarted. Trend and log uptime on the HMI for diagnostics. Security Objective Target Group Monitoring Integration / Maintenance Service Provider Guidance Keep track of PLC uptime in the PLC itself (if uptime is a...
The Top 20 Secure PLC Coding Practices. Part 17 – Summarise PLC cycle times and trend them on the HMI
Summarize PLC cycle time every 2-3 seconds and report to HMI for visualization on a graph Security Objective Target Group Monitoring Integration / Maintenance Service Provider Guidance Cycle times are usually system variables in a PLC and can be used for...
Security Operations Centre – part 5
What is Cyber Threat Intelligence? According to Gartner, Threat Intelligence is evidence-based knowledge, including context, mechanisms, indicators, implications, and actionable advice, about an existing or emerging menace or hazard to assets that can be...
The Top 20 Secure PLC Coding Practices. Part 16 – Define a safe process state in case of a PLC restart
Define safe states for the process in case of PLC restarts (e.g., energize contacts, de-energize, keep the previous state) Security Objective Target Group Resilience Product Supplier Integration / Maintenance Service Provider Guidance If something commands a...
Security Operations Centre – part 4
The human factor of SOCs According to the definition of Security Operations Centre (SOC) we used in part 1 of these series, ‘SOC is a combination of people, processes and technologies (…)’. How does a SOC’s team look like, what are the roles &...
The Top 20 Secure PLC Coding Practices. Part 15 – Restrict third-party data interfaces
Restrict the type of connections and available data for 3rd party interfaces. The connections and/or data interfaces should be well defined and restricted to only allow read/write capabilities for the required data transfer. Security Objective Target Group...
Security Operations Centre – part 3
The SOC’s main purpose is the identification and reaction to threats. A SOC needs to be able to see what is going on the in the information system it is intending to protect. What else you envision your SOC to do will depend on what you would like it to do....
The Top 20 Secure PLC Coding Practices. Part 14 – Disable unneeded / unused communication ports and protocols
PLC controllers and network interface modules generally support multiple communication protocols that are enabled by default. Disable ports and protocols that are not required for the application. Security Objective Target Group Hardening Integration...
Security Operations Centre – part 2
You can only truly protect what you know you have 1. Asset inventory You must understand what your assets are in order to understand what you are going to protect. Make sure you have identified all the devices that are on your network as well as what...