Security Experts:

long dotted


Former sysadmin sentenced to 34 months in prison for hacking into systems of industrial facility and disrupting its operations [Read More]
Study conducted by Trend Micro shows the exposure of critical sectors and industrial systems in the United States [Read More]
Researchers showed the impact of ransomware on ICS by simulating an attack on a water treatment plant [Read More]
Rockwell Automation is teaming up with industrial cybersecurity startup Claroty to combine their security products and services into future, packaged security offerings. [Read More]
ENISA has published a study on the "Communication network dependencies for ICS-SCADA Systems" to provide protection recommendations for ICS-SCADA systems against cyber threats. [Read More]
Honeywell has patched several critical and high severity vulnerabilities in its XL Web controllers [Read More]
Rapid7 adds hardware bridge to Metasploit framework - penetration testers can use it to analyze IoT hardware and software, ICS and SDR systems [Read More]
The official Call for Papers (presentations) for SecurityWeek's 2017 Singapore Industrial Control Systems (ICS) Cyber Security Conference, being held April 25–27 at the Fairmont Singapore is now open. [Read More]
Schneider Electric has released an update for its StruxureWare Data Center Expert product to address a vulnerability that exposes passwords [Read More]
Overhyped media reports can have a negative impact on ICS security, experts warn [Read More]


rss icon

Johnnie Konstantas's picture
To extend the capabilities of advanced cybersecurity tools at the centralized production environment, implementing an out-of-band transport network to get visibility into both packet data and syslog traffic can be very beneficial.
Tim Layton's picture
Based on existing intelligence, it is reasonable to assume that nation-states already possess all the information they need to launch such an attack on the U.S. power grid.
Jim Ivers's picture
What is missing from the conversation is how large a role software plays in the IoT equation. Plugging something into the Internet does not make it work -- it just makes it vulnerable.
Nate Kube's picture
Since the ratification of IEC 62443, updates to this international industrial controls standard have been published to move systems integration work forward.
Eduard Kovacs's picture
US intel chief warns that Russian hackers have been targeting critical infrastructure ICS. Security experts say the threat is real.
Nate Kube's picture
Manufacturing supply chains are vital to the development and fulfillment of any modern technology—they change rapidly and locations of suppliers change. This dynamic nature of the supply chain exposes enterprises to a wide variety of risks.
Nate Kube's picture
I would like the OT security community to move away from asking what can we do to gain greater adoption of a greenfield IT security model and instead ask how we can gain demonstrable gains in OT security posture more efficiently.
Torsten George's picture
The NIST Cybersecurity Framework is a good first step towards creating a standardized approach to cyber security, but requires many substantial updates before really improving our nation’s cyber resilience.
Marc Solomon's picture
The energy sector requires an approach to cybersecurity that doesn’t rely exclusively on air gaps or point-in-time detection tools but addresses the full attack continuum – before, during, and after an attack.
Mark Hatton's picture
Critical infrastructure facilities are under constant attack, and continuously being probed for defensive weaknesses and access points. To complicate matters, facilities often don’t even recognize when they have been probed or if a weakness has been identified for future exploitation.