Security Experts:

SCADA / ICS
long dotted

NEWS & INDUSTRY UPDATES

The official Call for Papers (speakers) for SecurityWeek’s 2017 Industrial Control Systems (ICS) Cyber Security Conference, being held October 23 – 26, 2017 at the InterContinental Buckhead Atlanta, Georgia, USA is open through August 15, 2017. [Read More]
Britain's GCHQ has warned that state-sponsored hackers are targeting Industrial Control System (ICS) engineering and services organizations, which have likely have been compromised. [Read More]
Boundary protection weaknesses remain the most prevalent in critical infrastructure sectors, according to assessments conducted in 2016 by ICS-CERT [Read More]
Industrial control systems (ICS) security experts are most concerned about embedded controllers, internal threats, hacktivists and nation states, and ransomware [Read More]
Hackers used template injection to phish credentials in recent attacks targeting critical infrastructure companies in the U.S. and Europe [Read More]
Siemens and ICS-CERT warned users of vulnerabilities affecting various building technology and smart grid products [Read More]
Details of unpatched vulnerabilities affecting a component of Schneider Electric’s U.motion building automation solution disclosed [Read More]
There is a pressing need for technical assurance standards for industrial control systems (ICS), says CREST (a leading UK accreditation body), and supported by the UK National Cyber Security Centre (NCSC). [Read More]
Siemens has patched a critical vulnerability in SIMATIC CP 44x-1 RNA modules and a medium severity flaw in XHQ automation software [Read More]
Industry professionals comment on the CrashOverride/Industroyer malware used in the December 2016 Ukraine power grid attack [Read More]

FEATURES, INSIGHTS // SCADA / ICS

rss icon

Barak Perelman's picture
Organizations need specialized monitoring and control technologies for ICS networks that provide the deep, real-time visibility to identify suspicious or malicious activity
Barak Perelman's picture
If WannaCry had targeted industrial controllers, it would have been much more difficult to protect them and the damage would have been much more widespread.
Riaz Zolfonoon's picture
It’s the best of the internet of things and the worst of the internet of things: unprecedented connectivity that creates both tremendous opportunity and considerable risk.
David Holmes's picture
An organization with a mature security process should be doing threat modeling on web applications and Internet of Things devices in the enterprise.
Galina Antova's picture
The security risk to Industrial Control Systems (ICS) networks is systemic and not determined by vulnerabilities alone.
Barak Perelman's picture
It’s a generally known fact that most Industrial Control System (ICS) environments were not built with cyber security in mind because they were designed before the cyber threat existed.
David Holmes's picture
Don’t dismiss the IoT as just a consumer security problem. We have an opportunity to learn from the mistakes of the original Internet and build some security into the Internet of Things, if we act quickly.
Galina Antova's picture
The “red lines” that conventional wisdom once held would prevent disruptive or destructive attacks against critical infrastructure have now been crossed numerous times, and we can safely assume they will be again.
Barak Perelman's picture
Industrial organizations need early detection of suspicious activity like unauthorized network scans, attempts to read information from controllers and other unsanctioned control-plane activity.
Adam Meyer's picture
As with anything new, you need to prepare and plan for IoT devices being in your environment to maximize the value they provide, while minimizing the inherent risk of these network-enabled devices.