WannaCry: A Serious Threat and Patching Challenge for Critical Infrastructure

It happened. The ransomware known as WannaCry was confirmed this week as having made it into industrial process facilities. This should put all companies who rely upon industrial control systems (ICS) – particularly companies classified as critical infrastructure – on high alert. Why? Because the choices available to protect the systems within an industrial facility’s network are much more... Read more

Avoid the ICS Cybersecurity Blind Spot

The Verizon Data Breach Investigations Report (DBIR) is as interesting for the unexamined risks as it is for the examined ones. If you look at the cyber assets on which the report gathered security data (page 10), there is not a single industrial control system (ICS) category listed. Why is this important? Because ICS are the systems that have direct responsibility for running volatile chemical and oil... Read more

A CEO’s Perspective on PAS’ Large Capital Raise

I’m delighted to announce that PAS has raised $40 million in capital to fuel our business, primarily in industrial control system (ICS) cybersecurity. After 23 years of internally funding the company, we’re ready to extend our market reach by expanding sales, marketing, and consulting teams. We’re also set to increase considerably our investment in research and development.   One of the first... Read more

ICS Cybersecurity and the Winds of Change

I had the pleasure of attending the RSA conference in San Francisco last week along with the PAS Founder and CEO Eddie Habibi. One of the largest cybersecurity conferences on the planet, this year’s event attracted more than 45,000 attendees. What stood out this year? For the first time, the keynote focused on the potential consequences of an attack on critical Infrastructure (power, water, fuel) in a multimedia... Read more

Too Many Changes, Too Much Noise

Most industrial companies with whom I speak are aware of the amount of control system changes that occur on a daily basis, but lack the proper automation to monitor and manage those changes. This means that significant changes can go uninvestigated, which means unplanned outage, safety, and other risk increases.  Major regulations and standards, including NERC-CIP, IEC 62443, NEI 08-09, and NIST 800-53, to name a few,... Read more

Displaying results 1-5 (of 31)
 |<  < 1 2 3 4 5 6 7  >  >|