Codifying the Process: Outsiders Gain Insider Advantage
By David Zahn, CMO, GM of Cyber Security Business Unit

I was at Black Hat 2017 last week and was impressed with the Industroyer /Crashoverride: Zero Things Cool About a Threat Targeting the Power Grid  presentation by ESET and Dragos Security. The teams outlined well how the attack was executed. One of the big takeaways was that attackers did not exploit a vulnerability or zero day to bring down Ukrainian power. Robert Lee from Dragos Security put it well when he said that... Read more

By David Zahn Security, Power, malware, vulnerability 0 Comments

Fixing Your Nuisance Alarms Just Got a LOT Easier
By Bill Hollifield, Principal Consultant

The most popular alarm management presentation we have ever done has been the one on fixing “Bad Actor” alarms. I like it because I get to refer to some of my favorite schlocky sci-fi movies – and it turns out that lots of engineers like those as well!   Nuisance alarm reduction is an important step. We recommend it at the beginning of an alarm improvement effort because it is easy, fast, cheap, and... Read more

By Bill Hollifield Management, Alarm, actor, bad, nuisance 0 Comments
ICS Cybersecurity Cognitive Dissonance

ICS Cybersecurity's Cognitive Dissonance
By David Zahn, CMO, GM of Cyber Security Business Unit

In the recently released survey from SANS, Securing Industrial Control Systems—2017, there were two results that stood out more than most. The first came from a question assessing which control systems had the greatest impact if compromised and exploited; the second related to which systems had the strongest data collection and analysis. In the case of impact, survey respondents ranked computer assets with... Read more

By David Zahn Cybersecurity, SANS, ICS, DCS 0 Comments

Ready, Set…Hang On, Maybe We Are Not Ready
By David Zahn, CMO, GM of Cyber Security Business Unit

Recently, the NATO Cooperative Cyber Defence Center of Excellence (CCDCOE) executed their annual Locked Shields exercise in which participating blue team countries defended networks from a NATO-supported red team attacks. In 2016, participating countries saw industrial control systems added to the list of cyber assets they were required to defend. So, how did the U.S. do in this exercise? Unfortunately, in its inaugural... Read more

By David Zahn Industrial, Systems, cyber, infrastructure 0 Comments

WannaCry: A Serious Threat and Patching Challenge for Critical Infrastructure
By Eddie Habibi, Founder and CEO

It happened. The ransomware known as WannaCry was confirmed this week as having made it into industrial process facilities. This should put all companies who rely upon industrial control systems (ICS) – particularly companies classified as critical infrastructure – on high alert. Why? Because the choices available to protect the systems within an industrial facility’s network are much more... Read more

By Eddie Habibi Cybersecurity, Risk, Management, Patch, ransomware, WannaCry, infrastructure 0 Comments
Displaying results 1-5 (of 35)
 |<  < 1 2 3 4 5 6 7  >  >|