VxWorks: Another Cybersecurity Wake-up Call for the Industrial Sector

The Triton/Trisis attack, made public in August of 2017, was a major wake-up call for the industrial sector to take cybersecurity risk to industrial operations even more seriously. What was initially thought to be an equipment failure on an emergency shut down (ESD) system, turned out to be a complex, well-engineered cyber attack. This attack was believed to have compromised two separate engineering systems, however... Read more

cybersecurity, CISO, OT, ICS

Protecting OT from Cyber Threats: A CISO Perspective

Traditional industrial control systems (ICS) tend to be “insecure by legacy / design” which presents great challenges to secure. To add insult to injury, it is also proprietary, highly bespoke, and often managed by third-party vendors. As practitioners of cybersecurity, “one of everything” resonates. IT focuses on CIA (confidentiality, integrity, and availability) which is counterintuitive in ICS... Read more

ICS Cybersecurity and the Winds of Change

I had the pleasure of attending the RSA conference in San Francisco last week along with the PAS Founder and CEO Eddie Habibi. One of the largest cybersecurity conferences on the planet, this year’s event attracted more than 45,000 attendees. What stood out this year? For the first time, the keynote focused on the potential consequences of an attack on critical Infrastructure (power, water, fuel) in a multimedia... Read more