Resources

Bridging the IT/OT Cybersecurity Gap

With notable industrial cyber events on the rise, the 2020s are shaping up to be a challenging time for operational technology (OT) operators concerned with the safety, security, and compliance of their operational technology networks. To protect their OT environments, everyone from plant managers to CISOs is facing increased pressure to deploy effective cybersecurity solutions...

Case Study

Keeping the Lights On with NERC CIP Compliance from Tripwire

Guide

Navigating Industrial Cybersecurity: A Field Guide

Nearly every aspect of modern life depends on industrial control systems (ICS) operating as expected. As ICS devices become increasingly connected, they also become increasingly vulnerable. By and large, commercial and critical infrastructure industrial orgs are underprepared for the digital convergence of their IT and OT environments. ICS operators need to get a robust...

Blog

Bridging the IT/OT gap with Tripwire’s Industrial Solutions

By Zane Blomgren on Tue, 06/07/2022

Image Cybersecurity has, since its inception, been a corporate-based problem. Whether it is a public, or private corporation, these entities were the primary targets of most cybercrime. In recent years, the industrial sector has increasingly become the target of attack for malicious actors. The reasons include newly internet-connected...

Blog

ICS Security in Healthcare: Why Software Vulnerabilities Pose a Threat to Patient Safety

By Tripwire Guest Authors on Mon, 05/30/2022

Image The lack of healthcare cybersecurity is one of the most significant threats to the sanctity of the global healthcare industry. This is made evident by the fact that in 2020 more than 18 million patient records were affected by successful cyber-attacks on the U.S. healthcare system. Health professionals should not take this...

Blog

US Government warns of new malware attacks on ICS/SCADA systems

By Graham Cluley on Thu, 04/14/2022

Image Agencies of the US Government have issued a joint warning that hackers have revealed their capability to gain full system access to industrial control systems that might help enemy states sabotage critical infrastructure. In a joint cybersecurity advisory issued by the Department of Energy, the Cybersecurity and Infrastructure...

Blog

What Is the Role of Incident Response in ICS Security?

By Tripwire Guest Authors on Wed, 04/06/2022

Image In recent years, cyber espionage has been growing in magnitude and complexity. One of the most common targets is Industrial Control Systems (ICS) within critical infrastructure sectors. With many organizations relying more heavily on ICS networks, there has been an increase in threats and cyberattacks aimed at these systems. Not...

Blog

What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?

By Joe Pettit on Tue, 03/01/2022

Image Cloud adoption has come a long way from its early days where corporate executives questioned the stewardship of their data. The initial suspicions of “where’s my data” have been laid to rest, as administrative tools and contractual obligations have emerged to give better visibility to, and accountability of, data custodianship....

Blog

ICS Security: What It Is and Why It's a Challenge for Organizations

By David Bisson on Wed, 01/26/2022

Image Industrial control systems (ICS) are specific kinds of assets and associated instrumentation that help to oversee industrial processes. According to the National Institute of Standards and Technology, there are three common types of ICS. These are supervisory control and data acquisition (SCADA) systems, which help organizations...

Blog

Revisiting the Relevance of the Industrial DMZ (iDMZ)

By Editorial Staff on Mon, 12/20/2021

Image Which Flavor of the Purdue Model Should You Follow? If you enter the term "Purdue Model" into your favorite search engine, the resulting images will vary considerably. There's almost no better way to stir up an Operational Technology (OT) security conversation than to begin debating what belongs on Level 1 or Level 3 of the...

Blog

Mitigating Industrial Production Risk with Tripwire

By Editorial Staff on Tue, 12/14/2021

Image It seems that the most popular topics in cybersecurity for the last year have been zero trust as well as the convergence of Information Technology (IT) and Operational Technology (OT). These developments are good, as they signal some positive motion towards better overall security. Some of the current risks are worth noting,...

Blog

Delivering Electrons, Generating Data Lakes, and the Security & Privacy Considerations of Running a Modern Industrial Organization

By Editorial Staff on Thu, 09/30/2021

Image In this episode, Patrick Miller, Founder of Ampere Industrial Security, discusses what utilities and other industrial companies need to consider when it comes to the goldmines of data they're collecting from their machines and customers. He also explains why security and privacy needs to be incorporated in these operations by...

Blog

Partnerships – The Key to Navigating the Industrial Security Landscape

By Editorial Staff on Thu, 09/16/2021

The events of 2020 helped to accelerate the convergence between information technology (IT) and operational technology (OT) for many organizations. As reported by Help Net Security, for instance, two-thirds of IT and OT security professionals said in a 2020 survey that their IT and OT networks had become more interconnected in the wake of the pandemic. More than three-quarters...

Blog

The Next Disruptive ICS Attacker: Only Time Will Tell

By Craig Young on Wed, 08/25/2021

Image Throughout this blog series, I have examined real-world ICS cyber-related incidents as a way of looking back to predict what the next attack may look like. The three categories of attacker that I have considered so far are disgruntled insiders, ransomware groups, and APT. Knowing about past events, their impact, and how they...

Blog

The Next Disruptive ICS Attacker: An Advanced Persistent Threat (APT)?

By Craig Young on Wed, 08/18/2021

Image No discussion on ICS attacks could be complete without talking about what some would call, ‘the elephant in the room.’ Critical infrastructure has always been a target for warfare, and modern ICS are no exception. Several high-profile ICS disruptions have in fact been attributed to malicious hackers working at the behest of a...

Blog

The Next Disruptive ICS Attacker: A Ransomware Gang?

By Craig Young on Wed, 08/11/2021

Image OT networks often rely on Windows systems for various ICS applications including HMIs, historians, and data gateways. Beyond that, they also commonly rely on Windows systems to run associated IT-networks. A successful ransomware deployment into either of these networks may prevent engineers from controlling plant operations and...

Blog

The Next Disruptive ICS Attacker: A Disgruntled Insider?

By Craig Young on Wed, 08/04/2021

Image Often, the most critical threats come from within an organization itself. This is true for all sectors, but it is especially true for industrial control systems (ICS). Technicians in these environments already have access to plant controls and may have the deep knowledge of industrial processes needed to achieve specific goals....

Blog

The Next Disruptive ICS Attack: 3 Likely Sources for Major Disruptions

By Craig Young on Wed, 07/28/2021

Image Faced with rows of empty gas pumps, many Americans on the East Coast may be wondering why this happened, whether it will happen again, or if there is anything we can do to avoid future catastrophe. The unpleasant truth of the matter is that this will certainly not be the last time society is disrupted due to attackers targeting...

Blog

Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

By Editorial Staff on Tue, 05/11/2021

Image Over the weekend, the Alpharetta-based Colonial Pipeline was hit by an extensive ransomware attack that shut down its information technology (IT) and industrial operational technology (OT) systems. Simply put, an all-too-common ransomware event targeting IT systems encouraged a voluntary shutdown on the production side (OT) of...

Blog

Industrial Security: Not Just IT and OT, but Old OT and New OT

By Editorial Staff on Mon, 04/26/2021

Image Lane Thames, PhD and principal security researcher at Tripwire explains the challenges you might not have considered in IT/OT convergence. https://open.spotify.com/episode/2w3lsuN3V1ZOiLVGqxw58v?si=5lVBp46tTiK7tfzmCnpeuA Spotify: https://open.spotify.com/show/5UDKiGLlzxhiGnd6FtvEnmStitcher: https://www.stitcher.com/podcast/the...

Bridging the IT/OT Cybersecurity Gap

Keeping the Lights On with NERC CIP Compliance from Tripwire

Navigating Industrial Cybersecurity: A Field Guide

Bridging the IT/OT gap with Tripwire’s Industrial Solutions

ICS Security in Healthcare: Why Software Vulnerabilities Pose a Threat to Patient Safety

US Government warns of new malware attacks on ICS/SCADA systems

What Is the Role of Incident Response in ICS Security?

What Are the Benefits of Adopting the Cloud in Industrial Cybersecurity?

ICS Security: What It Is and Why It's a Challenge for Organizations

Revisiting the Relevance of the Industrial DMZ (iDMZ)

Mitigating Industrial Production Risk with Tripwire

Delivering Electrons, Generating Data Lakes, and the Security & Privacy Considerations of Running a Modern Industrial Organization

Partnerships – The Key to Navigating the Industrial Security Landscape

The Next Disruptive ICS Attacker: Only Time Will Tell

The Next Disruptive ICS Attacker: An Advanced Persistent Threat (APT)?

The Next Disruptive ICS Attacker: A Ransomware Gang?

The Next Disruptive ICS Attacker: A Disgruntled Insider?

The Next Disruptive ICS Attack: 3 Likely Sources for Major Disruptions

Industrial Cybersecurity: Guidelines for Protecting Critical Infrastructure

Industrial Security: Not Just IT and OT, but Old OT and New OT

Contact Information

Privacy Policy

Cookie Policy

Impressum