Who would have thought...? What began ten years ago as a crazy idea has by now secured the energy supply of more than 29 million people in Germany alone.
In OT, process stability is the most valued factor. For this reason, anomalies and risks that jeopardize the availability of systems or the entire infrastructure are of particular importance in day-to-day operations.
We have already addressed the problem of a lack of visibility in OT in the first part of this trilogy. It is also the main reason why even the most obvious security vulnerabilities in OT networks remain undetected for a long time.
The media regularly warns of the impending cyber threat to industrial networks, or OT (Operational Technology). At the same time, voices regularly soothe the fears of critical infrastructures and industrial companies by pointing out that there have only been a handful of direct attacks on OT networks to date.
In May 2023 the Danish energy sector got hit by several waves of cyber attacks. SektorCERT where able to detect and mitigate the attacks early on by relying on their network-based intrusion detection system (NIDS).
The IEC 62443 family of standards is an old acquaintance to most security managers for industrial systems. For more than ten years, it has literally been considered THE standard for industrial cybersecurity.
The NIS2 Directive is cleverly formulated. This is proven by its use of the idea of the trickle-down effect that will integrate all other sectors through the listed essential and important entities.
We determined that prevention has quite practical limits – whether due to intra-company structures, technical restrictions, or external influences.
This blog post trilogy takes a closer look at what implications the amended European Network and Information Security (NIS2) directive will have for companies (our entities as they are called in the directive).
Last month, Landis+Gyr joined 16 other members of the GridWise Alliance in Washington, D.C. to showcase new technology.
It has become some sort of a running gag in the cybersecurity communication that operational technology (OT) networks and industrial control systems (ICS) are notoriously insecure. However, most reports on this are limited to assumptions and general warnings.
In the first part of this post we already introduced a Network Intrusion Detection Systems (NIDS) as a solution for mitigating ransomware attacks on Operational Technology (OT).
Ransomware attacks are the number one cyber risk to industrial companies and critical infrastructure worldwide.
Klaus Mochalski, Rhebo: “there is no 100% security, and adversaries are always a few steps ahead” | CyberNews
Recommendation aims to provide fast mitigation for vulnerable organizations
The Log4Shell vulnerability in Log4j threatens all the cornerstones of cybersecurity: availability, integrity and confidentiality.
Renewable energy installations (EEAs) are a potential target for faults simply because of their distance from the control center.
The IT Security Act 2.0 was passed. Critical infrastructures have to set up an attack detection system within two years.
In a substation of a large distribution system operator Rhebo Industrial Protector had detected suspicious behavior.
Rhebo strengthens ICS cybersecurity of German Thüringer Energienetze