Simply explained

At the enviaTel data center, Rhebo's network monitoring continuously monitors the communication within the building automation, which ensures the reliable operation of the servers, from the locking system to the fire protection. The telecommunications service provider's cybersecurity team shares first-hand insights into their use of the network intrusion detection system.

Rarely visible to OT operators, but always a cause for concern: atypical communication changes in OT networks can indicate anything from network disruptions to malicious behavior or legit maintenance personnel activities. We explain what can be seen with OT monitoring and how to separate the wheat from the chaff.

Vulnerable operating systems and software can be found in almost all industrial infrastructures. From Windows 95 to outdated libraries and firmware riddled with vulnerabilities, we have seen it all during Rhebo Industrial Security Assessments. We explain what the results imply and why it is important in OT.

In this video, we explain how the misconfiguration of network protocols can create an open flank in OT networks. The focus of this video and the Rhebo Industrial Security Assessment findings: DHCP and ICMP communication, which can become security-relevant for the operation of industrial facilities.

The first episode of the multi-part series briefly and concisely explains how the top 10 cyber risks in OT networks came about. What does a Rhebo Industrial Security Assessment investigate and what is the status quo in OT networks?

The answer to all your questions: How does OT security monitoring with anomaly detection work? What must a network intrusion detection systems for industrial networks provide? And how do you manage to establish OT security even with a small team and in face of the prevailing OT security skills gap? Get your answers in under 3 minutes!

Can we automate the training of our anomaly detection in IEC 61850 infrastructures? Yes, and it's actually quite easy. With the.scd file, which acts as a digital twin of the infrastructure within the framework of the standard, the baseline for effective OT security monitoring is already available. We provide a brief explanation of how this works.

One of the most common protocols in (not only) IEC 61850 infrastructures is MMS (Manufacturing Message Specification). Unfortunately, the protocol can also be manipulated in a variety of ways. In this video, you will learn how this is possible and how it can affect the operation of critical infrastructure systems.

IEC 61850 infrastructures are rarely isolated, because the goal is to network different systems across different locations. This opens the floodgates to various attack vectors – from direct access via network components to supply chain compromise. We outline the threats and show where attackers can gain access.

The IEC 61850 standard ensures compatibility in data communication between different utility systems and grids. But what about cybersecurity? Has the security of the protocols and guidance been considered? The short answer is no. Find out what this means for you in this video.

How does the IEC 61850 standard achieve interoperability in utility automation systems? What exactly is defined to ensure communication between different devices with different protocols? A brief overview of the most important aspects of the international standard.

For utilities, the IEC 61850 standard is one of the most important standards for ensuring seamless communication between different networks, systems and locations. The keyword here is interoperability. In this video, we explain in a nutshell why no modern utility can afford to ignore this standard.