Power supply as an undeservedly overlooked ICS component

Given what has been happening in the US in recent months, it is almost impossible to click on a professional site without some discussion of supply chain vulnerability and its specificities affecting critical infrastructure, with a focus on the electricity system and pipelines. While we are beginning to learn that, despite their best intentions and …

Power supply as an undeservedly overlooked ICS component Read More »

topICS

Augusztus 26. Robert M. Lee gondolatai a Fortinet Operational Technology Symposium-on: Industrial Cybersecurity Pulse – Importance of operational resilience in a threat landscape Szeptember 16-17. Kihagyhatatlan: CS4CA: Cyber Security Summit USA Agenda | CS4CA: Cyber Security Summit USA | Virtual Event | Sept 2021 Szeptember 17-18. “IT/OT/IOT kiberbiztonsági kezelése az energiarendszerekben és közművekben” címmel kétnapos workshop: …

topICS Read More »

Guestpost

The latest guest post from the ICS Cyber Security blog on the SeConSys blog: ICS rendszereket támadó csoportok XIV – ICS Cyber Security blog Translated by DeepL

topICS

25 August An opportunity to strengthen the joint protection of OT and ICS: How Dragos Uses AWS to Empower Collective Defense for Industrial Control Systems (ICS) and Operational Technology (OT) | AWS for Industries (amazon.com) Translated by DeepL

On strengthening the protection of technology-enabled devices. Reply

One of the pillars of the success of SeConSys is to try to develop a valid professional position by reconciling – or even clashing – different views on new and/or complex challenges. It is particularly rewarding to be able to inform a wider professional community of the ideas that emerge on a challenge. My 5 …

On strengthening the protection of technology-enabled devices. Reply Read More »

topICS

22 August The New York Times has some interesting thoughts on the “utility” of cyber warfare: Opinion | Could Cyberwar Make the World Safer? – The New York Times (nytimes.com) Translated by DeepL

topICS

24 August Attention and registration for an online event on 24 August on Forrester’s Zero Trust model and Gartner’s Continuous Adaptive Risk and Trust Assessment (CARTA) methodology: Registration (gotowebinar.com) Transalted by DeepL

Government progress report on the US 100-day cybersecurity programme

In April this year, the Biden administration launched its 100-day plan to strengthen cybersecurity of critical infrastructure. DOE issued a progress report on its implementation on 16 August. Some related comments: It appears that the Administration is now finally breaking with the basic approach of the Executive Order (E.O. 13920) issued by President Trump on …

Government progress report on the US 100-day cybersecurity programme Read More »

topICS

16 August Another example of how seriously supply chain vulnerability needs to be taken, both at the supplier level and at the component level! Advisory: Multiple Issues in Realtek SDK Affects Hundreds of Thousands of Devices Down the Supply Chain – IoT Inspector (iot-inspector.com) 17 August NERC report on current cyber security risks to the …

topICS Read More »

topICS

Február Older but still noteworthy: whitepaper from Eaton, a major supplier of uninterruptible power supplies for critical infrastructure: The Importance of Lifecycle Cybersecurity in Mission Critical Power Infrastructure (eaton.com) Augusztus For policy makers: Document Portrait (Two Pages) (nerc.com) Translated by DeepL