IT

Let’s be honest. Operational technology (OT) security issues are expected. Traditional OT systems were designed for specific functional—operational—purposes. Plus, they were designed to last for many decades. The power grid, the water supply, the manufacturing plant floor, these ubiquitous 24/7/365 operations fuel daily activities—and they power as much business as they do hospitals that care […]

Two IT air quality data systems that inform the U.S. Environmental Protection Agency’s (EPA’s) regulatory and compliance decisions are outdated, the U.S. Government Accountability Office (GAO) has suggested. The federal agency must make progress to develop a business case to replace them, it said.  The congressional watchdog in a report made public on Sept. 29 […]

A New York Times Magazine expose detailed the complicated and shockingly brazen inner workings of international espionage. However, the spies profiled weren’t targeting government secrets. They were interested in corporate intellectual property, or IP, an equally valuable commodity in today’s highly competitive global economy. Specifically, the publication reported systemic efforts to entice employees at critical […]

The energy sector recorded three times as many operational technology (OT) and/or industrial control system (ICS) cybersecurity incidents as the next closest vertical, according to a study conducted by the Cyentia Institute, a research and data science firm, and sponsored by Rockwell Automation, an industrial automation and information provider. “Energy, critical manufacturing, water treatment, and […]

It’s been two years since the historic Colonial Pipeline ransomware attack shut down one of the largest and most vital oil pipelines in the U.S. While this hasn’t been the nation’s only attack on power infrastructure, it’s the largest publicly disclosed and, at $4.4 million, it was also the most-costly. Since then, we’ve learned that […]

The utility industry needs to be prepared to adapt at this time of uncertainty and change, rising prices, and international turmoil. However, it is becoming more challenging to comply with regulations and

There are no boundaries in cyberspace. That fact has accelerated sharing of threat intelligence across the defenders, but it exponentially raises the threat of cyberattacks. This reality is underscored by the war in Ukraine, “the first major conflict involving large-scale cyber operations,” according to the U.S. Cybersecurity and Infrastructure Agency (CISA). A major concern is […]

In January 2021, a hacker accessed the digital infrastructure controlling the water supply for Oldsmar, a Florida city of 15,000 people. The bad actor attempted to manipulate the city’s water supply, exploiting a vulnerability in the company’s IT-grade remote access software to alter levels of sodium hydroxide in the water supply, raising its concentration to […]

For the better part of the past decade, utility companies have been more concerned with the potential for outages than cyberattacks, but this has changed over the past several months. The Colonial Pipeline ransomware attack and the remote cyberattack on a Florida water treatment plant put cybersecurity top-of-mind and made it clear hackers can do […]

Two recent incidents have made the cost of not protecting our infrastructure and natural resources abundantly clear. First, there was the widely publicized SolarWinds attack that infected more than a dozen utility companies, and oil and gas manufacturing entities. Then, there was a dangerous incident in Florida, where a hacker gained access to a water […]

Over the last several years, cyber actors and online criminal gangs have used cyber warfare to disrupt business and infrastructure across the globe. Today, they are becoming even more aggressive and are using their resources to target Operations Technology (OT) and Industrial Control System (ICS) networks. According to the Canadian government’s Canadian Centre for Cyber […]

As long as products have had ethernet ports, people have been asking for remote access to them. They believed they could just plug the devices into the internet, and it would all work. At first, there wasn’t necessarily a clear path to making this dream a reality without assistance from the user’s IT department. IT […]

Electric-power and gas companies are especially vulnerable to cyberattacks, but a structured approach that applies communication, organizational, and process frameworks can significantly reduce cyber-related risks. In our experience working with utility companies, we have observed three characteristics that make the sector especially vulnerable to contemporary cyberthreats. First is an increased number of threats and actors […]

Is your company’s information technology (IT) department your friend or your enemy? Does it work with you to identify, evaluate, and select the best new digital technology to make your job easier and your

Enterprise resource planning (ERP) software allows an organization to use a system of integrated applications to manage and automate many business functions related to operations, technology, services, and

Control rooms are vital for organizations to efficiently and effectively monitor multiple information streams and make accurate mission-critical decisions. With an ever-increasing number of content sources and

Redwood City, Calif. (September 19, 2018) — AutoGrid is scaling up its presence in Japan. AutoGrid today announced a partnership with Macnica, a leading Japanese supplier of networking and software products to governments and enterprise customers, to deploy its suite of energy internet applications, AutoGrid Flex and AutoGrid Engage. The partnership will focus on extending AutoGrid […]

  Defense-in-depth is a concept that is already widely deployed by many organizations within their IT infrastructures. However, many organizations do not apply it to their industrial control system (ICS) operations, owing mostly to obscure protocols. But as IT and ICS architectures converge and high-profile cybersecurity incidents mount, a robust, holistic defense-in-depth solution may be […]

The Cybersecurity Enhancement Act of 2014 that cleared Congress last week and was presented to President Obama on Monday has the backing of automation organizations.  The bill was one of four cybersecurity measures passed—without much debate and by voice vote—by Congress before the 113th session came to a close on Tuesday, Dec. 16. Sen. John […]

A report released July 10 finds alarming gaps in the security of the world’s critical infrastructure. The study—sponsored by Unisys and conducted by Michigan-based security research firm Ponemon Institute—was based on an Internet survey of 599 respondents from 13 countries in the oil and gas, utilities, alternative energy, and manufacturing industries conducted in April and […]