OT

In January 2021, a hacker accessed the digital infrastructure controlling the water supply for Oldsmar, a Florida city of 15,000 people. The bad actor attempted to manipulate the city’s water supply, exploiting a vulnerability in the company’s IT-grade remote access software to alter levels of sodium hydroxide in the water supply, raising its concentration to […]

Managing a nationwide system of assets providing power generation, transmission, and distribution, which underpin the energy sector, can be a challenging endeavor. Particularly when you take into account the vast array of modern and legacy technologies that may not work in harmony together. For energy professionals, the stakes could not be higher. Prolonged outages as […]

Two recent incidents have made the cost of not protecting our infrastructure and natural resources abundantly clear. First, there was the widely publicized SolarWinds attack that infected more than a dozen utility companies, and oil and gas manufacturing entities. Then, there was a dangerous incident in Florida, where a hacker gained access to a water […]

Over the last several years, cyber actors and online criminal gangs have used cyber warfare to disrupt business and infrastructure across the globe. Today, they are becoming even more aggressive and are using their resources to target Operations Technology (OT) and Industrial Control System (ICS) networks. According to the Canadian government’s Canadian Centre for Cyber […]

Electric-power and gas companies are especially vulnerable to cyberattacks, but a structured approach that applies communication, organizational, and process frameworks can significantly reduce cyber-related risks. In our experience working with utility companies, we have observed three characteristics that make the sector especially vulnerable to contemporary cyberthreats. First is an increased number of threats and actors […]

Is your company’s information technology (IT) department your friend or your enemy? Does it work with you to identify, evaluate, and select the best new digital technology to make your job easier and your

What does it mean to have “extreme visibility” in an operational technology (OT) environment? According to Claroty, a New York-based company that offers cybersecurity products for industrial control systems, it’s having the ability to see all assets on a network, knowing what they are, and understanding what functions they perform. The company says the more […]

The power sector’s terror of a debilitating cybersecurity attack is magnified seemingly every day as new vulnerabilities or destructive threat actors are identified. But according to several industrial

Cybersecurity threats are outpacing the energy sector’s “best defenses,” and costs of preventing and responding to cyber incidents are straining company efforts to protect critical infrastructure, the Department of Energy (DOE) warned as it released a comprehensive five-year cybersecurity strategy for the industry. The Multiyear Plan for Energy Sector Cybersecurity, dated March 2018 but which […]

  Defense-in-depth is a concept that is already widely deployed by many organizations within their IT infrastructures. However, many organizations do not apply it to their industrial control system (ICS) operations, owing mostly to obscure protocols. But as IT and ICS architectures converge and high-profile cybersecurity incidents mount, a robust, holistic defense-in-depth solution may be […]