exida

exida explains Blog

Entries tagged with: IACS Cybersecurity

CACE Specialties, Now That’s New!

CACE Specialties, Now That’s New!

Cyberattacks have become the new norm for industrial control systems. A recent study found that 54% (more than half) of companies surveyed had experienced a cyber-attack on their Industrial control system within the last two years[1]. 

The need for well-trained, competent individuals to address cybersecurity for industrial control systems…

Read More...

IACS Cybersecurity IEC 62443: Agile Lifecycle and Documentation

IACS Cybersecurity IEC 62443: Agile Lifecycle and Documentation

Industrial Automation Control Systems (IACS) Cybersecurity based on IEC 62443 was created to be compatible with agile development methodology. The standard deliberately talks about processes and not phases, such as those in the waterfall model. The processes defined can be met simultaneously and are, most likely, already being followed…

Read More...

Introduction to ICS Security - Pt. 4 - Control System Assessments

Introduction to ICS Security - Pt. 4 - Control System Assessments

Over the last couple of blogs, I mapped out the importance of ISA/IEC-62443/ISA-99 based cybersecurity and how it applies to your work environment. 

For part 1, I started from the beginning and outlined what exactly ICS cybersecurity is and why it is important. 

For part 2, I explained the difference between…

Read More...

SCRUM and IEC 62443

SCRUM and IEC 62443

Information Technology (IT) is the personnel, hardware, and software that controls non-physical devices and/or processes such as websites, financial data, personal information, etc. 

Operation Technology (OT) is the personnel, hardware, and software that controls physical devices and/or processes such as manufacturing, oil & gas, power, etc.  Today, OT has many…

Read More...

Threat Modeling:  How to Succeed at this High Value and High Effort Cybersecurity Activity

Threat Modeling:  How to Succeed at this High Value and High Effort Cybersecurity Activity

Threat Modeling (TM) is a process for identifying and prioritizing potential cybersecurity threats to software, hardware or a system.   Contributing to the high value of TM is: 

  • The ability to identify threats early in the design process when they are less expensive to address 
  • Methodically prioritizing threats helps…

    Read More...

With Many Automation Professionals Working From Home Cybersecurity Exposure is Rising

With Many Automation Professionals Working From Home Cybersecurity Exposure is Rising

One of the commonly targeted pathways into an Industrial Automation and Control System (IACS) is through compromised remote access such as Virtual Private Networks (VPNs) and Remote Desktop Protocol (RDP). During the Stay at Home Orders and other self-quarantining measures around the globe to combat the COVID-19 pandemic, many…

Read More...