Good things happened in the fields of functional safety and control system cybersecurity in 2015. I am not going to include the exciting new Star Wars movie as an event in the list as it does not really fit into the topic. But keeping focused, my highlights is 2015…
This is the first in a series of blogs and papers on the benefits of cyber certification. Certification provides you with the opportunity to work with an experienced cyber team here at exida,. It also allows you to gain access to our network of cyber experts worldwide codified…
This is the next in a series of blogs and papers on the benefits of cyber certification. Certification provides you with the opportunity to work with an experienced cyber team here at exida, and the vast knowledge of cyber experts worldwide codified in the IEC 62443 family of…
This is the next in a series of blogs and papers on the benefits of cyber certification. You can read part 1 here. Certification provides you with the opportunity to work with an experienced cyber team here at exida, and the vast knowledge of cyber experts worldwide codified in…
This is the next in a series of blogs and papers on the benefits of cyber certification. You can read part 1 here and part 2 here. Certification provides you with the opportunity to work with an experienced cyber team here at exida, and the vast knowledge of cyber…
This is the next in a series of blogs and papers on the benefits of cyber certification. You can read part 1 here , part 2 here, and part 3 here . Certification provides you with the opportunity to work with an experienced cyber team here at exida, and…
Cyberattacks have become the new norm for industrial control systems. A recent study found that 54% (more than half) of companies surveyed had experienced a cyber-attack on their Industrial control system within the last two years[1].
The need for well-trained, competent individuals to address cybersecurity for industrial control systems…
Two common gaps exida encounters when evaluating vendor compliance against the IEC 62443-4-1, IEC 62443-4-2 and IEC 62443-3-3 standards are:
Improving compliance in these areas is also a very cost-effective…
As the number, scale, and connectivity of industrial automation systems continues to grow, it becomes increasingly crucial to fundamentally understand, evaluate, and manage cybersecurity risks. The objective of an effective cybersecurity management program should be to maintain the industrial automation system consistent with corporate risk criteria.
Ownership for industrial…
When I was a kid, I liked watching the Jetsons. I felt certain that by the year 2000 we’d all be enjoying those flying saucers and futuristic homes. Imagine my disappointment that in 2018 we still drive on 4 wheels… and my home cannot elevate itself above bad weather……
The IEC 62443 series of cybersecurity standards include over ten documents covering various subjects. Buying a full set is a bit expensive, but for me the real cost is the time needed to read and understand them. So I often ask one of the experts at exida…
I was driving one of exida’s top risk experts from Europe to a business meeting. We parked and I locked the car door. He commented “I noticed you did not lock the car door when you parked at the exida office.” He was right. In an area I do…
As the incidence of cybersecurity threats in automation systems continue to rise, the automation world continues to grapple with how to address these issues. There are many good practices published in the IEC 62443 series of standards available to end users such as creating demilitarized zones between the business…
exida has traditionally been involved in industries such as oil and gas, chemicals, power generation and automotive. While these are a diverse set of industries, many of the techniques that we use such as FMEDA (Failure Modes Effects and Diagnostic Analysis), Risk Assessment, Threat Modelling, etc.…
Last Saturday, I read an article about hackers who were behind at least two potentially fatal intrusions on oil and gas industrial facilities (Yes I read cyber articles on the weekend 
). Besides the fact that I enjoy learning about cybersecurity on my…
Over the next couple of blogs, I plan to map out the importance of ISA/IEC-62443/ISA-99 based cybersecurity and how it applies to your work environment. I'll also explain some of our services so that you can see what might pertain to you.
For part 1, I will start from the beginnning…
Operations and facility managers have a level of responsibility that requires a great deal of judgment, technical understanding, and the ability to make the right call when managing risk.
Safe, secure, and profitable plant operations are the cornerstones of how a plant manager is judged. The plant manager relies…
It’s interesting that I had been preparing a webinar on pipeline safety and security since there have already been numerous incidents reported regarding pipeline accidents and leakage. Now the latest incident concerning Colonial Pipeline and the ransomware attack by Darkside, a so-called extortion group,…
I’ve heard this phrase so many times in my life… “<Something> is the best thing since sliced bread.” I personally can’t remember a time when sliced bread was not available, but I certainly remember going to the deli and having them use the slicing machine before handing me a bag…