HDR’s Post

Meantime between failures is a critical analysis for clients with aging infrastructure. Make sure your control system is not overlooked in the process. Learn more below. #hdr #controlsystems #engineering #design #builtenvironment

Guide to Operational Technology (OT) Security You can download this document from the NATIONAL INSTITUTE OF STANDARDS AND TECHNOLOGY U.S.DEPARTMENT OF COMMERCE Abstract This document provides guidance on how to secure operational technology (OT) while addressing their unique performance, reliability, and safety requirements. OT encompasses a broad range of programmable systems and devices that interact with the physical environment (or manage devices that interact with the physical environment). #otsecurity #cybersec https://lnkd.in/gxJXhG2R

CIA for OT vs IT Operational Technology (OT) refers to the hardware and software systems used to monitor, control, and automate physical processes in various industries such as manufacturing, energy, transportation, and utilities. The primary focus of OT is to manage and optimize industrial operations, ensuring efficiency, safety, and reliability. Information Technology (IT) encompasses the hardware, software, and networks used to store, manage, process, and transmit data within an organization. IT focuses on data management, applications, and ensuring the flow of information for decision-making and administrative purposes. The CIA triad used in cybersecurity still applies to both OT and IT systems but the hierarchy of needs varies as shown below. For OT systems availability is key , whereas for IT systems confidentiality is key. It doesn't mean the other two are not required. #ot #it #cia

"Block Command Message is one of the techniques used to attack Industrial Control Systems. Standards compliance like ISA 62443, NIST 800-82 or NERC CIP is the best way toward your cybersecurity posture improvement and be resilient against this kind of attacks. Contact WEST Engineering. We can help you with standards compliance and we got solutions for cyberasset inventory management, vulnerabilities management, configuration management, and secure remote access control besides others, to help you improve your cybersecurity posture.`` TECHNIQUES Block Command Message Adversaries may block a command message from reaching its intended target to prevent command execution. In OT networks, command messages are sent to provide instructions to control system devices. A blocked command message can inhibit response functions from correcting a disruption or unsafe condition. PROCEDURE EXAMPLES During the 2015 Ukraine Electric Power Attack, Sandworm Team blocked command messages by using malicious firmware to render serial-to-ethernet converters inoperable. In Industroyer the first COM port from the configuration file is used for the actual communication and the two other COM ports are just opened to prevent other processes accessing them. Thus, the IEC 101 payload component is able to take over and maintain control of the RTU device TARGETED ASSETS Control Server, Field I/O, Human-Machine Interface (HMI), Intelligent Electronic Device (IED), Programmable Logic Controller (PLC), Remote Terminal Unit (RTU), Safety Controller DETECTION Application Log: Monitor application logs for changes to settings and other events associated with network protocols that may be used to block communications. Network Traffic: Monitor for a loss of network communications, which may indicate this technique is being used. #westengineering #mitreattack #cybersecurity #ICS #ISA62443 #IndustrialDefender

Automation systems are crucial elements of industrial sectors such as manufacturing, energy, and transport, responsible for monitoring and controlling industrial processes. However, as these systems integrate with corporate IT networks and the internet for remote monitoring and control, they offer potential entry points for cyberattacks. Unfortunately, many industrial facilities today use outdated software, often lacking the latest security features to prevent unauthorized access. Moreover, the lack of strong encryption and authentication protocols for communications within industrial control systems has opened new pathways for eavesdropping and data manipulation. Potential implications of these network and data security challenges range from downtime to financial losses and threats to human safety.

Below is a link to2 articles I found useful and thought I would share. Nothing particularly new to me but puts security for our ICS platforms (substation, generator, building automation system) into the business context. It gives you an insight on how we can achieve true business value enabling business outcomes and happen to have security. 1st article: Automated Vulnerability Management for the Power Grid | PAC World Key Take aways: Defines in context vulnerability management for ICS Systems Asset inventory must be automated. Manual is not sustainable. Pulling in not only CVE but change management information on assets important. Some assets are more than skin deep; does the tooling get to the nested components? Patching everything is not the goal...It’s a fool’s errand. Being thoughtful and risk informed is the goal that allows effective risk mitigation. 2nd article: Implementation of an Advanced Remote Engineering Platform (AREP) | PAC World (Entergy calls it IEDMS: Intelligent Electronics Device Management System) Key Take aways: Requirements were defined not only for security but in alignment with business goals. Least touch. Automate what you can. It is not only efficient but more secure and less error prone. Just in Time Access- Remote access is governed by Work Orders. This helps create Segregation of Duty and eliminate Insider Threat Vendors and employees have access from the same system. Baseline Deviation monitoring. Dig in beyond the ports and services look at the config. P.S. Go check out PAC World. www.pacw.org. It’s a good site with information saliant to the utility business customer. Please feel free to forward to anyone else you may find valuable.

What had turned out to be a necessity type service offered after discovering some pretty disastrous electronic security systems and solution installs that were discovered during security assessments for our clients, has turned into a core service for our firm with several requests to assist referred customers as we enter 2024. Security systems and technology solutions require proper design and planning with expertise knowledge that will provide you with a solution that works specifically for you and your needs. Make the right investment with meaningful consultation, assessments, design, planning and project management in consideration of the financial resources you have. PEACE AND SAFETY THROUGH KNOWLEDGE AND PREPARATION

When you choose EPC to handle your IT asset disposition, you have options. Choose from our onsite, at EPC, or Blancco solutions: Onsite: Our technicians will sanitize every hard drive before it leaves your building. Then, we will properly pack and drive it to our closest facility for further processing, remarketing and recycling. At EPC: You can choose to have EPC properly pack and drive your assets to our closest facility, or pack yourself and ship using your preferred carrier. Either way, once they reach EPC, your IT assets will be properly sanitized, processed, and remarketed or recycled. It’s important to note that choosing to have EPC pick up your assets transfers all potential transportation risks, including theft and damages, to EPC. Blancco: With our Blancco Remote solution, we can pre-install or remotely install Blancco on desktops, laptops and Windows tablets, allowing you to enable the software when it’s time to uninstall the asset. This provides easy, dependable, on-site data sanitization at your convenience for a minimal charge per license. It’s the ideal solution for organizations with hundreds, if not thousands, of low volume or single-item locations or remote users. Reach out to an EPC specialist today to learn more: https://lnkd.in/ekQk9Jdc

#SmartBuildings #SPIRE UL Smart Systems Rating Program UL Solutions Smart Systems Rating Program is a criteria-based rating program for smart building systems. The marketing claim verification is based on a comprehensive assessment of a smart system or product based on six dimensions. Smart systems that are assessed through the program receive a level rating of Smart System/Product Verified - ☑️ Silver, Gold, Platinum or Diamond based on the assessment results. The dimensions are carefully chosen to cover the most important aspect of what makes systems smart — ✅ communications and interoperability, ✅ Resilience , ✅ cybersecurity, ✅ control and automation, ✅ Digital experience, and ✅ Functional value. Upon successful assessment, UL Solutions will issue a verification Mark that can be publicly accessed and used for marketing claims. UL Solutions

When you choose EPC to handle your IT asset disposition, you have options. Choose from our onsite, at EPC, or Blancco solutions: Onsite: Our technicians will sanitize every hard drive before it leaves your building. Then, we will properly pack and drive it to our closest facility for further processing, remarketing and recycling. At EPC: You can choose to have EPC properly pack and drive your assets to our closest facility, or pack yourself and ship using your preferred carrier. Either way, once they reach EPC, your IT assets will be properly sanitized, processed, and remarketed or recycled. It’s important to note that choosing to have EPC pick up your assets transfers all potential transportation risks, including theft and damages, to EPC. Blancco: With our Blancco Remote solution, we can pre-install or remotely install Blancco on desktops, laptops and Windows tablets, allowing you to enable the software when it’s time to uninstall the asset. This provides easy, dependable, on-site data sanitization at your convenience for a minimal charge per license. It’s the ideal solution for organizations with hundreds, if not thousands, of low volume or single-item locations or remote users. Reach out to an EPC specialist today to learn more: https://lnkd.in/eF9JWMXb