In our first post on using BAS in an operational technology (OT) environment, we provided an overview of a typical converged IT/OT network, the trends that were driving increased cyber risk for industrial asset owners, and a high-level discussion of how BAS can help provide better visibility and protection across the converged environment.

If you’ve met me, you know I’m pretty direct, so I’m going to preface this whole post by saying: yup, this is being written by a marketer. As SafeBreach’s CMO, I know that going to RSA means being crushed by the immense force of vendors trying to stand out and in some cases using gimmicks. We’re certainly a part of that: did anyone get their tarot read at our booth this year?

Industrial control systems (ICS) have historically been isolated and less interconnected. Isolation was one of the things that kept these systems more secure behind air gaps, at the cost of lost coordination and collaboration. This is rapidly changing with the rise of Industry 4.0 with increased interconnectivity and integration of smart technologies like Industrial IoT (IIoT) and cloud computing in modern industrial processes.

Iranian state-sponsored hacking group Charming Kitten has been named as the group responsible for a new wave of attacks targeting critical infrastructure in the United States and elsewhere.

Electrical grid security has been getting a lot of attention recently. It started fairly quietly, and then when it was a featured story on a news program, it rose to the top of the collective consciousness. However, the news stories that followed were focused entirely on the physical vulnerabilities of the US power grids. Few, if any stories covered the cybersecurity angle of securing the grids.

The demand for cybersecurity in the energy sector is often understated. There is a misconception that very little IT is involved, and much of it does not impact operations. But 97% of surveyed ICS security professionals in the energy, oil, and gas sector believe cybersecurity is a growing concern. No industry has been untouched by digital transformation.

The demand for technology that can support secure user access, both remote and onsite, has expanded beyond IT environments to include the operational technology (OT) and industrial control systems (ICS) that enable organizations in a variety of critical infrastructure (CI) sectors to function. However, the priorities of IT environments (i.e., the confidentiality, integrity, and availability of data).

This is the first post in a series on the pillars outlined in the new US National Cybersecurity Strategy. I review each pillar in turn, and then discuss how services such as Devo can help address the challenges outlined in that pillar.

Today, we are happy to announce that version 2.2 of the OT Security Add-On for Splunk is now available on Splunkbase. This update adds capabilities based on industry best practices and customer feedback and is designed to help companies mature in their OT security journey.