Jul 16, 2021The Ultimate Guide to Protecting OT Systems with IEC 62443What is IEC 62443? Focus on Basics: The IEC 62443 Checklist Taking advantage of IEC 62443’s broad applicability and inclusiveness Examining IEC 62443 Zones, Conduits and Security Levels The IEC 62443 aligned Cybersecurity Management System (CSMS) Guiding risk assessment with IEC 62443 Using IEC 62443 to secure product development lifecycles …Cybersecurity16 min readCybersecurity16 min read
Jun 17, 2021TSA Pipeline Cyber Security Directive is a Strong First StepFollowing the ransomware attack on the Colonial Pipeline, DHS and CISA have released a new Security Directive for critical pipeline operators. More are likely to follow. On May 27th, the United States Department of Homeland Security announced its initial regulatory response to the Colonial Pipeline ransomware attack. As the Security…Ransomware8 min readRansomware8 min read
Jun 17, 2021How to Prevent Ransomware in 2021Reduce the risk of a ransomware attack with these proven tips for preventing and protecting against OT/ICS ransomware. Between May 6 and May 12, 2021, Colonial Pipeline, owner of 5,500 miles of pipeline carrying natural gas, gasoline, and diesel from Texas to New Jersey, shut down its operations in response…Ransomware12 min readRansomware12 min read
May 10, 2021Colonial Pipeline Attack: Lessons Learned for Ransomware ProtectionHow to leverage lessons learned from the Colonial Pipeline ransomware attack to prepare for cyber-related threats in oil & gas After a weekend of hundreds of posts about the Colonial Pipeline ransomware event, we thought some “Monday morning quarterbacking” was in order. …Ransomware6 min readRansomware6 min read
May 6, 2021Relay Race: Getting a Handle on Known Risks in the GE UR FamilyVerve research featured in ICS-CERT warning on GE’s popular line of advanced protection and control relays. Here’s what asset owners need to know. ICS-CERT this week issued an advisory detailing nine critical vulnerabilities affecting GE’s Universal Relay (UR) Family including several that could allow an attacker to access sensitive information…Power Distribution3 min readPower Distribution3 min read
May 6, 2021What is ICS Security?ICS (or Industrial Control System) Security is growing in importance as cyber-attacks increasingly focus on physical processes for either ransom or to cause harm to critical production systems. …Cybersecurity6 min readCybersecurity6 min read
May 6, 2021What is Stuxnet?The game-changing malware that shocked the ICS/OT world is back in the news and still has lessons to share. It’s been more than a decade since security researchers in Belarus first identified a virus that would come to be known as Stuxnet, a sophisticated cyber weapon used in a multi-campaign…Cybersecurity6 min readCybersecurity6 min read
Mar 12, 2021Asset Management and Cyber Security in Rail TransportRail transportation: Digitalization and securing current and future assets require comprehensive cyber security Economics and technological transformation of business generally go hand-in-hand. If revenue is down, or there is an opportunity to increase revenue through automation, most businesses are apt to make decisions that improve profitability and redundancy. After all…Cybersecurity7 min readCybersecurity7 min read
Mar 12, 2021Key Takeaways from Published 2020 ICS VulnerabilitiesAlice and the ICS Vulnerability Looking Glass — How to Avoid Going Down the Rabbit Hole with ICS Vulnerabilities In 2020, ICS-CERT issued 248 cyber security advisories for public consumption on the CISA’s ICS-CERT portal. Verve analyzed all these advisories, regardless of whether they came from large or small vendors…Cybersecurity6 min readCybersecurity6 min read
Mar 12, 2021The Future of OT Security: OT Systems ManagementLearn why there’s an increasing need for OT security to adopt the core elements of IT Systems & Security Management in the coming years. The basic premise of Dale Peterson’s article “How to be an OT Visionary” was to look at what is happening in IT and assume it will…Cybersecurity6 min readCybersecurity6 min read
