OT Security Blog Articles
Insights on Resilience, Vulnerability Management, and More
Lack of Cyber Imagination
The 9/11 Commission noted several failures that led to that fateful day, but they emphasized that “The most important failure was one of imagination.” It’s been thirteen years and one could
Follow-up: Surviving on a Diet of Poisoned Fruit
The Langner Group attended a presentation and group discussion with Dr. Richard Danzig, former Secretary of the Navy, hosted by a leading think tank. Dr. Danzig made a presentation focused on the
Who's Smarter, Hackers or Defenders?
I am sometimes befuddled at just how much press (negative and otherwise) hackers receive. Truth be told, perhaps my befuddlement contains just a twinge of jealousy (okay, maybe more than a twinge).
Beyond AIC: Tom Clancy’s take on cyber-physical attacks
Too often, discussions on cyber-physical attack scenarios and how to prevent them are focused on the idea that a cyber attacker could disrupt or freeze process control, thereby causing downtime. This
IT vs. ICS: An Attacker's Perspective
There are extensive treatments of the similarities and differences between information technology (IT) systems and industrial control systems (ICS), but these differences are more than just academic
Five Steps to Critical Penetration Analysis
Penetration tests (pentests) have gained recognition as a legitimate approach to identifying and then in theory, mitigating discovered weaknesses. The pentest industry even has a magazine (PenTest
RIPE brochure available for download
Our new RIPE brochure, highlighting the characteristics and benefits of the RIPE Cyber Security and Robustness Program, is available for download (PDF): English language version German language
Attacking critical infrastructure with chainsaws and rifles
As reported by the German Frankfurter Allgemeine Zeitung, unidentified attackers had broken into a cable duct of Germany’s telecommunications provider Kabel Deutschland (a Vodafone subsidiary) and
Nationalize Cyber Security for Critical Infrastructure: Seven Points to Ponder
We have touched on the subject of regulation before in the blog post Nothing to Fear but Fear (i.e., Regulation) Itself. It is a complicated issue with multiple stakeholders (unfortunately, some of