Industrial Security
Industrial Ethernet
Data Centers
Broadcast AV
Belden News
Blog Home
Blog Category: Industrial Security

Posted by: Mike Miclot on April 30, 2014

Nobody likes the job of replacing a good team member when they retire. Yet, that is the job the manufacturing industry is faced with as a trusted component of the industrial application ecosystem steps down from active duty. That component is the Windows XP operating system (OS), a workhorse of a product that is pervasive in factories, energy facilities and many critical infrastructure systems around the world.

Windows XP-based computers, machines and devices are installed EVERYWHERE in industry. They include the white box PCs running important manufacturing, process or production applications on the plant floor, in control rooms and in engineering offices. They also include ruggedized PCs running PLC, DCS and other device configuration / monitoring applications in your processes.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Brian Oulton on April 16, 2014

There’s no escaping the push to secure industrial applications. The end of support for Microsoft’s Windows XP operating system is just the latest situation that contributes to the need to make sure that industrial networks have cyber security measures in place.

The challenge is how to go about it. If you’re the person tasked with security—and if you're reading this, you probably are—the ambiguity surrounding security for industrial systems has probably struck you already.

One tool in the toolbox to help you improve the cyber resilience of your facility is to leverage the know-how of your company’s IT security experts. Before you start running for the hills at this suggestion, I hope you will read on and find out how this may actually help.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: on March 19, 2014

You have likely never worried about the possibility of a high school geek doing some programming that affects your home water quality. Well, neither had I until I learnt that some municipal networks have no security between the network their schools use and the one that runs their water/wastewater facility.

This was the situation in a mid-sized city in the Eastern U.S. In 2012 the Department of Water Resources upgraded their SCADA network to industrial Ethernet. At the time there was little protection or separation of the SCADA network from the city’s IT network.

Fortunately, the team involved, particularly the plant electronic technician, recognized that a security risk existed the issue and took the initiative to improve the situation. What unfolded next is a great example of how multiple industry players, that is, a standards organization, a security services group and a vendor were able to work together to provide a robust solution.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: on February 26, 2014

One of the major differences between industrial networks and enterprise networks is that industrial networks are typically managed by engineers or technicians. Now engineers are experts at making good product, designing control loops and so on, but they are not IT security wizards. That’s the reality, and it means that security products that “just work” reliably and safely with automation systems are going to be more effective in actually delivering security than products that don’t.

That’s why Schneider Electric is to be commended for all the measures they are taking to improve cyber security for their customers. This includes partnering with us to create the ConneXium Tofino Firewall in 2012. A new version of this product has just been released, which adds the Tofino Enforcer’s Deep Packet Inspection technology for the EtherNet/IP protocol.

Let’s take a look at what this product does and how its ease of use helps improves SCADA security.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: on February 05, 2014

Over the past year Belden’s cyber security expert Eric Byres has engaged in a heated blog debate with Digitalbond’s Dale Peterson on the best way forward to improve SCADA security. The debate moved from the blog page to the live stage at the recent S4 conference, a leading event for advanced industrial cyber security topics.

The debate has boiled down to Dale describing Eric as a “SCADA Apologist” for supporting the thinking that it will take a long time to ‘fix” SCADA security. Eric, on the other hand, feels, he is a “SCADA Realist” who realizes that multiple steps need to be taken to secure industrial systems. Watch the video of the event to hear two leading experts put forward their arguments and see if they influence your thinking on PLC security.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: on January 15, 2014

Keeping production systems up and running is the primary concern of controls engineers. Nowadays, part of achieving high availability includes protecting networks from accidental events and unforeseen security threats.

In speaking to our customers about this challenge we found out that they would like an all-around device that is easy to use and that can be deployed in the harshest industrial environments. Today I want to introduce you to a handy new tool for meeting these requirements.

Our just announced EAGLE One security router is what we like to call “the Swiss Army knife of routers”. It provides comprehensive industrial network security with a very good price/performance ratio. Plus it is rugged enough for use in industries such as oil and gas.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Industrial IT Team on December 04, 2013

You may have heard the buzz in the press (both US and International) about the release of the Cybersecurity Framework Draft from the US National Institute of Standards and Technology (NIST). However if you are like most of us, you don’t really understand what it may mean to you as a control system or security professional. Is this just another expenditure of tax payer dollars? Bureaucratic announcements no one will read? Or a document that could change the way you secure your company’s ICS and SCADA systems? This blog will give you an overview of the genesis of this document and then provide some useful points on what it could mean to the ICS/SCADA world.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Industrial IT Team on November 13, 2013

In last week’s Practical SCADA Security blog, I discussed how the new vulnerabilities discovered in DNP3 SCADA masters are carving big holes in the NERC’s concept of the Electronic Security Perimeter (ESP). Dale Peterson started the ball rolling in his blog “Why the Crain/Sistrunk Vulnerabilities are a Big Deal”. Then Darren Highfill posted a blog explaining that the vulnerabilities don’t even require the attacker climb a fence. DNP3 serial links connect millions of physically insecure pad and pole devices. Accessing just one of those devices opens the door to a system wide attack. Since there is no way that every one of these devices can be inside the perimeter, the concept of NERC’s ESP is fatally flawed.

Darren is a great asset to the industry, as demonstrated by the careful analysis he has put into how an attacker might find a way in to a system via a remote pole. But as I hinted last week, I think that Darren makes a technical error in his blog.

Read More >>


Comments (0) Post a Comment

Follow Us

Subscribe
Industrial Security
RSS Feed
Industrial Security
Email Notifications

Search
Industrial Security Blog
All Belden Blogs


Stay Informed