Industrial Security
Industrial Ethernet
Data Centers
Broadcast AV
Belden News
Blog Home
Blog Category: Industrial Security

Posted by: Erik Schweigert on October 18, 2017

Comparing products that feature Deep Packet Inspection (DPI) technologies should be relatively easy, but unfortunately it’s not. Most companies won’t hand out the codebase that outlines how their DPI implementation is written. This means that to truly compare DPI products, black-box testing must be done. But even still, different vendors may have vendor-specific functions that only loosely adhere to the protocol specification that should be considered when developing a DPI implementation.

This week’s blog looks to help simplify the process of comparing and selecting DPI products by understanding exactly what DPI is, how it’s best implemented and offers the author’s own grading scheme for selecting the right DPI product for your ICS application.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Greg Conary on August 16, 2017

Over the past decade or more the need for cyber security in industrial automation and control systems has been accelerating at an ever-increasing rate. Adoption of the benefits of commercial off-the-shelf and open technologies, awareness of the systems, exposure of the systems and precedents set by previous attacks have all contributed to the increase.

The advent of the Industrial Internet of Things (IIoT) pushes this even further with the increased uptake and reduced cost of powerful computing technologies like cloud, virtualization, shared networks and so on. How can IIoT and cyber security standards progress in tandem, to ensure that our increased capabilities are protected by increased security? Click Read More to learn how.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Katherine Brocklehurst on December 14, 2016

The holidays are here and warnings of prudent internet security practices abound for home systems, online shoppers and social media participants. Many of us have received workplace guidance for increasing the cyber security and safety of our ICS networks, endpoints and control systems given the ongoing cyber threat landscape.

Though you might not consider yourself particularly savvy regarding internet security, the basics you’ve learned at work may be worth applying at home during this holiday time to improve your family’s cyber safety. This blog addresses a couple of foundational controls that you can use to improve your family’s home security.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Katherine Brocklehurst on September 20, 2016

The SANS 2016 State of ICS Security Survey Report indicates that many of the ICS professionals who responded to the survey have new job titles such as ICS cyber security program manager, ICS security project manager, IT/OT architect and director of cyber security for building and facilities systems.

This trend indicates that industrial cyber and cyber-physical security is a rising priority and industrial companies are beginning to assign staff with ICS security responsibility. While attending the recent EnergySec 12th annual security summit held in Anaheim, California on August 22-24, I spoke to many ICS operations attendees with new job titles and security responsibilities reflecting this priority. They had come to EnergySec for information sharing and practical guidance on the security challenges they’re facing.

While there I had a chance to ask EnergySec’s new president Steve Parker a few questions about EnergySec, trends, concerns and the state of ICS security within power and energy critical infrastructures.

For those of you who may not be familiar with this non-profit organization, they are approaching 1500 members and 470 member organizations, have achieved SANS Institute awards, and a good history of their grass-roots founding over a decade ago is posted on their website.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: on August 10, 2016

Do you believe that your control system is in more danger from cyberattacks now than it was a year ago? How does this compare with what other organizations are experiencing? How does your company compare to others in terms of doing security assessments?

If any of these questions are of interest, you will want to study the “SANS 2016 State of ICS Security Survey” report. As I mentioned in a recent article on where to find hard-to-get ICS security data, this is one of the only no-charge sources of ICS security data available.

Last year when I reviewed the 2015 results, I summarized the security controls recommended by SANS. This year I am going to comment on 3 aspects of the report’s findings: security threats and perceptions, security visibility and the convergence of IT and OT. Read on to learn more and to find out where to obtain the report and related resources.

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: Erik Schweigert on March 23, 2016

Someone recently asked me the best way to describe Deep Packet Inspection (DPI) in layman’s terms.

Think of an envelope in snail mail. You can recognize it as an envelope and you can even see who it is from and where it is going.

This could be mapped to a standard firewall where you can limit the IP address by source and destination, and even port information, but that is as complex as it gets. In terms of this example, the content inside a sealed envelope, such as a friendly letter, is where the real information lies protected; this is where DPI really occurs.

DPI comes in two flavors, as a signature-based system or a protocol-specific DPI engine. How do they differ and which is more useful for ICS security?

Read More >>


Comments (0) Post a Comment

Blog Category: Industrial Security

Posted by: on February 10, 2016

This week, the largest electric utility trade show and conference in the U.S., DistribuTECH, is being held. One of the tracks in the conference portion of the event is “Defending the Grid.” The prominence of the topic at this show is due in part to new NERC CIP requirements designed to strengthen reliability and security. Another reason grid protection is a hot topic is high-profile cyberattacks such as the recent one on the Ukraine power system.

It adds up to one thing – it’s time to review the state of cyber defenses at your transmission substations. What then is the right approach to secure substations? It starts with the best practice of Defense in Depth.

Read More >>


Comments (2)
Post a Comment

Blog Category: Industrial Security

Posted by: on August 19, 2015

If you’re like me, when you don’t know how to do something you avoid or delay doing it. Even though I love learning new things and tackling new adventures, in the context of work, there never seems to be enough time. That means taking on a new challenge or learning best practices about a new topic is often put on the back burner.

If cyber security is a new area for you, then this is an article you really want to read. It is short and it explains three important concepts that once you know, you can start putting into practice right away.

Think of it this way, cyber security is a topic of high concern at the top levels of all companies. Plus, the Industrial Internet of Things (IIoT) is connecting more devices and systems to the control network, increasing the likelihood of cyber incidents. It’s more important now than ever before to understand the principles of cyber security. Let’s get started…

Read More >>


Comments (0) Post a Comment

Follow Us

Subscribe
Industrial Security
RSS Feed
Industrial Security
Email Notifications

Search
Industrial Security Blog
All Belden Blogs


Stay Informed