Industrial Security
Industrial Ethernet
Data Centers
Broadcast AV
Belden News
Blog Home
Popular Tags

Featured Bloggers

Popular Tags results for "IoT Security"

SCADA Security Basics: Why are PLCs so Insecure?
Blog Category: Industrial Security

Posted by: Erik Schweigert on March 09, 2016

As a software engineer who creates industrial security technologies I am often asked “Why are industrial networks so hard to secure?” This is a big topic, so today I will address only “Why are PLCs so insecure?”

The answer to this requires a walk down memory lane. If you are a controls engineer you already know some of what I have to say, though maybe not the security considerations this article addresses.

If you have another job function or work in another group such as IT, this article might provide you with useful baseline knowledge about industrial control system (ICS) security.


Implementing Cyber Security Measures in Electrical Substations
Blog Category: Industrial Security

Posted by: on April 01, 2015

The adoption of new technologies in electrical substations has improved communications, but it has also made these networks more vulnerable to cyber threats.

In the past, electrical substation design focused on safety, ease of use and reliability. Security wasn’t a concern. As the substations have grown more complex in their design and threat sources more sophisticated, security has become a priority.

A substation with lax security is more likely to fail or have issues – and these failures can be expensive. So, it’s necessary to have a holistic security policy in place that can help minimize or contain threats – both internal and external, as well as intentional and unintentional.


Seeing the Big Picture of ICS Security with Tripwire
Blog Category: Industrial Security

Posted by: on April 15, 2015

While IT and controls engineering traditionally have been two widely separate disciplines, the adoption of Ethernet for industrial networking has increasingly brought the two worlds together.

One area that calls for a multi-disciplinary approach is cyber security. Cyber security attacks on critical infrastructure industries have been rapidly growing in number, plus there is heightened concern about it at the executive level.

As result of these trends, our organization is prioritizing investment in cyber security technology and know-how. When it comes to ICS security, we want to provide solutions that meet the requirements of both IT and engineering professionals.

A reflection of this is our recent acquisition of Tripwire. Today, I am going to introduce you to this innovative organization and their role in helping you, our industrial customers and partners, see the big picture of ICS security.


Connecting and Securing Legacy Electrical Substations to the Smart Grid
Blog Category: Industrial Security

Posted by: on April 29, 2015

Many North American power utilities have large numbers of isolated electrical substations that operate well but are equipped with legacy devices running on proprietary protocols. Impossible to monitor without someone physically visiting them, such substations prevent utilities from delivering on the promise of the smart grid.

Imagine you run a utility with hundreds of legacy substations that you cannot connect to from a central location. The longer you have this problem the longer your network is going to be out-of-step with an important capability.

Now imagine there is an easy way to connect legacy substations to a central system. “Fantastic,” you think, “What is it?” And “Does it bring with it any new problems? (For example, security issues.) In today’s article, I look at a cost-effective solution for this dilemma that both connects substations to the smart grid and secures them.


ICS Security: Essential Firewall Concepts
Blog Category: Industrial Security

Posted by: Jeff Lund on May 04, 2016

While there are many benefits that have come to ICS and SCADA networks through the increased use of standard networking and Internet technologies, it has made the need to secure them ever more critical.

Firewalls play an important role in blocking threats and containing internal cyber incidents that could impact safety, reliability and productivity. They control the flow of communications and filter packets to block or contain harmful network traffic.

There are a number of technologies used to filter packets including Access Control Lists, Stateful Inspection and Deep Packet Inspection.

This article examines the essential firewall filtering concepts you need to know to make informed choices for designing a Defense in Depth security architecture.


Industrial Cyber Security: Understanding the CEO Perspective
Blog Category: Industrial Security

Posted by: on May 27, 2015

Remember the good old days when the control network stood on its own and no one but engineering could touch it? There were no connections to the enterprise network or the Internet. Cyber security was not an issue!

Well, as you know, those days don’t exist anymore. The stories of reputable organizations falling victim to disastrous cyberattacks are regularly covered in the mainstream press. Attacks on both manufacturers and energy providers are happening all too frequently.

There’s no escaping the push to secure industrial applications. The challenge is how to go about it. In particular, what are the roles of various groups such as IT, operations and top managements in making sure your facility is both protected and ready to act if there is a breach?

To help you with one part of this challenge, let’s take a look at how to communicate with non-technical executives about cyber security. The goal is to make you an effective cyber security leader in your organization.


One-Stop ICS Security Made Easy
Blog Category: Industrial Security

Posted by: on June 10, 2015

“Engineers not specializing in cyber security often throw their hands up at security, it’s not what they do,” says Pat Differ, Director of Sales at Securicon LLC, a consulting firm specializing in cyber security services and solutions for critical infrastructure industries. “The result is they may end up relying heavily on IT-oriented or recommended solutions that are not meant for industrial applications.”

If this bears any resemblance to what is happening in your organization, we have good news for you. Belden has recently teamed up with Securicon to provide one-stop security solutions to our customers.

I recently had the opportunity to speak to Pat and Securicon’s CEO, Paul Hurley, to find out their thoughts on the state of industrial security. Read on to find out their innovative ideas about how to move forward on cyber security.


Duqu 2 Reminds Us to Defend Against Advanced Persistent Threats
Blog Category: Industrial Security

Posted by: on June 24, 2015

Recently a previously identified malware, named Duqu , re-emerged in a very surprising way. It was detected attacking the systems of Kaspersky Lab, one of the leading cyber security firms in the world. And, it wasn’t just that it went after the experts’ systems that is amazing, what is also amazing is how it did it.

Kaspersky researchers said that “The philosophy and way of thinking of the ’Duqu 2.0‘ group is a generation ahead of anything seen in the APT world.” (APT stands for Advanced Persistent Threat.)

What is this new malware and how does it relate to ICS security?

While not a threat to ICS as far as we know today, it is a reminder that APTs are a type of risk that industrial operators should be evaluating on an ongoing basis. The goal here is to inform you, not alarm you, about this unique threat. Then we’ll revisit the best practices for defending industrial systems against APTs.


Follow Us

Blog Home
RSS Feed
Blog Home
Email Notifications

All Belden Blogs

Stay Informed