Energy management and automation giant Schneider Electric has partnered with cyber risk management firm BitSight to develop a new Operational Technology (OT) risk identification and threat intelligence capability to enhance OT exposure detection by identifying misconfigured connected devices.
Through a joint effort, Schneider Electric will combine its expertise in OT protocols and systems with BitSight’s exposure detection and management capabilities to generate insights by detecting OT protocols exposed over the internet and contextualizing them with improved attribution.
“With the enriched data and insight collected by BitSight, Schneider Electric is developing an OT threat intelligence capability to notify and work with customers who have exposed assets or insecure Internet facing deployments,” stated Christophe Blassiau, SVP, Cybersecurity & Global CISO at Schneider Electric. The capabilities derived through this partnership will provide the data necessary to identify important areas of risk concentration and drive further remediation initiatives, benefitting both customers and the community at large.
“We are delighted to be partnering with Schneider Electric on this critically important initiative to better manage the cyber risk of Internet-connected OT systems. Both BitSight and Schneider Electric share the mission of creating trust in the digital economy by improving cybersecurity protection across all interconnected business types and industries,” said Stephen Boyer, Co-Founder and Chief Technology Officer at BitSight. “Operational Technology systems are often exposed and vulnerable to attackers who can exploit them through connected devices and converging networks. By partnering with Schneider Electric, we are proactively addressing this downstream risk by expanding our capabilities to better detect customers’ industrial infrastructure and control systems at risk and to help them improve business resilience.”
The new capability focused on risk identification and reduction across the entirety of the OT domain is not an exclusive arrangement between BitSight and Schneider Electric. Participation is open to all OT vendors willing to share information about their products to improve risk detection and attribution capabilities, BitSight said.
In this session, Mark Plemmons, Sr. Director for Threat Intelligence at Dragos, dives deep into the technical details and real-world impact on the modular ICS attack framework known as PIPEDREAM/Incontroller
The Colonial Pipeline is working on a restart plan after a ransomware attack triggered the company to halt all pipeline operations on May 7, 2021.
Integrity-based attacks can produce significant impacts through undermining a physical process and calling into doubt the viability of a specific facility.
(Eduard Kovacs - SecurityWeek) MITRE on Tuesday announced the initial release of a version of its ATT&CK knowledge base that covers the tactics and techniques used by malicious actors when targeting industrial control systems (ICS). MITRE’s ATT&CK framework has been widely used by cybersecurity professionals to describe and classify attacker behavior and assess an organization’s risks. The new ATT&CK for ICS knowledge base builds upon it in an effort to help critical infrastructure and other organizations whose environments house ICS. In addition to a
Industrial cybersecurity firm Claroty announced that Jennifer Leggio has taken the role of Chief Marketing Officer (CMO) at the company.
Presented at SecurityWeek's 2018 ICS Cyber Security Conference How would you handle leadership in this the most stressful Chief Information Officer (CIO) job in the World – being the CIO at The White House? Colonel Gelhardt answers this question, and talks about the leadership and mentorship he used and how you can use the same skills in the civilian world. If he can do it so can you! Speaker: Colonel Mark Gelhardt - Former CIO for President Clinton
Exfiltrating Reconnaissance Data from Air-Gapped ICS/SCADA Networks By Injecting Ladder Logic Code into PLCs
Presented first at SecurityWeek's 2017 ICS Cyber Security Conference, this presentation explains how to inject specially-crafted ladder logic code into a Siemens S7-1200 PLC. The code uses memory copy operations to generate frequency-modulated RF signals slightly below the AM band (340kHz-420kHz), with the modulation representing encoded reconnaissance data. The signal can then be picked up by a nearby antenna and decoded using a low-cost Software-Defined Radio (SDR) and a PC. The receiving equipment can be located just outside the facility