Kaspersky has just published the videos from the Kaspersky Industrial CyberSecurity 2018 conference. This video shows Kenexis CEO Ed Marszal presenting the Security PHA Review concept using a pump station as an example. https://www.youtube.com/watch?v=QnfBRlgBaHg&t=239s
On 20 Sep 2018, Kenexis CEO Ed Marszal presented at the 2018 Kaspersky Industrial Cyber-Security conference in Sochi, Russia. The topic of the presentation was Security PHA Review (SPR). The presentation provides a brief overview of the topic while highlighting a specific application - a oil pipeline pumping station. This example was chosen because an [...]
While reading the Wired article, titled The Untold Story of NotPetya, the Most Devastating Cyberattack in History, I thought a lot about backups. Backing up your data and systems in order to maintain critical services is a cornerstone of any disaster recovery program (DRP). I hadn’t realized how fast NotPetya spread through some organizations. From [...]
We are please to announce that Kenexis was chosen by Enterprise Security as one of the top 10 SIEM solution providers recently. This was based on our work over the last few years implementing SIEM solutions in highly regulated industries on legacy control system environments with mediocre network architectures. Enterprise Security saw us filling a [...]
Industrial Control Systems or Operational Technology cybersecurity risk calculations are typically based on threat, vulnerability, and consequence in an equation similar to the one below: risk = threat x vulnerability x consequence If we assign numbers, like 1 to 5, and define each number in the range for each variable, we can probably solve the [...]
Kenexis Open PHA integrated software for performing process hazards analysis (PHA) such as HAZOP and LOPA includes features that allow a Security PHA Review (SPR) to be performed. Open PHA utilizes an open and standardized data structure that includes all of the fields that end users in the process industries determined should be included in [...]
Reducing the Attack Surface with Group Policy You should be constantly working to reduce your attack surface using reasonable low cost methods and your existing equipment. Reducing your attack surface, often referred to as hardening, is the most cost-effective way to increase your security. In this brief article, we will examine using Microsoft Active Directory [...]
Open PHA has been upgraded to include the ability to perform a Security PHA Review (SPR - pronounced 'spur') directly in the PHA study. The advantages of this approach is that it allows for cyber security concerns to be addressed during a PHA study without expending excessive team time and the documentation of the SPR [...]
Network appliances like firewalls and switches, have software (commonly referred to as firmware) on them that monitor and log security events. Unfortunately, the logs are rarely read by anyone. In fact, most people have never logged into their home router to look at the logs or change the administrator password. If the firmware was compromised, [...]
After reading an ISA article related to the application of Security PHA Review (SPR) for the determination of required security levels for Industrial Control Systems (ICS), as required in IEC 62443 [ISA 99], a Kenexis customer had some questions related to whether or not some cyber safeguarding measures make a scenario "non-hackable", and if not, what [...]
Achilles JQS Registered Supplier Kenexis Consulting Corporation is pleased to announce that it is a registered, verified, and compliant supplier on Achilles Joint Qualification System (JQS) for the Oil and Gas Industry in Norway and Denmark. Achilles creates and manages a global network of collaborative industry communities, allowing trading partners to share high quality, structured, [...]
Recently, Jim Gilsinn presented at BSides DC 2016 about cybersecurity work on Industrial Control Systems (ICS) and SCADA (Supervisory Control And Data Acquisition). His presentation was titled: "What's the Big Deal with Assessing ICS/SCADA?" If you are considering a career in ICS Cybersecurity, this might persuade you to go back to law school. YouTube Link
This week, someone attempted to penetrate our systems again. Many of these type of attempts are blast to thousands and some our targeted attempts. Regardless, clicking almost always mean you have been compromised and malware is now on your computer and moving through your organization. This particular email attempt had a file attached from Dropbox and the [...]
As a consultant, I travel on a regular basis. When I travel, I usually have multiple devices with me: a personal phone, a work phone, one or more computer, test equipment, and other devices. All of these are power hungry, especially the phones. It is tempting to charge them anywhere I can, but as a [...]
Make sure to check out the cover article in ISA’s InTech publication. In the article, Ed Marszal explains: “Even though cyber-threats are not adequately addressed with existing process hazard analysis (PHA) methods, there is no reason to abandon everything that we know about process risk assessment and start from scratch. Instead, industry is extending tried-and-true [...]
It is important to note the difference between ‘patching’ and ‘hardening.’ It is also important to note the importance both functions play in protecting your computer systems. Patching a computer system (whether it is a computer or an embedded controller like a PLC) takes care of critical vulnerabilities (holes where malware might be able to get [...]
It appears the US is going to blame Iran (ink to the New York Times article) for the cyber attack on the NY dam.
Attached is a presentation on how to analyze hazardous process situations for cybersecurity risks during a HAZOP or an interim review. We would be pleased to assist you in facilitating this type of review with a HAZOP expert and an Industrial Control System Cybersecurity expert. https://youtu.be/DcOAycWNgIE
I was plowing through email late last evening and I almost clicked on this link. Lesson to me; stop plowing through email after 10pm. I tell everyone who will listen, to be very careful when you are tempted to click on a link in an email. It is so easy, and not all of the [...]
Being an expert at something doesn’t always mean that you truly understand something. Until you can explain that topic to someone else, you can’t really prove that you know it that well. Sure, you can spout some jargon and show some really complicated process. But, until you can breakdown that explanation and/or process into simpler [...]
Using the ANSI/ISA-62443 Standards to Secure Your Industrial Control System (IC32), 30 April - 01 May 2015 Bryan Singer will be teaching this class at the UAB Engineering Complex in Birmingham, AL. The early bird discount is good until 02 April 2015. Seats are limited. See the attached brochure for more information. Cybersecurity -BHAM-Section-IC32- flyer[3].pdf [...]
With the articles that surfaced recently about the post office snapping pictures of faces and license plates as people drove onto their lot, I decided to tell my own recent experience. I was at a conference, when I noticed a near field antenna hanging in the ceiling. It registered in my subconscious, but I did not [...]
Industrial Control Network Cost Millions I never considered spending a million dollars directly on an industrial control system network, but I was wrong. I changed my view after we had a network incident that caused a production outage. My production personnel knew exactly the demands of their service level agreement. I knew they would do [...]
NEW ICS Blue Team Training Course, April We are pleased to offer a new ICS Blue Team Training, April 28th and 29th. This 2-day course is being offered for the first time to our customers. We will be teaching the hands-on course, Practical ICS Security Training, on how to defend an industrial control system from [...]
Jim Gilsinn and Bryan Singer, from Kenexis, will be teaching one of the advanced training courses at the S4x15 conference, titled “Why Does the Red Team Get All the Fun?” (http://www.cvent.com/events/s4x15-week/custom-22-6527b763e4b94569a3612510327b7278.aspx) This class will allow students to participate in an industrial control system (ICS) cyber security red/blue exercise during the course. The emphasis will be [...]
