ICS Cybersecurity

//ICS Cybersecurity

Security PHA Review Video – Kaspersky ICS Conference

By |2018-10-18T08:18:37+00:00October 18th, 2018|Edward M. Marszal, ICS Cybersecurity, Process Hazards Analysis|

On 20 Sep 2018, Kenexis CEO Ed Marszal presented at the 2018 Kaspersky Industrial Cyber-Security conference in Sochi, Russia. The topic of the presentation was Security PHA Review (SPR).  The presentation provides a brief overview of the topic while highlighting a specific application - a oil pipeline pumping station.  This example was chosen because an [...]

Comments Off on Security PHA Review Video – Kaspersky ICS Conference

What’s Your Backup and Recovery Strategy?

By |2018-08-22T17:28:36+00:00August 22nd, 2018|ICS Cybersecurity, ICS Design and Implementation, Jim Gilsinn|

While reading the Wired article, titled The Untold Story of NotPetya, the Most Devastating Cyberattack in History, I thought a lot about backups. Backing up your data and systems in order to maintain critical services is a cornerstone of any disaster recovery program (DRP). I hadn’t realized how fast NotPetya spread through some organizations. From [...]

Comments Off on What’s Your Backup and Recovery Strategy?

Top 10 SIEM Solution Providers

By |2018-06-20T09:50:38+00:00June 20th, 2018|Author, ICS Cybersecurity, Jim McGlone|

We are please to announce that Kenexis was chosen by Enterprise Security as one of the top 10 SIEM solution providers recently. This was based on our work over the last few years implementing SIEM solutions in highly regulated industries on legacy control system environments with mediocre network architectures. Enterprise Security saw us filling a [...]

Comments Off on Top 10 SIEM Solution Providers

Consequence and Cybersecurity

By |2018-06-19T15:48:23+00:00June 19th, 2018|ICS Cybersecurity, Jim McGlone, News|

Industrial Control Systems or Operational Technology cybersecurity risk calculations are typically based on  threat, vulnerability, and consequence in an equation similar to the one below: risk = threat x vulnerability x consequence If we assign numbers, like 1 to 5, and define each number in the range for each variable, we can probably solve the [...]

Comments Off on Consequence and Cybersecurity

Setting up Security PHA Review (SPR) in Open PHA

By |2018-04-27T12:00:04+00:00April 27th, 2018|Edward M. Marszal, ICS Cybersecurity, OpenPHA, Process Hazards Analysis|

Kenexis Open PHA integrated software for performing process hazards analysis (PHA) such as HAZOP and LOPA includes features that allow a Security PHA Review (SPR) to be performed.  Open PHA utilizes an open and standardized data structure that includes all of the fields that end users in the process industries determined should be included in [...]

Comments Off on Setting up Security PHA Review (SPR) in Open PHA

Reducing Attack Surfaces

By |2018-04-18T16:36:26+00:00April 18th, 2018|ICS Cybersecurity, Jeremy Smith|

Reducing the Attack Surface with Group Policy You should be constantly working to reduce your attack surface using reasonable low cost methods and your existing equipment. Reducing your attack surface, often referred to as hardening, is the most cost-effective way to increase your security. In this brief article, we will examine using Microsoft Active Directory [...]

Comments Off on Reducing Attack Surfaces

Security PHA Review (SPR) in Open PHA

By |2018-02-05T17:06:43+00:00February 5th, 2018|Edward M. Marszal, ICS Cybersecurity, OpenPHA|

Open PHA has been upgraded to include the ability to perform a Security PHA Review (SPR - pronounced 'spur') directly in the PHA study.  The advantages of this approach is that it allows for cyber security concerns to be addressed during a PHA study without expending excessive team time and the documentation of the SPR [...]

Comments Off on Security PHA Review (SPR) in Open PHA

Control System SIEM Implementation

By |2018-01-26T11:43:26+00:00August 30th, 2017|ICS Cybersecurity, ICS Design and Implementation, Jim Gilsinn, Jim McGlone|

Network appliances like firewalls and switches, have software (commonly referred to as firmware) on them that monitor and log security events. Unfortunately, the logs are rarely read by anyone. In fact, most people have never logged into their home router to look at the logs or change the administrator password. If the firmware was compromised, [...]

Comments Off on Control System SIEM Implementation

Security PHA Review (SPR) and Security Levels

By |2017-08-29T14:57:37+00:00December 6th, 2016|Author, Edward M. Marszal, ICS Cybersecurity, Process Hazards Analysis, Services|

After reading an ISA article related to the application of Security PHA Review (SPR) for the determination of required security levels for Industrial Control Systems (ICS), as required in IEC 62443 [ISA 99], a Kenexis customer had some questions related to whether or not some cyber safeguarding measures make a scenario "non-hackable", and if not, what [...]

Comments Off on Security PHA Review (SPR) and Security Levels

Achilles JQS Registered

By |2017-06-25T19:58:08+00:00November 15th, 2016|Fire and Gas Systems, ICS Cybersecurity, Jim McGlone, News, Process Hazards Analysis, Safety Instrumented System|

Achilles JQS Registered Supplier Kenexis Consulting Corporation is pleased to announce that it is a registered, verified, and compliant supplier on Achilles Joint Qualification System (JQS) for the Oil and Gas Industry in Norway and Denmark. Achilles creates and manages a global network of collaborative industry communities, allowing trading partners to share high quality, structured, [...]

Comments Off on Achilles JQS Registered

BSides DC 2016 Cybersecurity ICS Work

By |2017-08-29T14:58:03+00:00November 15th, 2016|ICS Cybersecurity, Jim Gilsinn, News|

Recently, Jim Gilsinn presented at BSides DC 2016 about cybersecurity work on Industrial Control Systems (ICS) and SCADA (Supervisory Control And Data Acquisition). His presentation was titled: "What's the Big Deal with Assessing ICS/SCADA?" If you are considering a career in ICS Cybersecurity, this might persuade you to go back to law school. YouTube Link

Comments Off on BSides DC 2016 Cybersecurity ICS Work

Email Phishing Always a Threat

By |2018-01-26T11:44:45+00:00September 23rd, 2016|ICS Cybersecurity, News|

This week, someone attempted to penetrate our systems again. Many of these type of attempts are blast to thousands and some our targeted attempts. Regardless, clicking almost always mean you have been compromised and malware is now on your computer and moving through your organization.  This particular email attempt had a file attached from Dropbox and the [...]

Comments Off on Email Phishing Always a Threat

Beware of USB Charging Stations

By |2017-06-25T19:58:09+00:00August 15th, 2016|ICS Cybersecurity, Jim Gilsinn, News|

As a consultant, I travel on a regular basis. When I travel, I usually have multiple devices with me: a personal phone, a work phone, one or more computer, test equipment, and other devices. All of these are power hungry, especially the phones. It is tempting to charge them anywhere I can, but as a [...]

Comments Off on Beware of USB Charging Stations

Cybersecurity PHA Review

By |2017-06-25T19:58:09+00:00April 20th, 2016|Author, ICS Cybersecurity, Jim McGlone, Process Hazards Analysis, Safety Instrumented System|

Make sure to check out the cover article in ISA’s InTech publication. In the article, Ed Marszal explains: “Even though cyber-threats are not adequately addressed with existing process hazard analysis (PHA) methods, there is no reason to abandon everything that we know about process risk assessment and start from scratch. Instead, industry is extending tried-and-true [...]

Comments Off on Cybersecurity PHA Review

Patching & Hardening – Cybersecurity

By |2017-06-25T19:58:09+00:00April 20th, 2016|Author, ICS Cybersecurity, Jim McGlone|

It is important to note the difference between ‘patching’ and ‘hardening.’ It is also important to note the importance both functions play in protecting your computer systems. Patching a computer system (whether it is a computer or an embedded controller like a PLC) takes care of critical vulnerabilities (holes where malware might be able to get [...]

Comments Off on Patching & Hardening – Cybersecurity

Analyzing for Cybersecurity Risks during HAZOP

By |2016-02-23T15:09:30+00:00February 10th, 2016|ICS Cybersecurity, Jim McGlone, Process Hazards Analysis, Safety Instrumented System|

Attached is a presentation on how to analyze hazardous process situations for cybersecurity risks during a HAZOP or an interim review. We would be pleased to assist you in facilitating this type of review with a HAZOP expert and an Industrial Control System Cybersecurity expert. https://youtu.be/DcOAycWNgIE  

Comments Off on Analyzing for Cybersecurity Risks during HAZOP

Almost Clicked

By |2017-06-25T19:58:13+00:00April 8th, 2015|ICS Cybersecurity, Jim McGlone, News|

I was plowing through email late last evening and I almost clicked on this link. Lesson to me; stop plowing through email after 10pm. I tell everyone who will listen, to be very careful when you are tempted to click on a link in an email. It is so easy, and not all of the [...]

Comments Off on Almost Clicked

Teaching to Learn

By |2017-06-25T19:58:13+00:00April 2nd, 2015|ICS Cybersecurity, Jim Gilsinn|

Being an expert at something doesn’t always mean that you truly understand something. Until you can explain that topic to someone else, you can’t really prove that you know it that well. Sure, you can spout some jargon and show some really complicated process. But, until you can breakdown that explanation and/or process into simpler [...]

Comments Off on Teaching to Learn

ISA-62443 Standards Training Class

By |2017-06-25T19:58:13+00:00March 27th, 2015|ICS Cybersecurity|

Using the ANSI/ISA-62443 Standards to Secure Your Industrial Control System (IC32), 30 April - 01 May 2015 Bryan Singer will be teaching this class at the UAB Engineering Complex in Birmingham, AL. The early bird discount is good until 02 April 2015. Seats are limited. See the attached brochure for more information. Cybersecurity -BHAM-Section-IC32- flyer[3].pdf   [...]

Comments Off on ISA-62443 Standards Training Class

Who Is Watching Me Now

By |2015-10-01T01:03:42+00:00March 13th, 2015|ICS Cybersecurity, Jim McGlone, News|

With the articles that surfaced recently about the post office snapping pictures of faces and license plates as people drove onto their lot, I decided to tell my own recent experience. I was at a conference, when I noticed a near field antenna hanging in the ceiling. It registered in my subconscious, but I did not [...]

Comments Off on Who Is Watching Me Now

Industrial Control Network Cost Millions

By |2017-06-25T19:58:13+00:00February 23rd, 2015|ICS Cybersecurity, Jim McGlone|

Industrial Control Network Cost Millions I never considered spending a million dollars directly on an industrial control system network, but I was wrong. I changed my view after we had a network incident that caused a production outage. My production personnel knew exactly the demands of their service level agreement. I knew they would do [...]

Comments Off on Industrial Control Network Cost Millions

NEW ICS Blue Team Training Course, April

By |2017-06-25T19:58:13+00:00February 19th, 2015|ICS Cybersecurity, Jim McGlone, News|

NEW ICS Blue Team Training Course, April We are pleased to offer a new ICS Blue Team Training, April 28th and 29th. This 2-day course is being offered for the first time to our customers. We will be teaching the hands-on course, Practical ICS Security Training, on how to defend an industrial control system from [...]

Comments Off on NEW ICS Blue Team Training Course, April

Kenexis ICS Training Class @ S4x15

By |2017-06-25T19:58:13+00:00December 26th, 2014|Author, ICS Cybersecurity, Jim Gilsinn, News|

Jim Gilsinn and Bryan Singer, from Kenexis, will be teaching one of the advanced training courses at the S4x15 conference, titled “Why Does the Red Team Get All the Fun?” (http://www.cvent.com/events/s4x15-week/custom-22-6527b763e4b94569a3612510327b7278.aspx) This class will allow students to participate in an industrial control system (ICS) cyber security red/blue exercise during the course. The emphasis will be [...]

Comments Off on Kenexis ICS Training Class @ S4x15

The Changing Face of ICS/SCADA

By |2017-06-25T19:58:13+00:00December 16th, 2014|Author, ICS Cybersecurity, Jim Gilsinn, News|

What constitutes an industrial control system (ICS) or supervisory control and data acquisition (SCADA) system and the environments in which they operate has changed drastically over the last decade or so. Traditionally, ICS were used in discrete and batch manufacturing, process control, packaging, and infrastructure. Some may argue the fine points of that list, however, [...]

Comments Off on The Changing Face of ICS/SCADA