Blog

Artykuły o cyberbezpieczeństwie IT i OT - analizy zagrożeń, poradniki, badania podatności i nowości regulacyjne.

Cybersecurity | November 23, 2021

Ransomware - Prevention and Mitigation Best Practices

Ransomware prevention best practices per CISA and NIST CSF 2.0 - backup 3-2-1-1-0, MFA, segmentation, hardening, and incident response checklist.

ransomwareCISANIST CSFbackup

OT Cybersecurity | Jan 2021

MITRE ATT&CK - how to use the framework to protect your organization

A practical guide to MITRE ATT&CK - tactics, techniques, the ICS model, APT groups. How to implement the framework in your organization with a coverage matrix and prioritization.

Cybersecurity | Jul 2020

Ransomware - what it is, how it works, and how to protect yourself

Ransomware - a guide for organizations: attack types, incidents 2017-2025 (Colonial Pipeline, Change Healthcare), protection, incident response plan, statistics.

OT Cybersecurity | Jul 2020

Secure Remote Access to ICS - Security Principles

ICS/OT remote access - 17 principles for secure implementation. DMZ architecture, MFA, session recording, JIT access - aligned with IEC 62443, NIST 800-82 and CISA.

OT Cybersecurity | May 2020

Asset inventory in ICS environments - the foundation of OT cybersecurity

ICS/OT asset inventory - methods (manual, passive discovery, active scanning), tools, IEC 62443 and NIST requirements. How to build an OT asset register step by step.

Cybersecurity | Mar 2020

Remote and hybrid work security - a guide for organizations

Remote work security - VPN, MFA, zero trust, BYOD and M365. Practical guidelines for companies operating in a hybrid model according to NIST 800-207.

OT Cybersecurity | Mar 2020

DDoS Attacks on Industrial Infrastructure - Threats and Protection

DDoS attacks on OT/ICS systems - vectors, incidents (Killnet, NoName057), critical infrastructure protection, and NIS2 requirements.

OT Cybersecurity | Feb 2020

Sabotage and Human Error - Underestimated Threats in OT Environments

Insider threats and human error in OT - incidents, statistics, and 12 organizational controls based on IEC 62443.

OT Cybersecurity | Jan 2020

USB Removable Media Security in ICS Networks - Threats and Controls

USB threats in OT environments - malware, sabotage, data exfiltration. IEC 62443 controls, security kiosk, and policies.

OT Cybersecurity | Nov 2019

Fuzzing with AFL - finding vulnerabilities in ICS software

How to use AFL/AFL++ fuzzing to find security vulnerabilities in ICS software. Case study: unauthenticated DoS in DLMS energy meter library.

OT Cybersecurity | Apr 2019

Smart Building Cybersecurity - BMS Threats and Protection

Smart building cybersecurity - BACnet, KNX, LONworks protocols, BMS attacks, building network segmentation. IEC 62443 and NIS2 requirements.

Cybersecurity | Mar 2019

Password: password - why 22% of breaches start with stolen credentials

Password security in IT and OT - NIST SP 800-63B guidelines, passkeys, default passwords on PLC/HMI, and a practical account protection checklist.

Omówimy zakres, metodykę i harmonogram.

Umów konsultację