using IEC62443-2-4 to reach a more secure ICS – Vendor validation

Every ICS environment will sooner or later have to deal with updates, upgrades or additions to the control system environment. Nowadays it is important to include security within such projects, although that is still sometimes forgotten (sad but true). one of the ways to include security is to perform vendor validation and set security requirements… Continue reading using IEC62443-2-4 to reach a more secure ICS – Vendor validation

Remote access for ICS – additional views

Through the past few months, more and more ways of providing remote access surfaced within organizations as people were forced to work from home because of the Covid-19 pandemic. This was also the case for remote access to organization critical environments such as industrial control systems in various sectors. By now and because of the… Continue reading Remote access for ICS – additional views

Security testing for ICS Owners – Back to Basics …

Why “Back to basics” regarding security testing? Well... during several previous security assessments that I have performed, I have run into a lot of the issues mentioned within the presentation I have given on this years CS3STHLM conference in Stockholm. Sometimes I also have the feeling that too much attention is given to technical and… Continue reading Security testing for ICS Owners – Back to Basics …