Blog

Upcoming talk @CS3STHLM – Operator Jail Breakouts

Secudea

In a few weeks I’ll be giving a talk together with Frank Lycops ( https://asvalis.com)  on the hidden dangers of Operator Jail breakouts, how to test these issues, and how to prevent them.  The talk will be provided at the CS3sthlm conference in Sweden (https://cs3sthlm.se/). A brief summary of what to expect: Operator stations are today… Continue reading Upcoming talk @CS3STHLM – Operator Jail Breakouts

DIY insider threat presentation CS3sthlm – elaboration on questions received

Secudea1 Comment

During my presentation at the CS3sthlm conference (DIY insider threat detection/prevention within ICS environments), I've received some questions on this topic. Within this post I'll elaborate a bit more on these. A majority of the people in the audience claim they know their environments. Do you believe them? The results of the poll during the… Continue reading DIY insider threat presentation CS3sthlm – elaboration on questions received

DIY insider threat detection/prevention within ICS environments

Secudea1 Comment

This is a summary of the talk I gave during the CS3sthlm conference in October (link to topic: https://cs3sthlm.se/program/presentations/dieter-sarrazyn/) The goal of the presentation was to help people and organisation in setting up an internal “insider threat detection/prevention” program without looking at the big/expensive products out there. I will explain some (sometimes simple) things and… Continue reading DIY insider threat detection/prevention within ICS environments

Hidden dangers of remote management

Secudea2 Comments

In Secure remote management for ICS I have written and stated that you can have a secure remote management solution / setup for ICS environments. Having a centralized, time based, source IP controlled, strong authenticated, monitored and logged solution is good and secure - but remains limited to your environment. Nevertheless, there are hidden dangers… Continue reading Hidden dangers of remote management

Importance of data integrity for safety in industrial environments

Secudea

It is well known that the most important factor within the process industry is the availability of the systems and environment. The plant must be running at all times. That’s why most security improvement efforts are made in that area. However, the integrity of the information and data within the industrial control systems environment can’t… Continue reading Importance of data integrity for safety in industrial environments