X

Ultra Electronics 3eTi

Blog

The Importance of 3rd Party Validation for Cyber Solutions

April 24th, 2017 / By

Why are 3rd party validations important for cyber solutions?

When I joined 3eTI a year ago, I recall often hearing about “Federal Information Processing Standards (FIPS)” and “Common Criteria (CC),” and their importance to cybersecurity from my peers. But at the time I had never heard of these and


Categories: Certifications and Validation / Tags: , , , , ,

Simulation Reveals Ransomware
Threat to ICS

March 7th, 2017 / By

(Authors Matt Cowell & Sunny DeMattio)

As many have heard, ransomware is one of the latest forms of malware plaguing the internet today. With typical ransomware a user’s system is held hostage until the user agrees to pay the proposed


Categories: Cyber Security, Industrial Control Systems / Tags:

RSA 2017 Recap of the ICS Sandbox

February 21st, 2017 / By

The 2017 RSA Conference wrapped up this week in San Francisco and wow, what a show! The sheer size and scale of the event was absolutely jaw dropping. It’s hard to find the words to do it justice. Organizers estimated that 40,000-50,000 people attended the show and considering the size, RSA does a great job with the organization of the event and providing an impressive experience overall.


Categories: Events, Industrial Control Systems / Tags: , , , , , ,

Cyber Security for a New Type of Critical Infrastructure

February 1st, 2017 / By

Regulators Weigh in on Medical Devices

While the medical device as a cyber-attack target has increasingly concerned health regulators in recent years, the risk may come as news to many in traditional ICS infrastructure circles. For cyber security specialists focused on


Categories: Critical Infrastructure, Cyber Security, Healthcare / Tags: , ,

Cyber Security Spotlight: Next Generation Firewalls within the ICS Network

September 26th, 2016 / By

A next-generation firewall (NGFW) enforces security policy on multiple layers of the OSI model. In addition to a traditional network layer firewall, an NGFW is able to filter at the application layer as well.


Categories: Industrial Control Systems / Tags: , ,

Defending ICS: How Are We Doing?

August 11th, 2016 / By

Seven months have passed since the Department of Homeland Security issued Seven Strategies to Defend ICSs and the time seems ripe to consider the state of control system cyber security.


Categories: Industrial Control Systems / Tags: , , , , ,

When a Nuclear Plant is Hacked, It’s Time for New Best Practices

May 2nd, 2016 / By

As reported April 27, one such incident involved the Gundremmingen plant in Germany that was found to be infected with malware intended to allow remote access. Even though the viruses seem to have posed no threat to operations of the plant 75 miles from Munich, it’s scary stuff when malware finds its way into a nuclear facility, and onto its industrial control system (ICS).


Categories: Cyber Security / Tags: , , , , ,

Ukraine’s Power-Grid Failure Confirmed as Cyber-Attack. Now What?

March 18th, 2016 / By

Like many in the business of cyber security for industrial control systems (ICS), I’ve been closely following this winter’s cruel and expertly executed hack in Ukraine that left more than 200,000 people in the cold and dark two days before Christmas. The first confirmed cyber-attack to shut down a power grid, the Ukraine assault demonstrated that a motivated enemy can, and will, break through standard cyber-defenses to further an agenda in ways that are not soon forgotten.


Categories: Critical Infrastructure, Cyber Security / Tags:

Navy Admirals Seek Greater Accountability in Securing Critical Infrastructure

March 2nd, 2016 / By

Stating that weaknesses in industrial control system (ICS) security “will have serious consequences on our ability to execute assigned missions if not addressed,” the letter I recently received was addressed to Defense Secretary Ash Carter. In it, two Navy admirals asked the Secretary to require improved control-system security by adding it as a priority in the cyber scorecard.


Categories: Critical Infrastructure / Tags: , ,

DHS Offers Industry Seven Steps to Comprehensively Defend Control Systems: 3eTI Weighs In

February 26th, 2016 / By

Days before the New Year rang in, and less than a week after a cyber-attack cut electricity to tens of thousands of Ukrainians, the Department of Homeland Security released new guidance on tightening security in “as-built” industrial control systems (ICS). The recommendations, presented in “Seven Steps to Effectively Defend Industrial Control Systems,” are high-level but clearly support elevating the cyber security posture of ICS and critical network infrastructures.


Categories: Cyber Security, Industrial Control Systems / Tags: , , ,