Stay updated on Operational Technology security, protecting critical infrastructure and industrial control systems from emerging cyber threats.
Search across headline titles and summaries.
Background for this topic.
Operational Technology (OT) is the suite of hardware and software dedicated to monitoring and controlling physical devices, processes, and events within industries such as manufacturing, energy, and transportation. Unlike traditional IT systems that focus on data-centric computing, OT systems prioritize the management and safe operation of physical machinery and assets. In the realm of information security, Operational Technology represents a critical area where cyber-physical systems can be particularly vulnerable to cyber threats.
As these systems become more interconnected with IT networks and the Internet, they increasingly fall under the purview of cyber security to protect industrial control systems (ICS), supervisory control and data acquisition (SCADA) systems, and other control system configurations such as distributed control systems (DCS). Ensuring the security of OT environments involves safeguarding against disruptions, unauthorized access, and manipulations that could lead to safety incidents, service outages, or compromised proprietary data. The convergence of IT and OT has thus necessitated a robust approach to securing both digital and physical assets in today's interconnected world.
Weekly headline count for the current query.
OT Firm Looks to Secure IoT, Industrial and Medical DevicesDragos, one of the first OT cybersecurity companies, announced Monday it acquired Phosphorus, the IoT security and management player, a move analysts said was designed to catch Dragos up with its competitors and expand its offerings to cover the quickly growing IoT sector.
An unauthenticated attacker can exploit the command injection vulnerability to gain remote access to robotic systems, causing significant disruption to the environment.
Axonius Wants Enterprises to Spot Assets and Automate Remediation From One PlatformNew Axonius CEO Joe Diamond said the New York-based company is evolving from asset management to asset intelligence by combining visibility, contextual correlation and automated remediation across IT, IoT, OT and emerging AI agent environments. Diamond takes over from founding CEO Dean Sysman.
Why do the Riskiest SOC Alerts Go Unanswered? Security operations teams are drowning in alerts. But the real problem isn't always alert volume; it's the blind spots. The most dangerous alerts are the ones no one is investigating
AI-Developed Attack Tooling Generated 'High-Volume, Noisy Workflows'A hacker used Claude and Chat GPT in a cyberattack against a municipal water and sewage utility's operational technology systems in Mexico in January, according to forensic analysis by OT security firm Dragos. The tools "leveraged known techniques and existing vulnerability knowledge."
Commercial AI models were used to help plan and conduct cyber-attack against operational technology of a water and drainage facility, say researchers
What researchers dubbed the most sophisticated AI-integrated ICS campaign to date hit a brick wall in the form of a SCADA login screen.
The agency will begin targeted assessments meant to help critical infrastructure entities operate while disconnecting OT networks from IT and third-party vendors. The post CISA wants critical infrastructure to operate ‘weeks to months’ in isolation during conflict appeared first on CyberScoop.
Zero Trust Is 'Essential' - But Who Pays for It?New guidance from the U.S. Cybersecurity and Infrastructure Security Agency on adapting zero trust security principles for operational technology is fine as far as it goes, but is pretty high-level and ignores or fudges a couple of key questions, say executives and experts.
A new CISA‑led guide explains how zero‑trust security can be applied to operational technology, balancing cyber defence with safety and system availability
GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough
GrassMarlin leaks sensitive information, provided your targeting phishing skills are sharp enough The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information.…
Exclusion of OT From AI-Powered Vulnerability Discovery Poses Risks to National SecurityHyperscalers and IT behemoths are on the list, while OT companies are not. The list in question includes the companies that have special access to powerful new models from the two major U.S. frontier AI labs to identify vulnerabilities before hackers get access to similar technology.
ZionSiphon was designed to find and sabotage Israelis’ water supply. An OT expert said it appears to be ineffective and the work of amateurs using AI. The post Dragos: Despite AI use, new malware targeting water plants is ‘hype’ appeared first on CyberScoop.
The OT devices that translate machine talk into Internet-speak are riddled with vulnerabilities and more frequently targeted for attacks, researchers say.
New Rules Will Jolt Maritime Cybersecurity Market Amid Geopolitical AnxietyA Coast Guard rule imposing standards on operational technology systems in ports and larger U.S.-flagged commercial vessels is poised to supercharge the maritime cybersecurity market - a boon granted by concern that shipping is a weak target for a world roiled by mounting geopolitical tensions.
ZionSiphon malware targets OT water systems with sabotage and ICS scanning capabilities
Cybersecurity researchers have flagged a new malware called ZionSiphon that appears to be specifically designed to target Israeli water treatment and desalination systems
Also: NY State Regs Test Resilience vs Compliance, OT Security Nears Breaking PointIn this week's panel, four ISMG editors explore the industry's response to Anthropic's Mythos AI breakthrough, whether tighter New York state cybersecurity rules are driving real resilience or simply compliance, and why operational technology security is fast becoming a critical frontline concern.
The Maritime Transportation Security Act (MTSA) requires plans to protect OT systems, audits by independent third parties, and a hybrid OT-security role.