Throughout the year, Dragos’s team of OT responders and threat intelligence researchers continuously publish helpful, insightful, and timely information regarding cybersecurity best practices and the latest threat analysis specific to industrial controls systems (ICS) and operational technology (OT) environments. From how to get started on your cybersecurity journey to in-depth ICS malware analysis, we wanted to highlight the incredible work of our experts by sharing some of the top cybersecurity blogs from 2022.
Settle in and scroll down to catch up on the most popular and most interesting from this past year.
1 | Dragos 2021 Industrial Cybersecurity Year In Review Summary
A summary of the fifth annual 2021 ICS/OT Cybersecurity Year in Review highlights new industrial cyber threat activity, vulnerabilities, and insights gleaned from the frontlines of incident response. Read the blog.
2 | What Can Be Done Immediately to Improve Your OT Security Posture
Kam Chumley and Ben Miller share tips and questions for cybersecurity professionals looking to make significant security improvements for their operational technology (OT) environments in a matter of weeks. Read the blog.
3 | Improving ICS/OT Security Perimeters with Network Segmentation
A flat network is problematic for several reasons. This is especially true of ICS/OT networks as the assets they connect may lack the traditional security controls found on a Corporate/IT network. This cybersecurity blog discusses proper network design and implementation of network segmentation as the first step in avoiding poor security perimeters. Read the blog.
4 | CHERNOVITE’s PIPEDREAM Malware Targeting Industrial Control Systems (ICS)
PIPEDREAM is the seventh known industrial control system (ICS)-specific malware. PIPEDREAM is a modular ICS attack framework that an adversary could leverage to cause disruption, degradation, and possibly even destruction depending on targets and the environment. Read the blog.
5 | How to Build a Roadmap for ICS/OT Cybersecurity: 3 Steps to a Sustainable Program
Every organization starts somewhere different. With a clear understanding of your risks and impacts, maturity and gaps, you can create a roadmap that guides your team to a sustainable ICS/OT security program. This cybersecurity blog will help you develop a “deviously simple roadmap” that can help your business make tangible, measurable progress in a year or less. Read the blog.
6 | How to Implement the Revised TSA Pipeline Security Directive
Security Directive Pipeline-2021-02C, which supersedes and replaces Pipeline-2021-02B, came into effect in July 2022. Learn the history around the development and release of TSA’s pipeline security directives and the critical controls you will need to implement for compliance. Read the blog.
7 | The Trojan Horse Malware & Password “Cracking” Ecosystem Targeting Industrial Operators
Trojanized software is a common delivery technique for malware and has been proven effective for gaining initial access to a network. Sam Hanson shares research on password “cracking” software and how even legitimate use can introduce significant and unnecessary risk into your OT environment. Read the blog.
8 | OT Cybersecurity Best Practices for Small & Medium Organizations: How to Respond to a Ransomware Attack
In this monthly cybersecurity blog written for under-resourced organizations, Dragos’s Head of OT-CERT Dawn Cappelli provides insights on how to respond if your company is a victim of a ransomware attack. She discusses some of the legal and regulatory issues you need to consider. Read the blog.
9 | Mapping Cross-Sector Cybersecurity Performance Goals (CPGs) to 5 Critical Controls for ICS/OT Cybersecurity
Last year, CISA and NIST partnered to create cross-sector cybersecurity performance goals to provide meaningful guidance to critical infrastructure owners and operators. Dragos’s services experts discuss how to leverage five critical controls to establish an active defense that aligns to CISA/NIST cybersecurity performance initiatives. Read the blog.
10 | End of Life of an Indicator of Compromise (IOC)
Indicators of compromise can be useful forensic artifacts, but there is never a one-size-fits-all solution to leveraging them. IOCs often have a time constraint to their usefulness and require some strategy to be used as a component of security operations. Read the blog.
Ready to put your insights into action?
Take the next steps and contact our team today.