Physics #2

By cliangNo Comments
This is another great example to think deeper to balance cyber and physical world rather than just blindly putting unnecessary investment in cyber protection. There are researchers able to demonstrate remote control of the crane via a Casio watch. Is this scary? Without knowing the exploitation condition, management will be misinformed. We, as security practitioners, must analyze the situation, identify how this can be exploited before provide the correct message. The physical conditions of the crane must also be well under attention. Imagine a loosen bolt / nut, or erected at the improper foundation, incorrect procedure to extend the crane height could all result into the same catastrophic consequence. ...
Read More

Seasonal Factor #2

By cliangNo Comments
The Ice Road only opens Jan-Feb Anomalies detection highlights the technology will learn your environment as baseline reference such that "unusual" traffic will be flagged for alert. This will save detection ruleset definition but vendor always stresses short learning time (even just 1 or 2 weeks) to convince deployment for quick win demonstrating ROI. Sometimes, network traffic or application behaviors are seasonal based because of the business operations. Therefore as always, recurring maintenance efforts are required to sustain its effectiveness and don't be influenced by vendor for zero-deployment and zero-maintenance. ...
Read More

Physics

By cliangNo Comments
Some cybersecurity practitioners just narrow-focus on the cyber aspects. It is no surprise given that the IT cyber space is mostly digital. But when we come to OT, we must have a balanced view to look at the physical side as well. Both cyber and physical aspects are equally important to secure the plant. If the OT system is well protected at network perimeter, why bother to keep unnecessary investment on cyber protections while ignoring the physical protection? Even worst, the mentality is to untrust contractors doing work on OT system but ignoring physical security is outsourced. We have a strong and secure OT system but a misaligned or incorrect torque in a bolt and nut might cause the same severe consequence. More competent cybersecurity practitioners or auditors are required to avoid corporate management is misinformed incurring FUD. ...
Read More