Skip to content

Industrial Air Gap – A Tale Of 2 Users

Devices on industrial control system networks are ill-equipped for the hardships associated with the Internet and remote access. Low-speed processors, infrequent firmware upgrades, spotty security research, Common Vulnerabilities and Exposures (CVE) publishing, etc.

This leads to a natural conflict: the operator is responsible for the security, and they are not willing to sacrifice security for accessibility since their business and reputation is at stake. The vendor wants the opposite – to have the least constraints and the most simplicity across their customer base.

Is there a better way? One that meets the security requirements of the operator’s IT department as well as the access requirements of the vendors?

Yes: a Zero-Trust Industrial Network Architecture.

Lateral Network Traversal

570 News Agilicus Interview

Interviewed on 570 News Tech Spotlight. listen to the interview here, I talk through some of the simple risks and how we help. And a bear joke.

Agilicus Awarded Government of Canada Contract

We are pleased to announce that Agilicus has been awarded a Government of Canada Contract with Shared Services Canada (SSC). The feedback and interaction we receive from such a marquis customer on our Any X Zero Trust platform is very valuable to us, and great validation of our ideas and technology.

NIST sp 800-63B: How Well Do I Know You?

Zero-Trust Network Architecture has 3 steps: Authenticate (Who), Authorise(What), Access(How). 3 Levels of strength of the who are defined in NIST sp 800-63B. Does the goldilocks principle apply to you? Read on!

Secure Product

Minimum Viable Secure Product

A simple set of controls for a Minimum Viable Secure Product. Open source for us all to use. Implement, ask in RFP, common baseline to follow

telnet

Telnet In Canada: Why?

Telnet. 40 years old, not fit for purpose. Alive and well in Canada. No amount of mitigation or multi-factor authentication makes it OK.