Category: Defence-In-Depth

A strong cyber security posture is built on orthogonal defences. Review the five key dimensions of our best practices program and take the assessment to measure your resilience.

You cannot protect what you cannot see. Discover how to deploy effective visibility and detection mechanisms to identify threats early in hybrid environments.

Ensuring your control systems are resilient to attack is paramount. This post delves into system hardening practices that minimise vulnerabilities in operational technology.

If the perimeter fails, preventing lateral movement is your last line of defence. Uncover strategies for network micro-segmentation and eradicating legacy protocols.

Identity is the most critical perimeter in hybrid operational environments. Explore why phishing-resistant multi-factor authentication and unified identity are essential for security.

Modern operational technology environments require robust boundary defence. Learn how to eliminate inbound ports, enforce multi-layer boundaries, and modernise remote access.

The convergence of operational technology and information technology demands a pragmatic approach. Discover our five-dimensional scorecard to evaluate and improve your industrial cyber security posture.

The time between a vulnerability being detected to exploited has been declining. This web site https://zerodayclock.com has a great graph, below. It shows that in 2018 you had 2.5 years from detection to get a fix deployed. This worked its way through your supply chain and you updated. Think of a ‘log4j‘ type vulnerability, its…

It’s a tale as old as time: we build a better lock, and someone, somewhere, starts building a better lock-pick. In the digital world, we’re on the cusp of a monumental leap in lock-picking technology: quantum computing. The cryptographic locks we rely on for everything from banking to binge-watching are in danger of becoming as…

Apache Tomcat. It is an everywhere middleware. And, quelle surprise, the time from disclosure to use is a day. Like log4j it will be with us for some time, so, time for some defence in depth.

Asymmetric warfare: Big governments attack little governments. Attackers need to be right once, defenders need to be right 24x7x365. Municipalities continue to be a target.

FTC orders GoDaddy to improve security, marking an expansion in supply chain hardening tactics of government regulators.

Microsoft Windows Update Breaks VPN for Windows 10 and 11. 3rd party VPN’s have known exploited vulnerabilities. Let’s talk about VPN alternatives!

Recently Palo Alto announced a 10.0 CVE in the Global Protect feature of their PAN-OS firewall. “Unauthenticated attacker [can] execute arbitrary code with root privileges on the firewall”. Well, that is not good. But, how “not good” is it? It’s terrifyingly bad ungood in fact.

The Netherlands ministry of defence just published the cliff-hanger document TLP:CLEAR MIVD AIVD Advisory COATHANGER regarding a remote access attack of their Fortinet FortiGate VPN by “a state-sponsored actor from the People’s Republic of China”. CVE-2022-42475 was the weakness. One thing that is unusual about the report is the direct attribution: this is rare.

Let me show you a very simple means of Open Source Intelligence (OSINT) on yourself. If I can do this, anyone can do this, and if anyone can do this, someone bad can do this.

The “John Deere Business Model” of taking something traditional and making it subscription. Starlink and its complex remote access needs due to CGNAT. And, cybersecurity, notably Cyber Physical Systems with their scary downsides of being able to move and cause damage.

One thing all industrial control installations have in common, they straddle the complexity of modern information technology with the dangers of operational technology and its inherent control of things which can go bump and boom. Hard Industrial Cybersecurity

Attainable Municipal Zero Trust: Key insights from recent Zero Trust implementations by Municipalities. Why, How, What ROI, Lead use cases.

CISA has announced a free (as in beer) service to scan water systems for vulnerabilities. Agilicus has used this scan for a year, receiving weekly reports.

I’ll be back. Iconic line foreshadows rise of cyber-physical-systems. Terminator trifecta of physical machines, artificial intelligence, cyber-security awry.