# Industrial Remote Operations 1. [Home](https://www.agilicus.com/) 2. [Blog](https://www.agilicus.com/blog/) 3. Industrial Remote Operations ![about-agilicus](https://www.agilicus.com/www/9f15eb3a-about-hero-01.svg)# Industrial Remote Operations: Protect The Plant Our background. The origin story. Updates on how team Agilicus view the world. ## Overview Industrial Control Systems are increasingly complex. This complexity in turn leads to more niche skillsets to support and operate them. This in turn leads to the situation where those with the skillset must be remote since they must support more facilities for [Industrial Remote Operations](https://pmt.honeywell.com/us/en/about-pmt/newsroom/featured-stories/hps/remote-operations). Providing industrial remote operations means having first-class, highly secure, simple, auditable, access to the HMI, to the SCADA systems. Providing this as a service is an [opportunity](https://www.agilicus.com/case-studies/zero-trust-remote-operations-and-asset-management/) for design/build firms to add profitable subscription service. Whether you own the plant, operate the plant, support a device you manufactured in the plant, or, are providing post design/build support for a plant you engineered, this blog is for you. https://youtu.be/NESUQ7B-c-A - [![Iran Attacking Water facilities PLC: Why defence in depth is no longer optional for PLCs](https://www.agilicus.com/www/15995153-z.png "Iran Attacking Water facilities PLC: Why defence in depth is no longer optional for PLCs 1")](https://www.agilicus.com/iran-attacking-water-facilities-plc-why-defence-in-depth-is-no-longer-optional-for-plcs/)## [Iran Attacking Water facilities PLC: Why defence in depth is no longer optional for PLCs](https://www.agilicus.com/iran-attacking-water-facilities-plc-why-defence-in-depth-is-no-longer-optional-for-plcs/) Iranian cyber actors are actively targeting U.S. water facilities, exploiting exposed programmable logic controllers. Relying on perimeter security is a failing strategy. Discover why strong identity, fine-grained authorisation, and zero trust are essential to protect your operational technology from lateral traversal. - [![NERC CIP 015-2 expands network monitoring: How zero trust secures the new perimeter](https://www.agilicus.com/www/db0c94b7-z.png "NERC CIP 015-2 expands network monitoring: How zero trust secures the new perimeter 2")](https://www.agilicus.com/nerc-cip-015-2-expands-network-monitoring-how-zero-trust-secures-the-new-perimeter/)## [NERC CIP 015-2 expands network monitoring: How zero trust secures the new perimeter](https://www.agilicus.com/nerc-cip-015-2-expands-network-monitoring-how-zero-trust-secures-the-new-perimeter/) The new NERC CIP 015-2 standard expands internal network security monitoring to external access systems. Learn why securing the electronic security perimeter now requires eliminating trusted pivot points, and how zero trust access provides the identity-first control and deep visibility needed for compliance. - [![NERC CIP-003-9: Why your VPN is a compliance dumpster fire](https://www.agilicus.com/www/c4c8698d-2q.png "NERC CIP-003-9: Why your VPN is a compliance dumpster fire 3")](https://www.agilicus.com/nerc-cip-003-9-why-your-vpn-is-a-compliance-dumpster-fire/)## [NERC CIP-003-9: Why your VPN is a compliance dumpster fire](https://www.agilicus.com/nerc-cip-003-9-why-your-vpn-is-a-compliance-dumpster-fire/) The April 2026 deadline for NERC CIP-003-9 is approaching. Discover why legacy remote access methods like VPNs fail these new stringent requirements, and how identity-based access controls can secure your operational technology while maintaining compliance. - [![Speed To Chaos: What The Stryker Breach And CrowdStrike Outage Teach Us About Centralised Systems](https://www.agilicus.com/www/ec7d2156-9k.png "Speed To Chaos: What The Stryker Breach And CrowdStrike Outage Teach Us About Centralised Systems 4")](https://www.agilicus.com/speed-to-chaos-what-the-stryker-breach-and-crowdstrike-outage-teach-us-about-centralised-systems/)## [Speed To Chaos: What The Stryker Breach And CrowdStrike Outage Teach Us About Centralised Systems](https://www.agilicus.com/speed-to-chaos-what-the-stryker-breach-and-crowdstrike-outage-teach-us-about-centralised-systems/) The recent Stryker breach and CrowdStrike outage highlight a growing risk: homogeneous, centrally managed software accelerates the speed to chaos. Industrial organisations must rethink remote access and resilience. - [![The SERC regional risk report: Why vendor remote access is a critical vulnerability](https://www.agilicus.com/www/30849648-2q.png "The SERC regional risk report: Why vendor remote access is a critical vulnerability 5")](https://www.agilicus.com/the-serc-regional-risk-report-why-vendor-remote-access-is-a-critical-vulnerability/)## [The SERC regional risk report: Why vendor remote access is a critical vulnerability](https://www.agilicus.com/the-serc-regional-risk-report-why-vendor-remote-access-is-a-critical-vulnerability/) The SERC Regional Risk Report warns that supply chain constraints, vendor remote access, and legacy systems threaten grid reliability. Learn why traditional approaches are no longer sufficient and how zero trust protects critical infrastructure from evolving cyber threats. - [![Asset inventories are great, but who is actually logging into your PLC?](https://www.agilicus.com/www/8adf16a2-z.png "Asset inventories are great, but who is actually logging into your PLC? 6")](https://www.agilicus.com/asset-inventories-are-great-but-who-is-actually-logging-into-your-plc/)## [Asset inventories are great, but who is actually logging into your PLC?](https://www.agilicus.com/asset-inventories-are-great-but-who-is-actually-logging-into-your-plc/) The EPA and CISA released new guidance demanding asset inventories for operational technology. But simply knowing what you have won't stop a cyberattack. Discover why mapping your network isn't enough, and how zero-trust micro-segmentation defeats the specific vulnerabilities threatening your PLCs. - [![CSA Z246.1: Security management for petroleum and natural gas industry systems](https://www.agilicus.com/www/5690683c-csa-z246.1-about.webp "CSA Z246.1: Security management for petroleum and natural gas industry systems 7")](https://www.agilicus.com/csa-z246-1-security-management-for-petroleum-and-natural-gas-industry-systems/)## [CSA Z246.1: Security management for petroleum and natural gas industry systems](https://www.agilicus.com/csa-z246-1-security-management-for-petroleum-and-natural-gas-industry-systems/) As cyber threats against critical infrastructure continue to rise, Canadian regulators are cracking down on vulnerabilities in the energy sector. Enter CSA Z246.1—Canada’s foundational standard for security management in the petroleum and natural gas industries. Unlike rigid technical checklists, CSA Z246.1 requires operators to build a holistic, risk-based Security Management Program (SMP) that breaks down the silos between physical security, IT, and Operational Technology (OT). With strict enforcement rolling out across federal (CER) and provincial regulators (including the AER and… - [![Manitoba Water & Wastewater Association: Why Water Facilities Must Embrace Zero Trust in Industry 4.0](https://www.agilicus.com/www/1a9cf662-mwwa-2026.jpeg "Manitoba Water & Wastewater Association: Why Water Facilities Must Embrace Zero Trust in Industry 4.0 8")](https://www.agilicus.com/manitoba-water-wastewater-association-why-water-facilities-must-embrace-zero-trust-in-industry-4-0/)## [Manitoba Water & Wastewater Association: Why Water Facilities Must Embrace Zero Trust in Industry 4.0](https://www.agilicus.com/manitoba-water-wastewater-association-why-water-facilities-must-embrace-zero-trust-in-industry-4-0/) The "air gap" protecting our water and wastewater facilities is a dangerous myth in the era of Industry 4.0. With real-world cyber threats actively targeting municipal water systems through exposed HMIs and compromised credentials, traditional VPNs and firewalls are no longer enough to keep operations safe. Read Don Bowman's latest insights from the MWWA conference to discover how implementing Zero Trust architecture can easily secure your legacy OT equipment, boost remote productivity, and protect your critical infrastructure from modern - [![Broken Barriers: Why Johnny Can’t Authenticate (NERC fines are not fine)](https://www.agilicus.com/www/8ae23395-otauthenticationbarriers.webp "Broken Barriers: Why Johnny Can't Authenticate (NERC fines are not fine) 9")](https://www.agilicus.com/broken-barriers-why-johnny-cant-authenticate-and-why-nerc-will-fine-you/)## [Broken Barriers: Why Johnny Can’t Authenticate (NERC fines are not fine)](https://www.agilicus.com/broken-barriers-why-johnny-cant-authenticate-and-why-nerc-will-fine-you/) CISA's latest report highlights a massive gap in OT security: Johnny can't authenticate. With NERC CIP-003-9 looming, discover how to secure dumb devices without replacing them. - [![Powered Down: The Polish Grid Hack and Your Plywood Perimeter](https://www.agilicus.com/www/41cb44c9-brokengridnetworksecurity.webp "Powered Down: The Polish Grid Hack and Your Plywood Perimeter 10")](https://www.agilicus.com/powered-down-the-polish-grid-hack-and-your-plywood-perimeter/)## [Powered Down: The Polish Grid Hack and Your Plywood Perimeter](https://www.agilicus.com/powered-down-the-polish-grid-hack-and-your-plywood-perimeter/) The recent attack on Poland's power grid proves that 'air gaps' are a myth and default passwords on edge devices can brick your critical infrastructure. Learn why your out-of-support hardware is a ticking time bomb and how Identity-Aware Proxies can save you from a total re-engineering nightmare. - [![Kritical Konditions: Germany’s Umbrella Act Rains Down on Risk](https://www.agilicus.com/www/a136bfe2-kritis-umbrella-protection.webp "Kritical Konditions: Germany’s Umbrella Act Rains Down on Risk 11")](https://www.agilicus.com/kritical-konditions-germanys-umbrella-act-rains-down-on-risk/)## [Kritical Konditions: Germany’s Umbrella Act Rains Down on Risk](https://www.agilicus.com/kritical-konditions-germanys-umbrella-act-rains-down-on-risk/) Germany’s KRITIS Umbrella Act is here, mandating strict physical and digital security for 1,700 critical entities. Is your fortress ready for the audit? - [![Polish Power Pwnage: Wipers, Wind Farms, and Wake-Up Calls](https://www.agilicus.com/www/e34c6bf3-poland-distributed-energy-cyber-attack.webp "Polish Power Pwnage: Wipers, Wind Farms, and Wake-Up Calls 12")](https://www.agilicus.com/polish-power-pwnage-wipers-wind-farms-and-wake-up-calls/)## [Polish Power Pwnage: Wipers, Wind Farms, and Wake-Up Calls](https://www.agilicus.com/polish-power-pwnage-wipers-wind-farms-and-wake-up-calls/) Poland's power grid survived a massive wiper attack in December, but 30 sites were left with bricked OT systems. The attackers targeted distributed energy resources, proving that the 'air gap' is dead. Don Bowman explains why your perimeter defence is failing and why identity is the only wall that matters. - [![Pwned Plans and Porous Perimeters](https://www.agilicus.com/www/c4336d7b-image.png "Pwned Plans and Porous Perimeters 13")](https://www.agilicus.com/pwned-plans-and-porous-perimeters/)## [Pwned Plans and Porous Perimeters](https://www.agilicus.com/pwned-plans-and-porous-perimeters/) A breach at Pickett & Associates exposes critical infrastructure blueprints, proving that engineering firms are the new attack vector. Learn why 'boring' data is a military target and why MFA is non-negotiable. - [![Porous Perimeters and Pro-Russian Pwning: The La Poste Lesson](https://www.agilicus.com/www/5e63aac8-critical-infrastructure-hybrid-warfare-vector.webp "Porous Perimeters and Pro-Russian Pwning: The La Poste Lesson 14")](https://www.agilicus.com/porous-perimeters-and-pro-russian-pwning-the-la-poste-lesson/)## [Porous Perimeters and Pro-Russian Pwning: The La Poste Lesson](https://www.agilicus.com/porous-perimeters-and-pro-russian-pwning-the-la-poste-lesson/) Pro-Russia hacktivists like Z-Pentest are moving from annoying DDoS attacks to dangerous OT compromises in France and Denmark. Don Bowman explains why your air gap is a lie and how to actually secure critical infrastructure. - [![Ransomware Reservoirs: Another Leak in the Critical Infrastructure Dam](https://www.agilicus.com/www/517eae6a-cybersecurity-water-infrastructure-ransomware-protection.webp "Ransomware Reservoirs: Another Leak in the Critical Infrastructure Dam 15")](https://www.agilicus.com/ransomware-reservoirs-another-leak-in-the-critical-infrastructure-dam/)## [Ransomware Reservoirs: Another Leak in the Critical Infrastructure Dam](https://www.agilicus.com/ransomware-reservoirs-another-leak-in-the-critical-infrastructure-dam/) Romanian water infrastructure just lost 1,000 systems to ransomware. While authorities claim operations are safe, the shift to manual radio comms proves our critical infrastructure defences are failing. It is time to ditch the air gap myth for real Zero Trust security. - [![2026 Pwned by Progress: The Year Your Air Gap Finally Evaporates](https://www.agilicus.com/www/b71c5f84-ot-connectivity-breaking-the-firewall.webp "2026 Pwned by Progress: The Year Your Air Gap Finally Evaporates 16")](https://www.agilicus.com/pwned-by-progress-the-year-your-air-gap-finally-evaporates/)## [2026 Pwned by Progress: The Year Your Air Gap Finally Evaporates](https://www.agilicus.com/pwned-by-progress-the-year-your-air-gap-finally-evaporates/) It is 2026 and your new OT hardware demands an internet connection. Discover why this kills the air gap, breaks your firewall, and why Identity-Aware Proxies are the only path to safety. - [![When Skynet Meets the Assembly Line CISA’s New Playbook](https://www.agilicus.com/www/f24d399f-example.webp "When Skynet Meets the Assembly Line CISA's New Playbook 17")](https://www.agilicus.com/when-skynet-meets-the-assembly-line-cisas-new-playbook/)## [When Skynet Meets the Assembly Line CISA’s New Playbook](https://www.agilicus.com/when-skynet-meets-the-assembly-line-cisas-new-playbook/) Navigating the new guidance on mixing artificial intelligence with industrial control systems without blowing anything up It feels like just yesterday we were worried about connecting a PLC to the skynet. - [![SEC Shockwaves: Manufacturing Misery and the Materiality Mandate](https://www.agilicus.com/www/4ebbf567-sec-manufacturing-countdown.webp "SEC Shockwaves: Manufacturing Misery and the Materiality Mandate 18")](https://www.agilicus.com/sec-shockwaves-manufacturing-misery-and-the-materiality-mandate/)## [SEC Shockwaves: Manufacturing Misery and the Materiality Mandate](https://www.agilicus.com/sec-shockwaves-manufacturing-misery-and-the-materiality-mandate/) The SEC's new 4-day disclosure rule is a wake-up call for manufacturing. Is your OT network ready to report a material breach, or are you staring into a black box of legacy tech? - [![Subprime Software: The Hidden Risks in Your Supply Chain](https://www.agilicus.com/www/dd4a7dc9-hidden-vulnerabilities-in-software-supply-chain.webp "Subprime Software: The Hidden Risks in Your Supply Chain 19")](https://www.agilicus.com/subprime-software-the-hidden-risks-in-your-supply-chain/)## [Subprime Software: The Hidden Risks in Your Supply Chain](https://www.agilicus.com/subprime-software-the-hidden-risks-in-your-supply-chain/) The Apache Tika CVE-2025-66516 is a perfect 10 for risk and a wake-up call for the industry. Like the 2008 financial crisis, toxic assets are hidden deep in your software stack. Learn why your security appliances might be your biggest weakness and how Zero Trust limits the blast radius. - [![Russian Roulette: Gambling with Critical Infrastructure and VNC](https://www.agilicus.com/www/c2ddd2de-secure-industrial-water-infrastructure.webp "Russian Roulette: Gambling with Critical Infrastructure and VNC 20")](https://www.agilicus.com/russian-roulette-gambling-with-critical-infrastructure-and-vnc/)## [Russian Roulette: Gambling with Critical Infrastructure and VNC](https://www.agilicus.com/russian-roulette-gambling-with-critical-infrastructure-and-vnc/) CISA warns of Pro-Russia hacktivists targeting VNC in critical infrastructure. We argue these are state-sponsored threats and explains why your firewall isn't enough to stop them. - [![Quartered and Drawn: The SANS 2025 Reality Check](https://www.agilicus.com/www/1139c6a5-sans-2025-ot-security-reality-check.webp "Quartered and Drawn: The SANS 2025 Reality Check 21")](https://www.agilicus.com/quartered-and-drawn-the-sans-2025-reality-check/)## [Quartered and Drawn: The SANS 2025 Reality Check](https://www.agilicus.com/quartered-and-drawn-the-sans-2025-reality-check/) 22% of operational technology environments were breached last year. 40% resulted in total operational shutdowns. We aren't talking about website glitches; we’re talking about stopping pumps. I broke down the SANS 2025 report to explain why the odds are against you, and how to prepare - [![The Distributed Dilemma: Securing Renewable Energy in the Middle of Nowhere](https://www.agilicus.com/www/55310d31-image-8.png "The Distributed Dilemma: Securing Renewable Energy in the Middle of Nowhere 22")](https://www.agilicus.com/the-distributed-dilemma-securing-renewable-energy-in-the-middle-of-nowhere/)## [The Distributed Dilemma: Securing Renewable Energy in the Middle of Nowhere](https://www.agilicus.com/the-distributed-dilemma-securing-renewable-energy-in-the-middle-of-nowhere/) Renewable energy sites are remote, distributed, and hard to secure. From Starlink struggles to contractor chaos, learn why Zero Trust is the only way to protect the modern grid. - [![The SEC Clock Is Ticking for Manufacturing](https://www.agilicus.com/www/38eeee62-example.webp "The SEC Clock Is Ticking for Manufacturing 23")](https://www.agilicus.com/the-sec-clock-is-ticking-for-manufacturing/)## [The SEC Clock Is Ticking for Manufacturing](https://www.agilicus.com/the-sec-clock-is-ticking-for-manufacturing/) New SEC rules require public companies to disclose material cybersecurity incidents within four days. For manufacturers relying on complex industrial control systems, this timeline presents a massive challenge in visibility and reporting. - [![Cleaning Up the Mess: How One Disgruntled Contractor Trashed a Network (And How to Stop It)](https://www.agilicus.com/www/942c9db7-waste-management-contractor.webp "Cleaning Up the Mess: How One Disgruntled Contractor Trashed a Network (And How to Stop It) 24")](https://www.agilicus.com/cleaning-up-the-mess-how-one-disgruntled-contractor-trashed-a-network-and-how-to-stop-it/)## [Cleaning Up the Mess: How One Disgruntled Contractor Trashed a Network (And How to Stop It)](https://www.agilicus.com/cleaning-up-the-mess-how-one-disgruntled-contractor-trashed-a-network-and-how-to-stop-it/) An ex-contractor's revenge cost a firm $862K. This cybersecurity story reveals a critical flaw in vendor access and how to prevent it. - [![Stop Saying “It’s the Customer’s Choice” – It’s Costing You Money](https://www.agilicus.com/www/46fcbae4-remote-access-tug-of-war.webp "Stop Saying "It's the Customer's Choice" - It's Costing You Money 25")](https://www.agilicus.com/stop-saying-its-the-customers-choice-its-costing-you-money/)## [Stop Saying “It’s the Customer’s Choice” – It’s Costing You Money](https://www.agilicus.com/stop-saying-its-the-customers-choice-its-costing-you-money/) As a system integrator, do you say remote access is "the customer's choice"? This common refrain, while well-intentioned, is an outdated view that's costing you money. It’s time to shift from a cost-plus model to a more profitable, secure, and scalable managed service offering for your clients. - [![Houston, We Have Two Internets… and That’s a Problem?](https://www.agilicus.com/www/1fb948e5-dual-wan.webp "Houston, We Have Two Internets… and That's a Problem? 26")](https://www.agilicus.com/houston-we-have-two-internets-and-thats-a-problem/)## [Houston, We Have Two Internets… and That’s a Problem?](https://www.agilicus.com/houston-we-have-two-internets-and-thats-a-problem/) You got a backup internet connection for your industrial plant, but now you have a new problem. How do you actually use it? Its different Internet Protocol address and lack of inbound support create a headache. Before you get tangled in a complex solution, there's a simpler way to achieve seamless, active-active failover. - [![From Tunnels to (Zero) Trust: The Evolution of Industrial Remote Access](https://www.agilicus.com/www/bf3ac736-industrial-access-methods.webp "From Tunnels to (Zero) Trust: The Evolution of Industrial Remote Access 27")](https://www.agilicus.com/from-tunnels-to-zero-trust-the-evolution-of-industrial-remote-access/)## [From Tunnels to (Zero) Trust: The Evolution of Industrial Remote Access](https://www.agilicus.com/from-tunnels-to-zero-trust-the-evolution-of-industrial-remote-access/) How do you grant secure remote access to your plant floor? While VPNs and jump boxes are common, they introduce serious security risks and operational headaches. We explore the four key methods, from traditional tunnels to modern Zero Trust, and reveal why an identity-aware approach is faster, simpler, and fundamentally more secure. - [![Who Moved My Air Gap? The Slow Boiling Future of Industrial Security](https://www.agilicus.com/www/68ae0638-boiling-frog.webp "Who Moved My Air Gap? The Slow Boiling Future of Industrial Security 28")](https://www.agilicus.com/who-moved-my-air-gap-the-slow-boiling-future-of-industrial-security/)## [Who Moved My Air Gap? The Slow Boiling Future of Industrial Security](https://www.agilicus.com/who-moved-my-air-gap-the-slow-boiling-future-of-industrial-security/) For decades, industrial security relied on the "air gap." But like a frog in slowly boiling water, we've missed the gradual erosion of this protection. Today, that gap is more like Swiss cheese, full of holes for vendor access and cloud connectivity. It's time to adapt to this new reality. - [![AI-Powered Cyber Threats: Protecting Your Critical Infrastructure](https://www.agilicus.com/www/b0d29bd4-ai-cyber-criminal.webp "AI-Powered Cyber Threats: Protecting Your Critical Infrastructure 29")](https://www.agilicus.com/ai-powered-cyber-threats-protecting-your-critical-infrastructure/)## [AI-Powered Cyber Threats: Protecting Your Critical Infrastructure](https://www.agilicus.com/ai-powered-cyber-threats-protecting-your-critical-infrastructure/) AI amplifies cyber risks for critical infrastructure, making attackers more effective. CISA's FY23 report shows 80% of successful attacks exploit identity weaknesses like valid accounts and spearphishing. AI isn't creating new vulnerabilities, but leveraging existing ones. Implementing Zero Trust and universal Single Sign-On significantly reduces these risks, making organizations a harder target. - [![The Paradox of Trust: Navigating Certificate Revocation in Air-Gapped Networks](https://www.agilicus.com/www/6131f9fa-crl-outbound-airgrap-scaled.webp "The Paradox of Trust: Navigating Certificate Revocation in Air-Gapped Networks 30")](https://www.agilicus.com/the-paradox-of-trust-navigating-certificate-revocation-in-air-gapped-networks/)## [The Paradox of Trust: Navigating Certificate Revocation in Air-Gapped Networks](https://www.agilicus.com/the-paradox-of-trust-navigating-certificate-revocation-in-air-gapped-networks/) The peculiar and particular problem of certificate revocation in semi or fully air-gapped networks—a challenge that pits the need for security against the very isolation designed to create it. - [![AI: The New Frontier for Cybercriminals Targeting Critical Infrastructure](https://www.agilicus.com/www/eb1379b5-ai-powered-bear.webp "AI: The New Frontier for Cybercriminals Targeting Critical Infrastructure 31")](https://www.agilicus.com/ai-the-new-frontier-for-cybercriminals-targeting-critical-infrastructure/)## [AI: The New Frontier for Cybercriminals Targeting Critical Infrastructure](https://www.agilicus.com/ai-the-new-frontier-for-cybercriminals-targeting-critical-infrastructure/) AI: You don't need to outrun the bear (the most sophisticated attacker in the world); you just need to outrun your neighbour. Let's make sure you're not the slowest hiker in the woods. - [![Many Headed Hydra Medusa Meets Critical Infrastructure](https://www.agilicus.com/www/aab94b4c-medusa.png "Many Headed Hydra Medusa Meets Critical Infrastructure 32")](https://www.agilicus.com/many-headed-hydra-medusa-meets-critical-infrastructure/)## [Many Headed Hydra Medusa Meets Critical Infrastructure](https://www.agilicus.com/many-headed-hydra-medusa-meets-critical-infrastructure/) Medusa ransomware infected more than 300 entities in critical infrastructure. Living off the land avoids detection, facilitates lateral traversal. - [![CN APT Use VPN CVE for ICS in OT: Acronym Much?](https://www.agilicus.com/www/37caafb7-attacker-vpn.png "CN APT Use VPN CVE for ICS in OT: Acronym Much? 33")](https://www.agilicus.com/cn-apt-use-vpn-cve-for-ics-in-ot-acronym-much/)## [CN APT Use VPN CVE for ICS in OT: Acronym Much?](https://www.agilicus.com/cn-apt-use-vpn-cve-for-ics-in-ot-acronym-much/) Asymmetric Cost Espionage: A Chinese Advanced Persistent Thread actor used CVE-2024-24919 (a vulnerability in Checkpoint VPN) to gain ongoing access into operational technology networks. - [![Advice Avalanche: Practical Steps for Wastewater Treatment Plants](https://www.agilicus.com/www/b845a6ee-avalanche.jpg "Advice Avalanche: Practical Steps for Wastewater Treatment Plants 34")](https://www.agilicus.com/advice-avalanche-practical-steps-for-wastewater-treatment-plants/)## [Advice Avalanche: Practical Steps for Wastewater Treatment Plants](https://www.agilicus.com/advice-avalanche-practical-steps-for-wastewater-treatment-plants/) Put the Avalanche of Advice Into Action: Wastewater plants face escalating cyber threats. Prioritise strong user identities with single sign-on and multi-factor authentication, abandon the outdated "air gap" concept, and embrace a practical zero-trust approach. - [![Operate Your Plant Virtually with Agilicus AnyX](https://www.agilicus.com/www/ba293ef1-chuttersnap-_efvjsgbw1c-unsplash-scaled.jpg "Operate Your Plant Virtually with Agilicus AnyX 35")](https://www.agilicus.com/operate-your-plant-virtually-with-agilicus-anyx/)## [Operate Your Plant Virtually with Agilicus AnyX](https://www.agilicus.com/operate-your-plant-virtually-with-agilicus-anyx/) The demand for remote plant operation is increasing. It's easier than ever to manage, monitor, and control plant operations remotely. - [![Fast, Simple, Secure: Implement CISA et al HMI (practically) recommends Agilicus AnyX](https://www.agilicus.com/www/1d844d4f-image.png "Fast, Simple, Secure: Implement CISA et al HMI (practically) recommends Agilicus AnyX 36")](https://www.agilicus.com/fast-simple-secure-implement-cisa-et-al-hmi-practically-recommends-agilicus-anyx/)## [Fast, Simple, Secure: Implement CISA et al HMI (practically) recommends Agilicus AnyX](https://www.agilicus.com/fast-simple-secure-implement-cisa-et-al-hmi-practically-recommends-agilicus-anyx/) CISA, CSEC et al issue guidance on protecting VNC HMI in Operational Technology. Aligned with Agilicus AnyX. - [![Industrial Supply Chain Matryoshka Risk](https://www.agilicus.com/www/40c0dcf7-supply-chain-matryoshka.avif "Industrial Supply Chain Matryoshka Risk 37")](https://www.agilicus.com/industrial-supply-chain-matryoshka-risk/)## [Industrial Supply Chain Matryoshka Risk](https://www.agilicus.com/industrial-supply-chain-matryoshka-risk/) Last weeks hyper-critical NGFW vulnerability is this weeks embedded operational technology challenge due to nested risk and supply chain. - [![CISA: 8 Top Cyber Actions for Securing Water Systems](https://www.agilicus.com/www/94cd8617-cisa-water-actions.png "CISA: 8 Top Cyber Actions for Securing Water Systems 38")](https://www.agilicus.com/cisa-8-top-cyber-actions-for-securing-water-systems/)## [CISA: 8 Top Cyber Actions for Securing Water Systems](https://www.agilicus.com/cisa-8-top-cyber-actions-for-securing-water-systems/) CISA this week issued a Fact Sheet 8 Top Cyber Actions for Securing Water Systems giving a set of "do it now" practical actions for securing water and wastewater systems. Let's talk about 'Exposure' to the Public-Facing Internet - [![Three Strategies To Help: Cisco ASA AnyConnect and WebVPN added to CISA Known Exploits](https://www.agilicus.com/www/74062964-cisco-asa.png "Three Strategies To Help: Cisco ASA AnyConnect and WebVPN added to CISA Known Exploits 39")](https://www.agilicus.com/three-strategies-to-help-cisco-asa-anyconnect-and-webvpn-added-to-cisa-known-exploits/)## [Three Strategies To Help: Cisco ASA AnyConnect and WebVPN added to CISA Known Exploits](https://www.agilicus.com/three-strategies-to-help-cisco-asa-anyconnect-and-webvpn-added-to-cisa-known-exploits/) Cisco ASA AnyConnect and WebVPN added to CISA Known Exploits. Do you have one running on autopilot in your plant somewhere? Maybe between the IT and OT network? Maybe running the DMZ? - [![Multiple Connections Inbound Access Challenge](https://www.agilicus.com/www/a7a8925d-complex-wan.jpg "Multiple Connections Inbound Access Challenge 40")](https://www.agilicus.com/multiple-connections-inbound-access-challenge/)## [Multiple Connections Inbound Access Challenge](https://www.agilicus.com/multiple-connections-inbound-access-challenge/) Multiple Internet connections can create inbound connectivity issues for remote industrial connectivity. The Multiple Connections Inbound Access Challenge. - [![Ground Hog Day: Fortinet VPN Edition](https://www.agilicus.com/www/76cabfdc-insecure-vpn.jpg "Ground Hog Day: Fortinet VPN Edition 41")](https://www.agilicus.com/ground-hog-day-fortinet-vpn-edition/)## [Ground Hog Day: Fortinet VPN Edition](https://www.agilicus.com/ground-hog-day-fortinet-vpn-edition/) Another day, another VPN letting the world in to snoop around and fondle your crown jewels: Fortinet edition. - [![US sanctions Iranian officials for cyber-attacks on water plants](https://www.agilicus.com/www/24ef784f-image.png "US sanctions Iranian officials for cyber-attacks on water plants 42")](https://www.agilicus.com/us-sanctions-iranian-officials-for-cyber-attacks-on-water-plants/)## [US sanctions Iranian officials for cyber-attacks on water plants](https://www.agilicus.com/us-sanctions-iranian-officials-for-cyber-attacks-on-water-plants/) A group named Cyber Av3ngers affiliated with the IRGC targetting, modifying the HMI of publuc water systems. Today the individuals are sanctioned under anti-terrorism executive order. - [![VPNs in Industrial Environments: Old Yeller](https://www.agilicus.com/www/4ef8b756-vpn-hacker.jpeg "VPNs in Industrial Environments: Old Yeller 43")](https://www.agilicus.com/vpns-in-industrial-environments-old-yeller/)## [VPNs in Industrial Environments: Old Yeller](https://www.agilicus.com/vpns-in-industrial-environments-old-yeller/) VPNs in Industrial Environments: Old Yeller. It was a faithful friend for years, and now its time to shoot it before it bites you. - [![Begone Ivanti Industrial VPN Sayeth CISA](https://www.agilicus.com/www/697950cb-insecure-factory-vpn.jpg "Begone Ivanti Industrial VPN Sayeth CISA 44")](https://www.agilicus.com/begone-ivanti-industrial-vpn-sayeth-cisa/)## [Begone Ivanti Industrial VPN Sayeth CISA](https://www.agilicus.com/begone-ivanti-industrial-vpn-sayeth-cisa/) ED 24-01 directs agencies to instantly remove Ivanti Industrial VPN from industrial operations. Defence In Depth, Zero Trust give you more time to react. - [![Inbound HMI: Cyber Army of Russia Targeting US water facilities](https://www.agilicus.com/www/170013c6-russian-cyber-attack-water.jpg "Inbound HMI: Cyber Army of Russia Targeting US water facilities 45")](https://www.agilicus.com/inbound-hmi-cyber-army-of-russia-targeting-us-water-facilities/)## [Inbound HMI: Cyber Army of Russia Targeting US water facilities](https://www.agilicus.com/inbound-hmi-cyber-army-of-russia-targeting-us-water-facilities/) Cyber Army of Russia Targeting US water facilities. Zero Trust Cybersecurity for VNC to prevent. - [![From Smoke Stacks to Smartscapes: Evolving Industrial Operations in the Digital Age](https://www.agilicus.com/www/a10db1c6-delorean-industrial-control-panel-scaled.jpg "From Smoke Stacks to Smartscapes: Evolving Industrial Operations in the Digital Age 46")](https://www.agilicus.com/from-smoke-stacks-to-smartscapes-evolving-industrial-operations-in-the-digital-age/)## [From Smoke Stacks to Smartscapes: Evolving Industrial Operations in the Digital Age](https://www.agilicus.com/from-smoke-stacks-to-smartscapes-evolving-industrial-operations-in-the-digital-age/) Smoke Stacks to Smartscapes. Past, Present, Future, the evolution in-place of the industrial control system, and the airgrap that once protected it.