Zero Trust

Legacy virtual private networks are a liability, acting as an ethernet cable into your deep infrastructure. With active exploitation of obsolete protocols on the rise, organisations must abandon absolute trust. Discover why modernising access through an Identity-Aware Proxy is the only pragmatic defence against perimeter zero-day vulnerabilities.

A recent Government Accountability Office report reveals that nearly 170,000 water systems are increasingly vulnerable to sophisticated cyberattacks. Because the air gap is dead, traditional virtual private networks no longer provide adequate protection. Agilicus AnyX secures critical infrastructure by implementing Zero Trust Architecture, replacing perimeter-based defences with precise, identity-based access and mandatory Multi-Factor Authentication.

With the April 1, 2026 enforcement date for NERC CIP-003-9 past, small Independent Power Producers (IPPs) face unique regulatory pressures. This post explores a pragmatic approach to securing low-impact assets, replacing legacy VPNs with a zero trust architecture that automates vendor access controls and simplifies audit evidence retention.

The £963,900 ICO fine against South Staffordshire Water highlights the fatal flaw in perimeter-based security. Learn how Agilicus Zero Trust architecture addresses identity failures and the ‘legacy headache’ in critical infrastructure.

CISA’s Critical Infrastructure Fortify initiative demands a fundamental shift in how we secure our most vital assets. By assuming connectivity is unreliable and networks are already compromised, we must move toward proactive isolation. Discover how Agilicus AnyX enables a ‘disconnected yet connected’ Zero Trust architecture that replaces the vulnerable VPN perimeter with secure, identity-based access.

For Canadian energy and utility operators, complying with stringent new cybersecurity mandates like the Canadian Standards Association Z246.1:21, Alberta Regulation 84/2024, and British Columbia Utilities Commission guidelines is no longer optional. Discover how Agilicus AnyX enables operators to seamlessly implement multi-factor authentication, strict network segmentation, and zero-trust remote access for legacy industrial control systems—without ripping and replacing existing infrastructure or relying on vulnerable virtual private networks.

The £1.9bn JLR breach exposed supply chain fragility. Download the Agilicus whitepaper to learn how Zero Trust secures the industrial mesh against cyber threats.

Are your bus drivers and contractors stuck using paper because IT can’t secure their devices? It’s time to stop the ‘Digital Disenfranchisement’ and use Zero Trust to safely connect everyone, everywhere.

Consequently, trying to scope an attack in a sprawling operatioanl tech network is like trying to find a needle in a haystack, except the haystack is currently on fire, and you are not allowed to use water because it might short-circuit the only machine that is still running.

Facing rising cyber insurance costs? For municipalities, risky VPNs are a major hurdle. Learn how Zero Trust secures systems and lowers insurance risk.

For years, the security model for water systems has been the air gap—a mythical wall where everything inside is trusted and everything outside is not. The problem? That air gap already has a bunch of holes in it, and Industry 4.0 is making more.

Authentication gets you in the door, but fine-grained authorisation decides which rooms you can enter. This principle ensures users access only the specific resources they need, making your systems more secure by rendering everything else invisible to them.

CityWorks breach leads to lateral traversal through IIS and onwards into your network. Protect it with Agilicus AnyX while you work on upgrading.

This morning I was interviewed on the Mike Farwell Show (CityNews). You can check the interview here @ 54:50.

SolarWinds Web Help Desk CVE-2024-28986 (rated 9.8 our of 10) is now included in CISA’s Known Exploited Vulnerabilities (KEV) Catalog, indicating its active use in cyber attacks, giving affected agencies until September 5, 2024 to fix the flaw under Binding Operational Directive 22-01. How fun.

Shared password bad. 10 billion passwords leaked. Your team installed some shadow IT remote access solution with a shared password.

You wouldn’t download a PLC, would you? Rockwell Automation alert on public access to PLC, and a Shodan search to fact check it.

This blog post explores the challenges of securing remote access to SCADA systems and how Zero Trust can act as a solution.

In this blog post, we’ll dive into the Zero Trust vs. VPN security model differences and why the former is ultimately the far superior choice for secure, seamless remote access. 

In this blog post, we’ll delve into the challenges of enabling SSH for remote access and how you can do so without compromising security through Zero Trust.

In this post, we’ll explore the limitations of VPNs and delve into how to enable Rockwell Automation remote PLC access.

Split Horizon VPN’s are used to avoid breaking video conferencing. They are unsafe. See paper for route injection issues.

What are the risks of using VPNs in water and wastewater facilities? We’ll help you answer that question and understand what to do instead.