Tag Archives: network segmentation

Security Basics: Network Segmentation

Posted on by
Reply
I recently attended a DHS/US-CERT “Introduction to Industrial Control Systems Cybersecurity” course and was disappointed that there was not more time devoted to mitigation. One of the topics glossed over in the mitigation section of the course was network segmentation, especially the separation of enterprise / business networks from plant and control networks. Now, Industrial Defender field personnel tell me that pretty much every site they visit is already doing plant / enterprise n << More >>

Security Basics: Egress Filtering

Posted on by
Reply
Our security assessment practice reports that less than half of the firewalls they encounter at industrial sites we service have any egress filtering enabled, and even fewer have implemented rigorous filtering. Egress filtering consists of denying most or all “outbound” connections from a more trusted network to a less trusted network. Egress filtering is nothing new – best practices are described in a number of control system security standards, notably NIST 800-82 (which call << More >>

Advanced Persistent Threats

Posted on by
Reply
Mandiant has just released a report on Advanced Persistent Threats. This was the organization providing the keynote address at the recent Digital Bond S4 conference. The paper can be requested at: http://www.mandiant.com/products/services/m-trends The contents of the report are disturbing. Mandiant documents cases where a patient and very capable adversary has infiltrated many different organizations. In one case, only 10 systems out of 50,000 were taken over, and in one of those systems, the m << More >>