Thanks to the recent 2016 Data Breach Digest from the Verizon RISK team, a story about poor cybersecurity at a water company has recently been in the media. The company, given the fictional name of the Kemuri Water Company (KWC), is responsible for the water supply of a number of counties. Verizon was retained by KWC to assess their networks for indications of a security breach. Of concern was an unexplained pattern of valve and duct movements that had occurred over the previous 60 days. The Verizon team identified that breaches had occurred and that KWC’s SCADA system had been manipulated to alter the amount of chemicals that went into their water system as well as the flow rate.

Someone recently asked me the best way to describe Deep Packet Inspection (DPI) in laymen’s terms. If you are not familiar with DPI, it describes two technologies used by firewalls to detect and block unwanted communications.

The start of a new year is often the time we make decisions to do things differently than in the past. Today I would like to suggest that one of the 2016 decisions you make is to toss out invalid ICS security assumptions and hone in on meaningful improvement for your cyber security defenses.

As a reader of this blog you know that cybersecurity has been increasing in importance in industrial facilities since the discovery of Stuxnet in 2010. Now along comes the IIoT with its increased numbers of connected devices and links to the Internet and business systems.

One of the best parts of the Belden Industrial Ethernet Infrastructure Design Seminar, held last week in Chicago, was the lively presentation given by two of Belden and Tripwire’s top experts on industrial cybersecurity: