The Radiflow Cyber Security Blog
Is Your Cyber Risk Analysis based on Empirical Data? (It Should Be)
Qualitative risk analysis is based on subjective opinions of Subject Matter Experts (SME). Heat-maps, risk matrices, red/yellow/green prioritization of risk factors and more are all subjective perceptions that can span a wide range of values. Priority levels are not…
The Ukraine Power Grid Cyber Attack, Five Years Later: An IEC62443-Based Analysis
Liron Benbenishti, Cyber Security Researcher at Radiflow, analyzes the 2015 Ukraine power grid attack using the ISA/IEC 62443-3-3 standard, which determines the actual security levels and evaluates the required security level that could have prevented the attack.
The State of Industrial Cyber-Security in 2020 and Outlook for 2021
Ilan Barda, Radiflow CEO, reviews the state of OT cyber-security in 2020 and extrapolates the trends in 2021 and beyond, including WFH, the SolarWinds attack, ransomware in OT, OT-MSSPs and governing standards (e.g. IEC62443).
Behind the News: the SolarWinds Security Attack
Radiflow CEO Ilan Barda discusses the key takeaways and trends regarding the SolarWinds security attack, and proposes guidelines for protecting industrial networks against such supply-chain type attacks.
Using AI for securing critical information infrastructures and systems
Radiflow’s next-generation industrial security monitoring systems provide a fully automated suite for asset data collection, data-driven analysis and transparent risk metrics calculation.
Takeaways from our Expert Panel: Optimizing OT Cybersecurity through IEC62443 risk assessment & management
Takeaways from our expert panel, with guests from Forrester & Siemens, on the importance of IEC62443-compliant risk assessment & management toward optimizing OT cybersecurity.
Radiflow launches CIARA, automated risk analysis platform based on ISA/IEC 62443 framework
Cyber Industrial Automated Risk Analysis (CIARA) helps industrial automation and control system users to dramatically streamline risk reduction planning and compliance for improved cyber risk posture.
The cat photo that disabled production: steganography in OT cyber-attacks
Steganography-based attacks on ICS networks are on the rise, some using the interconnectivity between the organization and its vendors/suppliers. Mitigation includes OT/IT network segregation; raising awareness among employees; and installing an IDS (e.g. Radiflow iSID) to detect anomalous network behavior.
The advantages of interfacing between your SCADA and IDS systems
Radiflow CEO llan Barda’s presentation at zenonIZE 2020 focuses on Analysis of Gaps and Mitigations in an OT network for IEC62443 compliance, and namely streamline the flow of security alerts between the security system (IDS) and the operations personnel and IT professionals.