The Radiflow Cyber-Security Blog
In the aftermath of the Colonial and JBS SA ransomware attacks: how to protect yourself while optimizing your ROI on Risk Reduction
We discuss the methods of optimizing your OT security through breach & attack simulation and risk assessment, to prioritize the most effective countermeasure mitigations.
In this overview of cybersecurity for SCADA systems, we cover: In this article we will cover what Is SCADA Cyber Security, the problems related, why SCADA security issues matter and how to perform a Security Risk Assessment for SCADA systems.
CIOs and business executives are beginning to see the advantages of integrating OT processes into their established security operations center (SOC), creating a new security approach known as an OT SOC.
Based on the amount paid as ransom to cyber-attackers, the magnitude of loss perceived by Colonial Pipeline obviously exceeds the $5M paid if we add up all the expenses involved in reaching Colonial’s recovery point objectives (RPO).
By Michael Langer, Chief Product Officer, RadiflowIf you've found this article interesting, please visit and follow Radiflow on LinkedIn, where you'll find a wealth of exclusive content. The News Colonial pipeline is one of the largest fuel pipeline operators in the...
IoT security spending is expected to increase by 300% to $6 billion by 2023. Radiflow CEO Ilan Barda reveals what’s behind this trend and why people remain the most vital tool in the fight back.
The convergence of OT and IT has given hackers a much broader “attack surface.” OT security assessments provide a clear picture of the risks facing their networks, accounting for probability of a cyberattack on all business units and the impact of the attack.
Traditional industrial control systems (ICSs) are self-contained; communications take place over physical wires between and among system components, and the system’s operation is independent of any other systems or networks in the plant.
In the aftermath of the Oldsmar Water Attack: using an OT-MSSP as a viable replacement for an in-house cybersecurity department
TJ Roe, VP Sales, North America, Radiflow discusses using an OT-MSSP as a viable option for industrial organizations to protect their networks despite budgetary and/or personnel constraints.
Radiflow cyber security researcher Liron Benbenishti describes the method and advantages of linking OT-security standards and adversary data sources in CIARA, using the example of IEC-62443 and MITRE ATT&CK.
Radiflow Senior Cyber Researcher Alon Shekalim analyzes the attack on a Florida water treatment facility and discusses the use of remote network access software as the attacker’s point of entry into the network
In this post, the second of three, Radiflow CTO Dr. Yehonatan Kfir discusses the different types of Threat Intelligence (TI), the benefits of using TI within an OT network risk assessment, and the problems with misuse of TI.
While active penetration testing is necessary for vulnerability detection, it poses the risk of accidental damage. As an alternative, Radiflow proposes a TI-based breach simulation method for OT networks.
Qualitative risk analysis is based on subjective opinions of Subject Matter Experts (SME). Heat-maps, risk matrices, red/yellow/green prioritization of risk factors and more are all subjective perceptions that can span a wide range of values. Priority levels are not…
Liron Benbenishti, Cyber Security Researcher at Radiflow, analyzes the 2015 Ukraine power grid attack using the ISA/IEC 62443-3-3 standard, which determines the actual security levels and evaluates the required security level that could have prevented the attack.