The Radiflow Cyber Security Blog

Qualitative risk analysis is based on subjective opinions of Subject Matter Experts (SME). Heat-maps, risk matrices, red/yellow/green prioritization of risk factors and more are all subjective perceptions that can span a wide range of values. Priority levels are not…

Liron Benbenishti, Cyber Security Researcher at Radiflow, analyzes the 2015 Ukraine power grid attack using the ISA/IEC 62443-3-3 standard, which determines the actual security levels and evaluates the required security level that could have prevented the attack.

Ilan Barda, Radiflow CEO, reviews the state of OT cyber-security in 2020 and extrapolates the trends in 2021 and beyond, including WFH, the SolarWinds attack, ransomware in OT, OT-MSSPs and governing standards (e.g. IEC62443).

Radiflow CEO Ilan Barda discusses the key takeaways and trends regarding the SolarWinds security attack, and proposes guidelines for protecting industrial networks against such supply-chain type attacks.

Radiflow’s next-generation industrial security monitoring systems provide a fully automated suite for asset data collection, data-driven analysis and transparent risk metrics calculation.

Takeaways from our expert panel, with guests from Forrester & Siemens, on the importance of IEC62443-compliant risk assessment & management toward optimizing OT cybersecurity.

Cyber Industrial Automated Risk Analysis (CIARA) helps industrial automation and control system users to dramatically streamline risk reduction planning and compliance for improved cyber risk posture.

Steganography-based attacks on ICS networks are on the rise, some using the interconnectivity between the organization and its vendors/suppliers. Mitigation includes OT/IT network segregation; raising awareness among employees; and installing an IDS (e.g. Radiflow iSID) to detect anomalous network behavior.

Radiflow CEO llan Barda’s presentation at zenonIZE 2020 focuses on Analysis of Gaps and Mitigations in an OT network for IEC62443 compliance, and namely streamline the flow of security alerts between the security system (IDS) and the operations personnel and IT professionals.