A CI/CD (Continuous Integration/Continuous Deployment) pipeline is an essential tool in modern software development, which allows you to automate and optimize the entire development lifecycle, from code integration to its deployment in production. The article aims to explain security in CI/CD pipelines, motivating readers to adopt automated practices that not only optimize software development, but also minimize the associated risks. Keep in mind that automation carries certain risks if not handled safely, as it can increase the attack surface for cybercriminals. It underscores the importance of implementing security controls at every stage of the pipeline, urging developers to take initiative-taking steps to protect their code, their environments, and ultimately, their final products.
Larger scale and complexity industrial control networks present risks, and cybersecurity needs that usually cannot be met by applying a traditional segmentation model. Factors such as the presence of critical obsolete equipment, equipment managed by third parties or the increased presence of IoT technologies that require external connections, are motivating the adoption of more advanced architectures when applying the principle of defense in depth.
Proper segmentation can be a fundamental aspect in preventing attacks, especially in their propagation to essential and critical production assets. It is also important to adapt to the environment to be segmented. It is a common mistake to try to segment networks based on concepts and schemes like the IT environment.
This article will present some new network models and tips to work on a correct segmentation in an environment where different components are involved (OT, IIoT, IT, IoT).
MITRE Caldera OT stands out mainly for being an open-source tool that allows the simulation of different cyber-attacks in industrial environments. This tool was created by MITRE and CISA (US Cybersecurity and Infrastructures Security Agency), as the experts saw the need to be able to improve and understand cybersecurity in industrial environments without using a high number of resources.
In addition, this tool is designed to be used by both the Red Team and the Blue Team, allowing both teams to collaborate with each other to improve the level of cyber security in these environments.
In the era of interconnection and digitization, industrial control systems (ICS) are increasingly exposed to cyber threats. These systems are vital for energy production, manufacturing and critical infrastructure management, and their protection has become an essential priority.
Risk analysis is fundamental in this context, as it allows identifying, assessing and prioritizing the risks that can affect ICS. This process, ranges from technical vulnerabilities to emerging threats, and is crucial for developing effective mitigation and protection strategies.
In this article, the challenges and solutions related to risk analysis in ICS will be explored, as well as the importance of the IEC 62443-3-2 standard in this critical process.
The digital twins are virtual recreations of real-world objects or processes. This innovative idea, proposed by Dr. Michael Grieves, has become increasingly relevant in various industrial sectors thanks to the advancement of technologies such as 3D modelling, the Internet of Things (IoT), the IIoT (Industrial Internet of Things), machine learning and big data. Its application makes it possible to simulate and analyse physical processes efficiently, thus contributing to the digital transformation of industry, also known as Industry 4.0.
The fundamental purpose of digital twins is to facilitate the understanding of how elements operate in the physical world. For example, in manufacturing, it is possible to create a digital twin of a factory and through simulations explore different scenarios: what would happen if a machine were modified, how would it impact production, and what would happen if a machine were changed? The digital twin provides answers before real changes are made to the physical environment, speeding up decision-making and optimising processes.
The ability to monitor and analyze the behavior of users and entities becomes crucial for early detection and response to potential threats. UEBA solutions identify unusual or anomalous patterns in user behavior, enabling rapid identification of internal threats or external compromises. This post focuses on how UEBA analysis is becoming an essential tool for a cybersecurity strategy, from identifying suspicious behavior to preventing potential security breaches.
The agri-food sector is one of the most critical sectors today because it is one of the most important sectors for the country's economy, as it produces food.
This sector, like many others, is in continuous evolution. An example of this is the automation and digitalization of the many processes that are carried out. These new technologies bring many advantages, such as more efficient processes, less water consumption, detection of possible risks, etc. These great advantages also bring with them some problems, such as increased exposure to cyber-attacks.
Therefore, this article provides some basic knowledge to make the industry aware of the importance of implementing cybersecurity in their technologies.
UMAS (Unified Messaging Application Services) is a Schneider Electric (SE) proprietary protocol used to configure and monitor Schneider Electric programmable logic controllers (PLCs). While it is true that the protocol is related to this manufacturer, the use of the protocol is quite widespread in different sectors, especially the energy sector, as is obvious.
The article will focus on the technical breakdown of the protocol and the use of the protocol. The article will also show weaknesses, strengths and some technical vulnerabilities detected in this protocol.
There are currently many standards and regulations in the industrial sector. A wide variety of them allow industrial organizations to check their level of maturity, such as IEC 62443, or to improve the security level of the organization through the application of a series of guidelines, good practices or guides, as in the case of the NIST Framework.
Given the growth of the industrial sector, and the increase in capabilities, both in production and connectivity, thanks to the consolidation of Industry 4.0 and the emergence of Industry 5.0, industrial environments are in the focus, not only of technological improvements, but also of cyber-attacks.
The application and implementation of the IEC 62443 family, in combination with the NIST Framework, will enable organizations to reduce, mitigate and control the possibility of suffering a cyber-attack by implementing the controls and best practices defined in both standards.
The UN R155 and UN R156 regulations are of vital importance for vehicle cybersecurity. From July 2022, all car manufacturers that want to be type-approved must comply with both regulations, but from July 2024 this requirement will be extended to all new vehicles sold in the European Union, regardless of when the manufacturer obtained type-approval. One of the most important aspects of compliance with both regulations is the completion of a cybersecurity risk assessment of the vehicle, including all integrated components of the vehicle's supply chain. On the other hand, it also specifies how to incorporate cybersecurity from design, how to detect and respond to incidents, how to securely update vehicle software, etc.