buenas prácticas

Contenido buenas prácticas

Blog posted on 31/08/2017

The architecture of our industrial control systems is not as static as it was some years ago. The adapting of new standards, or simply trying to improve the security of our industrial networks, creates the need to introduce one or various firewalls within our network. Thinking about having to change a network's architecture, the IP of our devices, tests, etc. when introducing a new firewall often leads to the bad decision to not install it. But, do we know about transparent firewalls and how they can be installed with almost no impact in our network? These solutions have advanced a lot in the industry and may be a true plus to our security.

Blog posted on 03/08/2017

The evolution of industrial systems towards an almost complete automation entails new challenges in communications. New functionalities acquired by the process, such as the use of digital relays to manage emergency interruptions, are transmitted by the communications network and this cannot fail. Given this need for zero tolerance to any failure, the redundancy offered by the HSR and PRP protocols can be a key factor.

Blog posted on 29/06/2017

Remote accesses to control devices from networks outside the company are a major problem but, what about direct accesses made thanks to the accessibility of the device? This article explains the concept of hardware hacking and the hazards for the industry.

Blog posted on 01/06/2017

Carrying out an intrusion test or vulnerability analysis in a control system can prove complex due to availability. This is where testbeds come into play. They reproduce production environments and can be of great assistance to researchers and security analysts

Blog posted on 27/04/2017

Credentials can be described as the basic information required to access any device. Sharing and using privileged credentials within control systems is a common task that must be controlled to minimise potential exposure or leakage of information.

Blog posted on 27/04/2017

The installation of security tools may be complex sometimes due to different reasons: the complexity of the tool itself, the environment in which it is installed, the necessary settings, etc. This post shows how to implement an IDS solution and how to manage events in a centralised manner by means of an event manager for industrial control systems.

Blog posted on 20/04/2017

Smart buildings, either intended for housing, for offices or for industries, are fitted with communications systems for control of all elements such as lighting, heating and air conditioning, blinds, etc. Such communications are mainly carried out by means of two protocols or technologies: BACnet and LonWorks. In this article, the security capabilities of each protocol for operating in as a secure manner as possible shall be described.

Blog posted on 11/04/2017

Companies usually spend a large share of their budgets to improve the security of their systems assuming that attacks comes from outside of their networks. But, what if the attack comes from within?

Blog posted on 30/03/2017

As explained in the first post of this series dedicated to the C4V model, the cyber security level of outsourced services is key to assess the cyber security capabilities of any organisation: It is no use increasing the cyber security levels of an organisation if their suppliers’ levels are not as high, because -it goes without saying that- "security is as strong as its weakest link".

Blog posted on 23/03/2017

The increasing number of attacks to industrial networks forces us to analyse their behaviour so that we can implement measures to mitigate said attacks. One of the options used to learn about the behaviour of attacks is the deployment of honeypots. This article deals with the advantages and challenges of this technology when used in industrial environments.