The Radiflow Cyber-Security Blog

Radiflow’s joint webinar with CyberProof covered various topics related to applying business-driven risk management toward optimization of OT security systems.

In the Webinar, Radiflow’s Rani Kehat and CyberProof’s Aman Malhotra presented a solution for a streamlined IT-OT convergence model with a unified security system, which helps users retain full system visibility and mitigate security risks.

Radiflow CEO Ilan Barda is interviewed on Dale Peterson’s “Unsolicited Response” video series, where the two discussed Radiflow’s OT risk management solution including pros and cons of an integrated iSID-CIARA solution, the needs of OT security consultants vs. MSSPs, and more.

Industry best practices and regulatory standards, such as IEC 62443, provide an excellent framework for understanding network risk and planning an optimize OT network protection system for the long-term.

Whilst alert fatigue is understandable, it is also potentially very dangerous. You need a clear strategy for dealing with potential cybersecurity fatigue, and ensuring that alerts are of the highest possible quality in order to minimize the incidence of important alerts remaining ignored.

Assessing OT network risk requires knowing both the impact and the Loss Event Frequency associated with a specific threat. “Guesstimating” would result in skewed findings; therefore, a data-driven approach, based on breach attack simulation is needed.

Gartner’s 2021 Hype Cycle Report recommends the use of key indicators for measuring the effects of OT cybersecurity systems, for Risk (KRIs), Controls (KCIs) and overall performance (KPIs). Radiflow’s CIARA risk assessment & management platform strictly adheres to this framework.

Effective industrial cybersecurity starts with devising an OT security strategy through a structured process of gathering information about the ICS network and its components, setting up a threat detection mechanism, and planning further threat mitigation measures.

Industry 4.0 has brought about many efficiencies in production and oversight, but at the same time exposed industrial (OT) networks to threats. In this post we review the fundamentals of protecting ICS automation networks.

Water utilities can improve their OT risk posture and optimize their industrial cybersecurity expenditure using IEC62443-compliant tools for ICS threat detection, network visibility and cyber-risk management.

Radiflow’s digital image-based APT simulation method, used for assessing network risk the effectiveness of mitigation measures, is 100% non-destructive, making it the preferred tool for industrial risk assessment.

In this post we provide an overview of the MITRE ATT&CK cyber-threat knowledge base, implemented within CIARA’s APT analysis, and its twelve categories for possible industrial breach tactics.

Michael Langer, Radiflow’s Chief Products Officer, examines the root causes for the rise in cyberattacks on industrial (aka ICS/OT/SCADA) organizations, and provides guidelines for mitigating OT network risk.

Radiflow’s VP Business Development Rani Kehat explains the differences between asset- and adversary-based cyber-risk analyses, and how combining the two approaches helps to produce better risk scoring and optimize OT security expenditure.

Radiflow Chief Product Officer Michael Langer provides insight on the recent wave of global phishing attacks primarily focused on South Korean companies, and discusses the potential threat to industrial (OT) companies that may not be adequately protected.