Cyber-Informed Engineering (CIE) and Consequence Driven, Cyber-Informed Engineering (CCE) are concepts developed by the Idaho National Laboratory (INL). A side-by-side comparison of the two is presented in the table below. CIE is a guide to embedding cyber security considerations into cyber-physical systems throughout the engineering lifecycle model, and across business functions. The CIE guide is […]
Cyber incidents were publicly reported at two manufacturing companies over the past few weeks. This comes as cyber security company Dragos reported it had tracked a 50% increase in ransomware attacks against industrial companies in 2023, with manufacturing accounting for 71% of all ransomware attacks. Varta batteries was attacked on 12 February 2024, and steel […]
Proving that money and target size aren’t the primary concern for all hackers, a cyber attack by hacktivists on water equipment in the western Ireland area of Erris, County Mayo, left 160 households without a supply for two days [The Record. 12 December 2023]. Hacktivists value impact and headlines over money to promote a political […]
An asset-rich organisation, Gloucester City Council uses suppliers to help maintain service delivery. Just as many asset management organisations do. In 2021 they suffered a ransomware attack that presented via an email, mid-conversation, from a supplier that had themselves been compromised. In 2023, the Local Government Association, in collaboration with the council, published a case […]
Gloucester City Council’s ransomware attack case study provides insights and lessons for many
Guide to obligations and requirements for critical infrastructure asset cyber security frameworks
Vulnerabilities found with a smart tool highlight some of the risks of relying on technology for critical operations
Five guiding principles with actionable implementation approaches for cyber resilient operational technology environments
A UK-based manufacturer of security fencing recently found itself targeted by a Russia-linked ransomware group who managed to exfiltrate data from their systems. Given the company’s clientele, which includes British government entities*, the fact that the attackers failed to encrypt their systems is a matter of little consequence. This incident highlights several pertinent issues that […]
Essential Cyber Security Awareness for Infrastructure Asset Managers, due late 2023, is an indispensable eLearning course specifically designed for professionals involved in asset-intensive industries. A comprehensive course, it will equip builders, managers, maintainers, and service providers with essential cyber security knowledge and skills to mitigate cyber threats and safeguard infrastructure organisations. Tailored for asset-intensive industries: […]