Why cyber-security relies on understanding the differences between IT and cyber physical systems

Image for post
Image for post
Photo by Juvnsky Anton Maksimov on Unsplash

Federal agencies and a cyber-security service provider that counts the government and Fortune 500 companies among its clients are all victims of recent cyber attacks in the United States. There are fears that the hackers may also be targeting the private sector. Analysts suspect that a foreign power is behind the security breaches.

Nation states are turning increasingly to cyber warfare to achieve political, economic and military goals. The attacks do not stop at government agencies, but also target critical infrastructure and private corporations to steal sensitive data that can be sold for profit.

Cyber warfare enables nation states to…

The Digital Factory framework facilitates the sharing and analysis of data

Image for post
Image for post
Photo by Science in HD on Unsplash

People had long forgotten how to read ancient Egyptian hieroglyphs when Napoleon’s army came across a large slab of rock buried under the foundations of a building in the Nile Delta. Thanks to the discovery of the Rosetta Stone, as it came to be known, scholars were able to use the ancient Greek inscription to decipher the hieroglyphs carved into the same stone. Something similar is happening nowadays in smart factories, where machines, which often “speak” different languages, are relying on the digital equivalents of the Rosetta Stone to understand and share information.

Information is the lifeblood of modern manufacturing…

A leading technology expert discusses the dos and don’ts of chairing large meetings online

Image for post
Image for post

International technology standards not only promote best practices in efficiency, trustworthiness and safety, but also they are essential for the removal of technical barriers to trade. They are developed and agreed through a process of consensus that relies on at least some face to face meetings between engineers, scientists, regulators and other experts from all over the world. The COVID-19 pandemic has forced all of these meetings online, which presents challenges when hundreds of experts, most of whom are not native English speakers, come together to identify solutions.

The Australian, Mike Wood, understands these challenges better than most. Wood, who…

An effective governance model ensures that good cybersecurity and practices and procedures are maintained properly

Image for post
Image for post
Intrusion detection and prevention in the Wild West. (Publicity still for the Rustlers Of The Badlands 1945 movie with Tex Harding (right) and Dub Taylor (left). Source: Wikimedia Commons)

In the movies, cyber-crime is often portrayed as a modern-day Western, with good and bad nerds shooting code at each other instead of bullets. The truth is far more mundane. Very often data breaches happen simply because employees are negligent or make mistakes.

According to a report from IBM and the Ponemon Institute, human error was responsible for nearly a quarter of all data breaches between July 2018 and April 2019. The best way to mitigate that risk is with a holistic strategy that addresses technology, people, practices and procedures.

Importance of strong leadership

Ensuring those practices and procedures are…

Image for post
Image for post
It is crucial to have a clear picture of who exactly you are targeting, how they consume content and what they care about. (Photo by Daria Shevtsova on Unsplash)

Choosing the right media channels to reach your stakeholders and clients is a tough challenge because it is easy to get wrong. It is even harder for small teams with limited resources.

A website and corporate presence on the most relevant social media platforms — usually Facebook, LinkedIn, Twitter and YouTube — provide the backbone, but sooner or later you will need to weigh the pros and cons of adding other products and services to the mix, perhaps a blog, newsletter or podcast.

It is essential that you base any decisions on a well-defined strategy that clearly identifies your target…

A new generation of malware is attacking the assets that keep modern society safe and functioning

Image for post
Image for post
Photo by Jack B on Unsplash

A new generation of malware is specifically targeting the industrial automation and control systems (IACS) used in critical infrastructure. These systems include the supervisory control and data acquisition (SCADA) technology and human machine interfaces (HMI) that are at the very heart of the assets that keep modern society safe and functioning, affecting everything from food and water to manufacturing plants and power installations.

Probably the best-known cyber-attack on critical infrastructure took place in Ukraine in 2015, when hackers successfully infiltrated the electric utility’s SCADA system. Key circuit breakers were tripped, and the SCADA system was turned into a “brick”, causing…

A company’s legal responsibilities used to depend on its geographical location, but the world is getting smaller

Image for post
Image for post
Image by Pexels from Pixabay

The European Union’s General Data Protection Regulation (GDPR) has transformed the way data is treated, as businesses around the world are avoiding the additional costs of managing different data regimes. Comparable laws giving local residents more control over their data are now starting to come into effect in other countries. For example, the California Consumer Privacy Act (CCPA) gives their residents the power to demand the deletion of information.

Different kinds of legal risk

Regulatory compliance is not the only challenge. Litigation poses a serious threat to organizations, especially in cases where customers, employees or business partners suffer actual financial…

Technology is transforming industry but also making it more vulnerable to cyber attacks

Image for post
Image for post
Photo by amin khorsand on Unsplash

A recent survey in the US showed that manufacturers are increasingly under threat from cyber attacks. Half of the companies that took part admitted they had suffered a data breach or cyber attack in the previous 12 months. It is part of a global trend as the growth of the Industrial Internet of Things (IIoT) brings numerous benefits but also increases the vulnerability of industry to cyber attacks.

The chief motivations for hackers targeting the manufacturing industry are reportedly financial gain and industrial espionage. …

A new report looks at best practice cyber security strategies for the energy sector

Image for post
Image for post
Photo by Walter Sturn on Unsplash

In December 2015, with temperatures struggling to stay above freezing, Ukraine experienced an unprecedented cyber attack on its energy grid. The assault left nearly a quarter of a million people without electricity for up to six hours. It demonstrates the very real threat of an attack cutting off the supply of electricity to our homes, schools, hospitals and factories, with potentially catastrophic results. It is believed the hackers had managed to infiltrate the security of three substations with spear phishing emails, hiding their so-called BlackEnergy malware in fake Microsoft Office attachments.

Incidents such as the attack in Ukraine demonstrate that…

It is important to build security into products and services from the design stage

Image for post
Image for post
Photo by Markus Spiske on Unsplash

The best way to make something safe is to build it that way. Remember the little pig in the fairy tale who chose bricks and mortar? His home was able to weather the worst of the big bad wolf’s huffing and puffing, unlike those of his less well-prepared siblings. That is how, as small children, we first learn that minimizing risk means designing products to be secure from the foundation.

The concept of security-by-design is popular in both software and hardware development. It means making products and systems that are not only free of vulnerabilities but also subject to continuous…

Mike Mullane

Journalist working at the intersection of technology and media

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store