An organizational cybersecurity strategy is not complete without an incident response plan. In a recent post, cyber-defense firm Exabeam highlights three elements of incident response: people, processes, and technology/tools. The post discusses the people that should compose the incident response team, including cross-organizational stakeholders who develop and govern the incident response plan.
March 12, 2019
The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. This advisory was initially published on March 29, 2018 and last updated on February 5, 2019. Read the advisory at NCCIC/ICS-CERT.
May 17, 2018
March 12, 2019
The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.
March 22, 2018
The NCCIC has updated this advisory with additional details on affected products. ICS-CERT.
February 6, 2018
March 12, 2019
The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.
February 5, 2019
March 12, 2019
The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.
November 13, 2018
March 12, 2019
The NCCIC has updated this advisory with additional information on the technical details of the affected products and mitigation measures. Read the advisory at NCCIC/ICS-CERT.
December 11, 2018
Microsoft has released its monthly update to address vulnerabilities in its software. For this month, Microsoft has released security updates for Adobe Flash Player, Internet Explorer, Microsoft Edge, Microsoft Windows, Microsoft Office and Microsoft Office SharePoint, ChakraCore, Team Foundation Server, Skype for Business, Visual Studio, and NuGet. Read the update at Microsoft.
In terms of malware, Emotet has been among the greatest threats to water and wastewater utilities in recent months, infecting systems and deploying other types of malware. In one well-document example, in October 2018 Emotet dropped the Ryuk ransomware into the IT system for a North Carolina water utility (WaterISAC created a page on its portal and hosted presentations during webcasts in October and November about this incident).
IT cybersecurity policies and processes do not directly translate to the OT environment, but that does not mean they are not useful. In a recent post, industrial cybersecurity firm Verve Industrial Protection suggests there is great value in applying the rigor of IT systems management to OT systems. As industrial organizations embrace the need for OT specific policies, there is no need to reinvent the wheel. Well-developed IT policies should be used as a starting point and adapted for OT environments.
Today, industrial cybersecurity firm Waterfall Security Solutions announced their Industrial Security Podcast. The podcast will feature interviews with world-recognized experts addressing current and developing ICS cybersecurity topics, such as IIoT, governance, IT/OT integration, and ICS vulnerabilities. The podcast is hosted by Andrew Ginter, VP Industrial Security at Waterfall Security. Episodes will be released every two to three weeks with new experts and new topics.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
