Whether your utility is considering running SCADA in the cloud or not, this new guidance from UKs National Cyber Security Centre is good for awareness of the options.
The NCSC has published new guidance on cloud-hosted Supervisory Control and Data Acquisition (SCADA).
This guidance does not aim to provide a definitive view on whether SCADA in the cloud is the best option for every OT organization. However, it will help to:
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 19, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
The 2024 Sophos Threat Report published this week highlights how cybercrime disproportionally targets small businesses and hits them the hardest. Small organizations are typically more vulnerable to cyber attacks and thus suffer more from the impact of an attack. According to the report, ransomware, followed by business email compromise (BEC), continues to be the greatest threat to smaller organizations and also packs the biggest punch.
CISA ICS Vulnerability Advisories and Alerts, Updates, and Bulletins – March 14, 2024
The Cybersecurity and Infrastructure Security Agency (CISA) has published the following ICS vulnerability advisories, as well as alerts, updates, and bulletins:
ICS Vulnerability Advisories:
- by Jennifer Lyn Walker
It’s difficult to keep track of AI or LLMs that employees may be using (sanctioned or shadow AI) or that leadership may be pressuring to adopt. Additionally, broad discouragement on using AI tools may force users to use “shadow AI” tools with unknown consequences.
The following posts are useful for general awareness of current cyber threats, vulnerabilities, guidance, and other cyber-related news or updates. These resources have been curated by the WaterISAC analyst team as items of broad relevance and benefit that do not need supplemental analysis at this time.
Critical Infrastructure
CISA published guidance today pertaining to organizations transitioning from an on-premises identity management solution to one that utilizes the cloud, more specifically, when organizations decide to leverage a “hybrid” solution. CISA explains that when organizations leverage cloud solutions and attempt to integrate them with on-premises systems, identity management can be significantly more complex. On-premises identity management solutions need to securely and efficiently integrate with those applied in the cloud to achieve interoperability.
1620 I Street, NW, Suite 500
Washington, DC 20006
1-866-H2O-ISAC (1-866-426-4722)
© 2025 WaterISAC. All Rights Reserved.
