Progress Beats Perfection in OT Cybersecurity Reflections from an OT Cybersecurity Practitioner Across the previous parts of this series (Part 1, Part 2 & Part 3), I’ve reflected on recurring patterns that shape OT cybersecurity maturity far more than technology alone. Governance structures influence intent. Visibility determines the quality of decisions. Incentives quietly guide behaviour. Taken…
View details
Actions Follow Incentives, Not Policies Reflections from an OT Cybersecurity Practitioner In Part 1 and Part 2 of this series, I reflected on how OT cybersecurity maturity is shaped more by governance, visibility, and decision-making than by technology. A third pattern that emerges repeatedly across OT environments is the role of incentives, particularly the gap…
View details
The Visibility Gap in OT Cybersecurity Reflections from an OT Cybersecurity Practitioner In Part 1 of this series, I reflected on why OT cybersecurity maturity is often constrained by governance behaviour, incentives, and decision-making rather than technology. One related theme that repeatedly surfaces in practice is the issue of management visibility, specifically, the gap between…
View details
Governance, Not Technology, Is Holding OT Cybersecurity Back Reflections from an OT Cybersecurity Practitioner After another year delivering OT cybersecurity services and solutions, one observation continues to surface, a pattern repeated consistently over time. While technology is often challenging, OT cybersecurity maturity is more often constrained by governance behaviour, organisational incentives, and how decisions are…
View details
The decision to patch ICS assets is a topic of significant debate in the cybersecurity community. Unlike IT systems, where patching is generally encouraged to address vulnerabilities, ICS environments often prioritize stability and availability, leading to differing views on whether patching should be immediate or even necessary in every case. Many experts argue that patching…
View details
Today is the Deadline for NIS2, So What? As of today, October 17, 2024, the deadline for the EU’s Network and Information Security Directive 2 (NIS2) has officially arrived. However, only Belgium and Croatia have fully implemented the required cybersecurity measures into national law. This is worrying, as many critical sectors, including energy, utilities, healthcare,…
View details
Riyadh, Saudi Arabia, LEAP Event, March 2024 – OTIFYD, EMEA’s next-generation OT security services provider, has signed a partnership with MAD20™ Technologies, the MITRE ATT&CK® DefenderTM training and certification provider across the GCC and Turkey regions. The partnership between OTIFYD and MAD20 helps to close the persistent cybersecurity skills gap, teaching cyber practitioners how best…
View details
December 12, 2023 – NanoLock Security, a leading provider of device-level, zero-trust OT protection for industrial manufacturing companies, and OTIFYD, EMEA’s next generation OT security services and solutions provider with an elite team of highly trained industrial and cybersecurity engineers and certified experts, are partnering to provide manufacturing and industrial companies with device-level zero-trust OT…
View details
Beyond Compliance: Will Cybersecurity Regulations Keep Up with the Evolution of Threats? In the age of digital connectivity, the critical importance of securing Operational Technology (OT) systems cannot be overstated. Governments and industries are responding to the escalating threats by introducing regulations tailored to OT security. Prominent examples include the Network and Information Systems Directive…
View details
10 Things You Should Do After a Ransomware Attack : Step by Step Guide 2023 1. Stay Calm and Think Rationally Feeling anger or fear as your initial response is completely normal. You’re angry because somebody is trying to extort your company, while fear might stem from the hackers’ threats to expose private or…
View details