Tag: cyber security of critical infrastructures
Introduction Dynamically verifiable device identity is a foundational component of a Zero Trust Architecture (ZTA). Ongoing dynamic evaluation of identity and trust requires complete and timely visibility into relevant components of that identity. Active device certificates issued by a revoked intermediate Certificate Authority (CA) can pose a security threat due to the intermediate CA being […]
Introduction Industrial organizations are facing a new challenge as they try to merge the traditional physical world (Operational Technology or OT) and the digital world (Information Technology or IT). In our experience, companies who prioritize organizational change management when implementing digital solutions get better results from their investments. This is even more true when building […]
This blog is co-authored by Ryan Dsouza, AWS and John Cusimano, Deloitte Introduction Innovative and forward-looking oil and gas, electrical generation and distribution, aviation, maritime, rail, utilities, and manufacturing companies who use Operational Technology (OT) to run their businesses are adopting the cloud in many forms as a result of their digital transformation initiatives. Data […]
What actions customers can take to protect, detect, and respond to Log4j vulnerabilities in Operational Technology (OT) and Industrial Internet of Things (IIoT) environments
In this post we will provide guidance to help industrial customers respond to the recently disclosed Log4j vulnerability. This post covers how to identify if you are susceptible to the issue, and then how to address the vulnerability in OT and IIoT environments. The Log4j vulnerability (CVE-2021-44228, CVE-2021-45046) is a critical vulnerability (CVSS 3.1 base […]
Learn some of the best practices for keeping your IIoT infrastructure secure using AWS’s multilayered security approach and comprehensive security services and features.