Home / Blog / Filter / Blog
Subscribe to INCIBE-CERT - Blog RSS

Blog

Specialized blog with informative contents destined to a public with marked technical profile, in order to improve knowledge and create a culture about the security in Internet.
Post related to: Policies
Image of a programmable logic controller

Secure programming techniques for PLC

Posted on 02/02/2023, by INCIBE
The programming of PLCs is a fundamental part of the initial phases when building and designing industrial plants. About that environment, the company will base all its operations in that environment making the configuration of these controllers a critical element. When it comes to programming these devices there are a series of steps and best practices that take advantage of the native functionalities available and that involve little or no need to resort to a PLC programmer, protecting the device in a simple way with minimum spend on resource.
Tags: 
Best practices
Firewall
HMI
IDS/IPS
IIoT
Industrial Control System
Industrial protocol
IoT
Policies
Safe development
SCADA
Services deployment
SIEM
Studies & stats
Threats
Virtualization
Vulnerability
Wireless
Context in the measurement of cyberresilience at the national level

Context in the measurement of cyberresilience indicators at the national level

Posted on 10/27/2022, by INCIBE
Organisations are exposed to the consequences of cyber threats, and may be ill-prepared to face and manage cyber incidents, whether provoked or unprovoked. For this reason, in 2014 INCIBE launched its Indicators for the Improvement of Cyber Resilience (IMC) model, with the aim of improving and understanding the state of cyber resilience in organisations.
Tags: 
Bastioning procedures
Best practices
Continuity
Critical infrastructures
Data protection
Policies
Safe development
Studies & stats
Threats
OT DMZ vs IT DMZ

Differences between OT DMZ and IT DMZ

Posted on 08/04/2022, by INCIBE
Demilitarized zones, also known as DMZs (demilitarized zones), are used for the secure exchange of information between computers on a network that we want to protect and an external network that needs to access those computers. DMZs are widely used in the IT sector and also in the OT sector, but the equipment and services they host are not exactly the same.
Tags: 
Bastioning procedures
Best practices
Critical infrastructures
Data protection
Firewall
Honeypot
Industrial Control System
Policies
Safe development
Services deployment
Standard IEC 62443-4-2, the need to secure ISC components

IEC 62443-4-2, the need to secure components

Posted on 05/12/2022, by INCIBE
The security of control systems can be threatened from different aspects, with the end device being the most important attack vector. With this in mind, the IEC, within the 62443 standard, wanted to emphasise devices by preparing a document exclusively concerning their security: IEC62443-4-2. This document contains different technical requirements to improve the security of the types of assets that can be found in a control system.
Tags: 
Bastioning procedures
Best practices
Continuity
Critical infrastructures
Data protection
Incident
Industrial Control System
Industrial protocol
Policies
Safe development
SCADA
FAT and SAT tests on ICS

FAT and SAT tests on industrial devices

Posted on 04/07/2022, by INCIBE
The continuity of the production process in businesses that require industrial automation depends more and more on the proper functioning, safety and reliability of the system of that composes it. Therefore, conducting tests of acceptance of its operation prior to its commissioning, is vital to ensure that the systems acquired meet the requirements set out in the contract between the company and the manufacturer.
Tags: 
Bastioning procedures
Best practices
Critical infrastructures
Data protection
Industrial Control System
Legal compliance
Pentesting
Policies
Safe development
SCADA
Cybersecurity measures from a global perspective

Cybersecurity measures from a global perspective

Posted on 03/11/2022, by INCIBE
An adequate level of cybersecurity and cyberresilience is essential to keep assets safe from possible cyberattacks. This is why INCIBE-CERT has listed a set of measures and good practices that are valid for any need that affects cybersecurity.
Tags: 
Antivirus
Bastioning procedures
Best practices
Cloud computing
Continuity
Critical infrastructures
Cybercrime
Data protection
Firewall
Identity management
IDS/IPS
Incident
Industrial Control System
Malware
Phishing
Policies
Safe development
Services deployment
SIEM
Threats
Vulnerability
Security level according to IEC 62443-3-3 in control systems

Security level according to IEC 62443-3-3 in Industrial Control Systems

Posted on 03/10/2022, by INCIBE
Standard 62443 arose as a development the ISA 99 standard to fully cover security within control systems. Divided into several parts, each refers to different aspects related to security. The IEC 62443-3-3 standard refers to system security requirements and security levels.
Tags: 
Bastioning procedures
Best practices
Continuity
Critical infrastructures
Data protection
Incident
Industrial Control System
Industrial protocol
Policies
Safe development
SCADA
MITRE matrix: TTP in ICS

The MITRE matrix: tactics and techniques in industrial settings

Posted on 02/03/2022, by INCIBE
Monitoring and analyzing security incidents in Industrial Control Systems (ICS) has been a priority for many organizations for a while now. As a response to this need, and given the great success in other areas specialized in cybersecurity, the MITRE organization has developed a matrix that collects many of the tactics, techniques and procedures detected in the industrial world. This article seeks to make the contents and potential uses of said matrix known.
Tags: 
Best practices
Data protection
Forensics
Industrial Control System
Pentesting
Policies
Safe development
SIEM
Threat intelligence
Threats
Vulnerability
CORBAsec security in CORBA middleware

CORBAsec: security in CORBA middleware

Posted on 01/20/2022, by INCIBE
Not all industrial control systems operate with the same programming language given that, depending on the manufacturer, devices will work with a specific software and programming language. This may be a problem for plant managers in industrial systems, as the interconnectivity between devices becomes impossible, or at least, is further complicated. One solution that has emerged in order to connect systems from different operating systems is CORBA standard and CORBAsec, its development with added security.
Tags: 
Critical infrastructures
Industrial Control System
Industrial protocol
Policies
Safe development
SCADA
Services deployment
Ransomware: response measures

Ransomware: response measures

Posted on 12/16/2021, by INCIBE
Cyberattacks using ransomware are one of the main threats for companies all over the world and Spain is the tenth most affected country. For this reason, this article, in continuation of previous posts on measures of prevention and detection, looks in detail at how to respond these attacks.
Tags: 
Bastioning procedures
Best practices
Continuity
Cybercrime
Data protection
Firewall
Forensics
Malware
Policies
Ransomware measures
Safe development
Threats
Vulnerability

Pages