Posts by Veridify Security
Benefits of Encryption for OT Networks
Encryption of OT networks and devices, such as sensors, controllers, and other automation systems, is essential for securing modern industrial and building environments. As these devices are increasingly networked and remotely managed, the risks of unprotected communication grow. Why OT Communications are Not Encrypted OT communications lack encryption for several reasons: Network Isolation: Historically, OT…
Read MoreBACnet Security and Operational Issues with Self-Signed Certificates
Self-signed digital certificates have both advantages and disadvantages, and while they can be a quick solution for certain scenarios, they come with security challenges. Self-signed certificates introduce significant security and operational challenges in BACnet/SC deployments for building automation systems. Unlike certificates issued by trusted Certificate Authorities (CAs), self-signed certificates lack third-party validation, creating vulnerabilities in…
Read MoreZero Trust Security for Microgrids and Energy Control Systems
Microgrid Security As critical infrastructure operators adopt increasingly complex OT networks to support distributed energy resources, microgrids, and water treatment systems, the attack surface for cyber threats continues to grow. Legacy perimeter-based security is no longer adequate to defend against persistent and advanced threats. A modern, Zero Trust approach is required to ensure that only…
Read MoreProtecting Airport Baggage Handling Systems from Cyberattack
Modern airports are marvels of efficiency, moving thousands of bags hourly across miles of conveyor belts, scanners, and sorting systems. These systems are as advanced and sophisticated as any modern manufacturing facility, yet behind this seamless operation lies a growing vulnerability: cyberattacks targeting baggage handling systems (BHS). The critical operational technology (OT) networks, which manage…
Read MoreCybersecurity Challenges in Retrofitted Smart Buildings
As cities worldwide push to modernize aging infrastructure, older commercial buildings are increasingly being retrofitted with smart technologies like IoT sensors, cloud-based management systems, and AI-driven automation. While these upgrades enhance energy efficiency and tenant experiences, they introduce a critical challenge: securing legacy systems never designed for connectivity. This article explores the unique risks of…
Read MoreZero Trust Security for Legacy OT Devices
How Can Zero Trust Security be Added to Legacy OT Devices? Implementing Zero Trust Security in legacy OT devices, systems, and equipment requires balancing modern security principles with the limitations of aging infrastructure. Key Challenges with Legacy OT Systems Outdated Protocols: Many legacy devices use insecure protocols (e.g., Modbus, DNP3) lacking data encryption or authentication.…
Read MoreQuantum-Resistant Security for IoT and M2M Devices
Imagine a lock that’s been guarding your front door for decades. It’s served you well, but now thieves have invented high-tech tools that can pick it in seconds. As quantum computing advances this is the challenge facing today’s encryption methods, including those used by Internet of Things (IoT) and Machine-to-Machine (M2M) devices – from smart…
Read MoreSecuring Critical Infrastructure to Reduce OT Cyber Risks and Impacts
Webinar Summary – Securing Critical Infrastructure (OT) In the webinar about securing critical infrastructure hosted by KMC Controls, the panelists discussed critical infrastructure and the importance of hardening operational technology (OT) against cyber vulnerabilities. The session featured insights from Sandy Kline, Louis Parks, and Paris Stringfellow, who shared their extensive experience in cybersecurity and operational…
Read MoreZero Trust Security for Building Management Systems in Data Centers
Data centers are an essential part of modern infrastructure, and downtime can result in disruption of services, reputational damage, and significant financial losses. According to the Uptime Institute Annual Outage Analysis for 2024, power issues are consistently the most common cause of serious and severe data center outages, but 13-19% of data center failures were…
Read MoreZero Trust vs Remote Access VPN for Building Control Systems
Zero Trust architecture fundamentally transforms how organizations secure their building automation networks by addressing the inherent vulnerabilities of traditional remote access VPN-based security. What is a Remote Access VPN? A remote access virtual private network (VPN) enables users to connect to a private network remotely. This kind of VPN is used by employees or…
Read More