TÜV Rheinland Blog - Stories from Asia and Africa

The Myth of the Operational Technology Air Gap

Posted by TUV Rheinland on Oct 2, 2018 7:07:15 PM

The cybersecurity field of operational technology (OT) is buzzing as companies increasingly realise that their production systems, manufacturing plants, chemical processing plants, or industrial control systems are at risk from cyber-attacks. This realisation is fuelled by a big uptick in hacker interest as such systems are insecurely connected to the internet and compromising them is a change from stealing credit card information.

In response to cybersecurity concerns, companies often claim that their OT systems are air gapped and not connected to the internet — so they are immune from cyber attacks via this route. The bad news is that upon further investigation, in almost all instances, such claims are found to be incorrect. The reality is that connections abound and systems light up with data flows without the company even knowing about it.

Read More

Topics: ICT, cyber security, operational technology

Managing Risks in Industrial and Operational Technology (OT)

Posted by TUV Rheinland on Jul 24, 2018 3:39:38 PM

The number of cybersecurity related incidents in industrial security and industrial control networks has risen in every region in recent years, and there have been well publicized reports of sophisticated malware and threat actors disrupt-ing safety critical industrial operations.

This has raised concerns about cybersecurity vulnerabilities across all types of industries.

The trend to digitization and system inter-connectivity means that operational technology engineering and opera-ting personnel may not realize the full extent of cybersecurity vulnerabilities they face and are thus inadequately prepared to deal with potential attacks.

Read More

Topics: ICT

TUV Rheinland announces launch of its Global Industrial Cybersecurity Centre of Excellence in Kuala Lumpur, Malaysia

Posted by TUV Rheinland on Jun 7, 2018 12:00:00 PM


TUV Rheinland announces the launch of its global Industrial Cybersecurity Centre of Excellence (CoE) based in Kuala Lumpur, Malaysia. The Centre of Excellence will address the cybersecurity needs of its industrial clients such as manufacturing companies, plant operators, energy and utility companies, transportation and transit system operators to secure their operational technology landscape. In a rapidly evolving digitalization of markets across all businesses there is a significant need and demand for deep Industrial Security skills and expertise that this Centre of Excellence will continue to develop worldwide.

Read More

Topics: ICT

TÜV Rheinland announces Regional GDPR Centre of Excellence in Japan

Posted by TUV Rheinland on Apr 20, 2018 10:40:06 AM

TÜV Rheinland announced its plans to further develop a regional GDPR centre of excellence in Japan aimed at helping its clients across industry sectors. This would address the rapidly growing need in Japan to better understand and implement GDPR requirements.

Read More

Topics: ICT

My Smart Home is my Castle

Posted by TUV Rheinland on Apr 16, 2018 3:17:18 PM

The Smart Home topic is catching on. More and more manufacturers are developing intelligent solutions offering greater comfort and security within our own four walls. That means that more and more devices are having to harmonize and communicate using the same language. Both organizations and consumers are affected by the increasing complexity. From controlling the temperature with an app to automated camera recordings to intelligent locking systems – at the end of the day, the applications in the Smart Home environment have to work smoothly.

Read More

Topics: ICT

TUV Rheinland and OpenSky Named “RSA Archer Suite Partner of the Year” for the Consecutive Year

Posted by TUV Rheinland on Jan 18, 2018 6:00:00 PM

TÜV Rheinland and OpenSky, a wholly owned subsidiary of TÜV Rheinland, are thrilled to be selected by RSA as “RSA Archer Suite Partner of the Year” for the second year in a row. The leading providers of Enterprise Risk Consulting, Cybersecurity and Infrastructure Solutions have been awarded for their leading Archer Practice and GRC business, which is part of the whole "Digital Enterprise. Protected" services portfolio.

Read More

Topics: ICT

Security Advice – Meltdown & Spectre

Posted by TUV Rheinland on Jan 9, 2018 2:55:28 PM

What happened?

An international team of security researchers has discovered serious security vulnerabilities in CPUs. The processor vulnerabilities potentially allow attackers to gain access to sensitive data such as passwords, user data or confidential information.

Read More

Topics: ICT

TUV Rheinland accredited by DAkkS as Certification Body for the ISASecure® Control System Cybersecurity Conformance Scheme

Posted by TUV Rheinland on Nov 3, 2017 11:01:24 AM

DAkkS, the accreditation body for certification bodies in Germany accredited TÜV Rheinland to be an ISA Security Compliance Institute (ISCI) certification body. TÜV Rheinland authorization to issue certificates of conformance for the ISASecure® control systems cybersecurity certification scheme based on IEC 62443 came into effect at the beginning of July 2017. ISASecure® Conformity Assessment is a standards-based certification scheme that assesses the cybersecurity of control systems and components to the IEC 62443 international standards governing control systems cybersecurity.

Read More

Topics: ICT

New Global Center of Competence for IoT Privacy

Posted by TUV Rheinland on Aug 24, 2017 5:00:00 PM

TÜV Rheinland is successfully continuing its digitization offensive with the founding of its “Competence Center IoT Privacy”. With immediate effect, the Competence Center means that the global testing service provider is offering a complete solution for all things relating to data protection in the Internet of Things (IoT) and, as a result, is positioning itself on the rapidly growing global IoT market dealing with the topic of protected privacy. The center located in Cologne has a portfolio that includes, in particular, a diverse range of privacy solutions for the networked home, which are offered globally. The focus here is on protected privacy certificates and consultation and training programs for product manufacturers and system suppliers.

Read More

Topics: ICT

TÜV Rheinland: Security Advisory – NotPetya

Posted by TUV Rheinland on Jun 29, 2017 12:23:09 PM

Thousands of machines infected by the global NotPetya ransomware outbreak.
Patch your systems to avoid being the next victim.

 

WHAT'S HAPPENED?
The campaign seems to have originated in the Ukraine and is now spreading globally. The NotPetya
ransomware is a hybrid of Win32/Petya [1] and WannaCry.[2] The attack vector appears to be MS Office
documents and it attempts to spread itself to other computers using both MS17-010 (WannaCry[3]) and
system tools like PsExec and WMI[4] which allow commands to be executed remotely. NotPetya also
checks for cached administrator credentials and attempts to authenticate to other machines.

Read More

Topics: ICT