Owl Cyber Defense
Secure by Design

Owl Blog

Cybersecurity, Technology News and Insights

Securing BSEE Real-Time Monitoring for Offshore Oil & Gas Operations

April 29, 2019

In the wake of the Deepwater Horizon disaster in 2010, the U.S. Department of the Interior launched a series of aggressive reforms in improve safety in offshore well operations. Among them, the Bureau of Safety and Environmental Enforcement (BSEE) final Well Control Rule, which goes live on April 29, 2019, introduced Real-Time Monitoring (RTM) requirements for well operations, including subsea BOPs, surface BOPs on floating platforms, and high-pressure and high-temperature (>15,000 psi, 350oF) environments.

Read More
What do HHS’s latest cybersecurity guidelines mean for healthcare organizations?

April 9, 2019

These guidelines are the result of a collaboration between HHS and its industry partners, called the 405(d) Task Group (also known as Task Group-1F) within the Health Sector Coordinating Council’s Cyber Working Group. The HSS and the Task Group engaged with more than 150 healthcare and cybersecurity experts, as well as HHS government partners to gather feedback and generate and prioritize a set of cybersecurity recommendations for healthcare organizations.

Read More
Medical Device Cybersecurity: Risk, Patching & Plutonium

March 19, 2019

This February I was at HIMMS Global Conference and Exhibition, one of the largest healthcare IT conferences in the US. My focus there was to see the latest on cyber in healthcare, particularly around how hospitals have been managing and securing their medical devices. While it seems hospitals and manufacturers still have some way to go to improve medical device cybersecurity, recent guidelines and some vendors I met with at HIMSS are improving the situation.

Read More
Would You Trust Your Vendors to Protect You From a Cyberattack?

January 18, 2019

The marketing agency we use to design our cool promotional t-shirts is fun to work with – they have a totally hip workspace and even have a resident dog in their office. But do I trust them with the security of our business networks? Not a barking chance.

Systems, networks, and businesses are becoming more interconnected every day, and as that web of connections expands, so does the risk of cyberattack via a third party. Each time another device or network connection is added, a new threat vector is created. So, for those organizations that aren’t thinking about the potential threats created by those third-party connections, it is time to wake up that sleeping dog.

Read More
The Importance of Routine System Updates

January 10, 2019

Raise your hand if you’ve ever felt a pang of guilt when your doctor reminded you to eat healthier and exercise more at your annual check-up. My hand is up. Of course, no one wants to lead an unhealthy lifestyle, but alas, life gets in the way and the ever-growing list of things to do keeps getting longer. So you tell yourself you’ll start tomorrow – and tomorrow goes on for months.  

Read More
America’s Water Infrastructure Act (AWIA) of 2018 – Prioritizing Cybersecurity Risk and Operational Resiliency

December 5, 2018

The recently signed America’s Water Infrastructure Act of 2018 is widely viewed as the most significant water infrastructure bill in decades. This comprehensive legislation was designed to authorize $6B in funds to address current water infrastructure projects, scrap $4B in existing development projects deemed unfeasible or no longer viable, and incentivize businesses to buy and use American products, while creating jobs and reducing regulation.

Read More
How Data Diode Cybersecurity is Being Used to Protect Critical Infrastructure in the Middle East

October 11, 2018

In late 2012, there was a severe, targeted malware cyber-attack on a number of oil & gas facilities using what became known as the Shamoon virus. This Windows-based malware differed from other types of attacks, which typically involved attempting to steal money or information, in that it was designed to aggressively seek paths across networks, seizing any hard disks it might find, wiping out all information, and rendering the hardware useless.

Read More
What Is Data Diode Technology & How Does It Work?

June 25, 2018

Today's business environment is increasingly digital, and more vulnerable than ever to cyberattack. Because of this, various network security technologies have been developed to protect organizational data and infrastructures. One of the most effective of these modern technologies is the data diode. Although it is one of the most effective network security tools available, you may not have heard of this technology and know little of what it does. Below, you'll find a description of what data diode technology is and how it works.

Read More
ReCon: A New Chapter | Embrace the Value of Secure Two-way Communication

June 8, 2018

I recently attended the DistribuTECH and OSIsoft PI World, as an exhibitor and a speaker, and I had a number of great conversations with attendees about cybersecurity in the industrial, commercial, and critical infrastructure verticals. These conversations ranged from the theoretical down to the specific technologies, such as Owl data diode solutions, and hit upon the varied requirements and challenges these particular industries face every day.

Read More
Implementing DHS Best Practices to Secure Industrial Control Systems

May 25, 2018

Modern advancements in industrial control systems (ICS) enable marked improvements in efficiency, production, reliability, and safety, all through increased use of “smart” assets and digital communications. However, this has led to a dependency on communication technology that is seemingly at odds with the ever-increasing pressure to enhance cybersecurity in ICS networks.

Read More
One-Way Data Flow, Secured by Design

March 30, 2018

We thought long and hard on what to write about for our first blog post. It’s a special milestone! But it was inevitable that we address the current news headlines around cyber-attacks, the risks and the strategies to fight these threats. The New York Times recently published an article announcing the Russia hacking of utilities and critical infrastructure. Though some infiltration did occur, this was solely and specifically on the network side, operations were untouched. This is thanks to a hardware-enforced security technology called a data diode.

Read More