Iranian Cyber Actors Are Targeting U.S. PLCs
Introduction In April 2026, CISA released a cybersecurity advisory warning that Iranian-affiliated APT actors are exploiting internet-facing operational technology devices, including Rockwell Automation/Allen-Bradley PLCs, across U.S. critical infrastructure. At first...
Myth: OT Cybersecurity is IT’s Job
Introduction As cyber threats evolve in complexity and frequency, the distinction between IT (Information Technology) and OT (Operational Technology) environments has never been more critical or more misunderstood. One of the most dangerous myths in industrial...
Accenture’s Dragos Deal Validates OT Cybersecurity and Raises Questions Every Customer and Partner Should Be Asking
On June 18, 2026, Accenture announced agreements to acquire 100% of runZero and NetRise and a majority stake in Dragos, for a combined enterprise value of approximately $4.175 billion. The transactions are expected to close in August or September 2026, subject to...
DoD Guidance on implementing Zero-Trust
Introduction The Department of Defense (DoD) released guidance designed to “coordinate, synchronize, and accelerate adoption” of the implementation of zero trust within Operational Technology (OT) cybersecurity frameworks. They emphasize the need for OT-specific...
Dedicated OT SOC or a Converged SOC? Making the Right Call for Industrial Security
As cyber threats targeting Operational Technology (OT) and Industrial Control Systems (ICS) continue to increase, many organizations find themselves asking a fundamental question: Should we stand up a dedicated OT Security Operations Center (SOC), or should OT...
What Does an OT SOC Analyst Look Like?
As cyber threats continue to evolve, Operational Technology (OT) environments have become a growing target for both cybercriminals and nation-state actors. Critical infrastructure sectors, including energy, manufacturing, water treatment, and transportation, are...
Myth: “Compliance Equals Security”
Introduction: Why This Myth Persists In boardrooms and audit reports, compliance frameworks often serve as the standard for cybersecurity maturity. If an organization can demonstrate to auditors that it aligns with ISO 27001, NERC CIP, or IEC 62443, executives may...
Telnet in OT: The Risk Everyone Knows and Still Can’t Remove
The recent disclosure of CVE-2026-32746 once again brought Telnet into focus. Telnet is a legacy remote-access protocol that lets users connect to and manage systems over a network via a command-line interface. Unlike modern alternatives, it transmits data in...
How to Successfully Implement Password Management in OT/ICS
In the previous article, we discussed why password management continues to be one of the toughest cybersecurity challenges in Operational Technology (OT) and Industrial Control System (ICS) environments. Legacy systems, ongoing operations, vendor dependencies, and...
Why Is Password Management So Difficult in OT/ICS?
Password management is often viewed as one of the most fundamental cybersecurity controls. Strong passwords, rotation policies, and account management practices are among the initial security measures taught in most IT security frameworks. Why, after decades of...
Myth: Legacy OT Systems Are Too Old to Be Targeted
When many industrial operators hear about cyberattacks, their minds jump to high-tech targets, modern cloud platforms, corporate IT networks, and state-of-the-art control systems. The assumption often follows:"Our legacy OT systems are too old for hackers to care...
Managing Cybersecurity Risk in Large-Scale Cellular Modem Deployments for OT Networks
Cellular connectivity has quietly become one of the most common yet least understood components in modern OT environments. Utilities, oil and gas operators, manufacturers, and transportation providers are deploying hundreds or thousands of cellular modems to connect...
If you are frustrated at wasted time and resources spent on security projects with nothing to show for it, or need your security or operations team to do more with less, give us a call at (469) 574-4000 or send a message to info@enaxy.com. Let’s see how we can help ensure your assets are secure.