Safeguard
Tag

ot-security

Safeguard articles tagged "ot-security" — guides, analysis, and best practices for software supply chain and application security.

10 articles

Healthcare Security

Eppendorf BioFlo 320 Bioreactor: A Hard-Coded VNC Password Earns CVSS 9.8 (CISA ICSMA-26-146-01, May 2026)

CISA's May 26, 2026 medical advisory flags CVE-2026-7251, a hard-coded VNC password in all versions of the Eppendorf BioFlo 320 bioreactor. A remote attacker who reaches the device gets full control of cell-culture and bioprocess parameters. We break down the flaw and the fix.

May 27, 202611 min read
Infrastructure Security

Iran-Linked Actors Are Disrupting U.S. Water and Energy PLCs: Inside CISA/FBI Advisory AA26-097A (2026)

A joint FBI, CISA, NSA, EPA, DOE and Cyber Command advisory (AA26-097A, April 2026) warns that Iranian-affiliated actors are now causing operational disruption to internet-exposed PLCs across U.S. water, energy, and government facilities. Through May 2026 it is the defining OT threat. We unpack the campaign and the defense.

May 6, 202612 min read
Compliance

Supply Chain Security for Energy (NERC CIP) 2026

Supply chain security for energy utilities in 2026 means CIP-013-2, CIP-010-4 software integrity, and the CIP-015-1 internal network monitoring rollout.

Mar 12, 20267 min read
Industry Analysis

Manufacturing OT Supply Chain Security in 2026

Manufacturing has converged IT and OT for a decade, and the supply chain risk has followed. Here is what IEC 62443-aligned vendor management looks like in 2026, with the threats that justify it.

Feb 26, 20265 min read
Standards

ISA-TR62443-2-2-2025: Security Protection Schemes for IACS

The ISA released TR62443-2-2-2025 in December 2025, giving industrial operators actionable guidance for designing and validating a Security Protection Scheme. Here is what changed in OT defender practice.

Jan 21, 20267 min read
SBOM

SBOM requirements for industrial control systems (ICS/SCADA)

ICS/SCADA SBOM requirements are colliding with 20-year-old control systems that predate software transparency mandates. Here's what's required, why, and how to close the gap.

Dec 22, 20257 min read
Industry Guides

Energy Sector Software Security and NERC CIP Compliance

Power utilities and energy companies must secure software supply chains while meeting NERC CIP requirements. Here's a practical approach.

Mar 12, 20247 min read
Infrastructure Security

Software Updates in Air-Gapped Environments: Security Without Connectivity

Air-gapped environments protect critical infrastructure by eliminating network connectivity. But software still needs updates. Bridging this gap without introducing the risks you isolated against is the challenge.

Feb 8, 20245 min read
Industry Guides

Manufacturing OT Software Supply Chain: Securing the Factory Floor

Manufacturing OT systems depend on software supply chains that most security teams don't monitor. Here's how to extend supply chain security to the factory floor.

Jan 20, 20247 min read
Emerging Technology

Digital Twins and Supply Chain Security: Securing the Virtual Mirror

Digital twins replicate physical systems in software. When the software supply chain of a digital twin is compromised, the consequences extend to the physical world.

Jul 10, 20235 min read
ot-security — Safeguard Blog