Engineering ReferenceEngineering Reference

Cybersecurity

On this page

Cybersecurity protects information and systems from unauthorized access, disruption, or modification. In industrial environments it spans OT and IT — and the cost of failure is measured in downtime, safety, and physical damage.

Overview

The defender’s job is to reduce attack surface, detect intrusions early, and recover quickly. Defense in depth assumes any one layer will fail.

CIA Triad & AAA

  • Confidentiality — only authorized parties read data.
  • Integrity — data is unaltered and trustworthy.
  • Availability — systems are reachable when needed.
  • Authentication — prove identity.
  • Authorization — grant scoped access (RBAC, ABAC, least privilege).
  • Accounting / Auditing — log what happened.

Threats & Attack Types

  • Phishing, spear-phishing, business email compromise.
  • Malware — ransomware, RAT, worm, rootkit, supply-chain.
  • Credential attacks — brute force, password spraying, credential stuffing.
  • Web — SQLi, XSS, CSRF, SSRF, IDOR (OWASP Top 10).
  • Network — MITM, ARP spoof, DNS poisoning, DDoS.
  • OT-specific — PLC logic tampering, HMI compromise, lateral movement IT→OT.

Controls

  • MFA, password managers, hardware tokens (FIDO2/WebAuthn).
  • Patch management, EDR/XDR, application allow-listing.
  • Network segmentation, firewalls, IDS/IPS.
  • Backups (3-2-1) tested for restore.
  • Incident response plan, tabletop exercises.
  • Security awareness training.

Frameworks & Standards

  • NIST CSF (Identify, Protect, Detect, Respond, Recover).
  • NIST SP 800-53 / 800-171.
  • ISO/IEC 27001 / 27002.
  • CIS Controls v8.
  • IEC 62443 — industrial automation & control systems security.
  • SOC 2, PCI DSS, HIPAA.

Tools

  • Recon / pen-test: nmap, Burp Suite, Metasploit, Kali Linux.
  • Forensics: Wireshark, Volatility, Autopsy.
  • SIEM / SOAR: Splunk, Elastic, Sentinel, QRadar.
  • Vulnerability: Nessus, Qualys, OpenVAS.
  • OT: Dragos, Claroty, Nozomi.
reference page