Managing EHDS Connectivity and Cyber Risks

As part of my now-completed PhD research, I’ve spent the last four years modeling cybersecurity risks and mitigation strategies for coordinated attacks on Distributed Energy Resources (DERs). I’ve become convinced that one of the most underestimated cyber-physical threats to the U.S. electric grid isn’t a massive power plant or transmission control room hack - it’s the growing fleet of connected grid-edge devices, including smart thermostats, solar inverters, and other controllable assets. My latest publication examines what happens when thousands, or even millions, of Distributed Renewables and DER assets are hijacked in a coordinated attack. The outcome isn’t just a few localized outages - it’s rapid, system-wide instability that can cascade faster than operators can respond. We’ve made huge strides in using DERs and demand response to benefit the grid - increasing flexibility, resilience, and decarbonization. But that same connectivity also creates new risk surfaces. When devices are aggregated or cloud-controlled, a single compromised point can have grid-wide consequences. While DOE and NERC have warned about these risks, detailed system-wide modeling has been rare. This research is among the first to move beyond “what if” - quantifying real system impacts of coordinated Distributed Renewables/DER attacks and identifying practical, achievable steps to improve our security posture. The resilience of the U.S. grid depends on continuing to integrate DERs securely - pairing innovation with robust cyber safeguards. Read the full paper here: https://lnkd.in/ewqEgWar

🔐 𝗦𝗲𝗰𝘂𝗿𝗶𝗻𝗴 𝗗𝗶𝘀𝘁𝗿𝗶𝗯𝘂𝘁𝗲𝗱 𝗜𝗻𝗱𝘂𝘀𝘁𝗿𝗶𝗮𝗹 𝗖𝗼𝗻𝘁𝗿𝗼𝗹 𝗦𝘆𝘀𝘁𝗲𝗺𝘀: 𝗔 𝗦𝘁𝗿𝗮𝘁𝗲𝗴𝗶𝗰 𝗜𝗺𝗽𝗲𝗿𝗮𝘁𝗶𝘃𝗲 🌐⚙️ As industrial operations increasingly rely on distributed control architectures—with SCADA servers, HMI stations, remote PLCs, satellite links, and RF/WAN connectivity—the cyber threat landscape becomes more complex and dangerous. Here’s a snapshot from a typical Industrial Distributed Control System (IDCS) involving centralized control centers and geographically dispersed remote stations. While this setup enables efficiency and real-time visibility, it also exposes critical assets to significant cyber risks if not properly secured. 🚨 🔍 So, how do we secure such an architecture end-to-end? Here are key cybersecurity measures every industrial organization should implement: 🔐 𝟭. 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗦𝗲𝗴𝗺𝗲𝗻𝘁𝗮𝘁𝗶𝗼𝗻 (𝗜𝗧/𝗢𝗧 𝗕𝗼𝘂𝗻𝗱𝗮𝗿𝘆 𝗣𝗿𝗼𝘁𝗲𝗰𝘁𝗶𝗼𝗻) • Strictly separate the Control Center LAN (IT) from the Process Control Network (OT) using firewalls and industrial demilitarized zones (iDMZ). • Implement unidirectional gateways where data flow must be one-way (e.g., from PLCs to SCADA). 🛡️ 2. Secure Remote Communications • Use VPNs with strong encryption for all WAN and satellite/RF communications. • Replace legacy modems with hardened industrial communication devices that support authentication and encryption. 🔍 3. PLC and Device Hardening • Disable unused ports and services on PLCs. • Apply secure boot, firmware validation, and role-based access control (RBAC) at the edge. 📊 4. Monitoring and Detection • Integrate an Industrial SIEM and deploy passive network monitoring tools (e.g., Deep Packet Inspection for SCADA protocols). • Deploy anomaly detection systems near PLCs and RTUs to identify abnormal process behavior. 🧩 5. Identity and Access Management (IAM) • Implement multi-factor authentication (MFA) for engineering and HMI stations. • Enforce least privilege access and maintain an audit trail of operator actions. 📆 6. Patch Management and Asset Inventory • Maintain a real-time asset inventory of all SCADA components and remote devices. • Regularly validate firmware versions and plan patch cycles aligned with operational downtimes. 🧰 7. Incident Response and Resilience • Design and rehearse cyber-physical incident response plans specific to industrial contexts. • Deploy redundant paths and fallback systems (e.g., local PLC logic if communication is lost). ⚠️ Final Thought: As industries digitalize, attackers are shifting their focus from IT to OT environments. Securing these Distributed Control Environments is not just a technical requirement—it’s a business continuity imperative. 🏭🛡️ 🔗 Let’s prioritize Zero Trust principles, cyber resilience, and secure-by-design architectures for industrial systems. #CyberSecurity #OTSecurity #SCADA #IndustrialCybersecurity #ZeroTrust #IIoT #SCADAsecurity #DCS #Resilience #CriticalInfrastructure #ICS #CybrForge

🛡️ One of the most important realities in cybersecurity is that risk is often visible long before it is exploited. The challenge is whether organizations are looking at their external exposure with enough structure and discipline. I recently reviewed a Shodan Infrastructure Exposure Investigation Lab, and it provides a strong example of how internet-facing asset intelligence can be translated into practical security analysis. The material frames Shodan not simply as a search tool, but as a resource for exposure mapping, service fingerprinting, vulnerability correlation, and SOC-oriented reporting. What makes this especially relevant is the way the investigation is structured. It follows a clear methodology that includes: ✅ Target scoping and seed identification through passive discovery techniques ✅ Shodan-based data collection using dorks for organization, network range, TLS certificate, port, and CVE-focused searches ✅ Service banner analysis and CVE correlation to assess version-level exposure ✅ Structured findings, risk prioritization, and remediation planning suitable for both technical and executive stakeholders The guide also highlights why external exposure management is not only a technical hygiene issue. It is directly tied to: • attack surface visibility, • patching discipline, • asset ownership clarity, • remote access control, • and the ability to identify high-risk services before they become incident entry points. A particularly useful aspect is the way the lab connects isolated findings into broader operational context. The report maps exposures such as unauthenticated Elasticsearch, exposed RDP, unauthenticated MongoDB, misconfigured Redis, exposed Tomcat admin access, and default SNMP into a wider risk picture, including attack-chain analysis and prioritized remediation steps. My takeaway is straightforward: External attack surface management is no longer optional. It is a core part of modern security operations. Organizations do not only need to know what they own internally. They also need a clear, continuously updated view of what the internet already knows about them. 📌 I’d be interested to hear your perspective: Which area do you believe creates the most risk in external exposure today remote access services, unauthenticated databases, outdated software, poor asset inventory, or weak remediation discipline? #CyberSecurity #AttackSurfaceManagement #Shodan #ExposureManagement #ThreatIntelligence #SOC #SecurityOperations #VulnerabilityManagement #OSINT #RiskManagement #BlueTeam #ThreatDetection #IncidentResponse #ExternalAttackSurface #SecurityArchitecture #InfoSec

Why is #healthcare a prime target for #cyber #attacks? Hospitals sit at the intersection of life-critical operations and highly sensitive data. Electronic Health Records (#EHR), connected #medicaldevices, and digital #diagnostic #systems make them irresistible targets. Health #data is among the most valuable on the black market. It contains financial, identity, and deeply personal information that cannot simply be "reset" like a password. Combined with the operational pressure hospitals face (you cannot just "go offline"), attackers know that ransomware hits harder here than almost anywhere else. In our #Resilience and #Security of Critical Infrastructures course, part of the Master of Science in Cyber Risk Strategy and Governance, jointly offered by Università Bocconi and Politecnico di Milano we had the privilege of hosting Italo Covelli Covelli, an #alumn of our joint Bocconi-PoliMi Cybersecurity program, now Senior Consultant in Cyber & Tech Risk at KPMG Italy , for a lecture on healthcare cybersecurity. Here are some key takeaways. 1. Medical devices are the #hidden #vulnerability. Unlike standard IT equipment, medical devices run modified, rarely-updated operating systems, cannot host antivirus software, and must stay permanently connected to the manufacturer. This creates a structural security gap that the hospital's own IT team cannot fix directly, the perimeter must be secured around the device, not on it. 2. Protecting the #environment, not just the device. Italo's research at Santobono Pausilipon hospital showed that the answer lies in strengthening the surrounding infrastructure: network segmentation (V-LAN), DNS traffic analysis, VPN IP-SEC connections, and dedicated Medical Device V-LANs for portable equipment moving across departments. 3. The #humanfactor remains the #weakest link. A survey of 250+ hospital staff revealed alarming gaps: low awareness of phishing risks, passwords written on post-its, and personal devices used to access work systems. Even in a technologically advanced hospital, security awareness programs, scenario simulations, and certifications are essential, yet often underinvested in. Cybersecurity in healthcare is not just an IT problem. It is a patient safety issue, a regulatory imperative under NIS2 and GDPR, and increasingly a matter of national security. Thank you Italo for bringing real-world consulting experience into the classroom #Cybersecurity #HealthcareSecurity #corporatepartners #CriticalInfrastructure #NIS2 #PoliMi #Bocconi #KPMG #DigitalHealth #MedicalDevices

🧠 If your device connects to anything (Wi-Fi, Bluetooth, cloud, an app), your regulatory boundary just expanded. 🔺 Most RAQA teams don't realize it until they're in a submission review. Nearly 500 people registered for our "Connected Device Oversight Assessment Workshop" last week. Here's what speaker Mark O. covered — and what the Q&A told me about where teams are struggling👇👇 1️⃣ Your device system is bigger than your device ↳ Wireless connections, mobile apps, cloud dependencies, and OTA update pathways are all in scope ↳ FDA treats connected features as part of the cybersecurity review — not an add-on ↳ If you can't map your system boundaries, reviewers will do it for you 2️⃣ The 5 domains every RAQA team must govern ↳ Device Architecture — what is the regulated system? ↳ Data & Storage — where does patient data actually live? ↳ Connectivity Risk — what happens if the connection is lost or compromised? ↳ Verification & Validation — how do you prove security, not just assume it? ↳ Post-Market Governance — how do you sustain it after clearance? 3️⃣ "Not Sure" is the most important answer in the room ↳ We walked through 30 governance questions live ↳ The most common response from engineers? "Not sure" ↳ That answer isn't a failure — it's the gap you need to close before a reviewer finds it 4️⃣ Three security items to escalate to engineering today ↳ Are firmware signing keys stored in hardware security modules with access logging? ↳ Do fielded devices implement secure boot and a hardware root of trust? ↳ Are all third-party software update dependencies verified with cryptographic integrity checks? ↳ If you can't answer these, that is the finding 5️⃣ Post-market cybersecurity is a lifecycle obligation — not a launch checklist ↳ Threat intel feeds and NVD monitoring need a named owner and a budget ↳ Vulnerability findings must feed back into your ISO 14971 risk file ↳ Nation-state IR plans look different from ransomware IR plans — most teams only have one 🔥 The secret to connected device governance isn't a perfect technical architecture. It's knowing which questions to ask, and making sure someone on your team owns the answer. 📒 The full 30-question governance guide is available as a free download. Link in comments. P.S. What's the hardest connected device governance question your team has had to answer? Drop it below — I read every reply. ------ #connecteddevices #medicaldevices #cybersecurity #regulatoryaffairs #FDA

🔒📈 Growing demand + rising risk = urgent action needed for secure connected diabetes care The diabetes-device market is booming, driven by increasing diabetes prevalence and breakthroughs in connectivity and monitoring technology. At the same time, more connected devices means more attack surfaces and potentially serious risks for patients, manufacturers & providers. Check out the latest article I had published in Medical Product Outsourcing: • The surge in adoption of continuous-glucose-monitors (CGMs), smart insulin pumps and other networked diabetes-devices. • The cybersecurity and patient-safety vulnerabilities these devices face — from data breaches to unauthorized dose changes. • Why device makers, healthcare organisations and regulatory bodies must line up — both to capitalise on growth and to protect lives. • An understanding of how the #IEEE2621 standard and certification program hardens connected devices while aligning with #FDA and global regulatory cybersecurity guidance 🔗 Read the full piece here → https://lnkd.in/ezK9bUXN If you’re in medtech, health-IT, device manufacturing: • What’s your organisation doing to secure connected diabetes devices? • How are you balancing innovation and risk mitigation? • Where do you see the biggest security blind spots? Learn more about the IEEE Cybersecurity for Connected Medical Device Certification Program https://lnkd.in/emXbSi9d #MedTech #Cybersecurity #DiabetesCare #ConnectedHealth #IoT #HealthcareInnovation #PatientSafety #MedicalDevices Ravi Subramaniam Naomi Schwartz Donna Letters Ceruto IEEE Standards Association | IEEE SA