OWASP TOP 10 
for Operational 
Technologies

The OWASP Top10 is a globally recognized framework that identifies the ten most critical security risks in the IT world. Now it has expanded into OT environments.

On December 29, 2025, the Polish energy sector was the target of a series of highly coordinated and destructive cyberattacks.

StationGuard’s Role in IEC 62443 Cybersecurity

In order to ensure long-term security of supply, Switzerland has developed specific regulations in recent years that provide operators of critical infrastructure with a clear framework for action.

In our cybersecurity podcast miniseries, experts share why talking about incident response today is key to being prepared tomorrow.

This paper presents a comprehensive analysis of the security issues found in over 100 global energy facilities, including substations, power plants, and control centers.

IEC 61850 and OMICRON - a long-lasting connection.

In this episode, Simon Rommer explores the critical role of TI and OT power systems cybersecurity with Jose Paredes.

Understanding risks in operational technology requires a different mindset than in IT — because in OT, digital vulnerabilities can quickly translate into physical consequences.

The CISA, in collaboration with the German BSI and other organizations, published recommendations for managing asset inventories.

The new versions of StationGuard Sensor and GridOps are here — with features that further simplify operations and detection across your OT network.

In this episode, Simon Rommer discusses the critical cybersecurity incident response steps of recovery and decision-making with his guest Dr. Marie Moe.

In the position paper, the German Federal Office for Information Security (BSI) expresses concern over the critical threat situation in the energy sector.

In this episode of the miniseries, Simon Rommer & Stephan Mikiss discuss the steps of containment, eradication & recovery in the incident response process.

On 16 April, funding for the CVE and CWE programs is coming to an end, and with it the continued existence of the CVE database.

The EU's NIS2 Directive and similar regulations in the USA, Singapore, Australia, and Switzerland aim to enhance security measures across various sectors.

Simon Rommer and Johann Stockinger speak about the importance of identification, which is the second step in the incident response process.

The German Federal Office for Information Security (BSI) has published new recommendations for securing the OT of distribution network operators.

Over the next decade, we protect Glitre Nett's operations with StationGuard, providing comprehensive protection against cyber threats in their OT networks.

In this episode, Simon Rommer speaks with Tibor Külkey from ALSEC Cybersecurity Consulting, Simon and Tibor discuss the critical importance of preparation.

CISA published 13 security advisories for OT systems. These security advisories describe vulnerabilities in systems that are used in power grids worldwide.

By analyzing thousands of vulnerabilities, this report highlights trends in publication, predominant weaknesses, and attack vectors in the OT sector.

A new version of the ISO 27019 standard has just been released. This standard is highly relevant for information security certifications.

Without network access control (NAC), hackers can plug into the Ethernet switches of critical control networks in substations and control centers.

Today, October 17, 2024, is the deadline for EU Member States to transpose the NIS2 Directive (2022/2555) into national law.

Patching assets in power grid substations is a complex task fraught with challenges unique to the OT environment.

StationGuard simplifies OT security with advanced intrusion detection, asset and vulnerability management, and functional monitoring. This brochure tells you everything you need to know about our benchmark solution.

When introducing a SIEM, it is crucial to consider how to integrate OT into the predominant IT system infrastructure.

Windows devices are omnipresent in information system environments. However, their presence comes with significant security challenges in OT networks.

In the first episode of our miniseries, Andreas Klien & Simon Rommer explore the critical roles of IT & OT in cyber incident response & disaster recovery.

This miniseries "Cybersecurity in the Power Grid" provides you with a 360-degree view of how you can best safeguard your infrastructure from cyber attacks.

Are your operational technology (OT) devices connected to external networks? If yes, this presents an alarming but often overlooked threat.

NIST has identified a vulnerability in SICAM SCADA systems that could allow an unauthorized individual to gain administrator rights on the OT systems.

We look at the diverse world of security advisories and how to use them, and the wealth of experience of our experts in developing our OMICRON advisories.

Why do hardware devices, in addition to software, need to be secured against cyber threats. OMICRON hardware developer Marcel Ströhle is the guest.

Firewalls are the first line of defense in protecting critical infrastructures in cyberspace. This makes them particularly attractive to attackers.

The new version brings along many usability upgrades, incl. MMS server availability, improved router behavior, and more …

Learn how the OMICRON cybersecurity experts analyze incoming alarms and reveal hidden dangers that threaten the safety and operations of an entire system.

Gath­er­ ad­vi­sories, up­date your GridOps vul­ner­a­bil­ity data­base, tend to your as­set in­ven­tory, vul­ner­a­bil­ity match­ing, & risk as­sess­ment.

On February 26, 2024 the National Institute of Standards and Technology (NIST) published the second version of the NIST Cybersecurity Framework (CSF 2.0).

With the German IT Security Act, energy utility operators are required to adhere to the "state of the art" to manage cyber risks effectively.

We collaborated with the BSI and the Fraunhofer Institute to develop an nmap plug-in for OT networks, enhancing tools for power grid administrators.

Andreas Klien discusses the differences & similarities of using OT technology in the aviation & electrical power industry sectors with his guest Ron Brash.

In this podcast episode, Andreas Klien, discusses the security engineering of digital products used in the power grid with his guest, Sarah Fluchs.

In this podcast episode, Anastasiya and Jaques share their experiences, challenges, and innovations in developing our cybersecurity products.

The German Federal Office for Information Security (BSI) has tested our StationGuard and awarded us the IT security certificate (BSZ) as a result.

You think your linux devices are immune to cyber attacks just because there's no official security advisory? You might be wrong.

OMICRON cybersecurity analysts Christoph Rheinberger and Eric Heindl share their personal experiences for IT and OT security officers.

Discover the challenges faced by power providers and practical recommendations for enhancing OT network security.

With StationGuard 2.30, you can imrove your workflows. The intrusion detection system (IDS) enables you to monitor Ethernet networks in the power grid.

In this podcast episode, learn how to successfully implement cybersecurity into critical power system infrastructures with OMICRON cybersecurity experts.

Learn how vulnerability management tools ensure a more effective cybersecurity in power grids.

OMICRON cybersecurity expert Benjamin Teudeloff talks about the increasing necessity for power providers to improve their cybersecurity practices.

Our cybersecurity expert, Ozan Dayanc, reveals insights from global substation security assessments.

Cybersecurity from the Control Center to the Substation - Stadtwerke Kempen is Building a New Substation with OMICRON

StationGuard has a a new search feature that makes it easy to find all equipment information in your network.

StationGuard 2.30 will include a new feature that makes it easier than ever to assess and secure your OT network.

The OTI service bridges the "knowledge gap" between IT and electrical engineering by combining traditional threat intelligence data with deep-seated OT expertise, original manufacturer information, and comprehensive protocol support.