by Gary Mintchell | Apr 23, 2026 | Networking, Organizations, Security
This news release falls clearly into the category of Duh!!!
Human social engineering and humans gaining unauthorized access while serving as contractors and the like have long been known to be a cybersecurity risk. But, I’m happy to note that an august group has perceived the obvious.
The Industrial Security Harmonization Group (ISHG) has released a joint industry perspective highlighting a critical truth in industrial cybersecurity: secure communication is not determined by protocols alone, but by how they are deployed and managed in real-world environments.
Or, maybe, it’s along the lines of “it’s not all our fault?”
The ISHG—comprising leading industry organizations including the FieldComm Group, ODVA, OPC Foundation, and PROFIBUS & PROFINET International—collaborates regularly to align security concepts across Ethernet and non-Ethernet communication protocol technologies. Their shared mission is to reduce complexity for end users and promote consistent, effective cybersecurity practices in industrial automation systems.
I once set at an industrial communication organization meeting where an end-user pleaded for application guidelines. He was studiously ignored.
Industrial communication protocols serve as the backbone of modern automation, enabling seamless connectivity between devices, systems, and applications across both process and factory environments. However, many widely used protocols were originally developed without cybersecurity as a primary design consideration.
It now emphasizes a more practical and realistic approach:
- Security is context-dependent — It relies on how protocols are configured, where they are deployed, and the surrounding operational environment.
- Built-in security features are not sufficient alone — Even advanced protocols require correct implementation and maintenance.
- Compensating controls are essential — Network architecture, segmentation (zones and conduits), monitoring, and physical safeguards play a critical role, especially for legacy and non-Ethernet systems.
by Gary Mintchell | Apr 16, 2026 | Automation, Security
Cybersecurity news will not wither during my lifetime. I think that is a safe prediction. Especially given all the hype around Anthropic’s latest news velocity releases. Not enough media pays attention to potential huge problems with attacking critical infrastructure. You would think they would given Russia’s attacks on the Ukraine’s infrastructure.
This news concerns another partnership of a cybersecurity vendor and a control and automation vendor. This news from OPSWAT cites a strategic collaboration expanding operational technology (OT)-safe patch management capabilities to Emerson’s Ovation Automation Platform customers worldwide.
The April 16, 2026 announcement states the two companies have announced a global strategic reseller agreement that will bring OPSWAT’s cybersecurity technologies to Emerson’s power and water industry customers. As the first initiative under this enterprise-wide agreement, Emerson will integrate OPSWAT’s scalable and safe operational technology (OT) patch management capabilities into its Ovation Automation Platform.
The new OT patch management solution further builds on the collaboration to date by securing the Ovation Platform through OPSWAT’s MetaDefender Endpoint and My OPSWAT Central Management On-Premises, part of Emerson’s purpose-built power and water cybersecurity suite of solutions.
Critical infrastructure operators, including power generation and water/wastewater utilities, continue to face increasing cyber threats, regulatory pressure, and operational risk stemming from unpatched vulnerabilities. OPSWAT’s solution for the Ovation Automation Platform delivers a modernized patch management approach designed specifically for industrial environments, addressing challenges posed by a mix of modern and legacy tools and the ongoing surge of nation-state and ransomware activity targeting the energy and water sectors.
The new strategic collaboration expands on the well-established DeltaV Alliance agreement between OPSWAT and Emerson for OPSWAT’s MetaDefender Kiosk, and MetaDefender Unidirectional Security Gateway for the DeltaV Automation Platform.
The new global partnership also underscores Emerson’s strategy to collaborate with proven and effective cybersecurity providers, a shift driven by evolving global regulations and the need for continuous response to new vulnerabilities.
by Gary Mintchell | Mar 31, 2026 | Generative AI, News, Security
Several people involved with standards have shared with me the insight that the driving force for adoption of some of these will come from company boards due to insurance and risk management pressures. Therefore, I found this paper interesting looking at trustworthy AI from the point-of-view of risk management.
Høvik, Norway, 25 March 2026 – New research from assurance and risk management company DNV has identified the foundations to achieving trustworthy artificial intelligence in the context of safety critical industrial processes. According to the paper, Assurance of AI-Enabled Systems, established risk management principles can be adapted to meet the complexity and uncertainty of AI enabled systems. While AI introduces new risks, proven assurance methods from safety critical industries already provide a robust starting point for addressing them
The paper shows that AI reshapes risk because it does not operate as a fixed, predictable component. This makes traditional one‑time assurance insufficient, and highlights the need for continuous and adaptive assurance throughout the lifecycle
Christian Agrell, Programme Director for AI Assurance at DNV, said, “Creating trustworthy artificial intelligence does not require us to start from zero. We already have strong foundations in modern assurance and risk science and our long experience managing digital technologies in high‑risk environments. Applying these principles thoughtfully allows us to build systems that remain safe and reliable, even as they evolve. Trustworthy AI depends on predictable behaviour under uncertainty, and that is exactly what these foundations help deliver.”
The research draws on DNV’s decades-long assurance and risk management experience in critical infrastructure, including the maritime and energy sectors. The foundational principals to create trustworthy AI include:
- A system model that captures the entire AI-enabled system
- This model reflects how AI interacts with humans, digital and physical components, and its operational environment. It enables understanding of emergent behaviour, unintended interactions and context specific risks that cannot be detected by examining the AI component alone.
- Taking a modular approach
- A risk model, applying uncertainty-based assessment and modular risk principles to break down complex systems with their complex and emergent risks into manageable parts across system levels.
- Linking claims to evidence
- These structured arguments connect claims such as “the system is safe” to verifiable evidence, assumptions and rationale. This provides a transparent, auditable framework for demonstrating trustworthiness throughout the lifecycle.
- Continuous, context aware assurance that adapts as AI evolves
- AI-enabled systems change over time as models are updated, data shifts and operating conditions vary. To maintain trustworthiness, assurance must be ongoing rather than a onetime check. This includes real-time monitoring, regular updates to evidence, and reevaluating risks and requirements so that confidence in the system remains valid throughout its lifecycle
“These foundations give industry a clear, actionable way to build and maintain trustworthy AI. We are already working with companies that recognize the potential of AI, as well as the risks it can pose to the critical services they deliver. I urge more organizations to join us in addressing and managing the risks associated with artificial intelligence,” Agrell added.
The position paper is part of DNV’s broader work to help industry adopt AI responsibly and aligns with the company’s recommended practice (DNV‑RP‑0671) for AI assurance.
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Mar 27, 2026 | Enterprise IT, Security
The accumulation, retention, and analysis of data continues to provide an important foundation for digital transformation, as well as, providing a threat vector for malicious hackers. News from companies combatting the problem forms a core to any coverage these days. This news contains details about launch of another IT solution.
DH2i, a leading provider of always-secure and always-on IT solutions, announced the general availability (GA) launch of DxEnterprise v26.0 and DxOperator v2, featuring high availability (HA), disaster recovery (DR), and operational resilience capabilities enhancements for SQL Server deployments across Windows, Linux, and Kubernetes environments. Together, the releases introduce meaningful advances in availability group (AG) protection, security controls, observability, and automation for both traditional and containerized SQL Server deployments.
In today’s enterprises, a perfect storm has emerged where applications have become direct revenue channels, infrastructure complexity has increased while IT staffing has not, modernization initiatives are no longer optional, security and compliance requirements are tightening, and software update velocity has accelerated. Together, these forces expose the limits of traditional HA approaches. What once worked for small, static clusters no longer scales when SQL Server deployments span hybrid, multi-platform, and containerized environments that demand continuous availability, stronger safeguards, and higher levels of automation. DxEnterprise v26.0 and DxOperator v2 address these challenges head-on.
DxEnterprise v26.0 focuses on improving cluster resilience, visibility, and administrative confidence through enhanced monitoring, stronger safeguards against split-brain scenarios, expanded credential support, and platform modernization. DxOperator v2 extends those capabilities into Kubernetes environments, giving users greater control over scale, updates, and network configuration for SQL Server AGs running in containers.
What’s New in DxEnterprise v26.0
- Deeper SQL Server and Availability Group Intelligence
- Database-level health monitoring is now enabled by default, allowing faster detection of issues affecting individual databases within an AG
- Split-brain scenarios are prevented via automatic per-availability-group quorum enforcement by demoting or shutting down replicas when quorum requirements are not met
- Improved replica connectivity alerts provide real-time notification when replicas disconnect or when SQL Server replica configurations diverge from expected cluster state
- Improved Security and Credential Resilience
- Support for secondary SQL Server backup credentials enables automatic fallback if primary authentication fails, reducing downtime caused by credential changes or expirations
- Administrative sessions are automatically disconnected when the cluster passkey changes, ensuring only authorized users with current credentials retain access
- The DxAdmin user interface now includes clearer prompts, stronger validation, and improved feedback for passkey configuration
- Greater Stability and Observability
- Core monitoring services, including DxLMonitor, DxCMonitor, DxStorMonitor, and DxHealthMonitor, have received reliability and stability improvements to reduce unexpected restarts and improve overall cluster resilience
- Basic anonymous telemetry is now available to help improve product quality and diagnostics, with opt-out configuration for customers who prefer not to participate
- Platform and Usability Enhancements
- DxEnterprise’s Linux version now runs on the .NET 8.0 runtime, delivering improved performance, security, and long-term support alignment
- Virtual hosts can now be renamed using a new rename-vhost command, simplifying cluster management and reorganization
- Additional safeguards prevent accidental overwriting of existing data stores during SQL Server high availability virtualization
- Enhancements to DxCLI and DxPS improve command-line usability, including human-readable XML output and new PowerShell cmdlets
- The DxCollect utility now includes expanded command-line options for more targeted diagnostics and log collection.
What’s New in DxOperator v2
- Flexible Scaling Up and Down
- Availability group clusters can now be expanded or reduced dynamically
- Unlike the previous version, DxOperator v2 can safely de-configure and remove replicas from a running cluster, enabling true scale-down operations
- Automated Rolling Updates
- Administrators can automate rolling updates of SQL Server or DxEnterprise container images, allowing pods to be updated one at a time without manual intervention
- Updates can also be performed manually when desired, giving operators full control over rollout strategy
- DxOperator does not automatically check for new container versions, ensuring that administrators remain in control of when and how updates are applied
- Advanced Network and Service Configuration
- Flexible service templates allow load balancers and other network services to be fully specified and automatically deployed per availability group replica
- This enables more consistent connectivity across different Kubernetes environments and cloud providers
- Redesigned Custom Resource and StatefulSet Adoption
- The custom resource definition has been redesigned for greater flexibility and now leverages Kubernetes StatefulSets
- By delegating pod creation, storage allocation, and rolling upgrades to Kubernetes, DxOperator v2 simplifies internal logic while benefiting from native Kubernetes reliability and lifecycle management
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Feb 13, 2026 | Security
Dragos has more news coming next week. In the meantime, news of a collaboration with, who else for industrial software, Microsoft. How many Microsoft mentions squeezed into one sentence—Dragos brings proven energy and industrial cybersecurity, seamlessly deployed on Microsoft Azure, integrated with Microsoft Sentinel and readily accessible through Microsoft Marketplace.
Dragos Inc., a global leader in cybersecurity for operational technology (OT) environments, announced February 3, an expanded collaboration with Microsoft to help organizations modernize and secure their cyber-physical operations amid accelerating digital transformation, cloud adoption, and AI-driven change.
This collaboration focuses on integrating Dragos’s capabilities with Microsoft’s cloud and security platforms. By deploying the Dragos Platform on Microsoft Azure, integrating with Microsoft Sentinel, and enabling streamlined procurement through Microsoft Marketplace, organizations can more tightly align IT and OT security operations while adopting robust protections purpose-built for operational environments.
The collaboration addresses Microsoft customers’ on-premises OT security needs and enables Dragos to expand its cloud reach, creating deployment flexibility that serves customers’ diverse infrastructure strategies. Importantly, Dragos, a Microsoft partner, addresses a long-standing capability gap for organizations seeking to modernize operations without introducing unacceptable operational risk.
They provide a list of benefits:
- Unified IT/OT security operations through native integrations with Microsoft Sentinel Flexible deployment options across cloud, hybrid, and on-premises environments to support diverse infrastructure strategies
- Improved visibility into industrial assets, threats, and operational impact, enabling faster, more informed response
- Reduced procurement friction via Microsoft Marketplace and alignment with customers’ Azure consumption commitments
- A future-ready foundation for securing AI-enabled, connected, and automated operations
- This integrated approach enables organizations to accelerate cloud and AI initiatives while maintaining the safety, availability, and compliance requirements essential to cyber-physical environments.
Four integration pillars:
- Flexible Deployment Options—Beginning in Q1 2026, the Dragos Platform will support SaaS deployments on Azure, in addition to on-premises and hybrid models.
- Microsoft Sentinel Integration—OT-specific telemetry, threat intelligence, and asset context from Dragos flow directly into Microsoft Sentinel, enabling unified IT/OT detection, investigation, and response.
- Microsoft Marketplace Availability—Customers can procure Dragos through Microsoft Marketplace and apply Azure consumption commitments (MACC), aligning OT security investment with broader cloud and AI initiatives.
- Looking Ahead—This collaboration establishes a scalable foundation for continued innovation, enabling deeper technical integration and coordinated go-to-market execution as OT, cloud, and AI environments become increasingly interconnected. For customers, it provides a clear, future-ready path to secure modernization, establishing Dragos’s OT-native cybersecurity as an integral capability within one of the world’s most important enterprise technology ecosystems.
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
by Gary Mintchell | Feb 4, 2026 | Generative AI, News, Process Control, Security, Software
This news came last week. Just as I was contemplating the business model of cybersecurity firms following another acquisition, this news of a new company launch with a unique take on security. This company will be interesting to watch. The news comes from Amsterdam concerning the launch of a company called Indurex. Naturally they have AI in their product offering and manage to work in an older term—cyber-physical systems.
The quick take: An AI-powered, human-in-the-loop platform that brings together process safety and cybersecurity, turning complex signals into trusted decisions for resilient critical infrastructure.
Indurex, a pioneering artificial intelligence (AI) and cyber-physical systems (CPS) security company, announced on January 27 its official launch to help protect critical infrastructure, smart manufacturing, and connected industrial operations. The company’s mission is to deliver robust, adaptive security solutions that safeguard both the physical and digital worlds as they increasingly converge.
Founded by a team of seasoned experts in operational technology (OT), cybersecurity, and process safety systems, Indurex enters the market at a decisive time. Operators across energy, utilities, and manufacturing sectors face mounting challenges from IT-OT convergence, cyber sabotage, and cascading system failures — putting both process safety and cybersecurity integrity under increasing pressure and exposing essential assets to unprecedented risk. Traditional tools, designed for isolated IT networks or legacy control systems, can no longer assure the level of operational, safety, and cyber integrity required in today’s highly connected industrial environments.
Industrial organisations continue to face a critical gap between process safety and cybersecurity, which are managed in disconnected silos. Existing tools generate high volumes of alerts without sufficient industrial or engineering context, leading to alert fatigue and a limited ability to assess real operational and safety impact. At the same time, a new class of AI-enabled and cyber-physical threats is emerging — capable of exploiting process behaviour, safety dependencies, and human workflows. Detecting and stopping these threats requires AI-native technologies designed for industrial systems, combined with human-in-the-loop intelligence to ensure explainability, trust, and effective decision-making.
Indurex bridges this gap with an AI-native, interoperable platform that unifies engineering context and cybersecurity intelligence — an approach the company defines as Engineering Cyber Intelligence.
This delivers measurable returns across three dimensions:
- Operational Excellence & Safety Integrity: Fewer trips and faster recovery through unified situational awareness and continuous assurance of Safety Integrity Functions (SIF)
- Cyber Resilience: Contextualized detection and response across digital and physical domains, aligned with operational and safety impact
- Cost & Compliance: Automated reporting and defensible evidence of risk, control maturity, and safety integrity across critical systems
Click on the Follow button at the bottom of the page to subscribe to a weekly email update of posts. Click on the mail icon to subscribe to additional email thoughts.
