This was a fun panel discussion on the S4x18 Main Stage with Kelly Jackson Higgins of Dark Reading and Jim Finkle of Reuters.

We covered a lot of grounds in a frank discussion including:

  • Who is your reader?
  • Are you traffickers in FUD?
  • How long will people click on the vulnerability or exploit of the day in ICS or IIoT?
  • What are your thoughts and response to the ICS vuln as a marketing strategy?
  • How long do you get to spend on a story?
  • How should the ICSsec community pitch a story to a reporter?
  • What’s the best way to reach a reporter?
  • Explain the off-the-record / background / limited use definitions and practice?
  • What should I make of the fact that many reporters are asking me to speculate on who was the Triton victim?

Kelly and Jim are experienced reporters and have been covering the ICSsec space for years. I think this was Kelly’s sixth S4 and Jim’s third.

This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation.

Check out the CyberX Global ICS and IIoT Risk Report and my podcast from last year on the report with Phil Neray.