Many industrial processes can go bad in ways that cause catastrophic events. Loss of life. Severe property damage. Environmental disasters. If something gets too hot, spins too fast, mixes with the wrong chemicals, vibrates too much … BOOM! Your task this week is to...

This week’s task requires a discussion with the Finance department. Cybersecurity people in OT and IT often overestimate the financial impact of an outage. In one way, this is a good thing. It means the individual and team will work hard to avoid an outage because...

Your company has been managing risk since its inception. OT cyber risk is not special. It’s one more risk, albeit often ignored until recently. One clear path to failure is to try to invent your own method for managing OT cyber risk that differs from your company’s...

It’s critical to know what your organization is trying to achieve and how success is measured if you are going to meaningfully contribute to cyber risk management decisions.  This week’s task is to identify your organization’s most important 3 to 5 key mission...

Beginning in March we shift for the rest of this book from a focus on your career to a focus on your company’s OT security and cyber risk management program.  A common mistake is to begin by selecting and deploying security controls. You find a standard or...

One last, but not least, task to complete your S4 month is to plan what area you will focus your career growth on over the next year. Hopefully your S4x25 experience and the tasks over the past two weeks have given you some insight on what both will inspire you and...