

Week 19: What Systems On IT Does OT Rely On?
The most frequent category of a cyber attack caused outage in OT and Operations, is ransomware infecting systems on the IT network, also called the corporate or enterprise network. Stated another way, most cyber incidents causing an outage in Operations never reach...
Frenos: Is “Continuous and Autonomous OT Assessment” A Sustainable Product Category?
Frenos is hot. They won the Datatribe Challenge, and then raised $3.88M in a seed round led by Datatribe. They got Rob Lee on their Advisory Board. And the founders have hired some well known talent in the space such as Tony Turner and Vivek Ponnada. There...Week 18: Develop The Cost / Risk Reduction Package To Get Funding
Common complaint in OT security: the company won’t spend money on OT security. This week you begin to experience the joy of getting funding for your OT cyber risk reduction project. Let’s review this month’s activities: You’ve identified and understood the safety and...
“Discovering ICS Vulns Is So Yesterday”
Love this comment from Bryan Owen on one of my posts. Discovering ICS vulns is so yesterday, discovering implants is the new, new thing. In observation, there needs to be more emphasis and coverage on discovered implants… otherwise sponsors of defensive programs...Week 17: Prevent OT Compromise From Affecting Safety And Protection
If any of your failure scenarios from last week required isolating the safety and protection devices and systems from OT, then this week you will design your solution. Note: Even if you don’t need to isolate your safety and protection you should read this section. The...
Mythology and Metrics
OT Security needs metrics. I originally wrote more metrics, but we have almost no metrics. We includes asset owners, governments, vendors, industry groups, … We shouldn’t be funding anything that doesn’t include a hypothesis and a metric that will...Week 16: No High Consequence Events If (When?) OT Is Compromised
Last week you identified failure scenarios that could cause a high consequence event when OT is compromised. This week’s task is simple and important. For each failure scenario from Week 15, identify a solution that would prevent the high consequence event if OT were...
Most People’s 1st Article On OT Security … OT Is Different Than IT
You just discovered OT. Maybe you’re in IT and got a tour of your company’s factory or mill. Maybe you went down a rabbit hole on some site or social media and learned about it. You want to share this world, and more often than not it leads to an article...