26 Jan 2026 | A Year In OT Security
Warning: This is the most difficult task in this book for most people. OT cyber incidents and their consequences are lagging indicators. The bad event that caused the impact has already happened. While it is important to capture and present the information you...
19 Jan 2026 | A Year In OT Security
You identified three to five of your company’s key mission metrics in Week 10 of last year. This week consider if any OT security incidents affected these key mission metrics in 2025. If possible, determine the percentage impact of the OT security incidents to all...
12 Jan 2026 | A Year In OT Security
Creating an OT cyber asset inventory is not a one week task, and it may not be the right thing for you to do at this time. This week’s task is to determine what OT cyber asset inventory you are committed to achieving and maintaining over the next year, and, at a high...
5 Jan 2026 | A Year In OT Security
Many OT security standards and guideline documents have creating an OT cyber asset inventory as one of the first tasks that should be tackled; one of the key critical controls. As you can tell from this book, I disagree with this. An OT cyber asset inventory is not a...
22 Dec 2025 | A Year In OT Security
Most of the world is off during this time of year. Take a break. Rest and relax. Enjoy time with friends and family.
15 Dec 2025 | A Year In OT Security
As we come to the year’s end, it’s a good time to perform a first audit of the OT Security Patching Program you put in place in Weeks 36 – 37. If you have other OT cyber maintenance activities defined, audit these too. Is the team doing what they committed to do? A...
8 Dec 2025 | A Year In OT Security
You established a Recovery Time Objective (RTO) in Week 21. After recent weeks’ tasks on response and recovery, it’s time to take a second look at your ability to recover and meet the RTO. We can’t guarantee that any of our cyber security controls will prevent all...
