Women In ICS Security
Kelly Jackson Higgins of Dark Reading joins Dale Peterson to co-host this episode of the Unsolicited Response Show. The topic is Women In ICS Security, and all the guests are Women In ICS Security: – Kristin Demoranville – MJ Emanuel – Najo Ifield...
My Recollection of the F**g Salmon Dinner
Chapter 2 of Nicole Perlroth’s book This Is How They Tell Me The World Ends is all about S4x13 and particularly about a dinner I hosted that she called The F**king Salmon dinner. We were all in Miami to attend the same bizarre conference – an annual...
Consequence and INL’s CCE
The long awaited detail of INL’s Consequence-driven, Cyber-informed Engineering (CCE) methodology is now available in the Andy Bochman / Sarah Freemen book Countering Cyber Sabotage. I had the opportunity to interview the authors for an hour in this week’s...
An Operator Turing Test
Proposal: A small group in the ICS world develop a test to determine if a “machine” can be trained from only historian data to perform as good (indistinguishable) or better than a representative Operator. In 1950 Alan Turing wrote an article on what...
Podcast: Pwn2Own Miami
Almost 300K Awarded For ICS 0day Exploits The ZDI team brought Pwn2Own to ICS with Pwn2Own Miami at S4x20. They awarded almost $300K to researchers who were able to find and exploit 0day vulnerabilities in important ICS applications. Applications such as HMI and EWS...
Are Your ICS Security Patching Plans Realistic?
An interesting and potentially important technical paper was published near the year end holidays and didn’t get the attention it deserved: Vulnerability Forecasting: In Theory and Practice by Éireann Leverett, Matilda Rhode and Adam Wedgbury of...Podcast: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail?
An Interview with Corey Thuen of Gravwell. Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale. The alternative...
How To Be An OT Visionary
It really is quite simple to be an OT Visionary. Look at what is happening and working in IT / the enterprisePredict that this same technology and approach will be used in OTBe prepared to be called crazy and told it will never work in OT / ICSFive years later have it...