How Do We Solve The OT Cybersecurity Staffing Challenges?
Three answers. 1. Women Women represent 51% of the population and 57% of the college graduates in the US. They comprise less than 10% of the OT Security workforce. Solving the problem could be as simple as adding women to the OT Security workforce until they...
Recommended Security Controls For Level 0 and Level 1
Part 1: Awareness of Purdue Level 0 and 1 (In)Security Part 2: Properly Prioritizing Level 0 and Level 1 Security In this third and final article in my Level 0 / Level 1 security series the focus is on the appropriate security controls. Sensors and Sensor Data The...
Properly Prioritizing Level 0 and Level 1 Security
We have resolved the issue on whether the ICS security community knows that almost all Purdue Reference Model Level 0 and Level 1 devices, and the protocols that communicate with them, lack authentication. They know this. The next question is what to do about it from...
Awareness Of Purdue Level 0 and 1 (In)Security
Solving a problem typically begins with awareness that there is a problem. Back at S4x12 a group of researchers under the Project Basecamp banner demonstrated that most PLC’s (Purdue Level 1 devices) were both insecure by design and ridden with exploitable bugs,...
Legacy System Problem Keeps Growing
If you find yourself in a hole, stop digging. Will Rogers The large amount of insecure legacy ICS and long ICS lifetimes mean we will need to live with this security risk for years / decades. We can argue about how long it should take to replace the deployed...
Maturing Past Maturity-Based To Risk-Based
I recently stumbled upon a McKinsey article from October 2019 that more elegantly, in McKinsey speak, made the argument against “cyber hygiene” than I do. Over the past three years I’ve seen many asset owners go through the same process: Board or...
ICS Security Company Valuation and Value Investing
Frank, non-flattering admission … I am terrible at determining how much an ICS security company is worth, it’s valuation. While I believe that I can analyze the market, identify the product and service trends, evaluate company strategies, and identify the...Women In ICS Security
Kelly Jackson Higgins of Dark Reading joins Dale Peterson to co-host this episode of the Unsolicited Response Show. The topic is Women In ICS Security, and all the guests are Women In ICS Security: – Kristin Demoranville – MJ Emanuel – Najo Ifield...