“Discovering ICS Vulns Is So Yesterday”

“Discovering ICS Vulns Is So Yesterday”

Love this comment from Bryan Owen on one of my posts. Discovering ICS vulns is so yesterday, discovering implants is the new, new thing. In observation, there needs to be more emphasis and coverage on discovered implants… otherwise sponsors of defensive programs...
Mythology and Metrics

Mythology and Metrics

OT Security needs metrics. I originally wrote more metrics, but we have almost no metrics. We includes asset owners, governments, vendors, industry groups, … We shouldn’t be funding anything that doesn’t include a hypothesis and a metric that will...
Volt Typhoon Is A Fait Accompli In Cyber Persistence Theory

Volt Typhoon Is A Fait Accompli In Cyber Persistence Theory

All Sides Accept Some Level Of Compromise Of Critical Infrastructure For Reconnaissance and Pre-Positioning If you want to understand US government cyber strategy, offense and defense, you need to master Cyber Persistence Theory. The US would argue they didn’t...
Gresham’s Law – Part 2

Gresham’s Law – Part 2

Gresham’s law is a monetary principle stating that “bad money drives out good”. For example, if there are two forms of commodity money in circulation, which are accepted by law as having similar face value, the more valuable commodity will gradually...

April: High Consequence Event Risk Reduction

The tasks in April are the most important, and the most rarely done, tasks in OT security and cyber risk management. This should be clearer after March when you learned about your company and its risk management program. In a perfect world, systems would work 100% of...