dalepeterson, Author at Dale Peterson: ICS Security Catalyst

Week 23: Is Your OT Environment Accessible From The Internet?

2 Jun 2025 | A Year In OT Security

Hopefully you believe the answer to this question is no. If any person or device on the Internet can access any of your OT environments you need to take immediate action. Note: “any person or device on the Internet” doesn’t include an employee or partner with...

Rating Past OT Security Acquisitions

27 May 2025 | 2025

It’s been over five years now since the OT Asset Inventory and Detection market sorted itself out. The top tier has changed little. The increased acceptance of cloud-based solutions has helped Armis join original top tier vendors Claroty, Dragos, and Nozomi....

Week 22: Evaluate The Ability To Recover And Meet The RTO (1st Pass)

26 May 2025 | A Year In OT Security

In Week 21 you identified the recovery time objective (RTO). Your task this week is to evaluate, at a high level via interview and inspection, if that RTO can be credibly met. Assume a scenario where everything with an IP address in IT and OT has been compromised and...

False and True: You Can’t Protect What You Don’t Know

20 May 2025 | 2025

False One of the most common OT Security mantras this decade is “You Can’t Protect What You Don’t Know”. Those who say this are almost always saying you can’t protect your OT environment without a detailed and accurate OT cyber asset inventory. This is...

Week 21: Identify The Recovery Time Objective (RTO)

19 May 2025 | A Year In OT Security

Your manufacturing line is down. How fast do you need to have it back in operation to avoid a high or catastrophic consequence that you identified in Weeks 11 – 12? The same “how fast do you need it back in operation to avoid a high or catastrophic consequence”...

What’s Next For DHS / CISA In OT Security?

14 May 2025 | 2025

I’ve had the chance to interview the last three leaders of DHS’s OT security efforts at S4 (only missing out on Seán Paul McGurk). For good or bad, the message has been consistent. Emphasis on information sharing, public / private partnership, new .gov...

Week 20: What Is Your “Island Mode”? Your Response To A Compromise On IT

12 May 2025 | A Year In OT Security

Your IT network has been compromised. Your OT network seems to be working fine, but you’re worried that the compromise will spread to OT. What do you do? Colonial Pipeline faced this situation in 2021 when ransomware infected their IT network. Their response? Shut...

Anecdotes Are Not Data

6 May 2025 | 2025

A large part of OT Security marketing is based around anecdotes. Some anecdotes are real. This small water utility was hacked and a tank overflowed. This manufacturer had ransomware and had to shut down certain factory operations for three days. This rail system was...

Week 19: What Systems On IT Does OT Rely On?

5 May 2025 | A Year In OT Security

The most frequent category of a cyber attack caused outage in OT and Operations, is ransomware infecting systems on the IT network, also called the corporate or enterprise network. Stated another way, most cyber incidents causing an outage in Operations never reach...

Frenos: Is “Continuous and Autonomous OT Assessment” A Sustainable Product Category?

30 Apr 2025 | 2025

Frenos is hot. They won the Datatribe Challenge, and then raised $3.88M in a seed round led by Datatribe. They got Rob Lee on their Advisory Board. And the founders have hired some well known talent in the space such as Tony Turner and Vivek Ponnada. There...