An Operator Turing Test
Proposal: A small group in the ICS world develop a test to determine if a “machine” can be trained from only historian data to perform as good (indistinguishable) or better than a representative Operator. In 1950 Alan Turing wrote an article on what...
Podcast: Pwn2Own Miami
Almost 300K Awarded For ICS 0day Exploits The ZDI team brought Pwn2Own to ICS with Pwn2Own Miami at S4x20. They awarded almost $300K to researchers who were able to find and exploit 0day vulnerabilities in important ICS applications. Applications such as HMI and EWS...
Are Your ICS Security Patching Plans Realistic?
An interesting and potentially important technical paper was published near the year end holidays and didn’t get the attention it deserved: Vulnerability Forecasting: In Theory and Practice by Éireann Leverett, Matilda Rhode and Adam Wedgbury of...Podcast: Is The Normalized, Taxonomized Approach In A SIEM Doomed To Fail?
An Interview with Corey Thuen of Gravwell. Dale and Corey discuss the value of a normalized, taxonomized approach to SIEM, which Dr. Anton Chuvakin has famously claimed is doom to fail. Corey is sympathetic to this view and tries to explain it to Dale. The alternative...
How To Be An OT Visionary
It really is quite simple to be an OT Visionary. Look at what is happening and working in IT / the enterprisePredict that this same technology and approach will be used in OTBe prepared to be called crazy and told it will never work in OT / ICSFive years later have it...
ICS Breaches Will Happen
Focus on Recovery and Resilience in 2021 We, the ICS security community and asset owners, need to grow up in 2021. There is near hysteria whenever there is an actual, potential or mythical breach of an ICS, regardless of the impact. And this is in an environment where...Podcast: December Month In Review
Eric Byres, CEO of aDolus and of Tofino fame, and I discuss the top three stories from December 2020 and give a Win, Fail and Prediction. https://traffic.libsyn.com/secure/unsolicitedresponse/21-1_December.mp3 Topics: The Solarwinds hackDragos raising $110M in venture...
2020 Predictions – Right, Wrong & Pending
I made a number of predictions in 2020, some overlapping, in both my coverage of the detection market and as a feature of the monthly ICS security month in review episodes of the Unsolicited Response podcast. The predictions help with my analysis and hopefully...