Podcast: October Month In Review
Jason Nations and I go over October’s top three stories plus our Win, Fail and Prediction of the month.
Russian hackers charged, ICS vendor security services, and risk metrics.
Wanted: ICS Cloud Services Security Product
The technology exists. It just isn’t being marketed and sold for this need. The majority of ICS related cloud services currently deployed are for predictive maintenance and performance analysis. These are ‘open loop’ services. Open loop in the sense...IEC 62443 Standards Are Ready For Their Close-Up
About every 18 months, I end up, as I am now, on a project where the asset owner wants to follow IEC 62443 security documents as closely as possible. As I re-read and use them, I’m struck by two things: There is a large amount of great content in the published...
Podcast: September ICS Security Month In Review
The ICS Security Month in Review episodes cover two to three big stories from the month plus a win, a fail and a prediction. This month’s stories include: S4x21’s cancellation and S4x22 dates(7:01) Ransomware in ICS (12:30) SCIDMark and other ICS cyber...
Podcast: ATT&CK For ICS Evaluations
Detecting Triton Type Attacks In this episode I talk with Otis Alexander of MITRE about ATT&CK for ICS Evaluations. We begin with a discussion on ATT&CK and the ICS version of ATT&CK. If you are familiar with this, skip to 17:09 where we begin our...
Podcast: Splunk’s OT Security Add-On
Most of the OT Detection and Asset Management solutions have developed ‘integrations’ with SIEMs, with Splunk and QRadar being the most common. I put integrations in quotes because they did little more than push alerts and events to the SIEMs with little...
Podcast: What OT Can Learn From IT
We hear it all the time. OT is different than IT, and IT doesn’t understand OT. People argue about IT/OT convergence. In all these discussions I believe two things are true. OT doesn’t really understand IT, and the similar, but not identical, requirements...Podcast: Interview with CISA Director Krebs on New Strategy
The US Department of Homeland Security CISA put out a new One CISA strategy document and an Alert in July. So I thought it would be a good time to talk with CISA Director Chris Krebs.
July – ICS Security Month in Review
Rob Caldwell of Mandiant joins Dale to discuss the top stories of July 2020 plus wins, fails and predictions on the Unsolicited Response podcast.