22 Feb 2019 | 2019, Detect
The cases being made in ICS owner / operator companies for the “best” organizational structure for ICS detection, and response, are heartfelt, well considered and often at great variance with one another. The case for Operational Technology (OT) SOC vs....
14 Feb 2019 | 2019, Strategy
This week we published the S4x19 video on three proposed revisions to the Common Vulnerability Scoring System (CVSS) for ICS vulnerabilities. It’s worth a watch and hopefully it will be one more trigger for ICS-CERT to earn the “ICS” in their title...
11 Feb 2019 | 2019, Podcast
This episode of the Unsolicited Response Podcast features a discussion on the S4x19 Main Stage with Brad Hegrat, Joel Langill and Dale Peterson. The question: Is the Purdue Model Dead? http://traffic.libsyn.com/unsolicitedresponse/2019-2-Final-2-Purdue.mp3 The...
31 Jan 2019 | 2019, Detect
How do you pick between 20+ ICS Detection and Asset Inventory solutions who are all claiming to be the best? The ICS Detection Challenge was designed to provide asset owner / potential customers with an unbiased technical comparison. S4x19 ICS Detection Challenge As...
29 Jan 2019 | 2019, Podcast
The first Unsolicited Response episode of 2019 is a shorter solo-sode. It begins with my four major takeaways from 2018: http://traffic.libsyn.com/unsolicitedresponse/Episode_19-1.mp3 Finally figuring out the OT / IT issue Consequence based risk reduction Detection...
3 Jan 2019 | 2019, Strategy
In October 2018, Digital Bond turned 20. I thought before moving on to 2019 and starting our 21st year I’d reminisce a bit and thank the many employees over the past 20 years (see the list at the end of the article). Roger Collins and I started Digital Bond with $75K...
5 Dec 2018 | 2018, Strategy
It’s How Do We Best Build OT Teams & Programs My last post, Best Raw Material for an Operations Technology (OT) Team, received many comments on LinkedIn. A lot of the discussion devolved into the old IT v. OT discussion, partially due to my flippantly...
27 Nov 2018 | 2018, Strategy
One of the topics we tackled in a panel at the Asia ICS Cyber Security Conference last week in Singapore was how best to grow the Operations Technology (OT) Security workforce. Early in his conference introduction Dan Ehrenreich showed a diagram similar to above with...
8 Nov 2018 | 2018, Podcast
In this Unsolicited Response episode I interview Rob Lee of Dragos and Rob Smith of INL on a Department of Energy funded program called Neighborhood Keeper. The program attempts to provide threat detection and intelligence in an easy and affordable way to small and...
29 Oct 2018 | 2018, Detect
I’ve analyzed and made a number of predictions on the ICS Detection market over the past two years. The biggest surprise to me over the last six months has been speed of the market. The winners and losers are being largely determined in 2018 and will result in...
