Grateful To Be In ICS Security
Happy Thanksgiving to my US readers. There is much to be thankful for if you are in the ICS security community. In my S4x20 keynote this past January, I contended that this is a great time to be in ICS security. Two months later, COVID shook the world. I know many of...
Chris Krebs Firing Changes What?
Is It Time To Change Mission, Or At Least Expectations, For DHS? President Trump’s firing of CISA Director Chris Krebs on Tuesday served no purpose except for petty vengeance. In just over two months he would not have to deal with Chris or any other appointees....
Ransomware and ICS
Hype And Recovery A woman died in Germany concurrently with a ransomware attack on a hospital, and the media was flooded with articles about ransomware causing its first death. Wired’s article this week, The Untold Story of a Cyber Attack, a Hospital...
Long Hidden ICS Cyber Risk, Not Increased Threat, Driving Disruption
I’m giving a keynote at an upcoming event, Fortinet’s Secure OT 2020 on Nov 24-25, that has as its theme “Innovation Through Disruption. While I’ll focus mostly on three ICS disrupting innovations in the next 1-3 years, I gave some thought...Podcast: October Month In Review
Jason Nations and I go over October’s top three stories plus our Win, Fail and Prediction of the month.
Russian hackers charged, ICS vendor security services, and risk metrics.
Wanted: ICS Cloud Services Security Product
The technology exists. It just isn’t being marketed and sold for this need. The majority of ICS related cloud services currently deployed are for predictive maintenance and performance analysis. These are ‘open loop’ services. Open loop in the sense...IEC 62443 Standards Are Ready For Their Close-Up
About every 18 months, I end up, as I am now, on a project where the asset owner wants to follow IEC 62443 security documents as closely as possible. As I re-read and use them, I’m struck by two things: There is a large amount of great content in the published...
Podcast: September ICS Security Month In Review
The ICS Security Month in Review episodes cover two to three big stories from the month plus a win, a fail and a prediction. This month’s stories include: S4x21’s cancellation and S4x22 dates(7:01) Ransomware in ICS (12:30) SCIDMark and other ICS cyber...