Week 33: OT Security Log Management

Security logs are essential in incident response and after incident investigations. Do you know: What OT security related logs you have? where they are? where they’re archived?  who is responsible for the log?  would the log still be available after a cyber incident? ...
US Government Reset On OT Security Is An Opportunity

US Government Reset On OT Security Is An Opportunity

CISA and other US government departments have accomplished little in OT cyber security and risk management over the past two decades. There has been an increase in funding and activity, not results. While the loss of talent and capability this year in the USG is...
It Won’t Work In OT

It Won’t Work In OT

What Will Fall Next? A common refrain for any new proposed technology: It Won’t Work In OT. A short and incomplete list or examples: 90’s: Windows and Ethernet (yes, there was a battle with many experts insisting Windows workstations and servers connected by Ethernet...
Quantum Cryptography In OT?

Quantum Cryptography In OT?

We’ve received a few proposed sessions on quantum cryptography in OT in our S4x26 Call For Presentations. This isn’t new. We’ve received these every year this decade. They don’t get selected. Why? S4’s motto is Create The Future. While...

Week 30: Review ICS Access Control

Access control is one area where ICS have had robust security controls for decades. These access controls can be customized down to the point or tag level, although this is rarely required. Remember our goal is to enforce least privilege. A user should only be able to...
What We Know – Stuxnet 15 Years Later

What We Know – Stuxnet 15 Years Later

The US House Homeland Security Committee’s subcommittee on Cybersecurity and Infrastructure Protection is holding a hearing today entitled Fully Operational: Stuxnet 15 Years Later and the Evolution of Cyber Threats To Critical Infrastructure. Two of the four...

Week 29: Review OT User Accounts

Week 35 addressed user accounts for cyber assets at unmanned sites. This week you will perform a user account review on all OT systems as part of your OT cyber maintenance. Identify all OT applications, systems, and devices that have user accounts. These could be...
Is EU Cybersecurity Regulation Effective?

Is EU Cybersecurity Regulation Effective?

We can’t answer that question yet, and it’s the time to figure out how we will measure their effectiveness. The EU and its member states are working furiously to figure out how to regulate, implement, and audit the Cyber Resilience Act (CRA) and Network...