Cyber Informed Engineering (CIE), Secure By Design, SBOMs for all and everywhere, and large monitoring networks bringing back all sorts of data for visibility and analysis. These large programs, largely driven by government, make so much sense. Who...
I spent the week in Singapore participating in CSA’s OTCEP event. While reduced from year’s past, there still were a number of slides and discussions how IT is different than OT. I’m not sure what’s more wrong in this discussion: straw man or lack of understanding of...
CISA has issued a large number of documents during the Biden administration. Perhaps a flood the zone strategy to prove they are on it and how much they care. I’ve admittedly become a bit numb to reading them as they preach good practices for others with little...
Security controls accumulate, as do the costs of security controls. We see this in what is being lumped into ‘cyber hygiene’. We see it in cyber security standards and good practices. The set of security controls being added to government regulations and forceful...
I started Digital Bond in 1998 to develop a product to secure stock trading transactions over the Internet. A smart card (chip card) would be the second form of authentication and digitally sign every transaction for non-repudiation. This would prevent...
The System Average Interruption Duration Index (SAIDI) is a reliability metric used in the electric sector. It’s a measure of the average annual outage time for a customer. It can be measured by company, state, or country. The US data is available here....
The Port of Nagoya’s Port Unified Terminal System responsible for “managing the loading of containers” was infected with LockBit 3.0 earlier this month. This caused the largest port in Japan to stop operations for 2.5 days, and...
One-way / data diode / unidirectional technology is a powerful security control. It’s physics, rather than software so it can’t be hacked. It will only allow information to flow in one direction. When one-way is set up at a security perimeter it can allow...
On the 4th of July Americans are reminded of our Declaration of Independence. We hold these truths to be self-evident, that all men are created equal, that they are endowed by their Creator with certain unalienable Rights, that among these are Life, Liberty and the...
The US Government’s Impact On OT Cyber Risk (Begins with the bad, and ends with the good) The US Government Hindering, Not Helping, Reduce OT Cyber Risk In The 1 To 3 Year Timeframe I’ve been frustrated with the mountains of OT security guidance and...
