Rating Past OT Security Acquisitions

Rating Past OT Security Acquisitions

It's been over five years now since the OT Asset Inventory and Detection market sorted itself out. The top tier has changed little. The increased acceptance of cloud-based solutions has helped Armis join original top tier vendors Claroty, Dragos, and Nozomi. There...

read more
False and True: You Can’t Protect What You Don’t Know

False and True: You Can’t Protect What You Don’t Know

False One of the most common OT Security mantras this decade is “You Can’t Protect What You Don’t Know”. Those who say this are almost always saying you can't protect your OT environment without a detailed and accurate OT cyber asset inventory. This is...

read more
What’s Next For DHS / CISA In OT Security?

What’s Next For DHS / CISA In OT Security?

I've had the chance to interview the last three leaders of DHS's OT security efforts at S4 (only missing out on Seán Paul McGurk). For good or bad, the message has been consistent. Emphasis on information sharing, public / private partnership, new .gov organizational...

read more
Anecdotes Are Not Data

Anecdotes Are Not Data

A large part of OT Security marketing is based around anecdotes. Some anecdotes are real. This small water utility was hacked and a tank overflowed. This manufacturer had ransomware and had to shut down certain factory operations for three days. This rail system was...

read more
“Discovering ICS Vulns Is So Yesterday”

“Discovering ICS Vulns Is So Yesterday”

Love this comment from Bryan Owen on one of my posts. Discovering ICS vulns is so yesterday, discovering implants is the new, new thing. In observation, there needs to be more emphasis and coverage on discovered implants... otherwise sponsors of defensive programs are...

read more
Mythology and Metrics

Mythology and Metrics

OT Security needs metrics. I originally wrote more metrics, but we have almost no metrics. We includes asset owners, governments, vendors, industry groups, ... We shouldn't be funding anything that doesn't include a hypothesis and a metric that will provide data that...

read more
Gresham’s Law – Part 2

Gresham’s Law – Part 2

Gresham's law is a monetary principle stating that "bad money drives out good". For example, if there are two forms of commodity money in circulation, which are accepted by law as having similar face value, the more valuable commodity will gradually disappear from...

read more

GET DALE'S ICS SECURITY NEWS & NOTES EMAIL EVERY FRIDAY

UPCOMING EVENTS

OTCEP ... 29 - 30 July 2025 in Singapore

One of the best OT Security events in Asia. Dale will be playing cowboy that week and will unfortunately miss it. Most of the rest of the OTCEP panel will be there on stage.

S4x26 ... 23 - 27 February 2026 in Miami South Beach

Save the date for S4x26. For the biggest and most future focused on ICS Security Event ... and likely our last time in Miami South Beach.