Podcast: S4x19 Closing Panel

Podcast: S4x19 Closing Panel

http://traffic.libsyn.com/unsolicitedresponse/2019-11_Closing_Panel.mp3 The S4 Closing Panel is always a candid discussion on where the community is in securing ICS, where we are succeeding and where need to do better. This year I was joined by Rob Lee of Dragos and...

read more
Book Review: Security PHA Review

Book Review: Security PHA Review

Rating: ★★★★☆ Tweet Length Review: Short and effective description of a process to add intentional cyber attacks to a Process Hazards Analysis (PHA). Includes basic process engineering examples that are highly useful for readers with an IT or IT security background....

read more
Podcast: Rockwell Automation Cybersecurity

Podcast: Rockwell Automation Cybersecurity

In this episode of the Unsolicited Response Podcast I interview Megan Samford and Rick Cherney of Rockwell Automation. http://traffic.libsyn.com/unsolicitedresponse/2019-10_Rockwell_Automation.mp3 We cover two main topics. First, we discuss how they are dealing with...

read more
Podcast: An Interview With Jonathan Homer of DHS

Podcast: An Interview With Jonathan Homer of DHS

In this episode, I interview Jonathan Homer, the Chief of the Industrial Control Systems Group / Hunt and Incident Response Team at DHS. http://traffic.libsyn.com/unsolicitedresponse/2019-8_DHS.mp3 We discuss: What changes will asset owners see with the creation of...

read more
Podcast: ICS Firewall Market & Scoring SW/FW

Podcast: ICS Firewall Market & Scoring SW/FW

An Interview with Eric Byres http://traffic.libsyn.com/unsolicitedresponse/2019-7_Eric_Byres.mp3 The ICS Detection Market has achieved almost all of the funding and attention the last two years, including my analysis. Last month Bayshore Networks announced and got...

read more
ICS Detection Endgame

ICS Detection Endgame

Hypothesis: The current ICS cyber incident detection solutions will not exist in three years. They are interim solutions, and competitors in the market need to identify and implement an endgame strategy as they continue to run very fast with the current solution. In a...

read more
Podcast: Truth or Consequences

Podcast: Truth or Consequences

Consequence Based Techniques for ICS Risk Management http://traffic.libsyn.com/unsolicitedresponse/2019-6_Truth_or_Consequence.mp3 This recording is from a panel discussion on understanding and reducing the consequence side of the risk equation (risk = consequence *...

read more
Podcast: Maritime Cybersecurity

Podcast: Maritime Cybersecurity

In a recent article a researcher proclaimed it's "not hard for a hacker to capsize a ship at sea". This was quickly followed by the Viking Sky cruise ship having its engines shut off due to a sensor reading. Episode 2019-5: Maritime Cybersecurity Not knowing much...

read more
Book Review: Secure Operations Technology

Book Review: Secure Operations Technology

Summary: Andrew Ginter makes a plainspoken case for his view of what Secure Operations Technology (SEC-OT) means. The key point that diverges from the mainstream of ICS security thought is: Forbid firewalls as connection from ICS to IT networks – permit only...

read more
Podcast: RSA Conference / ICS Village Report

Podcast: RSA Conference / ICS Village Report

  I went back to the RSA Conference for the first time in over a decade. Here is my 25-minute report on the event for those considering attending or participating in the future. http://traffic.libsyn.com/unsolicitedresponse/RSA_2019-4.mp3   Includes: the...

read more
An Interview with Robert Graham

An Interview with Robert Graham

I interviewed Robert Graham on the S4x19 Main Stage. Robert has an illustrious career in cyber security products including the creator of BlackIce and the first network IPS. We brought him to the S4 Stage for his contrarian views....

read more
Organization and Expectations for ICS Detection

Organization and Expectations for ICS Detection

The cases being made in ICS owner / operator companies for the "best" organizational structure for ICS detection, and response, are heartfelt, well considered and often at great variance with one another. The case for Operational Technology (OT) SOC vs. Enterprise SOC...

read more
ICS Security Patching: Never, Next, Now

ICS Security Patching: Never, Next, Now

This week we published the S4x19 video on three proposed revisions to the Common Vulnerability Scoring System (CVSS) for ICS vulnerabilities. It's worth a watch and hopefully it will be one more trigger for ICS-CERT to earn the "ICS" in their title and add ICS...

read more
Is The Purdue Model Dead?

Is The Purdue Model Dead?

This episode of the Unsolicited Response Podcast features a discussion on the S4x19 Main Stage with Brad Hegrat, Joel Langill and Dale Peterson. The question: Is the Purdue Model Dead? http://traffic.libsyn.com/unsolicitedresponse/2019-2-Final-2-Purdue.mp3   The...

read more
Post Game Analysis: S4 ICS Detection Challenge

Post Game Analysis: S4 ICS Detection Challenge

How do you pick between 20+ ICS Detection and Asset Inventory solutions who are all claiming to be the best? The ICS Detection Challenge was designed to provide asset owner / potential customers with an unbiased technical comparison. S4x19 ICS Detection Challenge As...

read more
20 Years of Digital Bond

20 Years of Digital Bond

In October 2018, Digital Bond turned 20. I thought before moving on to 2019 and starting our 21st year I’d reminisce a bit and thank the many employees over the past 20 years (see the list at the end of the article). Roger Collins and I started Digital Bond with $75K...

read more

UPCOMING EVENTS

Sept 19-20 in Sochi, Russia

I'll give a keynote at the Kaspersky Industrial Cybersecurity Conference 2019. I spoke at this event in 2017, and Kaspersky is always a tremendous host. Hopefully some of my Russian followers will be there.

S4x20 ... Jan 21 - 23 in Miami South Beach

Make sure you mark your calendar for the largest and most advanced OT / ICS Security event. And you can catch up on past S4 on the S4xEvents YouTube Channel.

2019 PAST EVENTS

April 11th in Cebu

A private event where I'll discuss the future of attacks on and defense of Level 1 devices (PLC's). A lot changed in 2018, and this is just a hint as to what is coming.

March 5th in San Francisco

I moderated an event by the Basque Cybersecurity Centre to promote leading edge cybersecurity countries in the region. 

February 4th in New Orleans

Best Practices in Utility Security at Distributech. (See the video) I spoke about Real Time Network and Asset Monitoring at this new event. Lot's to say after the S4x19 ICS Detection Challenge experience.