
Part 3: Creating An OT Asset Inventory
We’re Doing It The Hard And Wrong Way Part 3 of my OT asset inventory series. Part 1: Wrong! "You Can't Protect What You Don't Know". Part 2: What Does "Know" Mean? There are three automated approaches to creating and maintaining an OT asset inventory. Here’s the...

Part 2 – What Does “Know” Mean?
My article last week debunked the claim that “you can’t protect what you don’t know”. Many of the public and private comments insisted that an asset inventory is required to provide any protection. And stressing it is foundational, one of the first things that should...

Wrong: “You Can’t Protect What You Don’t Know”
One of the most common OT Security mantras this decade is “You Can’t Protect What You Don’t Know”. Have you heard that one? It implies that without an accurate and detailed asset inventory you can’t protect cyber assets. You Can’t Protect What You Don’t Know. This is...

Comparing OT Vulnerability Management Solutions
Vendors will gladly provide demos. Of course, the demo attempts to show the solution in the best light. You’d never show a demo where your product is lagging or lacking. Each company selects its own advantageous environment and circumstances. This makes comparing even...

Rockwell Automation Acquires Verve … Part 2
Last week ICS manufacturer Rockwell Automation bought OT security company Verve Industrial Protection for an undisclosed (non-material) price. On Tuesday I wrote on this from the Verve and OT security company’s point of view. Today's article covers the...

Rockwell Automation Acquires Verve … Part 1
Last week ICS manufacturer Rockwell Automation bought OT security company Verve Industrial Protection for an undisclosed (non-material) price. Today I'll cover this from the Verve and OT security company’s point of view. On Thursday I'll have a bonus article that...

CISA’s Proper Use Of Cyber Hygiene
CISA has a Secure Our World campaign as part of October being Cybersecurity Awareness Month. The tag line is "simple ways to protect yourself, your family and your business from online threats." There's a 1-minute video aimed every "digital citizen from K to...

SEC Rules: No Change, Boilerplate, and Some Change
A lot of content about the recent SEC rules around cyber security and cyber incidents is missing the mark, imo. No Change Companies already had the requirement to report any unscheduled material event, including cyber incidents that had a material impact,...

25 Years of Success & Happiness
Digital Bond was born on October 5, 1998. We turn 25 this month. In this article I’ll crow a bit about successes and joy. Last week I covered failures and lessons learned. Nurturing Talent Most of the first 15 years were spent trying to grow a ICS security consulting...

25 Years Of Failures And Lessons Learned
Digital Bond was born on October 5, 1998. We turn 25 this month. In this article I’ll highlight the biggest failures and lessons learned, and next week I’ll crow a bit about the success. Swing(s) And A Miss In 1998 the dot com bubble was ballooning. With...
GET DALE'S ICS SECURITY NEWS & NOTES EMAIL EVERY FRIDAY
Article Archive By Year
Article Archive By Category
UPCOMING EVENTS
OTCEP ... August 22 - 23 in Singapore
I'll be giving my OT Cybersecurity ... From Speculation To Science keynote and participating in panel discussions at the CSA's OT Cybersecurity Expert Panel event.
SoterICS Event ... Sept 19 in Antwerp, Belgium
SoterICS is celebrating their company's launch with a one-day event. I'll be giving my OT Cybersecurity ... From Speculation to Science keynote.
S4x24 ... 4 - 7 March 2024 in Miami South Beach
Save the date. For the biggest and most future focused on ICS Security Event.