2022: The Year Of?

2022: The Year Of?

The Year Of descriptors are done retrospectively and looking forward. 2021 from an OT and ICS Security standpoint was … The year when a cyber incident (Colonial Pipeline) finally had a significant impact on US critical infrastructure?The year of the ICS Security...
OT Security 2021: Progress

OT Security 2021: Progress

Progress in addressing OT / ICS cyber risk remains painfully slow as it has over the past two decades. There is progress, and the fact that we are seeing the increased attention and are achieving progress during these Covid years is worth highlighting at year’s...
OT Security 2021: Perspective

OT Security 2021: Perspective

The primary goal of OT cyber risk management is to insure OT cyber incidents do not have an unacceptable impact to the business, customers and community. A secondary goal is to reduce, and ideally eliminate, the frequency of overall OT cyber incidents. It is clear...
VC’s, OT Security and Criticality

VC’s, OT Security and Criticality

The rush of money into the OT security market continues to accelerate. Later and larger rounds have poured into the OT Visibility and Detection market leading to some companies being valued at over $1 billion. Early round money is coming into the OT SBOM / software...
Failing Business (Home) Continuity Plans

Failing Business (Home) Continuity Plans

I admit it. I’m a bit of a prepper. This is likely the case for anyone in the risk management profession, and even more so if you live on an island like I do (Maui). We can run out of food and supplies. Our critical infrastructure has little redundancy. If one...
OT Visibility & Detection Market – Q4 2021 Update

OT Visibility & Detection Market – Q4 2021 Update

The OT Visibility and Detection Market has consolidated to a big 3 of pure plays, a handful of enterprise vendors who have acquired their way into OT, and the niche players whose best hope is to get acquired before the music stops. With the war chests full, this...
ICS Security Maturity Model (Levels 4 – 6)

ICS Security Maturity Model (Levels 4 – 6)

See Part 1 with Levels 1 – 3. I must admit I switched the order of Basic Detection and eliminate High Consequence Events multiple times in writing this article. As always I welcome your comments including your own maturity levels. Maturity Level 4: Basic...
ICS Security Maturity Model (What To Do In What Order)

ICS Security Maturity Model (What To Do In What Order)

A reader (Paul) wrote in with the following question: Do you have any recommendations on how to iteratively and pragmatically raise the bar (i.e. security/maturity).  The models I’ve seen push asset inventory/visibility and cyber hygiene to the front, which makes...
Hidden Value In Creating Cybersecurity Audit Programs

Hidden Value In Creating Cybersecurity Audit Programs

One of my first tasks after leaving NSA for private industry in the early 90s was to write my new company’s information security policy. I’m not sure my previous job as a cryptanalyst left me qualified for this, but I was viewed as the security guy. So, I attacked the...
Who Manages The Edge?

Who Manages The Edge?

Bryan Owen in his OnRamp ICS Cloud Services module described open and closed loop cloud services. Securing open loop cloud services is simple because communications can be limited to pushing ICS data to the cloud. Closed loop cloud services can involve the external...