26 May 2026 | 2026
Europe has taken the initiative from the US in OT security. The Cyber Resilience Act (CRA) and NIS2 Directive will impact vendors, integrators, and asset owners who are active in the EU. And I’m standing on the outside watching with great interest. I was invited...
19 May 2026 | 2026
One reason new ideas, concepts, and methodologies fail is they take too long to try and get early wins. I think CIE is in danger of becoming a well-documented, good comprehensive methodology, and ultimately failed approach to a problem. This is not an argument against...
28 Apr 2026 | 2026
Recently I wrote about the dichotomy between the reports and experts annually citing a big increase in the cyber threat to OT systems and the year after year tiny actual impact of cyber attacks on OT. Outside of ransomware on IT, not reaching OT, affecting Operations,...
31 Mar 2026 | 2026
My favorite OT security vendor threat / incident report was released last week: The Waterfall / ICS Strive 2026 OT Cyber Threat Report. It’s my favorite because of their criteria of “cyber incidents causing physical impacts” and because they include...
17 Mar 2026 | 2026
The impact of OT cyber incidents, excluding ransomware on IT, has been less than 1% of all cause OT outages and OT related financial loss. A motivated and skilled OT cyber attacker could cause a high or catastrophic incident on many OT systems in almost every sector....
16 Mar 2026 | 2026
Where does the media get the information and quotes that turn a couple of residential swimming pools of water spilling out of a water tank (Muleshoe) into a major story and congressional hearing … from us, the OT security community. Since we are part of the...
4 Mar 2026 | 2026
Below is what I intended to say on stage. It always varies a little bit live. The video will be out next week. Each S4 Conference has a single word theme. This year’s theme is Connect. Connections are exciting, unpredictable, scary, they bring opportunity, and...
12 Jan 2026 | 2026
2025 saw two of the four top tier OT detection + asset inventory vendors get acquired. First Mitsubishi Electronics acquired Nozomi Networks at a valuation of $950M (read my analysis of the Nozomi acquisition). Then last month ServiceNow announced they will be...
