Week 41: Identify OT Detection Information Sources

Before you go out and spend a lot of resources to purchase, deploy, and run a sophisticated OT cyber detection system, ask yourself if you are taking advantage of existing, higher fidelity detection sources.  This week’s task is to use interview and brainstorming...

Week 40: Review ICS Access Control

Access control is one area where ICS have had robust security controls for decades. These access controls can be customized down to the point or tag level, although this is rarely required. Remember our goal is to enforce least privilege. A user should only be able to...

Week 39: Review OT User Accounts

Week 35 addressed user accounts for cyber assets at unmanned sites. This week you will perform a user account review on all OT systems as part of your OT cyber maintenance. Identify all OT applications, systems, and devices that have user accounts. These could be...

Week 38: Get Your S4x26 Ticket And Hotel Room

S4x26 tickets go on sale on Sept 15th at 12:01 AM EDT (New York). We hold the best price, the ticket 1 – 100 price, for the first 36 hours. We were at ticket block 501 – 750 after the first 36 hours of S4x25 ticket sales. You saved $550 if you bought a ticket in those...

Week 35: Cyber Security At Unmanned Sites

Good security practice requires user authentication on all systems and applications. It also requires users to logout or be locked out when they physically leave the area or leave the cyber asset idle for too long. Many OT environments and cyber assets don’t follow...