27 Oct 2025 | A Year In OT Security
In Week 42 you decided what detection sources you will monitor and analyze. Now you need to make it happen. Develop and start implementing a plan to monitor and analyze each OT detection information source above the line in Week 42. The task this week is to, at...
20 Oct 2025 | A Year In OT Security
Security logs are essential in incident response and after incident investigations. Do you know: What OT security related logs you have? where they are? where they’re archived? who is responsible for the log? would the log still be available after a cyber incident? ...
13 Oct 2025 | A Year In OT Security
This week’s task is simple. Draw a line on the prioritized list of OT detection information sources you created last week. Everything above the line you are committed to monitoring, analyzing, and acting on alerts. Everything below the line is a future detection...
6 Oct 2025 | A Year In OT Security
Before you go out and spend a lot of resources to purchase, deploy, and run a sophisticated OT cyber detection system, ask yourself if you are taking advantage of existing, higher fidelity detection sources. This week’s task is to use interview and brainstorming...
29 Sep 2025 | A Year In OT Security
Access control is one area where ICS have had robust security controls for decades. These access controls can be customized down to the point or tag level, although this is rarely required. Remember our goal is to enforce least privilege. A user should only be able to...
22 Sep 2025 | A Year In OT Security
Week 35 addressed user accounts for cyber assets at unmanned sites. This week you will perform a user account review on all OT systems as part of your OT cyber maintenance. Identify all OT applications, systems, and devices that have user accounts. These could be...
15 Sep 2025 | A Year In OT Security
S4x26 tickets go on sale on Sept 15th at 12:01 AM EDT (New York). We hold the best price, the ticket 1 – 100 price, for the first 36 hours. We were at ticket block 501 – 750 after the first 36 hours of S4x25 ticket sales. You saved $550 if you bought a ticket in those...
8 Sep 2025 | A Year In OT Security
Last week you identified the types and number of OT cyber assets in each of the three security patching categories. This week you will take this information and develop an OT Security Patching Program and Schedule. Remember the guiding factor is efficient risk...
1 Sep 2025 | A Year In OT Security
Security patching can be a high resource task if you try to apply security patches to all your OT cyber assets on a frequent basis, such as monthly or quarterly. The risk reduction achieved through this large effort is typically minimal given the insecure by design...
25 Aug 2025 | A Year In OT Security
Good security practice requires user authentication on all systems and applications. It also requires users to logout or be locked out when they physically leave the area or leave the cyber asset idle for too long. Many OT environments and cyber assets don’t follow...