Podcast: S4x19 Closing Panel

Podcast: S4x19 Closing Panel

http://traffic.libsyn.com/unsolicitedresponse/2019-11_Closing_Panel.mp3 The S4 Closing Panel is always a candid discussion on where the community is in securing ICS, where we are succeeding and where need to do better. This year I was joined by Rob Lee of Dragos and...
Book Review: Security PHA Review

Book Review: Security PHA Review

Rating: ★★★★☆ Tweet Length Review: Short and effective description of a process to add intentional cyber attacks to a Process Hazards Analysis (PHA). Includes basic process engineering examples that are highly useful for readers with an IT or IT security background....
Podcast: Rockwell Automation Cybersecurity

Podcast: Rockwell Automation Cybersecurity

In this episode of the Unsolicited Response Podcast I interview Megan Samford and Rick Cherney of Rockwell Automation. http://traffic.libsyn.com/unsolicitedresponse/2019-10_Rockwell_Automation.mp3 We cover two main topics. First, we discuss how they are dealing with...
Forescout’s Strategy Post SecurityMatters Acquisition

Forescout’s Strategy Post SecurityMatters Acquisition

An Interview With Brian Proctor http://traffic.libsyn.com/unsolicitedresponse/2019-9_Forescout.mp3 Forescout’s acquisition of SecurityMatters for $113M in cash was the first major exit from the OT Detection Space (or broader passive monitoring market as you will...
Podcast: An Interview With Jonathan Homer of DHS

Podcast: An Interview With Jonathan Homer of DHS

In this episode, I interview Jonathan Homer, the Chief of the Industrial Control Systems Group / Hunt and Incident Response Team at DHS. http://traffic.libsyn.com/unsolicitedresponse/2019-8_DHS.mp3 We discuss: What changes will asset owners see with the creation of...
Podcast: ICS Firewall Market & Scoring SW/FW

Podcast: ICS Firewall Market & Scoring SW/FW

An Interview with Eric Byres http://traffic.libsyn.com/unsolicitedresponse/2019-7_Eric_Byres.mp3 The ICS Detection Market has achieved almost all of the funding and attention the last two years, including my analysis. Last month Bayshore Networks announced and got...
ICS Detection Endgame

ICS Detection Endgame

Hypothesis: The current ICS cyber incident detection solutions will not exist in three years. They are interim solutions, and competitors in the market need to identify and implement an endgame strategy as they continue to run very fast with the current solution. In a...
Podcast: Truth or Consequences

Podcast: Truth or Consequences

Consequence Based Techniques for ICS Risk Management http://traffic.libsyn.com/unsolicitedresponse/2019-6_Truth_or_Consequence.mp3 This recording is from a panel discussion on understanding and reducing the consequence side of the risk equation (risk = consequence *...

Security Is Only a Small Part of Availability

Last week Infosec Island published the article, Report Shows Energy Infrastructure Susceptible to Attack. The article discusses a recent report, The State of IT Security: A Study of Utilities and Energy Companies, issued by the Ponemon Institute. Did we really need a...