2020 Predictions – Right, Wrong & Pending

2020 Predictions – Right, Wrong & Pending

I made a number of predictions in 2020, some overlapping, in both my coverage of the detection market and as a feature of the monthly ICS security month in review episodes of the Unsolicited Response podcast. The predictions help with my analysis and hopefully...
ICS Detection Market Analysis – Part 2

ICS Detection Market Analysis – Part 2

Since I began seriously covering the ICS Detection Space in 2016, the products were quite similar. They passively listened on switch span ports and taps to: create an asset inventory (and provide vulnerability management but not asset management)detect attacks...
ICS Detection Market – Part 1

ICS Detection Market – Part 1

Part 1 looks at some of the major changes in the competitors focused primarily on the ICS detection market since the May update. Part 2 comes out next Tuesday and will map out where the competitors stand relative to each other and be a major change to the Tiers...
Why Did Microsoft Acquire CyberX?

Why Did Microsoft Acquire CyberX?

The rumors started in February and became reality this week. Microsoft acquired CyberX. The price is not a material event for Microsoft. It will never be officially released. A recent article claimed the price was $165M, and I predicted it would be...
ICS Detection Market Q2 Update

ICS Detection Market Q2 Update

Part 2: Acquirers, Enterprise Vendors and Tier 3 See Part 1: COVID 19 Impact, Tier 2 and Tier 1 Analysis, and Valuation First the updated chart and then the analysis below. You will see big changes in Tiers 2 & 3. Funding data comes from Crunchbase. Acquirers and...
ICS Detection Market Q2 Update

ICS Detection Market Q2 Update

Part 1 – COVID 19 Impact, Tier 2 and Tier 1 Analysis, and Valuation My previous ICS Detection Market Update was in November, 2019. A lot has changed. Part 2 next week will include analysis of the acquirers, enterprise vendors and Tier 3. As always, huge respect...

ICS Detection Endgame

Hypothesis: The current ICS cyber incident detection solutions will not exist in three years. They are interim solutions, and competitors in the market need to identify and implement an endgame strategy as they continue to run very fast with the current solution. In a...

Analysis of Dragos Platform Strategy … The Real Difference

What is Dragos? They have a diagram on their site that shows three business areas: Threat Intelligence Threat Operations Center (which are consulting services including incident response) Platform (their detection and response product) Dragos currently dominates...

Organization and Expectations for ICS Detection

The cases being made in ICS owner / operator companies for the “best” organizational structure for ICS detection, and response, are heartfelt, well considered and often at great variance with one another. The case for¬†Operational Technology (OT) SOC vs....