June ICS/SCADA Cybersecurity Symposium to address unique control system cyber security issues

June 3-4, I will be participating in the ICS/SCADA Cybersecurity Symposium in Chicago. My two sessions will address important control system-unique issues not being addressed elsewhere. June 3rd, I will be moderating a first-of-a-kind session bringing together a control system engineer and an OT network cybersecurity researcher to explore the cultural and operational divide between […]

The RSA Cybersecurity Conference is not relevant to control systems- what’s missing is in plain sight

Control system field devices have no cyber security, authentication, or cyber forensics. These devices were orphaned from cybersecurity programs as OT networks became the focus of cybersecurity programs and the RSA Cybersecurity Conference. At RSA, there were numerous discussions about network cybersecurity threats from Russia, China, and Iran, as well as on the latest APTs. […]

T&D World article on Battery Energy Storage Systems (BESS) cyber issues

Networked Battery Energy Storage Systems (BESS) introduce cyber and physical vulnerabilities, and not enough attention is paid to training, design and operation. As a follow-up to my February 14, 2025 Unfettered blog, “Cyber vulnerable battery systems are catching fire and communicate directly to China”, T&D World published the update “How Vulnerable to Cyber Attacks are […]

OT and Engineering are not the same and are creating dangerous conditions

A recent job solicitation from a medium-size water utility seeking engineers included knowledge of associated industrial communications and networking equipment. However, the engineers were not responsible for cybersecurity of those networks and there was no mention of the term OT nor any consideration of with working with the network security organization. Another recent job solicitation […]

Cyber vulnerable battery systems are catching fire and communicate directly to China

Battery energy storage systems (BESS) are cyber vulnerable. There have been numerous cases where intentional and/or unintentional control system cyber incidents have caused or contributed to thermal runaway fires. There have been other cases where BESS systems have been cyber-compromised. Yet there appears to be minimal attention being paid to cybersecurity in the design, operation, […]

Will the next administration finally address control system cyber security?

Addressing critical infrastructure (control system) cyber security started with the issuance of PDD 63 by President Bill Clinton in 1998. According to PDD63, the critical infrastructures were to be cyber secure within five years of issuance of the PDD – 2003. Yet control system cyber security still has not been adequately addressed by the intervening […]

Critical infrastructures cannot be secured because network security and engineering won’t work together

There continues to be a gap between the engineering organizations in end-users and control system suppliers responsible for reliability, functionality, and safety on the one hand, and the network security organizations responsible for network security on the other. Control systems are neither just engineering nor network security but a combination of both: modern networking technologies […]