On April 1, 2026, Dr. Darrell Eilts, CIO of the Sewage and Water Board of New Orleans, and I will be guests on the Grid Podcast. This discussion will not focus on IT/OT convergence. Instead, we will address a more fundamental issue: the need for true collaboration between engineering and network security. Network impacts are […]
Impressions of the 70-page Cyber Resilience Act Draft Guidance
I have shared my impressions of the CRA before in writing[1] and was surprised to hear that a Draft Guide for the CRA was issued for comment[2]. Taking a deep breath, I spent several days reading, taking notes and submitting several comments and suggestions to the organizers. To make a complete study would require tracking […]
Weiss to give presentation on process sensor cybersecurity on 7-May
May 7, 2026, I will be speaking on process sensor cybersecurity at Sensors Converge in Santa Clara, CA (https://www.sensorsconverge.com/). Process sensor cybersecurity is an important, but poorly understood topic. Most cybersecurity conferences do not address it because process sensors are viewed as engineering devices rather than cyber assets. This gap was evident at the 2026 […]
The best national cybersecurity strategy ever?
In 1998 I was the director of the Defence Policy and Planning Department of the Ministry of National Defence, Republic of Lithuania. One of my first tasks was to organize the writing of Lithuania ‘s first Military Defence Strategy. This was an important document in support of our becoming members of NATO as it would […]
How bad was it this time?
New proposal appears for better incident evaluation and reporting – without the inflation. In following the various ICS cyber incidents since 2010 I often asked myself: how significant is this incident for the sector of critical infrastructure in which it occurred? Was it an incident due to some unintentional accident, operator error, equipment fault or […]
The OT cybersecurity community continues to ignore control system cyber incidents – a governance failure masquerading as a vocabulary issue
Network cybersecurity (IT and OT) and control system organizations have fundamentally different objectives and criteria when it comes to identifying and addressing cyber incidents. The Verizon Data Breach report, the Dragos 2025 Report, and the OT I Impact Score are typical of OT cyber incident reporting that equate data breaches and ransomware with cyber incidents. […]
Control system cyber incidents and network breaches are “apples and oranges”
Network cybersecurity (IT and OT) and control system organizations have fundamentally different objectives and criteria when it comes to identifying cyber incidents. The Verizon Data Breach report is typical of reporting organizations that equate cyber incidents to data breaches. Control system cyber incidents include field device communication issues, automation malfunctions, loss-of-view, loss-of-control, and are not […]
Should they (we) have known better?
In thinking about 29 December 2025 cyber-attack on part of the power grid in Poland one issue at once comes out: THEY SHOULD HAVE KNOWN BETTER. The methods and attack vectors have been known since 2010 (Stuxnet), the attacker has been known since 2015 (GRU first Ukraine attack December 2015 and again in 2016), Alerts, […]
Why do cybersecurity organizations refuse to identify control system cyber incidents
Cybersecurity policies require that cyber incidents be identified as such. Cyber incident response plans are then initiated after incidents are identified as being cyber-related. To meet those goals, training is required to be able to identify control system incidents as being cyber-related and a mechanism to disseminate this information on control system cyber incidents throughout […]
Inverter setting mismatch triggers 1GW HVDC outage between Estonia and Finland
In January 2026, a technical incident occurred in Estonia during testing of the new 100MW Hertz 1 (Kiisa) battery energy storage system (BESS). The event triggered protective relays, resulting in the emergency shutdown of over 1GW of HVDC capacity, specifically the EstLink 1 and EstLink 2 interconnectors. The root cause was an incorrect parameter configuration […]