In addressing cyber threats to critical infrastructure, it is helpful to think of the lesson of the “3 Little Pigs”

On June 7th the European People’s Party organized a public hearing on Cybercrime and Cybersecurity at the European Parliament in Brussels, Belgium (1) . It was a great honor to be invited as a speaker on Cybersecurity and Critical Energy Infrastructure for the second panel discussion covering the theme of “Cybersecurity: improving European industry”. I […]

Good news for ICS protection: ISA providing new ISA/IEC 62443 based industrial cybersecurity training

The great Chinese military strategist Sun Tzu in his book the “Art of War” stated that (to paraphrase) “if you know yourself and the enemy, you will prevail in every battle”. This saying is applicable to the protection of industrial control systems that comprise the technical foundation for today’s critical infrastructure. One of the long-term […]

In seeking international cyber norms for states, one should be careful about blowing smoke, sometimes it could start a fire.

Cyberspace by its very nature has an international dimension. Without it, there would be no possibility for the Internet to grow and function. In turn, threats that come from cyberspace also require an international response. Especially the threats to the devices used to monitor and control processes in critical infrastructure from state resourced APT’s. Threats […]

The lack of comprehensive investigation and sharing of lessons from industrial control system incidents will continue to leave others as sitting ducks.

This past week news has surfaced about cyber-attacks directed against German industry. In particular about a suspected case of cyber espionage at ThyssenKrupp (1) (2). The announcement that a German steel maker was cyber attacked reminded me about the 2014 German Federal Government IT Department’s (BSI) report of a cyber-attack at an unidentified steel mill […]

Raising cybersecurity awareness during a seminar on the future of energy policy and economy is not an easy thing to do.

“Although you cross the Atlantic for years and have ice reported and never see it, at other times it’s not reported and you do see it.” – Charles Lightoller, Titanic Second Officer (speaking at the public inquiry into the sinking) In one of my recent lectures on “The cybersecurity dimension of critical energy infrastructure” I […]

Thoughts on possible misconceptions over the cybersecurity of the energy sector

“The pump don’t work, cause the vandals took the handles” – Bob Dylan The use of high technology (information technology and telecommunications) has entered almost every aspect of our lives. You name a sector and it is there: finance, trade, energy, communications, transportation, even education and healthcare. High tech is what modern society is built […]