“It is no use saying, ‘We are doing our best.’ You have got to succeed in doing what is necessary.” – Winston Churchill Introduction Industrial Control and Safety systems play an important part in insuring that the physical processes taking place in a manufacturing plant, power generation facility or other segment of critical infrastructure do […]
Category: Critical Infrastructure
Computer Science programs may fall short in contributing to critical infrastructure protection
“There’s a great future in plastics. Think about it. Will you think about it?” – Advice given to a young man in the 1967 Film, “The Graduate” (1) In the 1967 film, “The Graduate” an older man gives insider advice to a young person struggling to decide on a future career. I was in […]
Attribution: An impossible/inconvenient task or a way to get an APT off one’s back?
“Pay no attention to that man behind the curtain!” – From the film Wizard of Oz, 1939 Recently on the SCADASEC list there have been discussions of reports of cyber attacks on the critical infrastructures of other states with the naming of the state that is responsible. Some say attribution of responsibility is far less […]
Towards a Cyber Safe Critical Infrastructure: Answering the 3 questions*
What are the main challenges in implementing cyber security policies? There are several challenges in developing and most importantly, in implementing cyber security policies. However most successful efforts will be judged according to the way the following 3 important questions are answered: 1. What to protect? 2. From what cyber threats? 3. How, considering that […]
ICS cybersecurity at the crossroads: heading toward cyber peace or towards a “duty to hack”?
The year is ending and there have been several unsettling events in cyberspace this past year to reflect upon. They all seemed to have come together for me this past week as I completed my speaking engagements in Vilnius and in Garmische-Partenkirchen. The first conference was in Vilnius with the title “Baltic Energy Summit 2017 […]
Complex control systems used by ships at sea are subject to the same kinds of accidents and challenges.
“This is where you talk about fleets coming to a stop. Our ships are floating SCADA systems” – Capt. Mark Hagerott (ret.), Deputy director of cybersecurity for the U.S.N. Academy (1) Many years ago I had the good fortune to have two good friends who both owned wooden (African Mahogany) sailing boats. One was a […]
Spanish Civil War 1930’s Déjà vu and today’s cyber experiments on critical infrastructure.
Had a very productive training and tabletop exercise during my Center’s organized week-long event in Kiev, Ukraine. For more info on what we did in Kiev see ( https://enseccoe.org/en/events/268/tabletop-exercise-coherent-resilience-2017-core-4/details ) (1) I will share some of the “take-aways” from this week long event which included the participation of Ukrainian government, energy sector operators and private […]
IT and ICS cybersecurity: a “Tale of Two Cities”
“It was the best of times it was the worst of times, it was the age of wisdom, it was the age of foolishness” – Charles Dickens, – Tale of Two Cities Never before have I felt so strongly of the existence of separate worlds of understanding between IT and ICS as I have had […]
Good news for ICS protection: ISA providing new ISA/IEC 62443 based industrial cybersecurity training
The great Chinese military strategist Sun Tzu in his book the “Art of War” stated that (to paraphrase) “if you know yourself and the enemy, you will prevail in every battle”. This saying is applicable to the protection of industrial control systems that comprise the technical foundation for today’s critical infrastructure. One of the long-term […]
Not for navigation, information provided may not represent the true position
Many years ago I was fortunate to have two friends who each owned a wooden sailboat. One was a 31-foot Norwegian Knarr made from African mahogany and the other was a 28-foot sloop. To earn a place on the crew I pitched in with all the work in maintaining those boats during the winter. Since […]