What are the main challenges in implementing cyber security policies? There are several challenges in developing and most importantly, in implementing cyber security policies. However most successful efforts will be judged according to the way the following 3 important questions are answered: 1. What to protect? 2. From what cyber threats? 3. How, considering that […]
ICS cybersecurity at the crossroads: heading toward cyber peace or towards a “duty to hack”?
The year is ending and there have been several unsettling events in cyberspace this past year to reflect upon. They all seemed to have come together for me this past week as I completed my speaking engagements in Vilnius and in Garmische-Partenkirchen. The first conference was in Vilnius with the title “Baltic Energy Summit 2017 […]
Looking at the educational value of a famous cyber incident
In a recent discussion on SCADASEC one contributor spoke of the educational value of Stuxnet. Yes there are several lessons that can learned from an incident that was first made public in 2010. It has been well documented from a technical point of view but perhaps some lessons can be still learned from an international […]
Complex control systems used by ships at sea are subject to the same kinds of accidents and challenges.
“This is where you talk about fleets coming to a stop. Our ships are floating SCADA systems” – Capt. Mark Hagerott (ret.), Deputy director of cybersecurity for the U.S.N. Academy (1) Many years ago I had the good fortune to have two good friends who both owned wooden (African Mahogany) sailing boats. One was a […]
Is Society Too Trusting?
I wanted to share an interesting observation from this past weekend. Though this does not relate to SCADA/ICS, it does demonstrate just how trusting people are. This past Friday, I had tagged along with my wife as we went to Wal-Mart for our weekly shopping. Following the general shopping, she wanted to go and check […]
Spanish Civil War 1930’s Déjà vu and today’s cyber experiments on critical infrastructure.
Had a very productive training and tabletop exercise during my Center’s organized week-long event in Kiev, Ukraine. For more info on what we did in Kiev see ( https://enseccoe.org/en/events/268/tabletop-exercise-coherent-resilience-2017-core-4/details ) (1) I will share some of the “take-aways” from this week long event which included the participation of Ukrainian government, energy sector operators and private […]
Policies and Protocols for a Breach
It is going to happen sooner or later. Someone raises the question: Have we been hacked? It seems like a simple question. However, before we can ever get to the “it must be a hack” phase, we need to eliminate all the other likely failure modes. Some of them can be very subtle and difficult […]
Security Breach Detection
When I see most OT staff discuss ICS security, they usually begin with some networking gewgaws and tweaks. This sort of stuff is interesting the first few times going through this exercise. However, it doesn’t take long to realize that network security alone is a multi-headed hydra of a problem. The more we try and […]
IT and ICS cybersecurity: a “Tale of Two Cities”
“It was the best of times it was the worst of times, it was the age of wisdom, it was the age of foolishness” – Charles Dickens, – Tale of Two Cities Never before have I felt so strongly of the existence of separate worlds of understanding between IT and ICS as I have had […]
Assigning Responsibility for ICS Security
Once the pain of a risk assessment is over, a few managers look at each other and decide on what changes they would like to make. Usually an IT expert comes in to install new network security hardware or someone is tasked with revising documentation; but rarely does anyone tinker with assigning responsibility. Nobody wants […]