Simulations don’t have to be expensive or labor intensive in order to explain key concepts about IT and ICS security

It can be hard to understand amidst all the IT biased (towards Confidentiality, Integrity and Availability of information) cybersecurity hoopla how today’s IT threats emanating from cyberspace can affect industrial control systems. IT security questions can be hard to understand for the ICS practitioner (who leans towards different security priorities of Safety, Availability, Integrity and […]

In seeking to protect industrial control systems are we clear about what is being threatened and from what threats?

Reading the recently published Industrial Control Systems Emergency Response Team (ICS-CERT) Advanced Analytical Laboratory (AAL) White Paper on Malware Trends left me somewhat unimpressed and disappointed. Whenever I read a document about cybersecurity, especially one written by an institution dealing with the security of industrial control systems, I am keen to see how the authors […]

Denial of Service

Most in this business know who Brian Krebs is. He is well known for looking in the dark corners of the Internet for all sorts of obnoxious evil and documenting it. In the last day or two, he encountered what appear to be record levels of traffic aimed against his web site. His host, Akamai, […]

Will the next “revolution” in information and communications technologies follow the same fate of failed political ones?

Political revolutions have a tendency to backfire. The high ideals of “liberty, fraternity and equality” behind the 1789 French Revolution ended with the guillotine. In the Russian Revolution of 1917 the promises of “peace, bread, and land” led to the Gulag. Even technological revolutions of the past had have downsides to them. One possible cause […]