Cybersecurity programs assume organizations can recognize control system incidents as being cyber-related. Yet the lack of control system cyber expertise by government organizations including NTSB, FDA, FBI, TSA, EPA, CISA, and DOE have not identified control system incidents as being cyber-related. The five cases discussed were fatal catastrophes. In all cases, NTSB identified control systems […]
Tag: Cybersecurity policy for critical infrastrcuture
Anybody listening? Another report of a cyber attack on Industrial Automation and Control Systems.
“Everybody talks, nobody listens. Good listeners are as rare as white crows” – Helen Keller Wired[1] cites a Dragos report[2] on a cyber-attack on ICS with affect on well-being of society. The attack was performed using the MODBUS protocol[3] and was able to manipulate ICS devices (ENCON PLC) to cause heating systems to fail in […]
Whose list of top cybersecurity events of 2023 is worth using?
Happy New Year everyone. As 2023 came to an end several “top 10” year-end cybersecurity lists were published by various organizations. One of them was by ESET a security company based in Slovakia that has provided much useful analysis and news about cybersecurity in the past. Its website claims it has “experienced researchers with in-depth […]
The European Union moves to regulate its digital economy by proposing cybersecurity requirements – is the CRA a bridge too far?
“In other words, there is no resilience in this particular material when it is at a temperature of 32 degrees. I believe that has some significance for our problem.” – Professor Richard Feynman commenting during the 1986 Challenger Commission hearings. The Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on horizontal […]
State of ICS Cybersecurity and Critical Infrastructure: Half empty, Half full, or Stay Focused on the Quest?
A colleague recently expressed some dismay over the lack of progress in ICS cybersecurity in the past 20 years. He has a point, but I had to respond. Below is a copy of my response and hope it will be taken as something “for the good of the Order”. “Yeah I hear ya, but the […]
Impressions of the U.S. National Cybersecurity Strategy of 2023
Was busy at a resilience workshop in Germany last week when the buzz started to peak about the release of the latest version of the U.S. National Cybersecurity Strategy[1]. As someone who headed task forces to prepare the first Military Defence Strategy (2000) and first National Defense System Cybersecurity Strategy (2009) of Lithuania and served […]
School of Industrial Cybersecurity: time to review the curriculum
It is hard sometimes for me to watch the discussions on critical infrastructure protection taking place these days. Especially when it comes to cybersecurity practices and policies. The conferences, announcements of new national cybersecurity strategies, pronouncements of industry opinion leaders on the media, government publications on best practices, guides, books and last of all vendor […]
Policy makers these days give peculiar names to what they are protecting.
“Abbott: Strange as it may seem, they give ball players nowadays very peculiar names”Costello: Funny Names?Abbott: On the St. Louis team we have “Who’s on first, What’s on second, I Don’t Know’s on thirdCostello: That’s what I want to find out. I want you to tell me the names of the fellows on the St. […]
We are not learning valuable lessons for protecting critical infrastructure.
“Being aware of what is happening in cyberspace and communicating it to policy makers is not an easy task” On February 5th an engineer working for a small water utility in Florida noticed the mouse pointer moving on his SCADA control screen (where have we seen this before?). He watched in surprise as unauthorized changes […]
Could you also have an engineer’s Security Operations Center (SOC) rather than an IT/OT SOC?
I recently watched a webinar on industrial control system security[1] and asked a question during the Q and A. My question was „Could you also have an engineer’s SOC rather than an IT/OT SOC?“. My motive for asking this question was based on my understanding that the tradition enterprise SOC is IT oriented (office LAN/WAN, […]