Government and industry organizations’ gaps in understanding control system cybersecurity

Cybersecurity programs assume organizations can recognize control system incidents as being cyber-related. Yet the lack of control system cyber expertise by government organizations including NTSB, FDA, FBI, TSA, EPA, CISA, and DOE have not identified control system incidents as being cyber-related. The five cases discussed were fatal catastrophes. In all cases, NTSB identified control systems […]

The European Union moves to regulate its digital economy by proposing cybersecurity requirements – is the CRA a bridge too far?

“In other words, there is no resilience in this particular material when it is at a temperature of 32 degrees. I believe that has some significance for our problem.” – Professor Richard Feynman commenting during the 1986 Challenger Commission hearings. The Proposal for a REGULATION OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on horizontal […]

School of Athens

School of Industrial Cybersecurity: time to review the curriculum

It is hard sometimes for me to watch the discussions on critical infrastructure protection taking place these days.  Especially when it comes to cybersecurity practices and policies.  The conferences, announcements of new national cybersecurity strategies, pronouncements of industry opinion leaders on the media, government publications on best practices, guides, books and last of all vendor […]