If you’ve been wondering about OT network segmentation, read this.
Tag: ICS
State of ICS Cybersecurity and Critical Infrastructure: Half empty, Half full, or Stay Focused on the Quest?
A colleague recently expressed some dismay over the lack of progress in ICS cybersecurity in the past 20 years. He has a point, but I had to respond. Below is a copy of my response and hope it will be taken as something “for the good of the Order”. “Yeah I hear ya, but the […]
Finding statistics about APT’s? It’s complicated.
Have been following an email list thread that was generated from a request for statistical information about APT’s (advanced persistent threats). Many of the offers of information were very ransomware and cybercrime oriented. To me such descriptions are not a good fit to address what APT’s are. Thought I would share my contribution to that […]
Cybergs sighted: course correction required for critical infrastructure protection
“Engineer Scott, please report to the bridge immediately” Frequently heard in some 1960’s era TV shows Are we being encouraged to implement the right measures for protecting the technologies used to monitor and control physical processes found in critical infrastructure or have we hit a cyberg[1]? This is the question I asked myself when first […]
Lack of security at Level 0/1: problem of awareness or unwillingness to change priorities?
To be honest I was planning to write about unintentional cyber incidents in critical infrastructure and the need to pull away some of our attention from the sexy topic of cyber-attacks and cyber kill-chains. I changed my mind when I read Dale Peterson’s informative article on “Awareness Of Purdue Level 0 and 1 (In)Security” and […]
What would Sun Tzu and Louis Pasteur say about today’s industrial cybersecurity?
Have been following the discussions on industrial cybersecurity, convergence, network vs device security, and IT vs OT vs ICS[2]. Some of the points of view differ greatly on what needs to be done. This lack of consensus indicates that something may be wrong with our assumptions and our approach. A disturbing lack progress being […]
Zero Trust and ICS
The goal of Zero Trust is getting data securely across network, storage, and computing infrastructure you may not trust. The message is usually between two software entities that are trusted with human beings behind them. But that’s not what happens in an Industrial Control System, such as a DCS or a PLC based plant system. […]
Could you also have an engineer’s Security Operations Center (SOC) rather than an IT/OT SOC?
I recently watched a webinar on industrial control system security[1] and asked a question during the Q and A. My question was „Could you also have an engineer’s SOC rather than an IT/OT SOC?“. My motive for asking this question was based on my understanding that the tradition enterprise SOC is IT oriented (office LAN/WAN, […]
In seeking to protect industrial control systems are we clear about what is being threatened and from what threats?
Reading the recently published Industrial Control Systems Emergency Response Team (ICS-CERT) Advanced Analytical Laboratory (AAL) White Paper on Malware Trends left me somewhat unimpressed and disappointed. Whenever I read a document about cybersecurity, especially one written by an institution dealing with the security of industrial control systems, I am keen to see how the authors […]