After 5 years of research and hard work, Project SCIDMARK†1 is online. Announced back in October 2015 at the ICS Conference in Atlanta, GA, we feel that the current product is ready for use. As we have several thousand cyber-related events and incidents, the initial christening of the product will have only 11. This is […]
A critical look at the CSIS Report “Dismissing Cyber Catastrophe”
Jim Lewis is a Sr VP at the Center for Strategic and International Studies (CSIS). He wrote the article “Dismissing Cyber Catastrophe” dated August 17, 2020 – https://www.csis.org/analysis/dismissing-cyber-catastrophe?utm_source=CSIS+All&utm_campaign=e4d5b3e04c-EMAIL_CAMPAIGN_2018_11_08_05_05_COPY_01&utm_medium=email&utm_term=0_f326fc46b6-e4d5b3e04c-221758737 . In ‘Dismissing Cyber Catastrophe,’ Jim argues that concerns about industrial cyber security are overblown and the risk is exaggerated. Because the view that ‘cyber catastrophes’ are […]
A Modern Jabberwock
Twas SCADA and the slimey toovesDid consult and gyre in the RoomAll Flimsy were the ArTeeYewsAnd Field Rats all agloom Beware the Jabber-hack my daughterThe bits that byte, the worms that lurkBeware the heartbleed, and please slaughterThe awful frumious Trisys work She took her Laptop Kali FreeLong time she gazed at WiresharkSo Rested by the […]
CISA Alert AA20-205A addressed OT networks but did not address control systems
IT and OT networks are under continuing attacks with varying degrees of impacts. When the DHS CISA Alert was issued specifically identifying control systems, I had two questions: why now and what happened that was unique to control systems? For control system cyber security what is most important are the physical impacts from the control […]
Is there a problem with our understanding of the terms IT, OT and ICS when seeking to protect critical infrastructure?
I remember participating in a work group composed of national representatives tasked with coming up with norms for confidence and security building measures (CSBM) for states to follow in cyberspace. This was quite exciting to be a part of at first, but the discussions slowed down when a representative of a cyber-superpower raised the issue of […]
Zero Trust and ICS
The goal of Zero Trust is getting data securely across network, storage, and computing infrastructure you may not trust. The message is usually between two software entities that are trusted with human beings behind them. But that’s not what happens in an Industrial Control System, such as a DCS or a PLC based plant system. […]
Focus on Integrity
There may be a few people who are puzzled by why I referred to PLC Security as “security.” And this brings me to an often forgotten part of the AIC security triad. Yes, there is Availability. There is Confidentiality. You tend to see a lot of discussion about the former among ICS security people. You […]
Perhaps we are missing a lesson from Stuxnet?
This summer some of us noted the 10th anniversary of the discovery of Stuxnet. That is when it became known to the public. Since 2010 we have learned that earlier forms of Stuxnet were being developed and tested on the target several years earlier.[1] To commemorate this anniversary several articles and presentations have been published. […]
Could you also have an engineer’s Security Operations Center (SOC) rather than an IT/OT SOC?
I recently watched a webinar on industrial control system security[1] and asked a question during the Q and A. My question was „Could you also have an engineer’s SOC rather than an IT/OT SOC?“. My motive for asking this question was based on my understanding that the tradition enterprise SOC is IT oriented (office LAN/WAN, […]
The Forgotten Aspects of ICS Security
I was lamenting the state of the Industrial Control System Security recently with some friends. Things are very lopsided right now. In the beginning days of ICS Security concerns, there were a few hackers who had no idea what they were getting in to and a few very scared engineers were uncertain about what these […]