Unsolicited Response Podcast
info_outline Predictions AnalyzedUnsolicited Response Podcast
In this solosode episode Dale reviews the status of his three predictions from the Q1, 2 and 3 quarter in review episodes and answers a listener question.
info_outline Q4 ICS Security Quarter In ReviewUnsolicited Response Podcast
info_outline CISA Attack Surface Scanning ServiceUnsolicited Response Podcast
Dale is joined by Steve Pozza, CISA Section Chief of Operational Resilience, and Tom Millar, CISA Branch Chief of Resilience, to discuss some of CISA's security services for asset owners. They discuss: The Internet accessible attack surface enumeration and vulnerability scanning surface. Asset owners can buy products or services to do this. Why is the government doing this? What CISA is doing with this attack surface data? How is CISA measuring the success of this service offering? Other broadly available services and tools, the cybersecurity performance goals (CPG assessment) ~500 done in...
info_outline Engineering-Grade OT Security with Andrew GinterUnsolicited Response Podcast
Andrew Ginter published his third book this year: . Dale interviews Andrew on the book including: Who was the target reader that Andrew wrote the book for? Do (should) professional engineers lose their licenses for poor and dangerous cybersecurity design and deployments? The use of the term engineering grade, and how he defines it. Unhackable protection and safety controls as a major part of engineering grade. Unidirectional (one-way) network devices as the only security control listed as engineering grade. Is one-way from the enterprise network to the OT network engineering grade? Given the...
info_outline Asset Inventory, Lawyers, and AIUnsolicited Response Podcast
This week is a Dale Peterson solosode. Updates and Announcements Dale provides updates about S4x24 ticket sales and announces the Women In ICS Security program and sponsor package. Main Topics Asset Inventory in Cybersecurity: Dale challenges the common security mantra "You can't protect what you don't know," using examples from both physical and cyber domains. He notes many of the comments on this week's article missed the main point, and he gives hints on the next two asset inventory articles. Legal and Regulatory Issues in Cybersecurity: Dale emphasizes the importance of domain expertise...
info_outline Is The Purdue Model Dead (E)Unsolicited Response Podcast
info_outline Kelly Shortridge - Security Chaos Engineering in ICSUnsolicited Response Podcast
Kelly joins Dale to discuss her new book . Kelly points out the second part of the title is the most descriptive, and she is not a big fan of the Chaos term that has taken hold. They discuss: A quick description of Security Chaos Engineering Is there similarity or overlap with the CCE or CIE approach? The value of decision trees Her view of checklists of security controls like CISA's CPG Lesson 1 - "Start in Nonproduction environments" The experiment / scientific method approach and how it can start small The Danger Zone: tight coupling and complex interactions How should ICS use Chaos...
info_outline IACS System Testing and Assessment Rating (STAR) Methodology with Don WeberUnsolicited Response Podcast
Don Weber joins Dale Peterson to describe his IACS STAR Methodology to score the risk of a vulnerability to an ICS (or IACS in 62443-speak). It is a modification of the OWASP Risk Rating Methodology. Don has modified some of the 16-factors to create IACS STAR. The methodology and code is available on GitHub and a calculator is available on line. Don and Dale discuss: What Don likes about the OWASP Risk Rating Potential issues with putting numbers to SME judgment Differences between IACS STAR and the OWASP Risk Rating The weighting of the 16 factors The future of IACS STAR Links Slides...
info_outline Dave Whitehead On SBOMs, Manufacturing in the US, and moreUnsolicited Response Podcast
Dave Whitehead, CEO of SEL, joins Dale on the show to talk about: The new SEL printed circuit board (PCB) factory in Idaho. Why they bucked the trend and did this. The benefits, the ROI, and more. SEL's position on providing SBOMs to customers and their internal use of SBOMs - Where leaders tend to go wrong. Substation shootings Market acceptance of SEL's Blueframe virtual platform Links
info_outlinePeter Lund of Industrial Defender joins Dale to discuss SOAR in ICS.
- Examples of early big wins for SOAR in ICS
- Can you mix and match your SIEM and SOAR from different vendors?
- Partial v Full Automation ... will there always be a person in the loop? - Does SOAR need to be customized for OT to be of real use in OT?
They finish the conversation with a bit on Industrial Defender's recently announced OT Machine Learning Language.