S4x12 Great Debate: Anti-Virus & Security Patching Should Be Abandoned In ICS
Unsolicited Response Podcast
This is from back when S4 was in a case study room that sat 60 and everyone could see and talk to everyone. Michael Toecker took the pro, Billy Rios the con. They had five minutes each and then you'll hear from many of the attendees who are the pioneers in ICSsec. And in some quarters this debate still rages on.
info_outline
ICS Security Maturity Levels (What To Do In What Order)
Unsolicited Response Podcast
This is from a two-part article originally published on Nov 9th and Nov 16th. It addresses the first six levels. Many, if not most, asset owners bypass at least four of the first six levels.
info_outline
Fortinet Keynote: Operational Resilience
Unsolicited Response Podcast
A recording of Dale Peterson's 30-minute Keynote at the Fortinet OT Symposium - Manufacturing Day.
info_outline
October ICS Security Month In Review
Unsolicited Response Podcast
Clay Carter, VP and Head of Product Security at Xylem, joins Dale Peterson to discuss the top 3 stories of the month and give their win, fail and prediction. The stories: what did CISA's Water & Wastewater Alert mean to those sectors and a broader discussion on what would be helpful to those sectors. Drago's raising $200M at a post money valuation of $1.7B. Shodan Trends and how it could be used by asset owners and potentially .gov.
info_outline
Weekly Article: Hidden Value In Creating Cybersecurity Audit Programs
Unsolicited Response Podcast
This article was originally published on the Tripwire Guest Author page. It highlights an early fail of mine and what I learned.
info_outline
SOAR In ICS
Unsolicited Response Podcast
Peter Lund of Industrial Defender joins Dale to discuss SOAR in ICS. Examples of early big wins for SOAR in ICS Can you mix and match your SIEM and SOAR from different vendors? Partial v Full Automation ... will there always be a person in the loop? - Does SOAR need to be customized for OT to be of real use in OT? They finish the conversation with a bit on Industrial Defender's recently announced OT Machine Learning Language.
info_outline
Who Manages The Edge?
Unsolicited Response Podcast
My weekly article looks at the work and risk related to cyber maintenance of the ICS edge devices (when they get the needed DPI)
info_outline
The Future of ICS Security with Susan Peterson Sturm
Unsolicited Response Podcast
Susan Peterson Sturm and Dale Peterson talked about the future at Cognite's Ignite event. They discussed: what changes can we expect when architectures base on the Purdue mode are dying trust and restricted capabilities between service providers and assets owners how data ops coming online now can help secure OT and leverage IT / OT convergence cultural convergence - the promise of process variable anomaly detection
info_outline
Try Different Roles & Companies In Your First Two Decades
Unsolicited Response Podcast
Dale's weekly article published on 19 October 2021. Subscribe to
info_outline
Calculating OT Cyber Risk With Ilan Barda of Radiflow
Unsolicited Response Podcast
This episode dives deep into the risk score methodology of Radiflow's Ciara product. It attempts to use interview, asset inventory, and simulation to identify a risk score for a zone or site. It also then uses simulation to determine what security controls would most improve the risk score / reduce risk.
info_outlineThe buzzwords "cyber hygiene" is being said and written by many of the guru's in the ICS security community. It's hard to argue that basic hygiene is bad, but what is and isn't cyber hygiene?
I recorded a 3-person pod with Marty Edwards of the Automation Federation and Michael Toecker of Context Industrial Security. They were selected because they used the term, and all three of us had different views on what cyber hygiene means and the usefulness of the term. For example is applying security patches cyber hygiene? Is there a difference between cyber hygiene and cyber maintenance.
Amazingly, for three experienced and opinionated people, we all ended up changing our viewpoint and reached a basic agreement. Take a listen and see if you agree with where we ended up.
----
This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation.
Check out the CyberX Global ICS and IIoT Risk Report and my podcast from last year on the report with Phil Neray.