The National Cybersecurity Strategy has no approaches for how critical infrastructure will continue to function after a cyber incident.
Looking to sell a security product to the OT market? It should require no changes to the ICS and have no impact on physical processes.
The Cybersecurity and Infrastructure Security Agency (CISA) has always made recommendations along the lines of keeping the attackers out, performing cyber hygiene and detecting attacks, but they have rarely recommended the monitoring and controlling of […]
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) put out a Shields Up advisory in conjunction with Russia’s invasion of Ukraine. It’s probably necessary, as they would have been disparaged if they didn’t, and not […]
One of my first tasks after leaving the National Security Administration (NSA) for private industry in the early ’90s was to write my new company’s information security policy. I’m not sure my previous job as […]
The concept and benefits of a software bill of materials (SBOM) are simple to understand. SBOMs are a list of all software in an application or cyber asset. Vendors need to create and maintain an […]
The industrial control system (ICS) security community and asset owners need to grow up in 2021. There is near hysteria whenever there is an actual, potential or mythical breach of an ICS, regardless of the […]
There is many opinions and beliefs on what an industrial control system (ICS) is and what the Industrial Internet of Things (IIoT) comprises, which makes a common understanding crucial.
