January 15, 2024 Lately, I have been wondering about the emerging threat factors that are impacting the cyber kill chain and how the cyber kill chain and related frameworks [MITRE ATT&CK™, Diamond] processes, tools, and defenders need to adapt to these changes in 2024. Given today’s hottest topics, this line of thinking naturally led me […]

I have been seeing quite a number of references lately to the terms “cyber ready” and “cyber readiness.” Some of these references reflect an enterprise view of readiness – defined as “…the state of being able to detect and effectively respond to computer security breaches and intrusions, malware attacks, phishing attacks, theft of data and […]

I have been thinking a lot lately about the accuracy of cyber attack attribution. Most cyber forensic analysts and threat intelligence specialists will tell you that cyber attack attribution done right is a laborious, time-consuming process that is often fraught with multiple dead ends and sometimes requires a leap of faith in the end. The […]

My journey into OT security has led me to the question of can we safely operate automated security orchestration platforms in an OT environment or a converged OT/IT environment? I mean many OT systems are already highly automated operations. What are the ramifications of providing security responses in a highly automated manner? I learned that […]

This election year spurred me into researching the cyber resilience of OT / IoT systems, of which electronic election systems are a subset. I discovered there was quite a bit of synergy between cyber resilience and mod-sim. As I explored the relationship I became convinced that any OT or IoT system of consequence could significantly […]

A Plethora of Standards and Guidance for OT / IoT Security In my research into OT and IoT systems security, I have come across a plethora of guidance and standards from various organizations and standards bodies. To some extent, this wide range of guidance is difficult to get your arms around to figure out what […]

My most recent article discussed the first 5 of my top 10 recommended security capabilities for OT and IIoT systems. Here they are again for your reference. Capability 1: Real-time visibility and compliance tracking of assets that may have limited function and power Capability 2: Real-time anomaly detection including increased use of AI/ML technology and […]