articles

A Plethora of Standards and Guidance for OT / IoT Security In my research into OT and IoT systems security, I have come across a plethora of guidance and standards from various organizations and standards bodies. To some extent, this wide range of guidance is difficult to get your arms around to figure out what […]

My most recent article discussed the first 5 of my top 10 recommended security capabilities for OT and IIoT systems. Here they are again for your reference. Capability 1: Real-time visibility and compliance tracking of assets that may have limited function and power Capability 2: Real-time anomaly detection including increased use of AI/ML technology and […]

Industry 4.0 Ushers In the Age of Digitalization Industry 4.0, or the fourth wave of the Industrial Revolution, leverages connectivity and autonomous operation to create robust Industrial IoT (IIoT) applications that will work in conjunction with legacy Operational Technology (OT). Industry 4.0 can be summed up as the digitalization of everything industrial. This includes digitalization […]

Over the past few years, I have been hearing a lot about the security issues and, therefore, the security requirements for Operational Technology (OT), as well as for the Internet of Things (IoT) technology. Experts often describe these security issues as fundamentally different from Information Technology (IT) security challenges. I felt that these differences should […]

I have always had a deep appreciation for the skills of a good pentester. However, elite pentesters – those who rule their craft and make magic happen on their keyboards – are generally quite rare.  So I was excited when I met one – the subject of this interview – at a recent Dreamport session. […]

I have been saying for a while that security automation, orchestration, and response (SOAR) tools are key enablers for tranforming SOC operations. And these tools have matured from glorified python script engines to sophisticated and integated tools over the last couple of years, providing some of the latest machine learning and AI capabilities. This has […]

My recent SOC Service Manager experience got me to thinking about cyber tool sprawl and the return on investment that my customer was getting for their cyber investment. There is easily over 30 different cyber tools in their portfolio which is not unlike many large organizations these days. And it seemed during my tenure that […]