Wrong Conversation

The Wrong Conversation: Passive vs. Active Network Detection for OT Inventory

When it comes to ICS cybersecurity, are you having the wrong conversation? Over the last few years, OT cybersecurity industry professionals have spent countless hours debating active versus passive network detection for OT asset inventory collection. However, this is not the right conversation. Though network detection can provide some visibility into ICS assets, the view provided by network detection tools is limited at... Read more

“Good Enough” Isn’t Good Enough for OT Cybersecurity Inventory

There’s a reason that virtually every vendor in the OT cybersecurity space has adopted some version of the catchphrase “you can’t secure what you can’t see”. After all, textbook risk management methodologies always begin with “identification”. You can’t proceed accurately through the remaining steps of analyzing and prioritizing risks – much less managing, monitoring or... Read more

ICS Cybersecurity: Mission Impossible?

I was lucky to read the Lessons Learned: Protecting Critical Infrastructure from Cyber Attacks ahead of its release. This is the third of a 4-part eBook series where OT security experts share their insights. One thing struck me: The reality and magnitude of ICS cyber threats is forcing changes in the way we learn our industry lessons. Cyber threats no longer revolve around intellectual property only - we now have human life... Read more

Reducing Risk in a Converging IT/OT World

Industrie 4.0 and the rapid expansion of the Internet of Things (IoT) require increased access to the Operational Technology (OT) that propels production. Twenty to thirty years ago, assets were proprietary, different for every vendor, and offered limited connectivity to third party systems. Over time, owner-operators demanded more openness and access to these proprietary systems. As a result, vendors are using more... Read more

cybersecurity, CISO, OT, ICS

Protecting OT from Cyber Threats: A CISO Perspective

Traditional industrial control systems (ICS) tend to be “insecure by legacy / design” which presents great challenges to secure. To add insult to injury, it is also proprietary, highly bespoke, and often managed by third-party vendors. As practitioners of cybersecurity, “one of everything” resonates. IT focuses on CIA (confidentiality, integrity, and availability) which is counterintuitive in ICS... Read more

Displaying results 1-5 (of 41)
 |<  < 1 2 3 4 5 6 7 8 9  >  >| 

This site would like to place a cookie on your browser to help us better deliver relevant and valuable content to you.