Cybersecurity Musings

May 17, 2022

ICS Werewolf: Slaying ICS Mythical Creatures, Part 3

Part 1 of the series saw us slaying the toxic manifestation of what the ICS Unicorn had become, and in Part 2,...
May 11, 2022

ICS Basilisk: Slaying ICS Mythical Creatures, Part 2

In Part 1, no actual Unicorns were harmed, 🦄 but we slayed the toxic manifestation of what the ICS Unicorn...
May 5, 2022

ICS Unicorn: Slaying ICS Mythical Creatures, Part 1

We had the privilege of attending and speaking at S4x22 this year, and for myself and much of the community, it was a homecoming....
April 14, 2022

Challenges Adopting Enterprise Security Frameworks in Edge Networks

Edge networks and OT environments encounter a unique set of challenges when attempting to adopt enterprise security frameworks....
March 18, 2022

Cyber Risk Quantification and HAZOPS: Bedfellows?

With previous technical roles in large industrial organizations like ExxonMobil, Chevron, and Tennessee Valley Authority,...
February 10, 2022

Making Sense of ICS Regulations and Government Guidance

Keep Calm and Find the Overlap It may seem like the government issues new ICS regulations and cybersecurity guidance for...
February 1, 2022

ICS Intel Benefits - Why Intelligence-Based Detections in ICS Fail: Part 4

Part 4: ICS Intel Benefits – Where Intelligence Succeeds in Non-Detection Use Cases The word “Detections” has been...
January 27, 2022

Why Intelligence-Based Detections in ICS Fail: Part 3

Part 3: INDUSTROYER We covered some basics of intelligence-based detections in Part 1 of this series, and Part 2 delved into...
January 18, 2022

Why Intelligence-Based Detections in ICS Fail: Part 2

Part 2: Understanding ICS In part 1, we covered the basics of intelligence-based detections in ICS, primarily focusing on...
January 11, 2022

Why Intelligence-Based Detections in ICS Fail

Part 1: Understanding Intelligence-Based Detections Did you just say “Intelligence-Based Detections in ICS Fail”?...