@BEERISAC: OT/ICS Security Podcast Playlist artwork

Flawed ICS Mantras

@BEERISAC: OT/ICS Security Podcast Playlist

English - March 17, 2019 00:58 - 21 minutes - ★★★★★ - 2 ratings
Technology Business listen notes listen later Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: Episode 45: IT/OT Convergence and Risk Management with Clint Bodungen
Next Episode: Trolling the trolls. Triton/Trisis attributed to Russia. Asset management in ICS. Threat intelligence drives threat evolution. Shadow web-apps. Apple likes GDPR, hates the Data-Industrial Complex.

Podcast: Unsolicited Response Podcast (LS 29 · TOP 10% what is this?)
Episode: Flawed ICS Mantras
Pub date: 2018-10-18


I’m trying something a bit different in this short 22 minute episode. I rant about two flawed ICS mantras that are gaining traction and detract from useful discussions, and there is an overview of the S4x19 agenda and OnRamp training.

1:47 Mantra: “If you are in critical infrastructure, you will be targeted. If you are targeted, you will be compromised”. Andy Bochman and others at INL. This is pure FUD, and I explain a more reasonable and helpful adaptation of this.

14:06 Mantra: If it isn’t secure, it isn’t safe. Not necessarily FUD, but just wrong and could have asset owners chasing down security issues that don’t impact safety. Also, are you ever going to make the claim that something is secure?

Links S4x19 Agenda S4x19 OnRamp Training

This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation.

Check out the CyberX Executive Guide to the NIS Directive.



The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.