Unsolicited Response Podcast

Steve Mustard took his 30 years of experience and wrote Industrial Cybersecurity: Case Studies and Best Practices, published by ISA. After talking about who the book is for and the writing process, Dale and Steve dig into the details.  Given Steve's longtime involvement and leadership with ISA, it's not surprising the book leans heavily on ISA/IEC 62443. They talk chapters on architecture, certification, optimism / pessimism, risk management and a fundamental misunderstanding of IT by OT. Some agreement, some disagreement, and always a civil discourse.

Dale's interview with Michael Fischerkeller, co-author of the bood Cyber Persistence Theory. The first half of the interview digs into Cyber Persistence Theory. Why Michael believes cyber is a new and third strategic environment (in addition to conventional and nuclear) What is meant by cyber being an environment of exploitation and not coercion The theory's different use of initiative and why the theory believes it is the important element to winning ("initiative rather than restraint is necessitated") How a series of smaller, fait accompli, actions that are not responded to can have a strategic-level cumulative effect The second half of the interview looks at what the world will look like and what asset owners should do if multiple nations believe in and act on this Cyber Persistence Theory.  Michael argues it already is in place and the US is late to the game Persistence presence in critical infrastructure would not "cross the threshold" How organizations will reach a cyber agreed competition Will this

Matt Morris and Mark Mattei of 1898 & Co. joined Dale to talk OT Managed Security Services as 1898 recently introduced an OT Managed Threat Protection and Response service. The discussion included: what they are monitoring in the OT environment the OT MSP competitive landscape (OT detection vendors, ICS vendors, large consulting vendors, ...) can you / should you monitor OT separate from IT how 1898 deals with competing partners (such as Claroty, Dragos and Nozomi) that they resell and install and competing against them for MSP the active response and threat hunting services and how that is accepted in the generally conservative and more

Bill Fehrman is the CEO of Berkshire Hathaway Energy, co-chair of the Electricity Subsector Coordinating Council, and chair of the E-ISAC. The major topics Dale and Bill discuss include: The US Government / Electric Sector information sharing program around detection information and threat intel. Have they stopped or reduced the impact of attacks? What are the metrics they are using to determine if these resources are worth it? How is the industry and BHE positioned to recovery from a major outage due to a cyber attack? The mutual assistance agreements in the electric sector … the transformer and critical sparing programs. BHE has drills that take away technology and see if they can still deliver power.  Who will pay for all this cyber risk reduction? Will there be rate increases due to these efforts? Does customer demand for climate change actions or security actions drive investment? Be required for investment? What does he think of the FERC incentives to get utilities to invest in security? Is the sing

Tom VanNorman and Don Weber join Dale to describe the ICS Capture The Flag competition they will be running at S4x23, Feb 13 - 16 in Miami South Beach. S4x23 web site  

Donna Cusimano, Kim Legelis, and Saltanat Mashirov join Dale Peterson to talk about the Women In ICS Security Program at S4x23, Feb 13-16 in Miami South Beach. (see s4xevents.com/women). These are three of a team of volunteers that have put together important career, education, and networking opportunities for the 100 free Women in ICS Security ticket holders and another ~150 women who will attend on a paid ticket. Really impressed and looking forward to seeing what this will accomplish.

Ralph Langner joins Dale on the Unsolicited Response Show to discuss Asset Management. They begin with the need for more exploration in OT, and more failures. After that they tackle: - Why Ralph decided to shift his company and focus from consulting / speaking to product - Is his OT Base, and asset management, a security product? - What are the elements of asset management? Do they all belong in one product? - OT, asset management and other, with ServiceNow and other enterprise solutions dealing with ticketing and human process management (this was Dale's favorite part of the show) - Power BI integration, dashboards what are they good for? - Other asset management integrations including OT detection solutions As with any conversation with Ralph (and Dale) there are plenty of analysis and opinions that may be out of the mainstream.  Enjoy Links - Langner's OT Base - Ralph's TED Talk on Stuxnet  - Ralph's S4x12 Stuxnet Deep Dive - Robust Control System Networks - To Kill A Centrifuge - Art Manion, Dale and R

Dino Busalachi of Velta Technology talks to Dale about a 2021 security patch to DCOM that broke a number of ICS systems including Rockwell Automation and Siemens. Microsoft had a registry setting that disabled the patch and the incompatibility problem, but this ability to disable the patch goes away on 14 March 2023. Of course this topic leads us down the patching in ICS rabbit hole, hopefully with some informed and helpful information. 

On the latest #unsolicitedresponse show I talk with Jim Hempstead, Managing Director of Moody's Global Project & Infrastructure Finance Group with Moody's Investors Service, about OT Cyber Risk and how this impacts Credit Ratings.  - What Moody's does and what became of the cyber risk effort at Moody's owned Visible Risk - Moody's analysis of cyber insurance market including some cyber loss ratio numbers - Why Moody's believes USG disclosure and regulations are "Credit Positive" - Why Moody's has electric, gas and water utilities as "very high risk" in their heat map (despite minimal loss data) And more. Several times in the show Dale asks Jim to explain some terms.

Dale Peterson gives his thoughts on the top 3 ICS security stories in Sept 2022, and he gives his wins, fails, and predictions for the month.

On this episode of the Unsolicited Response show, Dale Peterson is joined by Kevin Morley of the American Water Works Association and Joel Cox of West Yost Associates to talk about ICS security and the Water Sector. - what makes the water sector unique? - does this uniqueness lead to early and better use of the cloud for operations? - how did the community deal with Oldsmar? - why in the world would the water sector want to follow the NERC CIP model?

Dale Peterson shares his thoughts on SBOMS in OT in three main areas: 1) The S4 SBOM Challenge ... it's three goals and what we hope to learn from it. 2) Near term, now and for the next 2 years, wins for asset owners and SBOMs. 3) What will determine the winners in the SBOM marketplace, early analysis.  Links: S4x23 Tickets S4x23 Hotel Info SBOM Challenge Dale's SBOM Content Page