Rich Smith "" (Ace Tomato Company)

@[email protected]
64 Followers
111 Following
485 Posts
Boater - Fan of Battleships and alt energy sources
aka Richipedia - Member of Alphabet Mafia ""
M.S., CISSP, SANS, Industrial Experience. I sometimes wonder why I don't become a welder or Service-Now consultant. 
"Arise and Be Merry and Sing out while you can!"
Rich Smith "" (Ace Tomato Company)Jun 10, 2025
At the Gartner Risk and Security Summit, I'm still calling it an S&M event. Stand and Model. Great content - just don't see why suit jackets are such a thing for non-speakers/basic attendees. Polo and Jeans for me. Then again, I'm not gunning for a CISO spot or a new employer.
Rich Smith "" (Ace Tomato Company)May 23, 2025
@GossiTheDog I'm guessing either he planned to tank the market so he had some "juicy" news to chat about at his crypto bro-summit last night OR someone at the crypto-bro-dinner predictably and purposefully sent him off like a rocket against the EU/Apple. Timing is too coincidental.
Show threadRich Smith "" (Ace Tomato Company)May 22, 2025

@hacks4pancakes I can see it. I did a stint for 3 years in Industry myself. I was drinking on Sunday/Monday evenings for awhile during career break. From there, it was right back in the lot. I can see how you'd get mistaken for industry too.

General observations - tips well, but not showy about it. If you have a chill attitude with a subtle situation awareness vibe, if you make quick knowing eye contact with staff after observing particularly rude/disrepectful behavior towards staff, if you've ever been referred to a steady Eddie style drinker... Bonus points if you have an eye for spotting shady behavior, yet knowing the fine differences when its not your business to intervene versus yeah, no that's not happening in front of me and how to do so without escalating a situation.

Show threadRich Smith "" (Ace Tomato Company)Apr 18, 2025
@hacks4pancakes where in the world is Lesley’s Bicycle? In a container, on a ship with 1000ft of waterline nicely making way.
Show threadRich Smith "" (Ace Tomato Company)Apr 18, 2025
@csalzman in a French Quarter antique store, the older gentleman politely and correctly assessed my appetite and likely potential cost… Careful with falling in love with some of these pieces unless you wanna sign over your retirement funds. I enjoyed looking regardless. My home is a home though, not a museum.
Rich Smith "" (Ace Tomato Company)Apr 18, 2025
Accidental CISOApr 17, 2025

If you need to integrate secure coding practices into your Software Development Lifecycle, my friend @SheHacksPurple just released a great free Secure Coding Guideline document to help get you started. 🎉👇

https://securecodingguideline.com/

SheHacksPurple Newsletter

This accessible and actionable Secure Coding Guideline give you practical advice for writing more secure code across all languages.

SheHacksPurple Newsletter
Rich Smith "" (Ace Tomato Company)Apr 17, 2025
@GossiTheDog I may or may not have set this as folks backgrounds if I found a privileged user with an unattended unlocked workstation before locking their workstation.
Show threadRich Smith "" (Ace Tomato Company)Apr 17, 2025
@jerry Aye - Lights out manufacturing and robotics. It's a good time to be an automation engineer, but light assemblers are likely not landing in the US. They'd rather deal with a robot moving at 1/3 of a pace of a human, but work that robot 24/7 across 3 shifts.
Rich Smith "" (Ace Tomato Company)Apr 16, 2025
Lesley Carhart Apr 16, 2025
Hello everyone! I’m proud and honored to introduce my very first academic white paper through SANS, which discusses the nuances and needs for planning for #ransomware in OT / industrial networks. https://www.sans.org/mlp/ics-ot-malware-and-ransomware/?utm_medium=Email&utm_source=HL-Global&utm_content=1468901_Simple_Framework_Whp_image&utm_campaign=ICS_OT_Malware_Ransomware_2025&utm_rdetail=Global&utm_goal=Leads&utm_type=Global_Campaign&is=be394332d8ab70db9bb29b280bd08c2899042252f80b48f1e01cd5b75d22b1c1
A Simple Framework for OT Ransomware Preparation White Paper | SANS Institute

Your Guide for an OT-Specific Incident Response IT incident response plans aren’t built for the realities of ICS/OT environments. This white paper provides a practical, engineering-driven framework for developing ransomware response playbooks tailored to industrial environments —emphasizing life safety, operational continuity, and realistic ICS tabletop exercises. With a focus on cross-disciplinary collaboration and sector-specific threats, the guide outlines how to detect, contain, eradicate, and recover from ransomware attacks without compromising industrial operations. It also underscores the importance of treating response plans as living documents—continually tested and refined as environments and threats evolve.

Rich Smith "" (Ace Tomato Company)Apr 16, 2025

At Security’s core is trust. Trust flows from stability. Introduce instability / inconsistency you will soon lose trust. That’s why the CVE drama is important. It’s needless drama and reinforces that United States leading cybersecurity can no longer be trusted stable partner.

You follow the giant because you know in their shadow there’s an implicit bond of protection. Once you introduce the idea the giant can’t be trusted, you will cease listening to them. It doesn’t work out well for either party.