…what if ICS/OT security professionals got an annual “wrapped” summary for 2023 like Spotify provides?
Industrial cybersecurity sometimes feels like an uphill battle, but I promise you— we are constantly improving and doing better.
What metrics would be in your 2023 wrapped?
At #GridSecCon2023? Be sure to check out the SANS booth! Both Don Weber & I are here to talk about our courses, grid security, & the future of ICS workforce development.
Also be sure to check out the SANS-Dragos CtF tonight & my session on “future-proofing” NERC CIP tomorrow!
In 2013, I was the federal energy sector lead for the NIST Cybersecurity Framework, which included a robust discussion on cybersecurity incentives. Unsurprisingly, cyber insurance became a large part of the discussion.
Ten years later, the landscape has shifted significantly , but we're still having the same debates around the appropriate role of risk transfer mechanisms for cybersecurity-- specifically the concerns around critical infrastructure:
https://www.lawfaremedia.org/article/if-cyber-is-uninsurable-the-united-states-has-a-major-strategy-problem
In my last post, I mentioned some cool things to come in 2023... so let's gooo! 🙌
In my research analyst role at SANS, I'm running a survey through March 28 on OT/ICS visibility-- and I want to hear from the community! We're looking for experts to share their perspective on IT and OT visibility, #industrial organizations and their SOCs, as well as detection capabilities across IT and OT networks. We'll share the findings in a public report released later this year so everyone can leverage the insights to help improve their OT visibility program.
Link to survey ➡ https://sans.org/u/1pqp
If driving our industry's detection capabilities is not enough incentive for you, don't worry, there's more! All respondents will be entered for a chance to win a $250 Amazon gift card for participating!
#otcybersecurity #otsecurity #ICSCybersecurity #soc #detection
