Unsolicited Response Podcast

In this episode Dale interviews Sean McBride. Sean was on some of the earliest Unsolicited Response episodes when he was a Founder and Analyst with Critical Intelligence, the first ICS Threat Intel company. The first 10 minutes of the interview discuss the state of ICS threat intel today.

I sat down with Patrick Miller in Sochi, Russia after we both presented at the Kaspersky KICS event. We cover the electric sector beyond NERC CIP, recruiting and retaining ICS security talent, what Patrick is currently passionate about in ICS security and more.

The S4 Closing Panel is always a candid discussion on where the community is in securing ICS, where we are succeeding and where need to do better. This year I was joined by Rob Lee of Dragos and Zach Tudor of INL.

Also note that the S4x20 Call For Presentations closes on Thursday (August 15).

In this episode of the Unsolicited Response Podcast I interview Megan Samford and Rick Cherney of Rockwell Automation.

We cover two main topics. First, we discuss how they are dealing with vulnerabilities reported to them by researchers and other means. We focus on how this has progressed over the years as well as how vendors could provide more useful vulnerability and remediation information to their cus... Read more

Forescout's acquisition of SecurityMatters for $113M in cash was the first major exit from the OT Detection Space (or broader passive monitoring market as you will hear in the podcast). I spoke with Brian Proctor about a number of issues including:

In this episode, I interview Jonathan Homer, the Chief of the Industrial Control Systems Group / Hunt and Incident Response Team at DHS.

We discuss:

The ICS Detection Market has achieved almost all of the funding and attention the last two years, including my analysis. Last month Baysh... Read more

This recording is from a panel discussion on understanding and reducing the consequence side of the risk equation (risk = consequence * likelihood). Joining me in this discussion are:

In a recent article a researcher proclaimed it's "not hard for a hacker to capsize a ship at sea". This was quickly followed by the Viking Sky cruise ship having its engines shut off due to a sensor reading.

Not knowing much about maritime control systems I brought two experts from Moran Cyber on the podcast t... Read more

I went back to the RSA Conference for the first time in over a decade. Here is my 25-minute report on the event for those considering attending or participating in the future.

Includes:

I interviewed Robert Graham on the S4x19 Main Stage. Robert has an illustrious career in cyber security products including the creator of BlackIce and the first network IPS. We brought him to the S4 Stage for his contrarian views.

Some of the topics we discussed in the podcast:

This episode of the Unsolicited Response Podcast features a discussion on the S4x19 Main Stage with Brad Hegrat, Joel Langill and Dale Peterson. The question: Is the Purdue Model Dead?

The three coalesced around an answer (unexpected). And it's not dead, but also not terribly useful going forward in helping with OT network architecture. Have a listen, maybe you will get a different takeaway.

The first Unsolicited Response episode of 2019 is a shorter solo-sode. It begins with my four major takeaways from 2018

And then at 10:20 in the podcast I've included my S4x19 minute mini-keynote Create The Future, with a bit of help from... Read more

In this Unsolicited Response episode I interview Rob Lee of Dragos and Rob Smith of INL on a Department of Energy funded program called Neighborhood Keeper. The program attempts to provide threat detection and intelligence in an easy and affordable way to small and medium sized asset owners. Originally these are in the Energy sector, given the funding sour... Read more

I’m trying something a bit different in this short 22 minute episode. I rant about two flawed ICS mantras that are gaining traction and detract from useful discussions, and there is an overview of the S4x19 agenda and OnRamp training.

1:47 Mantra: “If you are in critical infrastructure, you will be targeted. If you are targeted, you will be compromised”. Andy Bochman and others at INL. This is pure FUD, and I explain a mo... Read more

In this episode I speak with Ralph Langner of Langner Communications about the ICS Product Security Market. Ralph is famous for his work on Stuxnet, and he has done a lot of great work before and after Stuxnet. For the last two years he has set aside his decades of being in the ICS Security Consulting business and focused on developing the product he feels his clients have needed.

In this podcast we cover a lot of ground ... Read more

Blake Sobczak, a reporter for Energy & Environment News, has been on fire lately with his coverage of electric sector cybersecurity. It seems like I'm consistently retweeting his stories and putting them into my Friday News & Notes email (are you subscribed?). So I brought him on the podcast to talk about it.

To me the most interesting discussion starting at 34:55 about decisions to cover stories that are prom... Read more

Andy Bochman with INL joins me to discuss their Consequence-Driven, Cyber-Informed Engineering methodology (CCE). It is appealing because it places emphasis on the often neglected consequence part of the risk equation.

I think you'll hear me struggling to make sense of some of the concepts in the CCE and questioning a number of the underlying precepts and value of stages of the methodology. One of the reasons is there... Read more

Michael Assante is my guest for this episode. He has a storied career and recently won the RSA Conference Award for Excellence in Information Security. Mike was the VP/CSO of NERC CIP, active at INL in the Aurora demonstration, led the development and implementation of the SANS ICS Security Training program, and even began working as CSO for an electric utility.

In this episode we discuss:

Mike's receiving the ... Read more