Cyber Retaliation: The Iranian Threat

On January 4 the U.S. Department of Homeland Security issued a National Terrorism Advisory Alert cautioning U.S. targets that Iran may carry out physical or cyber attacks in retaliation for the US strike that killed Iranian IRGC-Quds Force commander Qassem Soleimani in Iraq. The alert pointed out that Iran has a robust cyber program able to bring about ‐ at the very least ‐ temporary disruption of U.S. critical infrastructure and other targets, and possibly much worse.

What to do about this threat? The alert suggests measures such as sharing information and very elementary cyber hygiene: backups and multi-factor authentication. By recommending these measures, the alert implies they would effectively protect against a concerted Iranian cyber assault.


<Read more…>

Secure Operations Technology

I am pleased to announce the general availability of my new book, Secure Operations Technology (SEC-OT). SEC-OT is a perspective, a methodology and a set of best practices that document what thoroughly-secured industrial sites actually do. What these sites do differs sharply from what most industrial sites do.

Most industrial sites practice IT Security (IT-SEC) whose focus is to “protect the information” — the CIA, the AIC, the IAC, or the something of the information. The focus at secure industrial sites though, is protecting the safe, reliable, continuous and correct operation of the physical, industrial process, not protecting information. Indeed, secure sites are focused on precisely the opposite — protecting correct and continuous physical operations from information, more specifically from cyber attacks that may be embedded in information.

<Read more…>