All Blogs

Consortium for the Advancement of Cyber Thinking and Strategy (C-ACTS)

I will be attending the Air Force Research Institute’s C-ACTS meeting on July 17th. The intent of the meeting is to identify and highlight strategic issues, foster research, collaboration, and develop educational programs that explore national security and military operations in cyber space.

Call for presentations for 2014 ICS Cyber Security Conference

For the first time, we are having a formal call for presentations for the 2014 ICS Cyber Security Conference -  The call for presentations can be found at

Google Aurora vs ICS Aurora – An industry and DHS debacle

July 3, 2014 DHS made the INL Aurora information public despite the request being for the Google Aurora information. With the exception of two utilities, industry has still not responded to mitigate this problem. DHS claims they released the information because the information is old and industry has addressed the problem.

WINA 2014 Wireless Survey

Gaining an understanding of the changes in the rapidly evolving industrial wireless sector will be valuable to not only manufacturers but also end users and engineering companies to help determine longer term planning. This annual survey from WINA is a valuable tool to assist in gathering this information.

Process Control Improvement Recommendations Tips

Here we look at how to make sure the measurement system is able to provide the analysis, metrics, and control needed for process control improvement. Also outlined is the opportunity sizing and assessment process, the use of statistical tools, the tracking down of the source of variability, and the finding...

It’s the end of June 2014 and ICS cyber security is still an enigma to many

The past two weeks continue to demonstrate the lack of understanding about the unique issues of ICS cyber security – why isn’t it just IT. This includes the lack of understanding from private industry, DOD, DOE, and academia.

The Internet of (Insecure) Things

BYOD security issues raise important questions core to cyber security.

Are spies or malware in our ICS networks– who is really looking?

I have been concerned for years that companies have been monitoring corporate networks and extrapolating those results to the ICS networks. I know of only a few companies that have actual monitoring data from their ICS networks. The results are certainly different than those on the corporate networks.

Industrial Wireless Spectrum Management in a Global Economy

A European standard intended to reduce the likelihood of signal interference in the ISM bands could have a significant impact on how Industrial wireless networks will be designed and operated. Because the standard applies to any device generating above 10mW, it will be relevant to present radio based field sensor networks.

Physical security is still a problem

I was in Washington DC to be interviewed for an upcoming TV show on cyber security. We spent about an hour filming in front of two critical infrastructure sites. No one came out to see who we were or ask what we were doing. What if we were bad guys?