Preview Mode Links will not work in preview mode

Unsolicited Response Podcast

Jan 29, 2019

The first Unsolicited Response episode of 2019 is a shorter solo-sode. It begins with my four major takeaways from 2018

  1. Finally figuring out the OT / IT issue
  2. Consequence based risk reduction
  3. Detection market acceleration and shake out
  4. The ICS bane called Cyber Hygiene

And then at 10:20 in the podcast I've included my...

Oct 18, 2018

I’m trying something a bit different in this short 22 minute episode. I rant about two flawed ICS mantras that are gaining traction and detract from useful discussions, and there is an overview of the S4x19 agenda and OnRamp training.

1:47 Mantra: “If you are in critical infrastructure, you will be targeted. If you...

Sep 27, 2018

In this episode I speak with Ralph Langner of Langner Communications about the ICS Product Security Market. Ralph is famous for his work on Stuxnet, and he has done a lot of great work before and after Stuxnet. For the last two years he has set aside his decades of being in the ICS Security Consulting business...

Jul 18, 2018

Andy Bochman with INL joins me to discuss their Consequence-Driven, Cyber-Informed Engineering methodology (CCE). It is appealing because it places emphasis on the often neglected consequence part of the risk equation.

I think you'll hear me struggling to make sense of some of the concepts in the CCE and questioning a...

Feb 1, 2018

I had the pleasure of interviewing Dan Geer on the S4x18 Main Stage for 30 minutes. He typically speaks from prepared papers, so an interview is a bit unique, and his papers provided plenty of topics and questions.

We covered a wide range of issues including:

Risk: The impact of complexity and dependencies. How...