Tim Mullen

Previewing the Upcoming Changes in NIST CSF v2.0

For those who haven’t heard, NIST is in the process of updating the Cybersecurity Framework (CSF) to version 2.0, targeting a quarter 1 of 2024 release.  Since its original issue in 2014, the CSF has been a very effective foundational framework for critical infrastructure cybersecurity.  For most verticals and most maturity levels, the CSF works well.     Compared with other security-controls focused standards, the CSF supports faster (if more high level) baselining, allowing the focus to remain on driving cybersecurity improvement instead of prematurely fussing over controls interpretations and over-exerting on assessments.  After all, if your cybersecurity program is yet to be established, there is no garden for your security controls to live and thrive in the first place.

Reducing the Costs of Implementing Cybersecurity Policy

Threat actors looking to target your OT assets are constantly refining their processes to identify...

Understanding CIA in an OT environment

Any IT professional will tell you that the CIA triad is key to understanding, evaluating, and...

Implications of Log4J in your Control System

Recently across the news there has been a lot of discussion about “Log4J vulnerability” This is a...

Working with OMAC to Develop Industry Best Practices for Remote Access Security

In the past decade or so, many organizations have incorporated network connectivity into their...

Don't Let Your Remote Access Platform Be Your Cybersecurity Weakness

Today, many critical infrastructure facilities, such as water and sewage treatment plants, have...

Six Strategies for Hardening New OT PCs

Most manufacturing organizations understand the importance of implementing cybersecurity...

Understanding Your Organization’s Cyber Posture

As the plant floor becomes more connected, ensuring proper cyber protections for industrial control...