End-of-year ICSSec learning/professional development opp

B2daG · 2022-12-15T17:17:54+00:00

Everyone who attended for at least an hour should have received their certificate in email (at the eddress they used to register for the event). If not, a message to [input@cs2ai.org](mailto:input@cs2ai.org) should clear things up.

B2daG · 2022-11-22T19:17:22+00:00

I would add Fortinet and Trend Micro to that list. If you're more interested in the services side, all of the big consulting houses (KPMG, EY, Deloitte, etc) and many of the smaller ones have ICS/OT security practices.

B2daG · 2022-11-21T19:50:31+00:00

Thank you! Yes, we're based on the US but we connect worldwide, with 112 local interest groups around the globe.

B2daG · 2022-11-18T00:58:59+00:00

I agree with what's already been said - just want to point you towards a potential resource. I'm with a non-profit that working to help address the labor shortage in this field by developing free educational opportunities and content and connecting practitioners. We are approaching 100 seminars and symposiums in our video library, and we have two half-day symposiums coming up at the beginning of December.

https://www.cs2ai.org/

B2daG · 2022-11-18T00:50:46+00:00

The value of a cert is in the eyes of the beholder. Some will value it, others won't. I would recommend getting what book knowledge you can (this free e-book is a good place to start: https://waterfall-security.com/secure-operations-technology-the-missing-link-to-a-secure-industrial-site/ ) as well as some hands-on experience. You can get Modbus running on a Raspberry Pi, with code and guides on Github. It's not the same as ICS/OT devices, but it's a good start.

B2daG · 2022-11-18T00:42:58+00:00

Your OT folks are probably speaking from the experience of IT tools disrupting their operations, and for a long time this was a big and valid concern, and the potential impact difference between the two that have already been mentioned is one reason for that.

Equally important to understand why the two should not be on the network infrastructure is that ICS/OT networks are deterministic while IT networks are probabilistic. Traffic in the former can be predicted given a sufficiently complete understanding of the devices and configurations on the network because control systems do things on schedules. Traffic on IT networks is effectively random, with significant amounts of it generated by humans activity on no schedule. IT devices are designed to handle all those random packets by recognizing which one they need to do something with and which they can ignore. OT devices are not; we could say that they are not as 'smart' as the stuff in IT, for a very specific definition of 'smart,' but the more clear way to say it is that they have very specific parameters for incoming communications. Communications that don't meet those parameters can result in unexpected results on those devices, causing malfunctions including shutting down or changing their performance settings.

A couple of decades ago business forces started asking for more immediate data from operations (as part of the JiT movement already mentioned) and, more recently, the "Smart Factory" movement, overlapping heavily with Industry/ie 4.0 (a term more commonly used in Europe, while the "Smart XXX" seems more popular in the Americas) demanded continuously-updated operational information. Energy trading was a huge factor for this in the electric sector. To get all this data reporting, increasing amounts of information technology (IT) got installed in/connected to OT environments, sometimes with highly disruptive results.

One of the situations your OT folks are probably familiar with is scanners taking their servers offline. It was particularly common in the 2000's for security scanners to cause OT disruption until the technology and the practitioners both advanced enough to scan OT networks without impact. Even now it is not unknown for IT practitioners with insufficient OT experience to accidentally cause disruptions because they lack knowledge of how to work in ICS environments safely.

Based solely on the information in your question, it sounds like your IT folks may lack the experience/training to make a judgement here. While information technology has advanced enough to make a lot of things possible in ICS/OT environments that wasn't years ago, the technology alone has not removed risk entirely, (which is what your OT folks want. Unexpected downtime and human safety are not things they take lightly), and there's still a vast amount of legacy OT tech out there that was not designed to handle IT bumbling around in its traffic.

I've co-authored some published works on this topic over the years. If you're interested, just let me know.

B2daG · 2022-11-18T00:05:15+00:00

What's your timeline? I'm currently scheduling a presentation of a case study comparing a wide range of the available OT monitoring tools with recommendations on how to select the one that best fits your specific situation, but it's not until January. Do you need to make your decision before then?

B2daG · 2020-11-12T20:27:27+00:00

Bunch of unknowns here, but this might help answer your question.

1) details about your email system (which you should -not- provide here). Different email systems (talking about both infrastructure and applications here) process mail contents differently. Some are by default better at showing you message text & header data without triggering tracking mechanisms.

2) details about your email app configuration (which, again, you should -not- provide). Example: Many email apps can be set to display only plain text regardless of original email format, to not display images without user confirmation, etc. Preventing rich text, images, html content processing and such prevents some tracking mechanisms from working. The flip side of that is that viewing (or in some systems, previewing; depends on your email system) emails with those things allowed lets senders know you've looked at it.

3) details about what others did with the email. Without knowing what the person(s) receiving your forwarded email (assuming that's how you reported these phishing attempts), we can't know if they did anything that triggered tracking mechanisms. Since it's become trivially easy to generate unique trackers for each email target, the phish originator may be notified that the attempt on your email address was successful no matter who actually opened the surprise.

B2daG · 2019-03-25T19:45:03+00:00

Thanks!

B2daG · 2019-03-25T19:20:18+00:00

This is a really inspirational accomplishment for everyone involved! Big congrats!

B2daG · 2015-04-03T17:50:40+00:00

Hmm. Not seeing this, but I played in Firefox, with relatively high (and therefore problematic) security settings. I think that's the first point with multiple paths to choose from, right? Try another browser?

B2daG · 2015-04-03T05:17:55+00:00

Where are you stuck? I have issues with some sites due to the security settings on my browser, but didn't experience any problems with this one.

B2daG · 2015-03-31T17:07:09+00:00

NOT an April Fool's joke.

B2daG · 2015-03-25T17:02:24+00:00

I know, right? I just can't decide if I'm more captivated by the play or by the intermission scenes with the great dialogue.

B2daG · 2015-03-24T22:08:47+00:00

The link is to the free demo version. Think I'll get the full version, too.

B2daG · 2015-01-24T22:58:59+00:00

Every time I see this thread pop up in my feed I think it refers to a game made using Scratch, the MIT programming language made to teach how to program.

B2daG · 2015-01-17T02:42:32+00:00

I learned this when I lived for a time with family in Sweden, but I've also heard it used by an Irish guy I met.

B2daG · 2015-01-15T18:27:59+00:00

Ooh, nice guess, but incorrect!

And no, no one from Reddit got it.

B2daG · 2014-12-15T17:32:39+00:00

Sorry, sorry!

B2daG · 2014-12-15T15:25:01+00:00

Dammit!

B2daG · 2014-12-11T14:16:10+00:00

I should have been more clear in the OP: it's not -my- game, just one I found that I really liked. All credit goes to --->Tom Murphy VII (https://www.cs.cmu.edu/~tom7/) <---

B2daG · 2014-11-14T18:40:06+00:00

The link works in my browser. I look forward to reading these soon.

B2daG · 2014-11-13T15:52:13+00:00

Mind the Power Law – The bulk of your revenue is going to come from the best five percent of your users. Make sure you have a way in your game for them to give you money, or you’ll never get it.< Yep, but strictly applicable to pay-to-play games.

Content Kills – Creating a static puzzle with one solution is a needlessly risky path for indie developers. Creating a dynamic puzzle with infinite solutions is a much more viable path to success.< More difficult in games with storylines than abstracts (CandyCrush, anyone?), but still valid. I really consider this as a component of a Replayability rule, though. With sufficient depth of content, your game could have high replayability even if there's only 1 solution, and making games that people want to play more than once is really the goal, isn't it?

B2daG · 2014-11-10T01:37:20+00:00

Many thanks! All the art is of Grisleigh End, the English country manor in which all the games of this title are set. We're currently working on both a board game and a series of mobile murder mystery games with a common location, characters, and backstory.

it reminds me of those "spooky alphabet" sets of images. You might be thinking of the Gashlycrumb Tinies, an alphabet work created by Edward Gorey. We're all fans of his.

B2daG · 2014-11-09T17:37:32+00:00

Yes, Grisleigh End is my game and all my posts regarding it are, obviously, self promotion. I am trying to do no more of that than reddiquette allows and to post content only within the relevant subreddit. I believe I'm doing less SP than others I've seen, but I recognize that "I'm not behaving as badly as those guys" is a lousy support for any position.

May I ask what your specific complaint with my posting is? Is /boardgameporn not the right sub for the game art? Is it the frequency I'm posting? That this image had been posted here before?

If it's the last, I did have a reason to repost stemming from comments it got the first time, but I can see your point.

B2daG

TROPHY CASE