Originally intended as a personal documentation of my knowledge and research on the often-overlooked yet vital area of incident management, this book has grown into a comprehensive resource aimed at elevating awareness and preparedness for cyber threats in industrial control systems (ICS) and critical infrastructure. It simplifies complex ICS challenges, emphasizes the importance of coordinated incident response, and equips professionals with practical tools, techniques, and training exercises for real-world application. Designed to empower both new and seasoned professionals, this book also highlights the collective efforts in the field of ICS cybersecurity, offering a structured approach to safeguarding organizations against evolving threats. Pre-order now to secure your copy and enhance your ICS cybersecurity skills ahead of its July 2025 release.
Category: News and Media
Understanding the Importance of Risk Registers in OT Cybersecurity
OT cyber-risk encompasses a wide range of threats and vulnerabilities that can disrupt industrial operations, lead to financial losses, and even pose safety hazards. Risk registers are essential tools in managing these OT cyber risks, offering a structured approach to identifying, assessing, and prioritizing the risks that could affect an organization’s OT environment.
In a recent discussion with Industrial Cyber, cybersecurity experts shed light on the crucial role of maintaining risk registers in OT cybersecurity. They also explored how often these registers should be reviewed and updated to stay effective.
Marco (Marc) Ayala, President of InfraGard Houston Members Alliance, emphasized the foundational role of risk registers in ICS/OT cybersecurity. He stated, “A risk register is indispensable for identifying, assessing, and prioritizing risks that could impact operational technology. By maintaining this register, organizations ensure they systematically address potential vulnerabilities and allocate resources where they are most needed.”
Ian Bramson, Vice President for Global Industrial Cybersecurity at Black & Veatch, highlighted the importance of a risk-based approach to cybersecurity. “Companies have limited resources to keep up with a constantly changing threat environment. A risk-based approach to cyber is key to optimizing security posture and effectively investing resources. Developing and managing a strong risk register is essential for adapting to evolving threats.”
Durgesh Kalya, Network Security Expert at Covestro, further elaborated on the critical role of OT in ensuring business continuity, particularly in the process industry. “Operational Technology (OT) is a crucial enabler for automation and is closely linked to the license to operate, as many environmental and monitoring systems fall under OT. It’s vital for organizations to clearly define what constitutes OT within their specific context, as this can vary widely.”
Sinclair Koelemij, an ICS security professional, outlined the multiple benefits of maintaining a risk register in OT cybersecurity. He noted that it provides a comprehensive view of potential risks, enables prioritization and mitigation, ensures accountability, aids in regulatory compliance, supports informed decision-making, assists in incident response and recovery, and fosters continuous improvement in risk management. By maintaining a risk register, organizations can manage risks on a daily basis.
This conversation underscores the significance of risk registers as a foundational element of effective OT cybersecurity, helping organizations navigate the complexities of protecting their critical infrastructure.
Full Interview: https://www.govinfosecurity.com/robust-incident-management-for-critical-infrastructure-a-25373
In an interview at the Cyber Security for Critical Assets USA Summit, Kalya addressed the importance of robust incident management frameworks, collaboration between organizations and ICS vendors, and the need for understanding and segmenting systems to mitigate ransomware risks. To view the video and the original excerpt of the interview with Tom Field, check out the link: https://www.govinfosecurity.com/robust-incident-management-for-critical-infrastructure-a-25373
Ensuring the security of critical infrastructure necessitates managing both legacy systems and emerging cyberthreats. Durgesh Kalya, an OT network security expert at Covestro LLC, emphasized the necessity of integrating the incident command system—initially developed by the Federal Emergency Management Agency and the Department of Homeland Security—with industrial automation systems. This integration promotes active participation and collaboration among industry stakeholders.
“Essentially, everyone is a cybersecurity engineer because they work on computer systems. It’s not possible to update software on hardware that is decades old; modern hardware and equipment are required,” Kalya explained.
Field, T. (2024) Robust incident management for critical infrastructure, Government Information Security. Available at: https://www.govinfosecurity.com/robust-incident-management-for-critical-infrastructure-a-25373 (Accessed: 02 June 2024).
In today’s interconnected world, robust security measures across IoT domains are more critical than ever, with threats to connected devices and systems constantly emerging. To combat these challenges, international collaboration is essential, and the IoT Security Foundation (IoTSF) is fostering global and local networks of experts through its chapters. The newly launched IoTSF Houston Chapter is led by four visionary founders: Durgesh Kalya (Covestro), Sameer Koranne (IBM), Roya Gordon (Nozomi Networks), and David Lancaster (IBM). Their mission is to advance IoT security practices and promote secure, resilient operations in this era of “Connected Everything.” The chapter’s first event, a webinar titled “Introduction to IoTSF Houston, TX,” will take place on June 1st. IoTSF invites organizations and professionals worldwide to join the mission and consider starting their own chapters, helping build a safer IoT landscape through collaboration.
Reflection on the Session: Mentoring and Cybersecurity by Tatia Zuloaga & Durgesh Kalya
In our recent session, Tatia Zuloaga and I explored the vital role of mentorship in cybersecurity. Tatia kicked off the discussion by highlighting her platform, Upnotch, and shared valuable insights on how and where to find a good mentor. She emphasized that a strong mentor can significantly impact one’s career trajectory, offering guidance, support, and networking opportunities.
I followed by discussing my own experiences with mentorship, both as a mentor and mentee. I underscored the importance of mentorship in cybersecurity, where staying ahead of evolving threats requires continuous learning and collaboration. We delved into how mentorship not only fosters professional growth but also strengthens the cybersecurity community as a whole.
The session was a great reminder of the power of mentorship, and how finding the right mentor—or becoming one—can open doors to new opportunities, knowledge, and career advancement in this ever-changing field.