Monthly Archives - September 2017

Three Reasons to Add a Discovery Phase to Your Next OT Security Assessment

Many of us have accepted that having a 100% accurate inventory of “all the things” (networks, assets, data flows, etc.) is a pipe dream. To put it in NIST CSF terms, if you wait until you master the IDENTIFY function before you do anything in the remaining functions (PROTECT, DETECT, RESPOND, RECOVER), you will likely fail at securing even the most basic environments. So, the condition that Jeremiah Grossman describes in the Tweet below is the reality that we [...]