Engineering-grade OT Security – A Manager’s Guide
New Book Release
Our VP Industrial Security, Andrew Ginter, is releasing his 3rd book on industrial cybersecurity, entitled Engineering-Grade OT Security – A Manager’s Guide.
The new book explores engineering approaches to OT cyber risk – if your life depended on a boiler not blowing up, would you prefer a spring-loaded valve that steam pressure can force open to avoid over-pressurization? Or would you prefer a longer password on the computer controlling the boiler? Most of us would prefer a mechanical over-pressure valve, or three, thank you. But – where is the valve in the NIST CSF? In IEC 62443? This is an engineering solution, not a cybersecurity solution.
Engineering grade solutions are deterministic, mathematically model-able, and in a real sense, unhackable. The new book explores engineering-grade solutions in the context of the intrinsic differences between IT and OT networks, assessing network criticality, consequence boundaries, engineering models for OT cyber risk, and the legal obligations of due care – doing what any other reasonable person would do in similar circumstances.
Waterfall is pleased to make free copies of the book available to qualified practitioners when the book releases.