Secure Operations Technology (SEC-OT) is a methodology inspired by a decade's experience working with secure industrial sites. SEC-OT defines control system security as:
control system security - protecting safe and reliable physical operations by assuring correct and authorized control
SEC-OT observes that:
- All cyber attacks are information and so every inventory of information flows is also an inventory of attack vectors. Control these flows and we control the attacks.
- All software has defects and vulnerabilities, both discovered and undiscovered. Using vulnerable firewalls, cryptosystems and security software to protect vulnerable control systems is like bailing a boat with a bottomless bucket. First control attack flows physically, then think about software protection.
- Nothing is secure. Eliminating known vulnerabilities renders no system invulnerable. SEC-OT designs security programs to defeat well-known attack capabilities, not madly patch new vulnerabilities.
Secure Operations Technology is a collection of affordable and practical approaches that thoroughly defeat control system cyber attacks from the mundane to the arcane.
To request a free copy of Secure Operations Technology when it launches January 2019, please enter your contact and shipping information at right.