Update for 2022

Merry Christmas and a Happy New Year to everyone. Special shout out to those safeguarding civilization in all the many forms this takes. Being on call is not for everyone, is it ? 

My last update was a while back and I am clearly overdue for an update we go into 2023.

So lets cover some of my observations and personal highlights of 2022:

The continued success and growth of EnergiCERT (https://energicert.dk/) is certainly strengthening and benefiting the cyber security of  Danish critical infrastructure. Wonderful team of people, well managed and motivated. Yeah, I am biased ;)

Engarde Security continues to grow and be noticed; now has expanded and with an ics range (https://www.engardesecurity.com/icsrange)  Highly skilled people and the ics range is very well done.

Enjoyed an excellent ICS Security conference in Copenhagen in November:  (https://insightevents.dk/isc-cph/ ) But I still miss CS3 (https://cs3sthlm.se/) for many non technical reasons.

New Job - after a year of working as part of a wonderful managed team of highly skilled and personable security analysts at TDC NET, I was invited to be part of a highly skilled and competent IR team; this time with the focus on developing an IR for OT capability for Improsec (https://improsec.com/), a Danish consulting company. This has been interesting, fun and challenging so far. Very much looking forward to seeing what happens in 2023.

Thankfully, 2022, has been a goldmine of  excellent IR OT material; my favorites are :

Bryan Singer (Accenture) from S4 2022  (https://www.youtube.com/watch?v=luWLgQZngxI)

Leslie Carhart (Dragos) from RSA 2022 (https://www.youtube.com/watch?v=I9qPdFaboU8)

Two other excellent ICS videos you should watch are listed below:

Alexandrine Torrents S4x22 (https://www.youtube.com/watch?v=jzadpM7khWk&t=59s

Joel Langill and Brad Hegrat (https://www.youtube.com/watch?v=KfxPF9xjFrE&t=75s)

A huge shout out to Dale Petersen and the epic S4 event in Florida for releasing all the excellent presentations from the OT Security event  (https://www.youtube.com/watch?v=Lvg1wI8mYNI)

 Not to forget the Dragos team who have spent alot of time explaining what small and medium size OT companies should do to make themselves more resilient to the top threats to ICS security. 

https://www.dragos.com/resources/

No review of ICS Security and or Incident Response would be complete, in my world, with out mentioning two of the old timers who, year after year, continue to provide insightful comments, critical thinking and laser focus in their respective areas. 

For DFIR, I am speaking of Harlan Carvey (Mr RegRipper) and his decades of great posts can be found here : https://windowsir.blogspot.com/

For ICS ; I am referring to Mr. Stuxnet, or Mr OT Asset Management : https://www.youtube.com/results?search_query=ralph+langner+ted+talk

These are just some of the highlights of my 2022 work that I wanted to share. See you all in 2023 !


 


Comments

  1. martinboller31 December 2022 at 07:50

    Thanks for a great year of being you, Buddy

    ReplyDelete
    Replies
    1. Mitch Impey6 January 2023 at 00:23

      Vice versa Martin. Technology is interesting, but the people I get to talk with are the most important and valuable to me.

      Delete

Post a Comment

Popular posts from this blog

Laid off and Looking for the next interesting job...

 After a short but interesting time at a consulting company, where I focused on IR and dabbled in OT IR, they ran into pipeline issues and I was sent home on "garden leave".  I will miss them, I had great colleagues who amazed and impressed me with their skills. I got to focus on IR and the implications for OT and enjoyed being able to concentrate; make internal presentations, external presentation as well. Then my body told me I was too old for IR and the middle of the night calls, so I asked if it was possible to be moved into detection, where I was supposed to help with that. Maybe see how we could log OT devices etc. This was approved and after a few weeks, I got the call. Something changed I guess.  The last time I was laid off was 1990, so last century. Damn. But math is king and as inexorable as gravity. Neither is personal, shift happens. I reminded the team about the Innuit cultures habit of leaving the old out on the iceflow for the bears ;) The first time it happen
Read more
Welcome to 2023 During 2022, I was fortunate enough to be able to take a lot of high quality training; some due to work; the rest was online remote training that anyone with a credit card could sign up for. As I like to (try and) keep up with (some) new topics and try to understand them, I signed up for a subscription to Packt Press.The Black Friday sale was irresistible and their library of books and videos is substantial. Another activity I like to do is solving technical challenges. I know there is lot of free events out there, but I am a fan of Blue Team Labs ( https://blueteamlabs.online/ ) as they offer a great set of "Active Investigations" that are DFIR related. Plus there was yet another irresistible offer on Black Friday that was a great price performance. And since we typically work in a Microsoft-concentric world, please do not forget all the resources there. I'm doing this one .. https://learn.microsoft.com/en-us/training/paths/beginner-python/  From  Kevin V
Read more