Cybersecurity Researcher

You have to pre-position yourself if you want to be able to do this. I actually wrote a paper on this, I think, back in 2014, that the leaders of a country can't just go to their cyber arm, their equivalent of whatever their offensive team is, and say, I want you to bring down this power, this manufacturer, every critical infrastructure in this region and expect it to happen the next day.

You have to pre-position yourself if you want to be able to do this. I actually wrote a paper on this, I think, back in 2014, that the leaders of a country can't just go to their cyber arm, their equivalent of whatever their offensive team is, and say, I want you to bring down this power, this manufacturer, every critical infrastructure in this region and expect it to happen the next day.

You have to be pre-positioned. You have to learn their system. You mentioned Stuxnet earlier. You look at all the time involved to create that system. So you have to do the work ahead of time so that you can press the button if you choose to.

You have to be pre-positioned. You have to learn their system. You mentioned Stuxnet earlier. You look at all the time involved to create that system. So you have to do the work ahead of time so that you can press the button if you choose to.

This is being done now by everyone, including the US. Across the world, you can find just as many quotes from Chinese leaders complaining about US hacking into Chinese systems. It's the state of the world right now. What is interesting is there is a line.

This is being done now by everyone, including the US. Across the world, you can find just as many quotes from Chinese leaders complaining about US hacking into Chinese systems. It's the state of the world right now. What is interesting is there is a line.

While there aren't official agreed upon cyber norms in this theory, there is a line that you can say, I can do up to this and it will be accepted without retaliation.

While there aren't official agreed upon cyber norms in this theory, there is a line that you can say, I can do up to this and it will be accepted without retaliation.

A lot of these companies... have never suffered a major impact, an outage, a financial loss, equipment damage, due to a cyber incident on OT. So there's still this belief that they're immune to the OT security threat.

A lot of these companies... have never suffered a major impact, an outage, a financial loss, equipment damage, due to a cyber incident on OT. So there's still this belief that they're immune to the OT security threat.

If you even look at the numbers, we're seeing about 75% of the OT outages over the last two years when there was actually something happened in cyber that caused a factory or a water utility or anything like that to go down and not be able to do its physical function. That was ransomware on IT. So that's still by far what's causing the most problem. It's almost this barbell issue.

If you even look at the numbers, we're seeing about 75% of the OT outages over the last two years when there was actually something happened in cyber that caused a factory or a water utility or anything like that to go down and not be able to do its physical function. That was ransomware on IT. So that's still by far what's causing the most problem. It's almost this barbell issue.

You have these common attacks that that you have to worry about. And then you have these potentially very serious attacks for a company or a community or a country. And that's the one that really isn't getting the attention. I think that's, you know, when you keep going back to China, that's the one that's a little scary because we're not up to that challenge today.

You have these common attacks that that you have to worry about. And then you have these potentially very serious attacks for a company or a community or a country. And that's the one that really isn't getting the attention. I think that's, you know, when you keep going back to China, that's the one that's a little scary because we're not up to that challenge today.

Any company right now has to say, My IT network could be compromised at any time. Any sort of security program I put in place, I can't feel highly confident that this will not happen. So I'm going to assume it happens. What is my response and recovery? And not that there won't be pain, but will the pain be acceptable?

Any company right now has to say, My IT network could be compromised at any time. Any sort of security program I put in place, I can't feel highly confident that this will not happen. So I'm going to assume it happens. What is my response and recovery? And not that there won't be pain, but will the pain be acceptable?

And that should be doable for most companies, but it seems like every time it happens, it's a big surprise. And I think that we're really missing the boat when it comes to recovery, almost more than we are on the security angle.

And that should be doable for most companies, but it seems like every time it happens, it's a big surprise. And I think that we're really missing the boat when it comes to recovery, almost more than we are on the security angle.