For those of
you who don’t know, Digital Bond’s S4X16 Week is considered by many to be the leading Industrial Cyber
Security conference in the world. This year’s conference will be held Jan.
12-14 in Miami Beach, and I’m told you can still sign up for it.
I bring this
up because I will be one of the presenters – although the official word this
year is “performers” - at their Main Stage event at the Jackie Gleason Theatre
on Jan. 12. I got into this because Dale Peterson, the founder and president of
Digital Bond, asked me last summer if I would discuss an interesting topic: how
I would rewrite NERC CIP if I had carte
blanche to do so.
When Dale
asked me this, I thought it was a very intriguing subject, although of not much
practical interest because the idea of rewriting CIP from scratch was a) wildly
improbable and b) not really necessary. In other words, I thought that what was
needed to make CIP a workable set of standards was just to rewrite a few parts
of it (primarily CIP-002); a wholesale rewrite wasn’t needed and would be very
unlikely in any case.
Well, things
have changed since then. I will soon be writing at length (the only way I know
how to write, of course) about why there is no point in simply trying to fix a
few parts of CIP v5. In my opinion, the whole current CIP framework needs to be
rewritten; my presentation will lay out how I would rewrite it, from a high
level. The details will come in future blog posts. Whether it’s probable this
will happen…that’s something I will work on – in my presentation, blog posts,
etc.
Dale’s
mandate to all of the performers is that our presentations be entertaining, and
he has provided the talent resources to us to make this happen. I won’t reveal
more details, but I venture to say that my “performance” – and probably the
others that day – will be very entertaining. Come if you can.
The views and opinions expressed here are my own and don’t
necessarily represent the views or opinions of Deloitte Advisory.
No comments:
Post a Comment