Pinned
It was a pleasure to testify to the U.S. Senate on industrial cybersecurity (ICS/OT). The archived recording is here energy.senate.gov/hearings/2023/… and my written testimony is here: energy.senate.gov/services/files…
Robert M. Lee
21.6K posts
Robert M. Lee
@RobertMLee
Co-Founder & CEO @DragosInc | SANS #FOR578 & #ICS515 course author & Faculty Fellow |@_LittleBobby_ writer | NSA & USAF Veteran
- Publicly firing an employee as well as mocking employees you’ve fired is some of the worst leadership I’ve ever seen. Firing people is part of the job sometimes, it should almost always make you feel sick. When it doesn’t you need to do some self evaluation on you in your role.
- “Yes we have SolarWinds but we haven’t updated it in a long time, well before their compromise.” I love the ICS community
- I’ve had a few folks reach out to me because of some of my employees’ comments in the media and on their social media apparently expecting me to censor them or take some action. Some general end of day stressed thoughts: (1/x)
- If you are in the US/UK/ANZ at a small co-op/muni & need ICS cybersecurity support (Dragos Platform technology, managed service, and incident response) please feel free to message me directly. Dragos is going to make our capabilities free for the smaller members of our community
- To my cybersecurity colleagues - especially in infrastructure security - get some rest. No one knows what’s going to happen but nothing you’re doing over the weekend will help for next week if something were to happen. No one benefits from you being tired in a crisis.
- Turns out cryptocurrency is as much of a scam as we all said…the entire time.
- Please tell me more about how black people are rioters and the threat. I don’t seem to remember them storming the fucking capitol disrupting the electoral process.
- For every IT security person complaining that an Engineer/Operator doesn’t care about security there’s an Engineer with an IT ticket open for 3+ months.
- I know plenty are saying this but the Ukrainian counter intel and information operations execution is off the charts. It will absolutely be studied in intel and military schools across the world for decades to come.
- “I can’t believe people scan QR codes” *Proceeds to install TeamViewer on the SCADA system*
- Every now and then some level of gate keeping comes up in the cybersecurity community about how you have to be a programmer, or super technical, or whatever else is the flavor of the day to be successful. I was a Social Sciences - African Studies major in college. You’ll be fine.
- I’m not an alarmist but I would sincerely advise folks working in infrastructure to understand their connections in and out of the ICS and be proactive in security over the next few weeks at a minimum. I have no specific intel on this only concern given recent developments
- My teammates at Dragos get SMS scams all the time pretending to be me (also who adds signature blocks to texts?!?) apparently they’ve gotten tired of it enough to start trolling the scammers. Here’s the latest shared with me
