About
Eric Byres is widely recognized as one of the world’s top experts in the field of SCADA…
Articles by Eric
-
Not the Whole Fruit Basket
Not the Whole Fruit Basket
Some thoughts on Dale Peterson’s “Insanely Crowded ICS Anomaly Detection Market” blog If you follow Dale Peterson’s ICS…
4 Comments -
Looking at RSAC-2017 from an ICS/IIoT Security Perspective
Looking at RSAC-2017 from an ICS/IIoT Security Perspective
I recently returned from the RSA Conference 2017 in San Francisco, after a five year hiatus. Since then, a number of…
15 Comments
Activity
-
Reflecting on S4x25 – Conversations That Matter 🌴 Recently in Tampa, I had the privilege of attending S4x25, an event that never fails to push…
Reflecting on S4x25 – Conversations That Matter 🌴 Recently in Tampa, I had the privilege of attending S4x25, an event that never fails to push…
Liked by Eric Byres
-
I’m really excited to be able have the opportunity to share all that I have learned about SBOM (good, bad and ugly) after over a half decade of…
I’m really excited to be able have the opportunity to share all that I have learned about SBOM (good, bad and ugly) after over a half decade of…
Shared by Eric Byres
-
This morning when I finished up my workout at the local Y, the snow was softly falling around the American flag out front. I tried to take a photo on…
This morning when I finished up my workout at the local Y, the snow was softly falling around the American flag out front. I tried to take a photo on…
Liked by Eric Byres
Experience
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Education
Publications
-
Securing EtherNet/IP Control Systems using Deep Packet Inspection Firewall Technology
This paper discusses the creation of a DPI firewall for EtherNet/IP and Common Industrial Protocol (CIP™), and the lessons learned in the process. It explores why DPI is needed for control security, what is available today, and the challenges going forward. This paper looks at the technical issues in creating an EtherNet/IP DPI firewall that is useable and the solutions that are emerging.
Other authors -
-
Tofino Security
Belden Industrial IT
Articles and coverage regarding best-practice and industry technology within topic of industrial network security.
Other authors -
Patents
-
Network Security Appliance
Issued US US8042147 B2
A network security appliance that provides security to devices in industrial environments by transparently bridging traffic to the endpoint device. The security appliance securely communicates with a management server for receiving configuration data for operation of security modules in the appliance by encrypted communications. The security appliance utilizes the network address of the industrial device when communicating with a management server and is addressed by the management server using…
A network security appliance that provides security to devices in industrial environments by transparently bridging traffic to the endpoint device. The security appliance securely communicates with a management server for receiving configuration data for operation of security modules in the appliance by encrypted communications. The security appliance utilizes the network address of the industrial device when communicating with a management server and is addressed by the management server using the address of one of the protected devices associated with the appliance. Learned device characteristics are provided by the appliance to the management server which tailors software and security rules to specific network vulnerabilities of the device and control protocol. The security appliance sends periodic heartbeat messages to the management server using the network address of the device. The heartbeat message can also report anomalous events which may required additional software being provided from the management server to the node.
Other inventors -
Projects
-
Tofino Industrial Security Solution
-
• Design, document, and implement an industrial industry-leading security application in Java, using the Eclipse Rich Client Platform (RCP) and the Eclipse Modeling Framework (EMF).
• Create an accessible, easy-to-use application to perform complex network management and configuration while upholding system security.
• Design an "expert" system that can guide customers to creating the appropriate firewall rules for their specific plant's PLC and HMI array.
• Implement deep packet…• Design, document, and implement an industrial industry-leading security application in Java, using the Eclipse Rich Client Platform (RCP) and the Eclipse Modeling Framework (EMF).
• Create an accessible, easy-to-use application to perform complex network management and configuration while upholding system security.
• Design an "expert" system that can guide customers to creating the appropriate firewall rules for their specific plant's PLC and HMI array.
• Implement deep packet inspection firewall functionality to provide targetted enhanced security for common industrial protocols.Other creators -
Honors & Awards
-
NexDefense Cybersecurity Fellow
NexDefense, Inc.
The NexDefense Industrial Cybersecurity Fellows Program assembles well respected industrial security practitioners, consultants and advisors, each of whom share a common objective with NexDefense to expand business and community recognition of important security trends, emerging risks and techniques that can help to counteract threats to the safety and operational integrity of many industrial control systems. http://www.nexdefense.com/fellows/
-
Excellence in Leadership Award
International Society of Automation
This is the International Society of Automation's (ISA) most distinguished award, recognizing Eric for his leadership in developing numerous innovations, industry standards, and best practices in industrial cyber security.
-
ISA Fellow
International Society of Automation
Awarded by the International Society of Automation (ISA), this prestigious honor acknowledges Eric's outstanding achievements in scientific and engineering fields, as recognized by his ISA peers.
-
SANS Leadership Award
The SANS Institute
Awarded to Eric Byres and the British Columbia Institute of Technology's (BCIT) Critical Infrastructure Security Centre for research contributions to the security of critical national infrastructures
-
Keith Otto Award
Instrumentation, Systems, & Automation Society
Best Industrial Application Article of 2004
-
Donald P. Eckman Education Award
Instrumentation, Systems & Automation Society
Awarded in recognition for an outstanding contributions toward education and training in the science, engineering and technology of instrumentation, systems, and automation, specifically "contributions to the fields of industrial data communications, network security, and fieldbus technology".
-
ISA Standards and Practices Award
Instrumentation, Systems & Automation Society
Presented to recognize and stimulate individual accomplishments and contributions to Standards and Practices in instrumentation, systems, and automation.
-
BCIT Applied Research Award for 2003
British Columbia Institute of Technology
-
Congressional Witness: U.S. House of Representatives
U.S. House of Representatives
Provided expert testimony to the U.S. Congress on the “Security of Industrial Control Systems in National Critical Infrastructures”.
-
Outstanding Industry Application Article of 2000
IEEE Industrial Applications Society
Awarded “Outstanding Industry Application Article of 2000” for the paper Designing Secure Networks for Industrial Control
Recommendations received
12 people have recommended Eric
Join now to viewMore activity by Eric
-
Hello there Watts Bar Nuclear & Dam, been a while since I've seen you.
Hello there Watts Bar Nuclear & Dam, been a while since I've seen you.
Liked by Eric Byres
-
Well the news is out! I've been very elusive about what I've been working on lately, but we are coming out of stealth mode at #S4x25! And I know we…
Well the news is out! I've been very elusive about what I've been working on lately, but we are coming out of stealth mode at #S4x25! And I know we…
Liked by Eric Byres
-
And so it begins!! Happy to announce I am the Head of the Faculty Board at an exciting new OT training startup! See everyone this week at…
And so it begins!! Happy to announce I am the Head of the Faculty Board at an exciting new OT training startup! See everyone this week at…
Liked by Eric Byres
-
#bsidesics was fantastic thanks to Mike Holcomb who helped make it all happen! Amazing job! Thanks for including me and CS2AI Global - Control System…
#bsidesics was fantastic thanks to Mike Holcomb who helped make it all happen! Amazing job! Thanks for including me and CS2AI Global - Control System…
Liked by Eric Byres
-
Do you know what my least favorite part of job hunting is (after getting ghosted, of course)? Salary negotiations. I know there's pros and cons to…
Do you know what my least favorite part of job hunting is (after getting ghosted, of course)? Salary negotiations. I know there's pros and cons to…
Liked by Eric Byres
-
Trump said yesterday he is moving ahead with tariffs on Canada. The USMCA—a deal he negotiated just four years ago and called a historic win—is…
Trump said yesterday he is moving ahead with tariffs on Canada. The USMCA—a deal he negotiated just four years ago and called a historic win—is…
Liked by Eric Byres
-
This new Supply Chain Product Assurance Playbook from Exiger and The Chertoff Group is an exciting development in the supply chain world. It brings…
This new Supply Chain Product Assurance Playbook from Exiger and The Chertoff Group is an exciting development in the supply chain world. It brings…
Shared by Eric Byres
-
Congrats to my trusted colleague, Regan Wilbanks, on his talk at the API cybersecurity conference. He covered the IT/ OT silos and the challenges to…
Congrats to my trusted colleague, Regan Wilbanks, on his talk at the API cybersecurity conference. He covered the IT/ OT silos and the challenges to…
Liked by Eric Byres
-
Great presentation and response! Go Ron Brash!
Great presentation and response! Go Ron Brash!
Liked by Eric Byres
-
Check out Sid Snitkin's (Vice-President of Cybersecurity Services at ARC Advisory Group) and my answers to some timely questions from IIoT-World…
Check out Sid Snitkin's (Vice-President of Cybersecurity Services at ARC Advisory Group) and my answers to some timely questions from IIoT-World…
Shared by Eric Byres
-
The champs wrapping up at FIC North America - living the dream.
The champs wrapping up at FIC North America - living the dream.
Liked by Eric Byres
-
How to make your arguments stronger: #1: Stop using the words “clearly” or “obviously”. If it was, you wouldn't have to say so. #2: Don’t save…
How to make your arguments stronger: #1: Stop using the words “clearly” or “obviously”. If it was, you wouldn't have to say so. #2: Don’t save…
Liked by Eric Byres
-
Ron Brash is presenting his talk “23TB and Me” at SecurityWeek ICS Cybersecurity Conference
Ron Brash is presenting his talk “23TB and Me” at SecurityWeek ICS Cybersecurity Conference
Shared by Eric Byres
-
I’d like to thank IIoT-World and ABB for hosting me on their Enterprise Risk and Compliance: A C-Suite Dilemma (https://lnkd.in/gCsCcSjw) panel for…
I’d like to thank IIoT-World and ABB for hosting me on their Enterprise Risk and Compliance: A C-Suite Dilemma (https://lnkd.in/gCsCcSjw) panel for…
Shared by Eric Byres
Other similar profiles
Explore more posts
-
RBT Security
"Securing Critical Infrastructure with SCADA/ICS Penetration Testing" Canadian resources, from mining to agriculture, are the backbone of our economy. But with great power comes great responsibility—and risk. Why is SCADA or ICS Penetration Testing Essential? Cyber threats increasingly target SCADA systems due to their vital role in controlling and monitoring industrial processes. A successful breach can lead to catastrophic consequences, including operational disruption, financial loss, and public safety risks. Here's how SCADA & ICS penetration testing can help: 1️-Identify Vulnerabilities: Identify weaknesses in your SCADA/ICS system before malicious actors do. 2️-Enhance Security Posture: Strengthen your defenses by addressing identified risks. 3️-Compliance Assurance: Ensure your infrastructure meets regulatory requirements for cybersecurity. 4️-Minimize Downtime: Proactively prevent incidents that could disrupt operations. 5️-Protect Public Safety: Safeguard critical infrastructure to avoid potential hazards to the public. In an age of rapidly evolving cyber threats, ensuring the security of SCADA/ICS systems is not just a necessity—it's a priority. Has your organization implemented SCADA/ICS penetration testing? Share your experience or thoughts! Click the link below to learn more about our SCADA/ICS Pentesting service. https://lnkd.in/gwB5P6iA #rbtsec #SCADA #Cybersecurity #PenetrationTesting #CriticalInfrastructure #IndustrialSecurity
-
International Centre for Pension Management
Program agenda now available for the ICPM-Rotman Cybersecurity Risk Oversight Program (Oct 9-11, 2024)! More details here: https://lnkd.in/gNJdbxkm ICPM and the University of Toronto - Rotman School of Management , along with Dr. Michael Parent, a recognized expert on Corporate Governance, focusing on cybersecurity and IT governance, have created the program to equip pension fund leaders -- including boards, CEOs, Chief Risk Officers, Chief Information Officers, Chief Information Security Officers, and those overseeing enterprise risk management -- with the latest best practices in governance for the proper oversight of cyber risks. Participants will learn about: · The current and evolving environment of cyber threats, including the changing regulatory landscape. · How to respond to cyber incidents in a way that will mitigate their impact, including war room preparations. · The role of pension fund boards and enterprise risk leaders in overseeing cyber risk, including the questions to ask and the answers to expect. · Optimal organizational structures, governance and processes that pension funds should have in place. · Best practices in monitoring cyber risk as well as the protection of digital assets and information in the organization. #education #execed #cybersecurity #risk #oversight #pensions #boards #trustees #IT #data #international #bestpractice #cyber
-
International Centre for Pension Management
Reminder! Secure your spot at the ICPM-Rotman Cybersecurity Risk Oversight Program (Oct 9-11, 2024). More details here: https://lnkd.in/gNJdbxkm ICPM and the University of Toronto - Rotman School of Management, along with Dr. Michael Parent, a recognized expert on Corporate Governance, focusing on cybersecurity and IT governance, have created the program to equip pension fund leaders -- including boards, CEOs, Chief Risk Officers, Chief Information Officers, Chief Information Security Officers, and those overseeing enterprise risk management -- with the latest best practices in governance for the proper oversight of cyber risks. Participants will learn about: · The current and evolving environment of cyber threats, including the changing regulatory landscape. · How to respond to cyber incidents in a way that will mitigate their impact, including war room preparations. · The role of pension fund boards and enterprise risk leaders in overseeing cyber risk, including the questions to ask and the answers to expect. · Optimal organizational structures, governance and processes that pension funds should have in place. · Best practices in monitoring cyber risk as well as the protection of digital assets and information in the organization. Lindsey Matthews, CFA CIPM Sami Khoury #education #execed #cybersecurity #risk #oversight #pensions #boards #trustees #IT #data #international #bestpractice #cyber #governance
-
International Centre for Pension Management
Apply now for the ICPM-Rotman Cybersecurity Risk Oversight Program (Oct 9-11, 2024). More details here: https://lnkd.in/gNJdbxkm ICPM and the University of Toronto - Rotman School of Management, along with Dr. Michael Parent, a recognized expert on Corporate Governance, focusing on cybersecurity and IT governance, have created the program to equip pension fund leaders -- including boards, CEOs, Chief Risk Officers, Chief Information Officers, Chief Information Security Officers, and those overseeing enterprise risk management -- with the latest best practices in governance for the proper oversight of cyber risks. Participants will learn about: · The current and evolving environment of cyber threats, including the changing regulatory landscape. · How to respond to cyber incidents in a way that will mitigate their impact, including war room preparations. · The role of pension fund boards and enterprise risk leaders in overseeing cyber risk, including the questions to ask and the answers to expect. · Optimal organizational structures, governance and processes that pension funds should have in place. · Best practices in monitoring cyber risk as well as the protection of digital assets and information in the organization. Lindsey Matthews, CFA CIPM Sami Khoury #education #execed #cybersecurity #risk #oversight #pensions #boards #trustees #IT #data #international #bestpractice #cyber #governance
-
Cyber Security Canada
An incident response plan is crucial for any organization. It outlines the steps to take in case of a cyberattack, minimizing damage and downtime. ️At Cyber Security Canada, we audit IRPs as part of the CAN/CIOSC 104 cybersecurity standard! #cybersecurity #incidentresponse #CANCIOSC104 #preparedness #cybersecuritycanada #IRP
-
Alexander Rudolph
Last month, Public Services and Procurement Canada | Services publics et Approvisionnement Canada released its Summary Report on its RFI on the Canadian Program for Cyber Security Certification (CPCSC), the Canadian CMMC equivalency certification program. The summary report contains some important information about the position of industry in preparation for the CPCSC, but I noticed quickly that 22% of responses are not included in the overall data analysis. PSPC claims this is because the data is not statistically significant or important to show, but I argue this is a failure of their methodology and approach to understanding information from the RFI instead of the data being unimportant. With a program as important for the security and business of the defence industry as the CPCSC, the PSPC cannot afford to take shortcuts and dismiss what industry experts tell them about the program they are trying to implement. https://lnkd.in/gG_WQQYW #CPCSC #canada #defenceindustry #cmmc #RFI
-
Devon Smibert
Exciting news! 🚀 This week, we're kicking off a project with the Alberta Machine Intelligence Institute (Amii) to accelerate our novel applications of AI and machine learning within our Compliance Copilot platform. 😤 Are you tired of legacy firms using fear, uncertainty, and doubt to drive up costs while leaving you vulnerable and still wondering if you're compliant? 📊 Imagine having real-time visibility, actionable insights, and expert guidance right at your fingertips — instead of endless excuses and broken promises that literally "keep you up at night." We're on a mission to make understanding digital risk effortless and precise, so you can focus on growth and innovation without fear. We still have spaces for a few organizations with high assurance or complex regulatory requirements to join this first phase of co-innovation. If that sounds like you, you already know how to reach me. 😉 On a related note the Transportation Security Administration (TSA) released "SD Pipeline-2021-02E: Pipeline Cybersecurity Mitigation Actions, Contingency Planning, and Testing" in July with an interesting clarification for Pipeline Owner/Operators. The regulators clearly found it important to reinforce that a "If an Owner/Operator has delegated to... a #ManagedSecurityServiceProvider... specific security measures in the... Cybersecurity Implementation Plan, the Owner/Operator retains sole responsibility..." Personally, I believe that this is an important message for all leaders with risk and compliance accountabilities. Outsourcing DOES NOT transfer the risk, liability, or responsibility to your MSSP. Big thanks to National Research Council Canada / Conseil national de recherches Canada for their support on this project and helping us with our Intellectual Property Strategy to ensure that the fruits from our innovations stay in Canada. Looking forward to shoring up this part of our strategy with John Sanche and the Burnet, Duckworth & Palmer LLP team.
1 Comment -
Office of the Privacy Commissioner of Canada/Commissariat à la protection de la vie privée du Canada
The Communications Security Establishment reported last year that it blocks billions of cyber attempts against Government of Canada networks each day. #CyberMonth2024 #GC institutions must notify the OPC and TBS of all material #privacy breaches, which are breaches that could reasonably be expected to create a real risk of significant harm to an individual. In 2023-2024, the OPC received 321 reports of cyber incidents from the private sector, and only 37 from federal institutions. If your institution experiences a material #breach, don’t forget to report it. Our new secure online breach reporting form is making it easier to report: https://lnkd.in/dG5TS7cT
-
Alaa-Eddine Boubakri 🇨🇦
🔐 #CyberSecurity Alert: Critical ICS Security Advisory Attention industrial control systems operators and security professionals! The Canadian Centre for Cyber Security has issued an important security advisory regarding multiple vulnerabilities. ⚠️ Critical Updates Required: • Delta Electronics InfraSuite Device Master (v1.0.12 and earlier) • Siemens InterMesh 7177 Hybrid 2.0 Subscriber (pre-V8.2.12) • Siemens InterMesh 7707 Fire Subscriber (pre-V7.2.12) • Solar-Log Base 15 (firmware v6.0.1 Build 161) • Rockwell Automation FactoryTalk ThinManager (multiple versions) 🛡️ Action Required: System administrators should immediately review, implement recommended security measures, and apply all available updates. #ICS #IndustrialControl #CriticalInfrastructure #CISA #CyberSecurity #IndustrialAutomation #Siemens #RockwellAutomation #DeltaElectronics #SecurityAlert #TechnologyNews #CyberSecurityAwareness #IndustrialSecurity #OTSecurity
2 Comments -
David Elderfield
The authors shown below put out a well-read academic paper on Canadian corruption issues just a few months back. That this issue continues to be highlighted by CSIS, CISC, RCMP, foreign intelligence services, and now clearly stated in academic papers... and yet is completely ignored by government... is disastrous for our nation. The well-documented complaints of thousands of citizens is denied, delayed & ignored in practiced patterns to frustrate fairness & just responses, leading to ever increasing corruption & infiltration by organized crime. Even the firing of our Attorney General, Jody Wilson-Raybould, was a cover-up of massive corruption issues in Canada... and was accomplished without any repercussions for the perpetrators. My own experience of having millions of dollars of R&D crushed by career bureaucrats has been refused any fair review even though 4 Federal Ministers had requested the tech, US Homeland had vetted the tech and approved it for BC/Alaska border testing, and CBSA & CRA documentation clearly states that there was no rationale to attack this company that was providing leading-edge border security enhancement... unless it was to defend illicit trade & money laundering. Below are excerpts from the academic paper. The conclusions they make are ignored at our own peril: The impact of neoliberal policies has been profound. The destruction of regulation, regulatory agencies and regulatory agents through downsizing, defunding and deregulation removed many of those responsible for passing and enforcing laws punishing corporate wrongdoing. While deregulation in the United States started with the election of Ronald Reagan in 1980, Donald Trump carried it to an extreme. While successive Canadian governments have never directly copied their U.S. counterparts, we, too, have witnessed the negative outcomes associated with globalization. Given all this, serious action against corruption, in Canada and abroad, must include moving beyond the narrow and reactive confines of bribery law and policy, as espoused by the OECD and woefully mishandled by the Canadian government, to confront the harms associated with globalization and bring multinational corporations under democratic control.
5 Comments -
CyberKnight
Phosphorus Cybersecurity Inc.: “Pushing OT operators to upgrade to PQC algorithms assumes the devices are using cryptography in the first place – which is a giant assumption!” John Terrill reminds us. In OT environments, where attackers exploit basic vulnerabilities, establishing quantum-specific resilience may feel like a shiny distraction if cybersecurity fundamentals aren’t in place. Let’s not jump ahead of ourselves; the foundation matters most for critical infrastructure resilience. Read more on Industrial Cyber where Anna Ribeiro reports on the joint DHS and CISA guidance for steps to facilitate the transition to post-quantum cryptography across Operational Technology environments. https://okt.to/ClP1WI #OTSecurity #CyberHygiene #QuantumThreats #CyberResilience
-
Greg Spievak
Reboot Communications Ltd. Excellent article Renata N. Hale #Municipal decision-makers – whether elected officials or those in senior administrative or management roles – should understand three key aspects of #cybersecurity and #risk so they can effectively manage such risks and guide cybersecurity investments where they will have the greatest impact: -treating cyber risk as business risk appreciating that cyber #threats involve more than deliberate cyberattacks knowing that #privacy #compliance does not equate to #cybersecurity Payal Sondhi Harsh Modi Tim McCreight
-
Canadian Defence Review
💡 #CyberDefence Update: Dave M. at Sapper Labs Group provides an overview of foreign interference threats in Canada. Learn how cyber-attacks and disinformation affect our democratic processes: https://loom.ly/HY3Hn1Q #CanadianDefenceReview #CDRmagazine #CanadianDefence #Defence
-
VulnCheck
📅 Block your calendars! On November 14 at 1:00 pm ET, join VulnCheck and Cyware for our joint webinar, "Mining the Gaps for Emerging Threats." Register now to learn how security teams can achieve a new level of intelligence to identify and prioritize threats at scale. Click the link below for more: https://hubs.ly/Q02VbRlq0 #ExploitIntelligence #VulnerabilityManagement #ThreatIntelligence
-
Industrial Cyber
"Under the CMVP, cryptographic modules undergo third-party testing by National Voluntary Laboratory Accreditation Program NVLAP accredited laboratories, and the processes and results are validated under a program run by the NIST and the Canadian Center for Cyber Security CCCS." https://lnkd.in/gx7de8rh #NIST #cybersecurity #cryptography #informationsecurity #industrialcyber #icssecurity #ics
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More