From: Motherboard

Robert M. Lee is the CEO and Founder of Dragos and a SANS Certified Instructor and course author. He gained his start in security as an Air Force Cyber Warfare Operations Officer identifying nation-state cyber attacks on critical infrastructure while serving in the Intelligence Community. He may be found on Twitter @RobertMLee.

The systems we rely on most for some of the nation’s most sensitive infrastructure, such as the power grid, manufacturing, oil and gas facilities, and water utilities, face cybersecurity threats we do not fully understand. This leads to a gap in reporting that can be filled by “experts” with questionable experience and hyped-up metrics.

All this raises the question: How do we not have at least an understanding of the threats we face—such as the groups and their capabilities that wish us harm—even if we cannot fully counter them? This question can be answered through two key points: We have a lack of visibility into industrial networks, and there is a significant desire for organizations to report on cyber threats, which leads to hype.

An Issue of Visibility

Read Complete Article