Cybersecurity Musings

Cybersecurity Musings
June 11, 2026

Lighting the Map: Mapping INSM in OT

Let’s talk about mapping INSM to what you can actually see across NERC, FERC, NIST, and NIS2. Mapping INSM means documenting...
Read more
OT Segmentation blog image
Cybersecurity Musings
June 4, 2026

OT Segmentation: Why the Framework Matters Less Than the Discipline

Part 2 of 2: Why the quality of your OT segmentation in real industrial environments matters more than the label on the framework...
Read more
IEC 62443 article image
Cybersecurity Musings
May 28, 2026

The Purdue Model and IEC 62443: Two Frameworks, Different Jobs

Part 1 of a 2-part series detailing what IEC 62443 and the Purdue Model actually do, and why conflating them may cost you...
Read more
Graphic for the CIP-015 Compliance on a Budget blog shows a scene inside a warm, bustling fantasy tavern lit by lanterns and fireplaces, where a group of adventurers gathers around a large wooden table covered with maps, notes, dice, and planning tools. One character points at the map while the others study routes and discuss strategy, symbolizing collaborative planning and phased execution. A glowing phoenix perched above the group illuminates the room with EmberOT’s signature orange glow. The tavern is filled with additional travelers, wooden beams, banners, clocks, and intricate fantasy décor, creating the feeling of a central planning hub before a major quest.
Cybersecurity Musings
May 20, 2026

CIP-015 Compliance on a Budget

For this week’s article, I wanted to share a scrappy, starter-gear approach to CIP-015 compliance and  internal network...
Read more
East-West Traffic EmberOT blog
Cybersecurity Musings
May 14, 2026

East-West Traffic Is the Final Boss

Perimeter defenses got you through the early game, and east-west traffic is the stage that matters next. Most OT security...
Read more
A futuristic industrial environment where an OT analyst / technician stands inside a dark OT facility surrounded by electrical equipment, control systems, and glowing instrumentation. In front of the operator is a large holographic-style network visualization composed of orange data lines, diagrams, and connected nodes forming the shape of a phoenix. The technician reaches toward the glowing display as if interacting with a live OT monitoring or analytics system.
Cybersecurity Musings
May 7, 2026

The Durable Defense: Why the Cross- Disciplinary OT Analyst Wins

The OT analyst role is changing, and the teams that understand that shift early will be better prepared for what comes next....
Read more
AI vulnerability discovery
Cybersecurity Musings
April 29, 2026

Cutting Through the Mythos: What AI Vulnerability Discovery Actually Means for OT

This is Part 1 of a 2-part blog series focused on AI vulnerability discovery in OT. Anthropic’s Claude Mythos Preview...
Read more
CIP-015 Blog
Cybersecurity Musings
April 24, 2026

CIP-015 Compliance Is Not a Loot Drop

Why checking every R1 through R3 box doesn’t mean you’ll catch anything real. If you’re scoping CIP-015...
Read more
OT CVEs and ICS Vulnerabilities blog
Cybersecurity Musings
April 9, 2026

ICS Advisories, OT CVEs, and Your Environment

Sorting through the growing volume of vulnerabilities, patches, advisories, and alerts can be challenging for larger dedicated...
Read more
Pipeline security EmberOT blog
Cybersecurity Musings
April 2, 2026

Pipeline Security, Visibility, and Detection at the OT Edge

How can you detect malicious or anomalous activity at the edge of your network, when your environment includes a pipeline...
Read more