Priority Is In The Eye Of The Asset Owner
Danielle Jablanski
S4x24 - ICS Security Conference · Day 1 · Stage 2
In the critical and often chaotic realm of operational technology (OT) cybersecurity, a fundamental challenge persists: how to effectively prioritize security efforts when nearly everything is deemed "critical." Danielle Jablanski, in her compelling S4x24 talk, addresses this pervasive dilemma head-on, asserting that true prioritization stems not from top-down mandates or generalized assessments, but from the nuanced perspective of the **asset owner** themselves. Her presentation introduces a structured methodology, the STAR (Situation, Task, Action, Result) foundation, designed to empower asset owners to articulate their specific cyber-physical risks and, in doing so, unlock meaningful security prioritization.
AI review
This talk by Danielle Jablanski cuts through the usual platitudes surrounding critical infrastructure security by asserting that true prioritization must come from the asset owner, not top-down mandates. Her STAR methodology, validated through a Water ISAC exercise, provides a structured, no-bullshit framework for organizations to define their unique cyber-physical risks. This isn't just another 'awareness' session; it's a practical, actionable approach to a pervasive and poorly addressed problem, offering a quantifiable 'Standardized Priority Score' that could genuinely shift how we secure…