AMA: Just finished six months of customer discovery around ICS and cybersecurity
I just spent seven months doing customer discovery at the intersection of industrial control systems (ICS) and cybersecurity. AMA.
For more details, check out my wrap-up post/podcast here: https://steinman.substack.com/p/the-one-before-the-beginning
Did a post + podcast for each explored business model:
Startup Idea 1: ICS Cybersecurity Insurance Company https://steinman.substack.com/p/audio-version-what-happened-to-insurance
Startup Idea 2: ICS Cybersecurity "oracles" https://steinman.substack.com/p/audio-version-security-on-the-chain
Startup Idea 3: Risk-scoring ICS cybersecurity infrastructures https://steinman.substack.com/p/audio-version-running-the-numbers
Startup Idea 4: Managed Security Service Provider (MSSP) for ICS https://steinman.substack.com/p/an-ics-managed-security-services
Startup Idea 5: "TurboTax" for ICS Cybersecurity https://steinman.substack.com/p/turbotax-for-industrial-cybersecurity
Startup Idea 6: "The One That Might Get Us Cancelled" or, a discussion of the zero-day exploit market https://steinman.substack.com/p/the-one-that-might-get-us-cancelled
feel free to tweet/DM me at JoshuaSteinman on Twitter as well I’ve had a moderate interest in security for years and a mild interest in ICS for a short time. I may have to take a look at some of these ideas. No way I could bootstrap a business though :p Interestingly I’ve seen a lot more regarding ICS security recently than I have in the past. I’m guessing this is partially because of somewhat recent big news items. You are probably right, the news is certainly driving a lot of it, but also these types of attacks are increasing in frequency because of the proliferation of connection points between industrial networks and the internet. There's just more industrial stuff that's out there. It's kind of a forgotten area for security. Most security tools and policy tend to focus higher up the "real computers", for lack of a better term. estimates vary, but I've never seen one that has more than 10,000 ICS cybersecurity specialists *worldwide* In the U.S., the numbers are around 3000-5000. And yet, so much relies on industrial control systems...