Hacker News new | past | comments | ask | show | jobs | submit login
AMA: Just finished six months of customer discovery around ICS and cybersecurity
8 points by SocksCanClose 9 days ago | hide | past | favorite | 4 comments
I just spent seven months doing customer discovery at the intersection of industrial control systems (ICS) and cybersecurity. AMA.

For more details, check out my wrap-up post/podcast here: https://steinman.substack.com/p/the-one-before-the-beginning

Did a post + podcast for each explored business model:

Startup Idea 1: ICS Cybersecurity Insurance Company https://steinman.substack.com/p/audio-version-what-happened-to-insurance

Startup Idea 2: ICS Cybersecurity "oracles" https://steinman.substack.com/p/audio-version-security-on-the-chain

Startup Idea 3: Risk-scoring ICS cybersecurity infrastructures https://steinman.substack.com/p/audio-version-running-the-numbers

Startup Idea 4: Managed Security Service Provider (MSSP) for ICS https://steinman.substack.com/p/an-ics-managed-security-services

Startup Idea 5: "TurboTax" for ICS Cybersecurity https://steinman.substack.com/p/turbotax-for-industrial-cybersecurity

Startup Idea 6: "The One That Might Get Us Cancelled" or, a discussion of the zero-day exploit market https://steinman.substack.com/p/the-one-that-might-get-us-cancelled

feel free to tweet/DM me at JoshuaSteinman on Twitter as well

I’ve had a moderate interest in security for years and a mild interest in ICS for a short time. I may have to take a look at some of these ideas. No way I could bootstrap a business though :p

Interestingly I’ve seen a lot more regarding ICS security recently than I have in the past. I’m guessing this is partially because of somewhat recent big news items.

You are probably right, the news is certainly driving a lot of it, but also these types of attacks are increasing in frequency because of the proliferation of connection points between industrial networks and the internet. There's just more industrial stuff that's out there.

It's kind of a forgotten area for security. Most security tools and policy tend to focus higher up the "real computers", for lack of a better term.

estimates vary, but I've never seen one that has more than 10,000 ICS cybersecurity specialists *worldwide*

In the U.S., the numbers are around 3000-5000.

And yet, so much relies on industrial control systems...

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact