stepdad & husband | @dragosinc cyber risk director | STEM do-gooder | @SANSInstitute instructor | fmr. CTO, researcher, & regulator on ICS security | engineer
Joined March 2009
- Tweets 4,612
- Following 373
- Followers 2,121
- Likes 4,585
1,141 Photos and videos
Pinned Tweet
21 Mar 2021
7 Things Every Kid Needs to Hear:
1. I Love You
2. I’m Proud of You
3. I’m Sorry
4. I Forgive You
5. I’m Listening
6. Vulnerability management is only one aspect of cyber risk, which is a complex function including impacts and threats.
7. You’ve Got What It Takes
38
339
1,537
j.d.christopher retweeted
31 Jan 2024
Coming up: Panel discussion with EIP's @jdchristopher at the DOE (@ENERGY) Energy Transition Summit, discussing future clean energy applications for the cloud and the technical, regulatory, standards, and/or best practices to ensure secure cloud adoption. #energytransition
1
1
5
578
j.d.christopher retweeted
22 Jan 2024
A warm welcome to @jdchristopher! You’re going to be a valuable asset to our company, and we can’t wait to see all that you accomplish.
1
5
606
13 Dec 2023
…what if ICS/OT security professionals got an annual “wrapped” summary for 2023 like Spotify provides?
Industrial cybersecurity sometimes feels like an uphill battle, but I promise you— we are constantly improving and doing better.
What metrics would be in your 2023 wrapped?
1
3
408
18 Oct 2023
At #GridSecCon2023? Be sure to check out the @SANSICS booth! Both @cutaway & I are here to talk about our courses, grid security, & the future of ICS workforce development.
Also be sure to check out the SANS-Dragos CtF tonight & my session on “future-proofing” NERC CIP tomorrow!
1
7
809
1 Aug 2023
In 2013, I was the federal energy sector lead for the NIST Cybersecurity Framework, which included a robust discussion on cybersecurity incentives.
Ten years later, the landscape has shifted significantly, but it still comes down to insurance:
lawfaremedia.org/article/if-…
1
2
336
26 Mar 2023
Sorry, had to be done…
25 Mar 2023
Understanding metrics to measure SOC effectiveness securelist.com/understanding…
1
6
1,300
22 Mar 2023
The evolving role of industrial CISOs is something @deancybersec and I discuss in the @SANSInstitute #ICS418 course. Happy to get a chance to explore it more in this week's #ControlLoop podcast!
22 Mar 2023
Need your #OTcybersecurity news update? #ControlLoop has it. Hear guest @jdchristopher, @DragosInc's Dir of #CyberRisk, discuss #CISO evolution. #LearningLab: @DragosInc's Seth Lacy & Mark Urban on industrial cyber #threatintel & collective intelligence. bit.ly/cwCL032223
2
400
16 Mar 2023
I don’t post much any more, but want to plug my @SANSICS research project on ICS/OT visibility. Looking for some input on industrial orgs with SOC capabilities (both IT and OT).
Provide insights, help the community, & maybe win a $250 Amazon gift card!
sans.org/u/1pqp
1
4
580
j.d.christopher retweeted
24 Dec 2022
I know we’re saying “farewell”, but the chemistry between @theJumpHQ (Jay especially) and Frances Cone has me DYING for more.
1
1
396
🗞️ SANS #CyberSecurity Blog
📈 How to Mature ICS Security with #Metrics
@jdchristopher breaks down the Basic #ICS/ #OT Security Metric Implementation Process.
📕 Read Blog In Full: sans.org/u/1nGl
1
3
7 Nov 2022
You'll want to check this one out-- expect some great discussion around measuring OT cyber risk, some memes, and more than a few actionable tools that you can immediately apply. What more could you ask for?
7 Nov 2022
Attending the @APIGlobal Cybersecurity Conference this week? Come see @mplorbert and I give our talk called "The Susceptibility Among Us" on industrial cyber risk management on Nov. 8. @DragosInc #ICS #OT #risk
1
2 Nov 2022
Curious about how to measure the effectiveness of your ICS security program? Check out my latest @SANSInstitute blog on what to measure, how, and what your team should look like:
🗞️ SANS #CyberSecurity Blog
📈 How to Mature ICS Security with Metrics.
“If you’re not measuring, you’re just practicing.”
@jdchristopher explains the many reasons why #ICS Security Leaders should implement a metrics program
Read Full Blog: sans.org/u/1nGl
j.d.christopher retweeted
17 Oct 2022
There will be a great lineup of Dragos presenters at the 17th Annual @APIenergy Cybersecurity Conference for the #oilandgas industry in The Woodlands, TX, on November 8-9. Mark your calendars! Learn more: buff.ly/3RPTsCZ. #ICSsecurity
1
2
21 Sep 2022
Federal cyber contractor bingo in full force right now. An hour in and “zero-trust,” “machine learning,” “artificial intelligence,” & “quantum encryption” have all been pitched as ways to automate reduction in cyber risk.
It’s too early for this drinking game.
1
21 Sep 2022
Me: Post-COVID, I will never wear a tie again. Be happy I’m wearing shoes.
Every federal defense contractor at their first cyber conference in 2 years:
5
15 Sep 2022
I've got a busy couple of weeks coming up! A few webinars of interest for folks below, as well as a LiveOnline run of @SANSInstitute ICS418.
Want to chat in person? You can catch me at both the @NatlCyberSummit in Huntsville, AL or at @BsidesCLT later this month!
5
29 Aug 2022
...wait, you guys _haven't_ been doing risk-based vulnerability management? Uh oh.
cpomagazine.com/cyber-securi…
1
3
26 Aug 2022
Another proof-of-concept, but I <3 this one too... because "air gap." Nothing totally new about exfiltrating data using acoustic or optical methods, but I like the addition of an infected phone to do the dirty work: thehackernews.com/2022/08/ne…
j.d.christopher retweeted
25 Aug 2022
Hear why OT cyber knowledge brings more value to executives from @jdchristopher, and a rundown of #SCADA terms and what they mean from David Foose and Mark Urban--on Control Loop Podcast.
x.com/thecyberwire/status/15…
#otsecurity #icscsecurity #industrialcybersecurity #controlloop
24 Aug 2022
On #ControlLoop podcast, get up to speed on latest #OTcybersecurity news. @jdchristopher, @DragosInc's Dir of #CyberRisk, discusses boards & threat-informed #industrialriskmanagement. In #LearningLab @DragosInc's David Foose & Mark Urban chat about #SCADA. bit.ly/cwCL082422
4
8