Insights

Why OT Operators Must Maintain a Continuously Updated System Inventory In August 2025, regulatory and cybersecurity agencies from the United States, Canada, Australia, New Zealand, the Netherlands, and Germany jointly released new guidance urging OT owners and operators to create and sustain a definitive, continually updated record of their OT architecture. A follow-on document, joined by the United Kingdom, expands upon how organizations can leverage asset inventories, software bills of materials (SBOMs), and other data sources to build this "definitive record." Why is this so urgent? In short: without a living, accurate map of what's in your environment, security teams can't reliably assess risk, detect vulnerabilities, or respond confidently to incidents. As the guidance notes: "Establishing a definitive record … allows you to effectively assess risks and implement the proportionate security controls. Rather than focusing solely on individual assets, a holistic approach enables you to consider the broader context …"…

Simple Network Management Protocol (SNMP) is a widely used protocol for managing network devices and monitoring system performance. While SNMP provides a convenient way to configure and manage networks, its legacy protocols - SNMPv1 and SNMPv2c - have significant security vulnerabilities that can put your network at risk. In this article, we'll explore the importance of using SNMPv3 and why it's essential for protecting your network from unauthorized access. The Risks of Legacy SNMP Protocols SNMPv1 and SNMPv2c are vulnerable to several types of attacks, including: Community string exposure: In these protocols, community strings are used to authenticate users. If these strings are not properly secured, they can be accessed by unauthorized users, either directly or through phishing attacks. Weak encryption: SNMPv1 and SNMPv2c use weak encryption algorithms, making it easy for attackers to intercept and manipulate data. Lack of authentication: These protocols do not provide robust authentication mechanisms, allowing…

We are proud to share that Patrick Kelley, founder and CEO of Critical Path Security, has been invited to join the Advisory Council of Cybermindz - an organization dedicated to strengthening the mental resilience of cybersecurity professionals. Cybermindz is leading an effort that is as critical as it is overdue: defending our defenders. Through neuroscience-backed approaches and resilience training, they focus on helping cybersecurity operators manage stress, avoid burnout, and sustain clarity in some of the most demanding professional environments. Patrick brings nearly 30 years of frontline experience in IT and cybersecurity to the Advisory Council, along with his longstanding commitment to addressing the mental health challenges that come with this profession. His own journey has reinforced the truth that no amount of technology can succeed without the people who stand behind it. "Cybersecurity is about resilience," Patrick notes. "And resilience starts with people. I'm honoured to contribute to Cybermindz's…

On Thursday, November 20th, at SuriCon 2025 in Montréal, Patrick Kelley, CEO of Critical Path Security and Léargas Security, will deliver a session unlike any other on the agenda: "Mental Health in Cybersecurity: Balancing the Scales." Beyond Dashboards and Packet Captures Cybersecurity is often defined by dashboards, packet captures, and detections. But this talk shifts the focus to the people behind them. For more than 30 years, Patrick Kelley has worked in the trenches-securing critical infrastructure, responding to incidents, and building platforms that protect organizations around the world. Along the way, he has carried invisible wounds: trauma, CPTSD, Bipolar Disorder, and burnout. Rather than hide behind accolades, Patrick will speak openly about the personal costs of this work and the realities that so many in the industry quietly endure. A Raw, Human Conversation This session won't be a therapy lecture or a clinical analysis-it's an honest conversation. Patrick will explore:…