Paul is the author of Pentesting Industrial Control Systems, we got the chance to sit down with him and find out more about his experience of writing with Packt.
Q: What is/are your specialist tech area(s)?
Paul: Industrial Cyber Security
Q: How did you become an author for Packt? Tell us about your journey. What was your motivation for writing this book?
Paul: After a Bsides event where I designed a Cyber City out of Lego for the CTF, a member of Packt reached and asked if I would be interested in writing a book. It was the perfect storm as I was contemplating it at the time.
Q: What kind of research did you do, and how long did you spend researching before beginning the book?
Paul: I have been involved in the Industry for my entire career, so the content wasn’t new but the process of writing a book was. So I spent my time reviewing material that I have read in the past to help guide my style I guess.
Q: Did you face any challenges during the writing process? How did you overcome them?
Paul: Keeping on schedule was harder than expected, it didn’t help that during this time there were a number of critical cyber events that took place. I had to force myself to carve out time on evenings and weekends to work through it. Also, writers block is a real thing… trying to find motivation when sitting at a blank screen on a sunny Saturday afternoon was hard.
Q: What’s your take on the technologies discussed in the book? Where do you see these technologies heading in the future?
Paul: As Industrial technology slowly migrates to the cloud we will see multitudes of new threat vectors rise up. With this more tools will be born and it will be a constant battle to keep up with the evolution of technology.
Q: Why should readers choose this book over others already on the market? How would you differentiate your book from its competition?
Paul: I would say that most of the competitive books in the Industrial Cyber Security space are focused on the broader picture. They provide great guidance on network architecture, standards that can be adopted, known attacks that are present. My take was more of a hands on deep dive. Try and educate both sides of the convergence IT/OT. IT people can get a feel for the routine tasks and software that OT personnel deal with and the OT people can get an understanding of the networking, segmentation, policies, and other IT associated tasks and equipment that they deal with on a daily basis.
Q. What are the key takeaways you want readers to come away from the book with?
Paul: I would like readers to get a better feeling for how tightly couple IT/OT technology really is. Even though they perform different tasks, they are fundamentally the same under the hood, same bug & patch problems. Simply addressing one side of the house with budget and forgetting about the other is doomed for failure.
Q. What advice would you give to readers learning tech? Do you have any top tips?
Paul: Practice, Practice, Practice. There are so many great resources now that it would be a shame if you didn’t leverage them. I make mention of TryHackMe and HackThe Box in the book, but there are many more. I am always practicing.
Q. Do you have a blog that readers can follow?
Paul: tryhackme.com
Q. Can you share any blogs, websites and forums to help readers gain a holistic view of the tech they are learning?
Paul: It has been an adventure, trying to keep on schedule might have driven some of the editors a little bonkers but aside from that it was a great experience. I would definitely write with them again, which should be a great indication for aspiring authors.
Q. How would you describe your author journey with Packt? Would you recommend Packt to aspiring authors?
Paul: It has been an adventure, trying to keep on schedule might have driven some of the editors a little bonkers but aside from that it was a great experience. I would definitely write with them again, which should be a great indication for aspiring authors.
Q. Do you belong to any tech community groups?
Paul: Redit boards, Slack Chats, CTFtime, TryHackMe, HackTheBox
Q. How did you organize, plan, and prioritize your work and write the book?
Paul: Started with an outline, and just tackled each topic one at a time. We took a few side journeys but ultimately stayed true to the original outline.
Q. What is that one writing tip that you found most crucial and would like to share with aspiring authors?
Paul: Try carving out time each night and write a few hundred words, if you get stuck… go and practice the topic that you are writing about. It might not work for every topic but in my case I would build it out in the lab and then test and write about what I was building.
You can find Paul’s book on Amazon by following this link
