About

“Cybersecurity is applied paranoia”.

I’ve said this a number of times, in different contexts and for different reasons. Whether it’s supply chain security or writing a parser, or anything in between: in every case you need a healthy dose of paranoia to make sure your data is secure and you can fend off the inevitable attacks.

This blog is about cybersecurity and related issues. Some of the posts here will be papers about protocols, in-depth explanations about how certain things work in those protocols, etc. Some of them will be musings about cybersecurity or opinions about something in the news.

I’m a busy man, so don’t expect me to post very often, but do expect me to at least try to make it interesting.

About me

My name is Ronald Landheer-Cieslak. Until recently, I was a software and firmware developer, team lead, and technical product owner (some organizations call this a technical product manager, I don’t care) based in Quebec, Canada. I now spend most of my working hours managing Cloud development and DevSecOps. I mainly work in the power industry, and in industrial automation more generally.

I am a member of the IEEE, and of several working groups within the IEEE, including several cybersecurity-related working groups. I am also a member of IEC TC57 WG15 where I chime in on the various cybersecurity-related standards of the IEC (including most notably IEC 62351-5). Finally, I spend a significant amount of time on DNP3 (IEEE 1815).

In the context of DNP3, I am the Chair of the DNP Test Management Committee, the Vice-Chair of the DNP Technical Committee, the Chair of the DNP Cybersecurity and Secure Authentication Task Force, and the Secretary of the DNP Test Procedures Committee.

In my free time, I write code, and read and write papers about cybersecurity. And I draw.