.svg){kind=spacer}
June 16, 2026
In brief
Dale Peterson argues that Cyber-Informed Engineering is at risk of becoming a strong but underused methodology because it may be too slow, expensive, and comprehensive for many asset owners to adopt in practice. He is not rejecting CIE or related Consequence-Driven Cyber-Informed Engineering concepts, but warns that the approach could lose the momentum and attention it once had if organizations cannot achieve early, visible wins.
Peterson proposes a lighter, more practical version of CIE that can be completed in one person-month or less, using skills already available inside the asset owner’s organization. This “jumpstart” version would focus on high-consequence identification and mitigation, aiming for major OT cyber risk reduction in days or weeks rather than through a full-scale program. He argues that the United States will likely need to prove this simplified approach quickly, because CIE has limited global traction and is competing in Europe with regulatory priorities such as CRA and NIS2.
Source: Dale Peterson / ICS Security Catalyst
