Substack Daily Updates – 5-17-25

Today I published the following on Chemical Facility Security News:

• Review – Public ICS Disclosures – Week of Week of 5-10-25 – Part 1 – A relatively busy Cyber Reporting Week – 23 vendor disclosures – Short version of article published here (premium content) – https://chemical-facility-security-news.blogspot.com/2025/05/review-public-ics-disclosures-week-of.html

• Chemical Incident Reporting – Week of 5-10-25 – 2 incidents – 1 possible CSB reportable – https://chemical-facility-security-news.blogspot.com/2025/05/chemical-incident-reporting-week-of-5.html

• Review – CSB Updates Status of 7 Investigation Recommendations – 5-13-25 – 6 closed and one remains open – Short version of article published here (premium content) – https://chemical-facility-security-news.blogspot.com/2025/05/review-csb-updates-status-of-7.html

• Short Takes – 5-17-25 – Heat pump cybersecurity – CVE security – Natural food colors – Fertility clinic attack – Starship license modifications – https://chemical-facility-security-news.blogspot.com/2025/05/short-takes-5-17-25.html

I posted the following to my social media feeds (X, Mastodon, Substack, and LinkedIn):

• I posted the following in response to a LinkedIn post on security incident reporting for theft of anhydrous ammonia: “The security of these facilities was often regulated (depending in large part on the threat to local neighborhood due to catastrophic release) by the now expired CFATS program. That program required incident reporting to local LEO and/or FBI, but did not require reporting to CISA.”