--- title: "Practice — How the work runs" description: "How River Caudle works: embedded engineering capability, not parachuted advisory. No compliance theater, no rip-and-replace. Assess, design, transfer ownership." canonical: "https://rivercaudle.com/practice/" author: "River Caudle" keywords: - OT security engagement - industrial cybersecurity consulting - embedded engineering - capability transfer --- # Practice **I don't sell reports. I build capability. Engagement, not advisory.** A report is a snapshot of someone else's understanding. Capability is yours, and it stays. The work is to leave a plant or a program able to do for itself what it was paying an outsider to do. > **If the engagement ends and your team can't carry it, the engagement failed.** --- ## § 01 — Embedded, not parachuted Parachute consulting drops in, documents the gap, and leaves the gap. I work embedded — alongside the people who run the plant, in their constraints, on their substrate. The deliverable isn't a binder; it's a team that didn't have a capability before and has it now. **How I show up** - **On the floor** — with the controls people, not above them. - **In the constraints** — your uptime, your safety case, your vendors. - **On the record** — decisions written down and owned by you. - **Time-boxed** — a defined end, with capability transferred before it. --- ## § 02 — What I don't do Knowing what to refuse is part of the method. | Not this | This | | --- | --- | | Compliance theater for an audit date | Controls that survive the audit because they're real | | Rip-and-replace of working control systems | Change treated as risk, sequenced deliberately | | Tooling you can't run without me | Tooling you own and can audit | | Findings with no path to closure | A closed loop: find, design, transfer, verify | --- ## § 03 — The shape of an engagement Different programs, same arc. Scope changes; the structure doesn't. - **Assess** — substrate, traffic, ownership reality → a baseline your team can reproduce - **Design** — the network as drawn, not accumulated → a design your team can defend - **Transfer** — your engineers run the method → the method run without me in the room --- ## § 04 — What you keep Practice is doctrine under load. The frameworks are how the work is structured once it's underway. - [SECURE Method](/secure-method/) — IEC 62443, made usable - [SHIP Framework](/ship/) — networks designed, not accumulated - [OT Stability Doctrine](/ot-stability/) — why change is risk - [Reach](/reach/) — scope, fit, and how to start --- *"The deliverable is independence. Everything else is paperwork."* — River Caudle, Houston, Texas