Эпизоды

  • About Todd Beebe: Todd Beebe, a cybersecurity veteran since the early 90s, commenced his journey by thwarting attempts to hack his BBS. His expertise led to pivotal roles with an international organization, securing remote access, fortifying websites, and pioneering firewall deployment. Later, at Ernst & Young, he spearheaded the Attack & Penetration practice in Houston, penetrating Fortune 500 clients and contributing to the precursor of the Hacking Exposed book series. Todd's entrepreneurial spirit thrived as he founded cybersecurity companies, notably inventing the telecom firewall 'TeleWall' and the web application firewall 'eServer Secure,' holding nine US patents. His career includes fortifying the White House and Pentagon against cyber threats and building cybersecurity programs for multiple Fortune 500 organizations.

    In this episode, Aaron and Todd Beebe discuss:

    Their journeys into cybersecurity careersNavigating the convergence of IT and OT securityFinding common ground and overcoming historical hurdlesShared labs for enhanced understanding and effective problem-solvingCybersecurity challenges in critical infrastructure

    Key Takeaways:

    In addressing cybersecurity challenges, it's crucial for IT and OT teams to collaborate closely, recognizing that the threat landscape targets common denominators such as IP addresses, ports, and Windows systems, and adopting a unified approach to securing both environments is essential in the evolving landscape of cyber threats.In navigating the convergence of IT and OT, the key lies in recognizing the shared technological foundation, fostering collaboration to merge expertise, and dispelling the misconception of a takeover, ultimately shifting the focus from being adversaries to allies in the pursuit of a secure and efficient operational landscape.Fostering collaboration between IT and OT teams through shared advisory roles, regular communication, and the establishment of a collaborative lab environment not only enhances technical expertise but also builds trust, camaraderie, and a common language, ultimately contributing to a more resilient and stable organizational infrastructure.While Todd is excited about the increasing diversity of people entering the cybersecurity field, he expresses concern about the SEC's decision to hold CISOs accountable for breaches and emphasizes the challenge of training junior analysts to effectively identify and respond to cyber threats in the evolving landscape. 

    "I'm ready to continue learning. I believe that's the most important part for anyone in cybersecurity. It's whether they have that mindset: it's not failure, it's learning. If we can get that into the mindsets of the next generation, I think then we've done what we needed to do." — Todd Beebe

     

    Connect with Todd Beebe:  

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/in/toddbeebe/

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

  • About Ron Fabela: Ron Fabela, a seasoned cybersecurity professional with over 20 years of experience, specializes in safeguarding Industrial Control Systems (ICS) and Operations Technology (OT). Currently serving as the Field CTO at XONA, Ron leads initiatives to establish secure industrial access, ensuring safe operations for asset owners globally. With a background rooted in hands-on experience across diverse critical infrastructure sectors such as power generation, offshore oil, and refineries, he excels in overcoming industry-specific challenges and possesses a unique skill set to articulate technical and business concepts effectively to a broad audience.

    In this episode, Aaron and Ron Fabela discuss:

    Adopting secure remote access in OT as an operational requirementThe complex landscape of active scanning in ICSBuilding trust and bridging the gap between cybersecurity and OTBalancing innovation, risk, and security in a changing landscape

    Key Takeaways:

    In the dynamic world of ICS, securing remote access is not just a cybersecurity necessity but a practical operational requirement, as witnessed through the evolution from air gaps to accepted industry practices, embracing the concept of zero trust while facilitating secure access is not only a cybersecurity feat but a collaborative effort aligning operational needs with stringent security measures.The shift from passive to active scanning is crucial for effective threat detection and asset visibility; while skepticism persists, bridging the gap between security and operations through trust-building and advocacy is essential to navigate the challenges and seize the opportunities in securing critical infrastructure.To establish trust and enhance cybersecurity in operational environments, genuine collaboration, understanding the challenges of control system engineers, and acknowledging small victories are crucial steps toward securing critical infrastructure and ensuring operational resilience.The future of industrial cybersecurity brings excitement and concern with the shift to advanced systems like cloud, edge, and virtualization, offering scalability but inheriting a substantial attack surface. This underscores the importance of a strategic security approach in this evolving landscape. 

    "I appreciate where I'm at. That's why I stay in the community. I don't think I could ever go back to enterprise and have that same feeling of mission and importance without letting it get to you. Early on, a lot of us were like, "We're saving the world." It's like, "No, no, no. We're just trying to help people, and we're helping ourselves in the process." That's why I love the community." — Ron Fabela

     

    Connect with Ron Fabela:  

    Email: [email protected] (unofficial business) & [email protected] (official business)

    LinkedIn: https://www.linkedin.com/in/ronniefabela/

    Twitter: https://twitter.com/ron_fab

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • Пропущенные эпизоды?

    Нажмите здесь, чтобы обновить ленту.

  • About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.

    In this episode, Aaron and Dan Gunter discuss:

    Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant’s report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OT

    Key Takeaways:

    In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions.

    "I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter

     

    Connect with Dan Gunter: 

    Website: https://insaneforensics.com/ 

    Email: [email protected]

    YouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPA

    LinkedIn: https://www.linkedin.com/in/dan-gunter/

    Twitter: https://twitter.com/insaneforensics

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Thomas VanNorman: Thomas VanNorman, a seasoned professional with almost three decades of experience in OT, is currently leading the CyPhy Product group at GRIMM. His primary focus involves securing Industrial Control Systems and networking within this domain. Additionally, Tom is a co-founder of the ICS Village, a 501(c)(3) non-profit organization dedicated to Control System security and awareness, where he has volunteered for almost a decade. Tom retired from the Air National Guard after serving in Cyber Warfare Operations, capping off a diverse career that included working on airplane control systems for 12 years.

    In this episode, Aaron and Thomas VanNorman discuss:

    Starting up The ICS VillageNavigating the world of industrial control systemsAddressing the unique challenges of OT securityThe chicken and egg dilemma in industrial cybersecurityInsights from recent SEC actions and the role of CISOs in risk acceptance

    Key Takeaways:

    The ICS Village, founded eight years ago, focuses on educating and raising awareness about industrial control systems (ICS) and their security, using conferences, events, and roadshows to provide hands-on experiences, non-sales discussions, and tabletop exercises, with a mission to bridge knowledge gaps, address terminology variations, and emphasize the importance of both old and new threats in the ICS space.Addressing cybersecurity challenges in the OT space, particularly with aging technology, requires a unique approach due to potential impacts on production and safety, leading to the launch of a four-year apprenticeship program initially targeting veterans to bridge the skills gap.Navigating the challenges of cybersecurity in industrial settings requires a blend of technical expertise, an understanding of operational processes, and effective risk communication, as demonstrated by the importance of bridging the gap between IT and OT and addressing vulnerabilities in a context-specific manner.In the ever-evolving landscape of cybersecurity, the role of CISOs is becoming increasingly crucial, with recent legal actions targeting them personally; however, it's essential to recognize that CISOs often lack the executive power to make decisions, highlighting the need for a shift in organizational dynamics and a deeper understanding of the risks being accepted.

    "Our role as technologists is to explain the facts: Why does this matter? What happens if you fix it? What happens if you don't fix it? It may cost millions of dollars to fix it. It might be for an air handler that operates the warehouse, which doesn't matter much. Or it could be an air handler for that warehouse that does matter because it has to be climate-controlled. Things go south quickly. It's the same piece of hardware, the same piece of technology, but with different applications." — Thomas VanNorman

     

    Connect with Thomas VanNorman:  

    Email: [email protected]

    Website: https://www.icsvillage.com/

    LinkedIn: https://www.linkedin.com/in/thomasvannorman/

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Don C. Weber: Don C. Weber is the Principal Consultant and Founder of Cutaway Security, LLC, an information security consulting firm based in Texas. With a master's degree in network security and a Certified Information Systems Security Professional (CISSP) certification, Don has a wealth of expertise gained over two decades. As a seasoned leader, he has spearheaded large-scale incident response efforts, overseen the certification and accreditation of classified federal and military systems, and managed distributed security teams safeguarding mission-critical Navy assets. A prolific contributor to open-source projects in the realm of information security and incident response, Don focuses his current efforts on assisting organizations in fortifying their critical infrastructure and operational technology environments through comprehensive vulnerability evaluations and strategic security solutions.

    In this episode, Aaron and Don C. Weber discuss:

    Navigating the convergence of IT and OT in cybersecurityAddressing the gray area in OT and IT collaborationEnhancing cybersecurity in control systemsEmbracing cloud technology in ICS security

    Key Takeaways:

    Understanding the distinct languages, processes, and incident response approaches between IT and OT is crucial for effective cybersecurity in the evolving landscape, requiring a collaborative baseline to ensure efficient communication and decision-making during critical incidents.The integration of OT and IT in cybersecurity strategies is crucial, and addressing the often overlooked gray area between these domains requires proactive collaboration, communication, and education to bridge the gap and ensure a comprehensive approach to security measures.The integration of cybersecurity measures in control systems requires a holistic approach, involving clear requirements, collaboration between IT and OT experts, and a shift from the traditional "we've always done it this way" mindset to address evolving challenges and ensure the resilience and safety of critical infrastructure.As industries rapidly transition to cloud-based solutions, failure to integrate IT and OT teams, train IT professionals about OT, and prepare for potential vulnerabilities in cloud services can lead to increased costs, heightened risks, and a competitive disadvantage in the evolving landscape of ICS security.

    "Does the OT side understand anything about cloud? No, that's not their job. Whose job is it? It's the job, right now every company has an IT admin or an IT team, a full team for managing cloud within the corporate environment. If you don't accept, if you don't allow some leadership people from those teams in and start building out your cloud team, you're going to quickly fall behind the times, you're going to be deploying solutions that are vulnerable to remote attacks." — Don C. Weber

     

    Additional Resources:

    SANS Industrial Control Systems Security: https://www.sans.org/industrial-control-systems-security/

    ICS Village: https://www.icsvillage.com/

    Connect with Don C. Weber:  

    Email: [email protected]

    Website: https://www.cutawaysecurity.com

    LinkedIn: https://www.linkedin.com/in/cutaway/

    GitHub: https://github.com/cutaway-security

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Ron Brash: Ron Brash, a renowned figure in ICS/OT cybersecurity and embedded vulnerability research, garnered acclaim as the recipient of the Top 40 under 40 award for Engineering Leaders 2020 from Plant Engineering. Serving as the VP of Technical Research & Integrations at aDolus Technology Inc., Ron aligns his passion for ICS/OT security by leveraging his extensive experience in advising major asset owners across industries such as oil & gas, manufacturing, energy, and aviation. His notable achievements include playing a pivotal role in creating datasets for the S4 ICS Detection Challenges, reflecting his commitment to advancing industry standards and fostering innovation in cybersecurity.

    In this episode, Aaron and Ron Brash discuss:

    Understanding and managing vulnerabilities in OT systemsBalancing risk, detection, and recoveryExploring the intersection of cybersecurity, business risk, and vendor collaborationNavigating challenges in industrial networks

    Key Takeaways:

    In the complex world of industrial cybersecurity, understanding and managing vulnerabilities is like conducting a home inspection or maintaining a car—focus on what matters most, prioritize based on critical assets, and approach it with a measured, pragmatic strategy rather than panicking in the face of a long list of issues.Achieving zero incidents is an unrealistic goal, and the focus should shift towards proactive detection, deflection, and defense, along with a robust recovery plan, emphasizing the importance of people, processes, and technology, particularly in the context of evolving technologies and complex vendor landscapes.The key to cybersecurity success lies in translating technical intricacies into tangible business value, effectively correlating cyber and architectural considerations to business risk, as demonstrated by a strategic approach involving transparency, attestation, and collaboration with vendors, ultimately leading to improved security measures and operational efficiency.Navigating the challenges of aging industrial systems, transparency issues in software development, and evolving threat landscapes underscores the crucial importance of a collaborative community effort to ensure the resilience and security of critical infrastructure in the face of emerging threats.

    "Some are very forward-leaning and some believe in the democratization of data, and some are more old school and don't want to share a thing. Within the realm of business, and to be truly fair, no business is homogenous. So, there are different business units that might be more modern and more open facing, and others that are like, don't touch this because you don't know what other industries we're working in." — Ron Brash

     

    Connect with Ron Brash:  

    Email: [email protected]

    Website: www.adolus.com

    LinkedIn: https://www.linkedin.com/company/adolus & https://www.linkedin.com/in/ronbrash/

    Twitter: https://twitter.com/ron_brash

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Michael Holcomb: Michael Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, a prominent engineering, procurement, and construction company. In his current role, he focuses on securing vast ICS/OT environments, ranging from power plants and commuter rail to manufacturing facilities and refineries. Currently pursuing his Master’s thesis on Programmable Logic Controllers' attack surface with the SANS Technology Institute, he holds multiple cyber security and ICS/OT certifications like CISSP, GRID, GICSP, GCIP, GPEN, GCIH, and ISA 62443. Beyond his professional endeavors, he founded the UpstateSC ISSA Chapter and BSides Greenville conference, and authored and taught cyber security courses at Greenville Technical College, earning him the CyberSC’s MG Lester D. Eisner Award for Cyber Excellence in Leadership for South Carolina in 2023.

     

    In this episode, Aaron and Michael Holcomb discuss:

    ○    Closing the IT-OT skills gap in cybersecurity

    ○    Navigating the path to cybersecurity expertise

    ○    The intersection of OT cybersecurity and networking

    ○    The evolving landscape of OT cybersecurity

     

    Key Takeaways:

    ○    Bridging the gap between IT professionals learning to think like engineers and OT specialists embracing cybersecurity not only enhances collaboration but also strengthens our ability to secure critical infrastructures, a journey that demands time, dedication, and a shared commitment to a safer digital future.

    ○    Embracing a multidisciplinary approach and fostering collaboration between IT and OT professionals, along with hands-on experience and continuous learning, is the key to breaking into the rapidly evolving field of cybersecurity, transforming passion and knowledge into practical expertise.

    ○    Mastering networking fundamentals is the key to bridging the gap between IT and engineering, enabling the design of resilient systems that prevent costly operational disruptions, and emphasizing the need for continuous learning and collaboration in this dynamic field.

    ○    The integration of IT technologies into OT without adequate expertise has led to vulnerabilities; expecting OT professionals to handle cybersecurity is akin to asking a plumber to do electrical work. While progress is being made, the industry must prepare for a potentially catastrophic event to truly acknowledge the importance of cybersecurity in OT.

    "One of the things that's sad to me about the OT cybersecurity industry, and this even goes for folks that are new to the industry and even some of the old players that have been out there for 20, 30, maybe 40 years plus, is that there's still, in some respects, not a lot of concern around what it's going to take for people to take cybersecurity and OT seriously. And so there's going to be that event one day, where people are going to die, right? That is going to finally force people to take cybersecurity and OT seriously." — Michael Holcomb

     

    Connect with Michael Holcomb: 

    Email: [email protected]

    Website: www.fluor.com

    LinkedIn: www.linkedin.com/in/mikeholcomb

    YouTube: https://www.youtube.com/@utilsec

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

     

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

     

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Kayne McGladrey: Kayne McGladrey, CISSP, is a seasoned cybersecurity expert with over twenty-five years of experience and a senior member of the IEEE. As the field CISO for Hyperproof, he specializes in advising companies on upholding the implicit social contract to protect entrusted data. Kayne's transformative leadership has been instrumental in implementing robust security measures, disaster-recovery systems, and compliance standards, earning him recognition as a spokesperson for IEEE's Public Visibility Initiative and a prominent media presence. Additionally, his dedication to fostering diversity in cybersecurity has led him to develop educational programs and build effective teams, showcasing his commitment to expanding opportunities in the field.

    In this episode, Aaron and Kayne McGladrey discuss:

    Strategic alignment of cybersecurity with business riskNavigating the changing landscape of cybersecurityEmpowering CISOs in the evolving landscape of cybersecurityThe challenges and opportunities of generative AI

    Key Takeaways:

    The key to a successful cybersecurity strategy lies in reframing it as a business imperative, focusing on aligning security efforts with business risks, engaging with cross-functional teams, proactively obtaining certifications, and leveraging control design expertise, ensuring a competitive advantage and effective risk management beyond mere compliance and technology concerns.In today's dynamic cybersecurity landscape, CISOs must continually reassess their controls and their alignment with business risks, while also considering the personal liability they bear, making succession planning and strategic adaptability vital for maintaining effective security programs.The role of a CISO is crucial, yet often misunderstood; empowering and respecting CISOs' authority is essential to effectively manage cyber risks and avoid potential disasters, as generic approaches and AI-driven risk registers fall short of addressing the unique challenges faced by businesses.In a world where cybersecurity threats are inevitable, the key lies in fostering resiliency rather than aiming for an unattainable zero-risk goal; while a lot are excited about the potential of education and automation, the lack of regulatory control over generative AI poses a daunting challenge, risking societal upheaval and economic unrest.

    "If we don't decide to manage the economic impacts of artificial intelligence, potentially a lot of industries could be at least partially automated. And that has the potential for a lot of social arm where people just don't have jobs. And when you get people who are automated out of a job, what are they going to go do? They're going to do something that everybody can do fine, but it doesn't pay well. Like you end up going and driving for a living or doing deliveries for a living. And you end up with a highly educated workforce that is unhappy. That's like a recipe right there for civil unrest." — Kayne McGladrey

     

    Connect with Kayne McGladrey:  

    Email: [email protected]

    Website: https://hyperproof.io

    LinkedIn: https://www.linkedin.com/in/kaynemcgladrey/

    YouTube: https://www.youtube.com/@hyperproof

    Twitter: https://twitter.com/kaynemcgladrey

    Kayne will be speaking at the GPSEC Columbus next week: https://go.guidepointsecurity.com/2023_11_14_GPSEC_Columbus_NC_01-Registration-Page.html

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About John Cusimano: John Cusimano is a seasoned business and thought leader, boasting over 30 years of expertise in process control, functional safety, and operational technology (OT) and industrial control systems (ICS) cybersecurity. With a track record of conducting numerous OT cybersecurity vulnerability assessments, he has played a pivotal role in establishing cybersecurity programs for numerous companies. As a prominent member of the ISA 99 cybersecurity standards committee, he chaired the subcommittee responsible for crafting the ISA/IEC 62443-3-2:2020 standard and developed multiple training courses on OT cybersecurity, showcasing his extensive knowledge and influence in the field.

    In this episode, Aaron and John Cusimano discuss:

    The challenges of quantifying risk in OT environmentsPrioritizing cybersecurity risks and cybersecurity measures in industrial control systemsIdentifying critical operational risks and mitigation strategies in industrial environmentsNavigating risks and embracing opportunities in the face of technological advancements

    Key Takeaways:

    Understanding the complex interplay between physical and cyber risks is crucial; utilizing structured frameworks like the ISA 62443 Standard not only provides a starting point for overwhelmed organizations but also emphasizes the importance of tailoring security measures to the specific, high-impact vulnerabilities unique to each facility.Prioritizing industrial cybersecurity involves breaking down complex systems, evaluating specific vulnerabilities, and engaging in focused discussions between experts and business stakeholders to identify critical risks, ensuring an effective security strategy.In cybersecurity assessments, identifying and prioritizing risks is crucial; often, seemingly small oversights, like unsecured backups, flawed file transfer mechanisms, or unchecked permissions in asset management systems, can lead to significant vulnerabilities, emphasizing the need for comprehensive evaluation and proactive measures in securing critical infrastructure.In the rapidly evolving world of control systems and cybersecurity, the key is to understand and manage risk rather than striving for absolute security, while also embracing technological advancements with caution and vigilance.

    "The other approach that a lot of people take is just piling on every security control out there. And that's also not tenable either long term. Sometimes it's actually counterproductive to security because every tool you put in has access." — John Cusimano

     

    Connect with John Cusimano:  

    Email: [email protected]

    Website: www.armexa.com

    LinkedIn: https://www.linkedin.com/in/john-cusimano-icssec/ & https://www.linkedin.com/company/armexa

    John will be speaking at the 18th Annual API Cybersecurity Conference for the Oil and Natural Gas Industry next week: https://events.api.org/18th-annual-api-cybersecurity-conference-for-the-oil-and-natural-gas-industry

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Eric Smith: Eric Smith is a dedicated Security Management Consultant and the founder of Business Karate, LLC, a Colorado-based company specializing in security planning and strategic development for organizations. With over a decade of experience in law enforcement, Eric is passionate about aligning security measures with business needs and has transitioned his expertise into healthcare security management, where he focuses on long-term strategic planning and enhancing workplace violence prevention programs. He is also an accomplished author, with his latest book titled "Workplace Security Essentials."

    In this episode, Aaron and Eric Smith discuss:

    The complex landscape of physical securityNavigating the intersection of physical and cybersecurity The importance of organizational culture in promoting security and reporting incidentsIntegrating AI in physical security

    Key Takeaways:

    Establishing robust security goes beyond physical barriers and gadgets; it's a holistic approach integrating people, processes, and technology, fostered by leadership support and a vigilant workforce, ensuring a proactive, not reactive, security culture.In implementing effective security measures, constant evaluation and willingness to challenge established norms are vital; experienced professionals bring a critical eye, noticing overlooked details like misplaced cameras or flawed staffing strategies, highlighting the need for continuous improvement and outside perspectives.A strong organizational culture, driven from the top down and bolstered by employees' confidence in their security team, is the key to encouraging timely reporting of security incidents, bridging the gap between physical and cyber security realms and ensuring comprehensive protection against potential threats.Empowering employees to be vigilant and proactive in security measures is crucial, as advancements in integrated technologies and AI bring both promising solutions and potential risks, shaping the future of physical and cyber security.

    "I think people are really starting to be more aware of the risk of workplace violence. So I think we're going to start seeing more training around that and hopefully good training, not just the kind of pencil-whipping lip service that too often happens, but something that's really going to benefit people that might find themselves in a bad situation at work." — Eric Smith

     

    Connect with Eric Smith:  

    Email: [email protected]

    Website: www.businesskarate.com

    LinkedIn: https://www.linkedin.com/in/ericsmithcpp/

    Workplace Security Essentials: A Guide for Helping Organizations Create Safe Work Environments: https://www.amazon.com/Workplace-Security-Essentials-Organizations-Environments/dp/0124165575

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

  • About Nick Tsamis: Nick currently serves as Department Chief Engineer within the Cybersecurity Infrastructure Protection Innovation Center (CIPIC) at The MITRE Corporation where he works to develop strategies for protection against emerging threats on critical infrastructure. Nick led the technical efforts for the first release of Caldera for OT. He holds degrees in computer science and aerospace engineering, and resides in Honolulu, HI.

    In September, MITRE and CISA announced that MITRE Caldera™ for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology (OT).

    Our nation’s critical infrastructure—including public transportation, commerce, clean water, and electricity—relies on operational technology, but that technology often has weak security spots. Caldera for OT empowers security teams with new tools to help ensure the safe and secure function of critical infrastructure, thus improving our nation’s resiliency posture.

    Caldera for OT is now available on GitHub. As an open-source platform, Caldera for OT will continue expanding to new environments, protocols, and attacks. MITRE partnered with CISA through the HSSEDI (Homeland Security Systems Engineering and Development Institute) to develop the first set of modules and continues to work internally, with CISA, and other organizations to develop and release the next set of Caldera for OT open-source modules.

    In this episode, Aaron and Nick Tsamis discuss:

    Creating a common vernacular and building risk-appropriate solutionsStandardizing cybersecurity practices in OT environmentsEnhancing OT security through customized Red Team assessments and protocol familiarizationNavigating the intersection of human expertise and machine learning in cybersecurity

    Key Takeaways:

    In bridging the worlds of IT and OT cybersecurity, the key is establishing a common language, understanding the crucial emphasis on availability and safety, and developing tools like Caldera to operate within OT protocols, ultimately shifting towards a balanced risk appetite in the industrial control sector.The adoption of Caldera for OT marks a transformative shift in cybersecurity testing, enabling standardized, real-world simulations in operational environments, bridging the IT-OT gap, fostering collaborative language, and empowering organizations to take calculated, transparent steps toward robust cyber defense strategies.Effective communication, trust-building, and tailored red teaming activities in OT environments empower teams to ask critical questions, understand protocols deeply, and conduct standardized tests, enhancing detection and asset identification, reducing barriers, and strengthening internal security.In the evolving landscape of OT and cybersecurity, we must harness the power of machine learning to assist human operators while maintaining vigilance in verifying the trustworthiness of data to avoid misinformed actions.

    "Misinformation is a real thing, and if we're not trusting the information that's being provided at real time, the actions that I'm taking from a cybersecurity perspective may potentially do more harm than good." — Nick Tsamis

     

    Connect with Nick Tsamis:  

    Mitre Blog: https://medium.com/@mitrecaldera

    Mitre Email: [email protected]

    Website: https://www.mitre.org/

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/in/nicktsamis/

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Chris Bihary: Chris Bihary is the CEO and Co-Founder of Garland Technology, a leading USA-based manufacturer specializing in Network TAPs, Network Packet Brokers, Hardware Data Diodes, and Inline Bypass solutions. With a rich background spanning over 30 years in IT and OT cybersecurity, Chris has fostered collaborative partnerships with tech firms to guarantee robust network performance and security across various industries. His entrepreneurial journey began by owning an IT reseller focused on constructing 9-1-1 call center network infrastructure, sparking his lifelong commitment to ensuring the resilience of all networks.

    In this episode, Aaron and Chris Bihary discuss:

    Leveraging TAPs for independent, reliable, and unintrusive network monitoringOptimizing network security and operational efficiencyExploring the importance of data diodes in critical infrastructure environmentsChallenges and exciting developments in OT environments

    Key Takeaways:

    Implementing TAPs in OT networks offers a secure, independent, and foolproof method of monitoring critical assets, ensuring 100% packet capture and reducing the risks associated with relying solely on traditional methods like SPAN ports, making it essential for robust and reliable network security.In navigating the complexities of network security, the key lies in strategically deploying purpose-built tools like data diodes and aggregators, ensuring comprehensive packet inspection without overwhelming IT staff; finding the delicate balance between data capture and streamlined management is the linchpin to effective and efficient cybersecurity.Building a secure network foundation, tapping into live data, ensuring compliance without vulnerabilities, and centralizing access are vital for successful tech implementation in critical infrastructures, fostering adaptability and innovation in today's rapidly changing tech landscape.Simplicity and ease of implementation are not just preferences, they're essential requirements; in an industry where awareness is growing, skilled personnel are scarce, and regulations are tightening, the ability to deploy robust, effective solutions quickly and efficiently is the linchpin to securing critical infrastructures worldwide.

    "Some really good high tech companies that were never in OT are coming into OT and they're getting their folks trained up. They're educating them and this is super positive for our space. So I'm excited that the awareness is there and more and more people know they have to move forward. More people are getting involved in this space and I'm just looking forward to being part of it and seeing how we can help companies get their network secure, resilient, and reliable, and work with great companies." — Chris Bihary

     

    Connect with Chris Bihary:  

    Website: www.garlandtechnology.com

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/company/garland-technology-llc/ and https://www.linkedin.com/in/chrisbihary/

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

  • About Raphael Arakelian: Raphael Arakelian is a distinguished figure in the field of cybersecurity, serving as a manager within PwC Canada's OT & IoT cybersecurity team. With a national leadership role, he directs PwC Canada's efforts in OT monitoring implementation services, overseeing proof-of-concept evaluations and implementations across diverse industries. Raphael's unwavering commitment to securing critical infrastructure and industrial systems against cyber threats showcases his profound passion for advancing OT monitoring technology and staying at the forefront of cybersecurity innovation.

    In this episode, Aaron and Raphael Arakelian discuss:

    Evaluation OT security solutions beyond technological featuresMaturing implementation considering technical requirements, business requirements, and organizational factorsExploring the integration of active scanning in OT cybersecurity protocolsAchieving comprehensive OT asset management and cybersecurity monitoringBridging the gap between OT and cybersecurityThe evolving role of OT cybersecurity

    Key Takeaways:

    To build a robust OT cyber monitoring program, organizations must embrace a collective approach involving a combination of tools, people, active and passive methods, and meticulous asset inventory management to enhance their security posture in an evolving threat landscape.In the world of OT cybersecurity, it's not enough to simply have tools; success hinges on a meticulous understanding of assets, ongoing monitoring, and a proactive approach to vulnerabilities, even if achieving 100% coverage remains elusive.It's crucial to move beyond black-and-white thinking, embrace active scanning safely, involve vendors collaboratively, and establish hybrid roles to take ownership and advance visibility for more robust OT cybersecurity practices.In the next 5 to 10 years, we'll witness a pivotal shift towards more comprehensive and collaborative OT cybersecurity practices, embracing advanced monitoring technologies and the active involvement of OEMs, as the critical importance of safeguarding operational technology becomes increasingly evident.

    "Most of the time, it's too much of a burden to be able to take care of the technology parts, but also influence on both sides the culture to be able to have a successful OT cyber program." — Raphael Arakelian

     

    Connect with Raphael Arakelian:  

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/in/raphael-arakelian/

    Raphael will be presenting a paper at S4 this March 2024 around active scanning of OT PLCs: https://s4xevents.com/page/4/?et_blog

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Jonathan Tubb: Jonathan Tubb is a seasoned cybersecurity expert, renowned for his proficiency in crafting innovative solutions to address the most pressing security issues in the power generation sector. With a background in Computer Engineering from Ohio State University and a Professional Engineer (P.E.) license, he has over 15 years of hands-on experience. Currently serving as the Director of Industrial Cyber and Digital Security at Siemens Energy, Inc., Jonathan also imparts his knowledge as a lecturer for a master's course in Operational Technology Cyber Security at Duke University's Pratt School of Engineering.

    In this episode, Aaron and Jonathan Tubb discuss:

    Navigating the evolving landscape of OT cybersecurityImplementing cybersecurity measures for small modular reactors in the energy industryCross-disciplinary expertise in OT cybersecurity and the need for specialized training programsThe future of IT-OT convergence

    Key Takeaways:

    In the evolving landscape of industrial cybersecurity, the shift from minimal compliance to recognizing the real-world impact and the urgent need for cross-training in IT and OT is crucial to bridging the knowledge gap and securing critical infrastructure effectively.As the energy industry progresses with new technologies like small modular reactors, the existing regulatory frameworks and cybersecurity practices face challenges in adapting to these changes, highlighting the need for flexible and scalable cybersecurity solutions in critical infrastructure.In the complex world of OT cybersecurity, the key to success lies in having the right people with a deep understanding of both engineering and cybersecurity, bridging the gap between the two worlds to protect critical infrastructure and ensure reliability in an ever-evolving landscape.The future of IT/OT convergence holds both excitement and concern, as the integration of these systems could lead to unprecedented efficiencies and insights, but a heavy-handed approach may risk pulling the plug on progress, hindering the potential benefits for both cybersecurity and operations.

    "I hope that the outcome of all this is positive for both sides of the industry, for practitioners, for the business side, like I see a destination where cybersecurity and operations are holding hands, skipping through a field." — Jonathan Tubb

     

    Connect with Jonathan Tubb:  

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/in/jonathan-tubb

    Hackers Teaching Hackers Event: https://www.hthackers.com

    GridSecCon 2023: https://www.nerc.com/pa/CI/ESISAC/Pages/GridSecCon.aspx

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Josh Varghese: Josh Varghese, founder of Traceroute, is a seasoned industrial networking expert who has dedicated himself to serving the dynamic industrial/OT market. With nearly a decade of experience as a technical lead at Industrial Networking Solutions, where he established their technical support and application engineering department, Josh cultivated a deep understanding of the industry. He now leads Traceroute, offering a comprehensive suite of services including consulting, design, solution architecture, and more, while maintaining invaluable relationships with clients and vendors forged during his career.

    In this episode, Aaron and Josh Varghese discuss:

    Navigating vendor dependence and networking complexity in industrial environmentsOvercoming resistance to technology advancements in industrial settingsThe challenges of IT-OT convergence and the importance of OT knowledge transferThe importance of empathy and collaboration in an SDN-driven future

    Key Takeaways:

    In the world of industrial networking, the critical importance of bridging the gap between vendors, asset owners, and complex OT environments becomes glaringly evident, as a lack of expertise and responsibility often leads to network disasters and production outages, emphasizing the need for specialized support and education in this field.Getting burned by poorly configured solutions in the industrial technology realm has led to a reluctance to embrace advancements; however, with proper configuration and understanding, these advancements can be highly beneficial.Bridging the gap between IT and OT, and improving basic understanding of network concepts, is crucial for overcoming resistance to new technology adoption and ensuring operational resilience in a world where automation and physical processes intersect in every aspect of business.In the evolving landscape of IT and OT collaboration, the key to success lies in fostering understanding, empathy, and effective communication between the two sides, rather than imposing complexity or hierarchies, while emerging technologies like SDN offer promise but must address the challenge of simplifying network management in the OT space.

    "So much of what has happened in the last five to ten years in our space has been around wanting to look at lateral traffic movement or visibility to more traffic. And it's all been very difficult to accomplish because the architecture and the technology available in traditional networking makes it so. You and I have talked about wanting to fast forward to a scenario with sensors in the switch, full visibility, and all this stuff. SDN gets us there like in the snap of a finger." — Josh Varghese

     

    Connect with Josh Varghese:  

    Website: www.traceroutellc.com

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/in/varghesejm

    Traceroute’s OT networking training in Dallas-Fort Worth on February 8-9, 2024:

    https://www.traceroutellc.com/s/Traceroute-DFW-Training-Flyer.pdf

    The best (or arguably “worst”) kept secret in OT networking is Software Defined Networking: https://www.linkedin.com/posts/varghesejm_industrialnetworking-otnetworking-otsdn-activity-6963503182421377024--52t/

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Fred Gordy: Fred Gordy is a pioneering figure in the SmartBuilding industry, with two decades of expertise in developing and implementing secure control systems for Fortune 500 companies across the globe. A trailblazer in addressing the inherent cybersecurity risks posed by control system technology, he has authored over 100 articles on building control cybersecurity, with his insights featured in prominent publications like the Wall Street Journal, CNBC, and healthcare journals. Fred's extensive knowledge and commitment to the field have led him to develop cutting-edge control system cybersecurity assessment methodologies and tools, while also serving as a technical advisor on various industry boards and holding multiple certifications in control technology.

    In this episode, Aaron and Fred Gordy discuss:

    The critical intersection of convenience and cybersecurity in modern infrastructure and control systemsBuilding cybersecurity certifications and their impact on commercial real estateOvercoming cultural barriers in implementing cybersecurity measures for critical infrastructureThe importance of people-centered approaches in business and cybersecurity

    Key Takeaways:

    In the ever-evolving world of technology and cybersecurity, the importance of resilience and adaptability shines through, reminding us that regardless of the specifics, whether it's elevators, critical infrastructure, or complex IT systems, preparedness and proactive action matter most when unexpected challenges arise.Achieving bronze, silver, or gold certification levels is all about tailoring your security measures to the criticality of your building, ensuring that you're prepared to safeguard your occupants and assets accordingly, whether you're running a standard commercial office space or housing national security agencies.In building cybersecurity, addressing the foundational questions of what you have, how it's connected, and who has access is crucial to building trust and resilience, even if it means challenging established cultural norms and embracing new technologies.Embrace the power of compromise and understanding, for it's not about being right or wrong, but about collectively navigating the complex landscape to reach our desired destination, one step at a time, even as new technological challenges loom on the horizon.

    "In the IT world, everything is CIA: confidentiality, integrity, and availability. In our world, you know, availability's number one. So confidentiality was never taken into account. So now you've got all of these systems being connected together as highly available as possible." — Fred Gordy

     

    Connect with Fred Gordy:  

    Website: https://mbakerintl.com/en/

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/in/fredgordy/

    Twitter: https://twitter.com/FGordy

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

  • About Matthew Scott: Matthew Scott is a technical leader with over three decades of experience in industrial automation, specializing in the design, deployment, and maintenance of cutting-edge SCADA systems across critical infrastructure sectors such as transit, oil & gas, energy, and water/wastewater. His expertise spans a wide range of hardware and software platforms. A trailblazer in cybersecurity, Matthew's contributions extend beyond his role as an OT security professional, as he has authored peer-reviewed publications and presented at technical conferences. With a commitment to fostering innovation and promoting a "Fail Fast, Fail Forward" ethos, he leads cross-functional teams in the development of secure and resilient industrial control solutions that ensure the reliable delivery of essential services.

    In this episode, Aaron and Matthew Scott discuss:

    Implementing security by design in legacy industrial control systemsEnhancing OT cybersecurity through code quality and dynamic rule setsA step-by-step approach to improve cybersecurity and system resilienceBalancing regulations and technological advancements in OT cybersecurity

    Key Takeaways:

    The crucial strategy for securing OT involves a holistic approach, combining identification of exploits, rule creation, and integrated defensive programming within system design to counter malicious actions and ensure process reliability and security, moving beyond mere patching or hardware replacements.In the rapidly evolving landscape of OT cybersecurity, the fundamental importance of well-disciplined code and comprehensive input validation is resurfacing as a potent strategy, enabling organizations to proactively mitigate a substantial portion of vulnerabilities and exploits, with the potential for machine learning to dynamically adapt and reinforce security measures over time.Recent progress in system security has shifted from insecure designs to security-focused thinking, bolstering code against vulnerabilities in complex environments, yet the challenge remains in safeguarding legacy systems and maintaining uniform standards.Amidst the focus on looming threats, the key lies in addressing foundational cybersecurity concerns, highlighted by upcoming regulations for industrial control systems, while cautioning against prioritizing advanced tech over resolving core technical issues.

    "I don't necessarily see that AI is gonna make malicious actors more prevalent and more powerful. But I think we're gonna see the emphasis move to that. So until we have a regulation that forces us to clean up our code and be disciplined, we're gonna see organizations go out and spend money." — Matthew Scott

     

    Triton Malware Exploited Zero-Day in Schneider Electric Devices: https://www.securityweek.com/triton-malware-exploited-zero-day-schneider-electric-devices/

    Connect with Matthew Scott:  

    Learn how to protect your ICS with PLC defensive programming techniques! Join Matthew and his colleague Tyler Lentz at the INCOSE Western States Regional Conference: https://www.pnnl.gov/events/incose-western-states-regional-conference

    Website: https://plc-security.com/

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/in/matthew-j-scott-mcit/

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Clint Bodungen: Clint Bodungen is a distinguished industrial cybersecurity expert, celebrated public speaker, accomplished author, and a trailblazer in the realm of cybersecurity gamification. With over 25 years of experience in the field, he has left an indelible mark as the Founder, CEO & Chairman of ThreatGEN® Red vs. Blue. A veteran of the United States Air Force, Clint is renowned for his expertise in industrial control systems and operational technology cybersecurity. Notably, he authored the influential book "Hacking Exposed: Industrial Control Systems" and the forthcoming "ChatGPT for Cybersecurity Cookbook." He envisions transforming cybersecurity education through gamification, as showcased in his groundbreaking product, the world’s first online multiplayer cybersecurity game, ThreatGEN® Red vs. Blue, aimed at imparting practical cybersecurity skills. 

    In this episode, Aaron and Clint Bodungen discuss:

    Integrating gaming AI and machine learning for predictive risk management in cybersecurity simulationsAdvancing cybersecurity through game theory, predictive analysis, and AI-driven risk mitigationBuilding a living risk assessment system for OT cybersecurityLarge language models, quantum computing, and training for a superhuman future

    Key Takeaways:

    Using a powerful combination of gaming AI and machine learning, ThreatGEN's platform creates a dynamic, strategic cyber range that not only simulates realistic attack scenarios but also empowers users to predict and mitigate the most probable attack vectors, ultimately transforming cybersecurity into a proactive, AI-driven risk management endeavor.Unlocking the potential of game theory and machine learning, cyber security enters a new era of real-time risk analysis, predictive modeling, and realistic training, paving the way for effective decision-making, optimal resource allocation, and proactive defense strategies.Leveraging specialized large language models and AI can revolutionize cybersecurity in OT environments, enabling dynamic risk assessment, active change management, and predictive analysis, creating a living risk profile for informed decision-making and enhanced security.The convergence of large language models and quantum computing holds both exciting potential for solving complex problems like diseases and understanding the universe, as well as concerning implications for accelerating cyber threats and destructive capabilities. 

    "We're nearing the ability to solve every disease, find the secrets of the universe, and finally determine whether or not we're living in a simulation or not. But, at the same time, I guess that also brings with it terrible destruction, right? We are also accelerating the ability of nutcases out there that want to destroy the world, you know, the accessibility and the speed at which they can develop something purely devastating." — Clint Bodungen

     

    Connect with Clint Bodungen:  

    ThreatGEN® Red vs. Blue: https://threatgen.com

    CyberSuperhuman.AI Courses: https://cybersuperhuman.ai

    Get 50% off on Clint's courses by using the code AARONCROW23

    Email: [email protected]

    Book: https://www.amazon.com/Hacking-Exposed-Industrial-Control-Systems/dp/1259589714

    YouTube: https://www.youtube.com/@CyberSuperhuman

    LinkedIn: https://www.linkedin.com/in/clintb/

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

  • About Ian Frist: Ian Frist is the Cybersecurity Compliance Program Director at Corning, boasting a MS in Cybersecurity. With a dynamic background spanning both private sector and government roles, Ian's expertise encompasses NIST, CIS, and CMMC frameworks. Currently leading Corning's compliance team within the cybersecurity group, Ian's journey ventured from accidental entry into ICS/OT through the National Guard, where even as a medic, he embraced the cyber realm. Transitioning into compliance and GRC, Ian's enduring passion for ICS/OT continues, evident through speaking engagements at prestigious events like SANS conferences, reflecting his commitment to both fields.

    In this episode, Aaron and Ian Frist discuss:

    Navigating compliance and cybersecurity in the changing landscape of OTBuilding effective cybersecurity programsIntegrating cybersecurity in OTImplementing effective asset management and inventory in manufacturing

    Key Takeaways:

    Compliance is shifting from a mere checkbox exercise to a powerful lever that compels organizations, including manufacturing and utilities, to elevate their OT cybersecurity by setting a baseline of controls and risk management strategies, bridging the gap between different industries' cybersecurity maturity levels while emphasizing the imperative to safeguard critical operations and infrastructure.In the complex landscape of cybersecurity, building a comprehensive program that understands and manages the unique assets, risks, and impact of your organization's operations is paramount, transcending mere reliance on tools and instead emphasizing a holistic approach to preparedness and response.Building redundancy and preparedness into systems is common practice, but the often overlooked key is to integrate cybersecurity understanding, people, processes, and technology from the start to truly fortify against a wide range of potential incidents and ensure resilient operations.Navigating the complexities of asset management and inventory in manufacturing requires acknowledging the need for an initial manual effort, understanding the limitations of automation tools, setting realistic and adaptable goals that balance compliance and risk, and embracing the ongoing commitment required for effective governance. 

    "Don't fall for a buzzword, build a program. I think we're going to have to keep watching out for that moving forward." — Ian Frist

     

    Connect with Ian Frist: 

    Website: https://www.corning.com/worldwide/en.html

    Email: [email protected]

    LinkedIn: https://www.linkedin.com/in/ian-frist-ms-cybersecurity-cissp-cmmc-pa-pi-3028a9181/

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

  • About Michael Weigand: Michael Weigand is the visionary co-founder and Chief Growth Officer of Shift5, spearheading the realization of Shift5’s ambitious growth strategies. With a distinguished background, he spent eight years as an innovative leader in the U.S. Army, pioneering cyber operations and commanding specialized cyber units. Michael's pivotal contributions include shaping the Army's platform mission assurance program, pioneering expeditionary cyber forces, and fostering breakthrough projects in collaboration with the Defense Digital Service. He holds a BS in Computer Science from the United States Military Academy and possesses a unique ability to navigate both the digital realm and the skies, flying small airplanes into tight spaces.

    In this episode, Aaron and Michael Weigand discuss:

    Enhancing operational reliability and security in modern vehicle fleetsSecuring critical infrastructure in the age of advanced technologyStrategies for successful onboarding of new assetsEnabling secure and adaptive OT for a changing landscape

    Key Takeaways:

    Shift5 pioneers cybersecurity solutions for modern vehicles, equipping defense systems, aerospace, and rail with transformative hardware and software that not only safeguard against cyber threats, but also harness unique data for proactive optimization, revealing a compelling convergence of security and operational efficiency.In the intersection of physical systems and digital environments in OT, protecting assets like airplanes and power plants from vulnerabilities is crucial, demanding advanced anomaly detection and proactive responses to ensure security, safety, and operational stability amid rapid evolution.Navigating the complex journey of onboarding new assets involves multidisciplinary collaboration, early integration for efficiency gains, and a keen focus on quantifiable value to maximize returns and operational effectiveness.The future of cybersecurity holds exciting advancements in automated vulnerability identification and secure software development, but challenges lie in reconciling slow safety processes with the need for agile and rapid responses to emerging threats, as adversaries increasingly exploit AI-powered tactics.

    "We encourage everybody to ensure they're tapping and monitoring everything, not only infrastructure but also those legacy and serial protocols that are quite obscure. We want everybody to ensure they can see themselves so they can defend their interests." — Michael Weigand

     

    Connect with Michael Weigand: 

    Website: shift5.io 

    LinkedIn: https://www.linkedin.com/in/michael-weigand/ and https://www.linkedin.com/company/shift5/

    Emails: [email protected], [email protected], and [email protected]

    YouTube: https://www.youtube.com/channel/UCNCrUBI5C0bWil1-uKJaXUg 

    Connect with Aaron:

    LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about Industrial Defender:

    Website: https://www.industrialdefender.com/podcast 

    LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

    Twitter: https://twitter.com/iDefend_ICS

    YouTube: https://www.youtube.com/@industrialdefender7120

    Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.