In this reflective episode, we revisit the real-world challenges of securing industrial environments, where the intersection of IT and OT often creates unforeseen cybersecurity vulnerabilities.

From mismanaged remote access to the critical need for continuous asset monitoring, our experts dive deep into the lessons learned from boots on the ground work in the field.

They share insights on managing OT cybersecurity risks while maintaining production uptime and operational integrity.

This episode provides invaluable takeaways for those navigating the complexities of protecting industrial networks, offering practical solutions for balancing security with operational demands.

Chapters:

• 00:00:00 - A rewind to the biggest OT cybersecurity lessons and surprising moments!
• 00:01:05 - Missteps and Common Blunders with Manufacturing, ICS and Cybersecurity
• 00:10:26 - Industrial Cybersecurity Lessons From the Field
• 00:20:19 - The State of OT Cybersecurity From the Field

Links And Resources:

• Velta Technology
• Dino Busalachi on LinkedIn
• Jim Cook on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube Podcasts to leave us a review!

Most cybersecurity threats begin in IT systems. But as the lines between IT and OT continue to blur, these same threats have more and more opportunities to move closer to critical control systems. Having both visibility and context into what assets are most at risk across your operational environments is crucial for maintaining the safety and availability of these systems.

In this episode of the Security Sandbox, we'll cover the strategic use of cyber threat intelligence (CTI) to safeguard critical infrastructure and industrial environments.

You'll learn about:

• Integrating OT/IoT threat intelligence with traditional IT threat intelligence for a complete picture of the attack surface
• Using asset context when acting on threat intelligence in OT systems
• Real-world examples of successful proactive threat response

Visit Our Website

Follow Us on LinkedIn

KraftCERT trusselvurdering 2024 | In Norwegian only

In this episode, Robby is joined by Espen Endal and Bjørn Tore Hellesøy from KraftCERT/InfraCERT - the Norwegian CERT for the energy and petroleum sectors.

The trio discuss the Threat Assessment report recently published by KraftCERT/InfraCERT, and the unique challenges the Norwegian energy sectors are facing. They touch into topics such as threat evaluation, insider threats, countermeasures, and the importance of maintaining robust security practices despite evolving digital landscapes.

The conversation emphasises the contextualization of national threat assessments to be practical for energy production companies, stressing the balance between emerging technologies like AI and Digital Twins and their associated risks.

The Threat Assessment 2024 report is available at: https://www.kraftcert.no/filer/KraftCERT-ThreatAssessment2024.pdf

השימוש בספריות קוד פתוח הפך לפרקטיקה מקובלת בכול פיתוח תוכנה, קיצור משך הפיתוח הוא משמעותי אבל טומן בחובו סיכונים עיסקיים וסיכוני סייבר משמעותים ללקוחות.

המעבר של העולם התפעולי לבקרים מבוססי מערכת הפעלה סטנדרטית ותאומים דיגיטלים מוזיל עלויות ובאותה נשימה חושף את הסביבה התפעולית לסיכוני סייבר מוכרים מסביבות המחשוב הסטנדרטיות.

נחשון פינקו מארח את צביקה רונן מייסד שותף והמנהל הטכנולוגי בחברת פוסאוור, מומחה בתחום ניהול סיכונים בקוד פתוח בשיחה על השימוש בקוד פתוח ע"י חברות תוכנה.

מה המשמעות של הרישוי השונה בקוד פתוח

איך מוודאים שהקוד הפתוח שהוכנס ע"י המפתחים "נקי" ולא מסתיר נוזקות שיפתחו באתר הלקוח

איפה פוגש הקוד הפתוח את העולם התפעולי ועוד

Open-source libraries have become an accepted practice in all software development. Shortening the duration of development is significant but carries significant business and cyber risks for customers.

The transition of the operational world to controllers based on a standard operating system and digital twins lowers costs. Still, it exposes the operational environment to known cyber risks from standard computing environments.

Nachshon Pincu hosts Zvika Ronan, Co-founder and chief technology officer at FOSSAware and an expert in open-source risk management, in a conversation about software companies' use of open source.

What does the different open-source licensing mean?

How do you ensure that the open code entered by the developers is "clean" and does not hide vulnerabilities that will be opened on the client's site?

Where does the open source meet the operational world?

and more

In this episode, Bryson sits down with MITRE EMB3D co-founder Niyo Little Thunder Pearson. For nearly 20 years, Niyo has been at the forefront of protecting critical infrastructure systems. He previously led incident response for American Express, directing the company’s Security Operations Center during the LulzSec and Anonymous attacks, and worked to develop an adversarial cyber defense program for the nation’s third largest gas utility at ONE Gas Oklahoma. Now, Niyo has co-founded MITRE EMB3D, a groundbreaking global threat network aimed at enhancing the security of embedded devices.

What is MITRE EMB3D? Who is the intended audience? What problems is it trying to solve?

“There is such a gap that exists today on what we understand and how risk averse these [embedded] devices are. They do well and they operate well. They're built for what they're doing in a safety context, but the security was never brought forward with it,” Niyo said.

Join us for this and more on this episode of Hack the Plan[e]t.

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.

Political hacktivism once mainly focused on website defacement. Now it has shifted to targeting physical devices, affecting critical infrastructure such as water treatment plants. At Black Hat USA 2024, Noam Moshe from Claroty highlighted how the HMIs in PLC devices from Israeli manufacturers may be susceptible to political attacks by nation-state actors using unknown vulnerabilities in the PComm protocol.

In this episode, Craig and Dino explore the evolving responsibilities of the CISO in managing cybersecurity within operational technology (OT) environments.

They address the persistent disconnect between IT and OT teams and the unique challenges CISOs face in bridging this gap.

With a focus on collaboration, they discuss the critical role of external partnerships and the importance of understanding the industrial landscape to implement effective security measures.

The conversation highlights how CISOs can balance rigorous cybersecurity protocols with operational demands, ensuring both safety and continuous uptime in complex industrial systems.

Chapters:

• 00:00:00 - Prioritizing Safety and Minimizing Downtime
• 00:00:48 - The Evolving Role of CISOs in Operational Technology (OT)
• 00:02:11 - Overcoming IT and OT Collaboration Challenges
• 00:03:09 - The Persistent Disconnect Between IT and OT
• 00:04:06 - CISOs' Responsibility for OT Security
• 00:05:08 - Balancing Security and Operational Uptime
• 00:06:57 - The Role of External Resources in Cybersecurity
• 00:11:38 - Limited CISO Interaction with the Board
• 00:20:38 - The Realities of Relying on Cybersecurity Insurance
• 00:24:18 - Conclusion: Moving Forward with IT-OT Collaboration

Links And Resources:

• Velta Technology
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube, to leave us a review!