Podcasts about ics village

Play Episode Listen Later Apr 12, 2025 33:43

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Bridging the Cybersecurity Resource GapPub date: 2025-04-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBryson Bort welcomes Sarah Powazek, Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity, to discuss the organization's work providing cybersecurity resources for the public, and CyberCAN, a project to connect cities and nonprofits providing critical services. How can cities play a larger role in protecting their communities? What are the biggest cybersecurity challenges facing nonprofits? What innovative solutions are being developed to address the cybersecurity resource gap? “It's never going to be enough to have one federal agency help every single organization in a country. We're just too large,” Sarah said. “I think the solution is to create more infrastructure at the state, local, and regional level.”Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plan[e]t is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology plan institute security hack cybersecurity bridging resource program directors listen notes uc berkeley center bryson bort long term cybersecurity ics village

Preparing for Unnatural Disasters

Play Episode Listen Later Mar 14, 2025 40:09

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Preparing for Unnatural DisastersPub date: 2025-03-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWelcome to season 5! Our host Bryson Bort sits down with Institute for Security and Technology (IST) Executive in Residence for Public Safety & Security Josh Corman. Josh previously joined us on season 1, episode 2 to discuss his experience founding I Am The Cavalry, a grassroots organization focused on the intersection of digital security, public safety, and human life. Today, Josh walks us through his Cyber Civil Defense initiative UnDisruptable27 and his work to bolster the resilience of local critical infrastructure systems. What role can you play in making our communities more resilient? What risks do we face from a hybrid conflict? How can we better prepare for disruptions to critical infrastructure? “You inform, influence, inspire. You make sure people aren't blindsided, and even if they can't stop the natural disaster, they can at least prepare for it and make informed decisions and innovate locally,” Josh said. “And unlike natural disasters, where we only have a couple hurricanes a year, we may have concurrent unnatural disasters on plural U.S. infrastructure sites across the country with finite resources to respond and recover.”Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plan[e]t is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology preparing plan institute security disasters hack residence unnatural listen notes bryson bort ics village

From the Archives

Play Episode Listen Later Mar 1, 2025 23:07

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: From the ArchivesPub date: 2025-02-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationFor the final episode of the season, our host Bryson Bort reflects on four years and forty episodes of Hack the Plan[e]t, and picks a few favorites. Episode 8, DoD and Critical Infrastructure: https://hack-the-plant.simplecast.com/episodes/dod-and-critical-infrastructureEpisode 10, The Congressman, The Commission and Our Critical Infrastructure: https://hack-the-plant.simplecast.com/episodes/the-congressman-the-commission-and-our-critical-infrastructureEpisode 27, Managing Incident Responses to Critical Infrastructure Attacks: https://hack-the-plant.simplecast.com/episodes/managing-incident-responses-to-critical-infrastructure-attacksEpisode 28, Cyber Threat Intelligence Over the Past 25 Years: https://hack-the-plant.simplecast.com/episodes/cyber-threat-intelligence-over-the-past-25-yearsEpisode 36, Supporting Ukrainian Electrical Grid Resilience in Wartime: https://hack-the-plant.simplecast.com/episodes/supporting-ukrainian-electrical-grid-resilience-in-wartime-mxxhn2g3Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology plan institute security plant hack commission archives congressman dod wartime listen notes critical infrastructure bryson bort ics village

Protecting Critical Infrastructure for Rural Electric Cooperatives

Play Episode Listen Later Feb 5, 2025 31:09

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Protecting Critical Infrastructure for Rural Electric CooperativesPub date: 2025-02-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBryson is joined by Carter Manucy, Director of Cybersecurity at the National Rural Electric Cooperative Association to discuss rural electric cooperatives, the importance of collaboration, and the state of cybersecurity in the energy sector. With over two decades of experience in the sector, Carter was recently awarded E-ISAC's prestigious Michael J. Assante Award for his leadership on initiatives to protect the grid and electric co-ops. How are cooperatives fostering a stronger cybersecurity culture? What are the unique challenges faced by rural electric cooperatives in the cybersecurity landscape? And what does Carter see in his crystal ball for the future of cybersecurity in the energy sector?“I think as a country, we've really got to pull together or else we're going to be behind the eight ball in a few years, and that could really look bad for everybody...power runs all of our lives,” Carter said. “If I had that magic wand, I think I would get rid of a lot of the politics that are there so that we can focus on getting funding to help in the areas that it really is needed, and move that needle forward.” Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

director technology plan institute security protecting plant hack electric cybersecurity rural listen notes critical infrastructure cooperatives bryson bort ics village

The A-Z of Industrial Cybersecurity for OT Environments with Industry Expert Bryson Bort

Play Episode Listen Later Jan 31, 2025 32:46

Podcast: Industrial Cybersecurity InsiderEpisode: The A-Z of Industrial Cybersecurity for OT Environments with Industry Expert Bryson BortPub date: 2025-01-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJoin us as we delve into the fascinating world of operational technology (OT) cybersecurity with Bryson Bort, founder of SCYTHE, Grimm, and co-founder of ICS Village. Discover how his experiences shaped innovative approaches to OT risk management, why visibility and architecture are foundational to security, and the importance of building trust between IT and OT teams. From real-world case studies to actionable strategies, this episode explores the evolving landscape of industrial cybersecurity and the steps organizations must take to stay ahead.Chapters:00:00:00 - Welcome and introduction to today's focus on industrial cybersecurity00:01:10 - Bryson Bort shares his journey from military service to OT security innovation00:02:02 - The evolution of cybersecurity: milestones and lessons for OT environments00:03:21 - Exploring industrial control systems and the roots of car hacking00:06:52 - Tackling real-world challenges in industrial cybersecurity00:08:00 - Why visibility and architecture are foundational for OT security00:09:30 - Dispelling misconceptions about air-gapped systems in OT environments00:11:10 - Practical insights on segmentation and defensible architectures00:13:00 - How attackers exploit vulnerabilities and why monitoring is essential00:14:30 - Building trust between IT and OT teams for successful convergence00:16:00 - Leveraging purple teaming to enhance collaboration and resilience00:17:07 - Strategies for building trust and creating effective OT security solutions00:26:54 - The future of cybersecurity and Bryson's parting insightsLinks And Resources:Bryson Bort on LinkedInSCYTHEICS VillageDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

spotify strategy discover building practical exploring leveraging cybersecurity chapters tackling ot industrial environments grimm dispelling industry experts scythe listen notes bryson bort ics village

Reliability and Risks of the North American Power Grid

Play Episode Listen Later Nov 27, 2024 28:06

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Reliability and Risks of the North American Power GridPub date: 2024-11-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBryson is joined by Sara Patrick, President and CEO at the Midwest Reliability Organization (MRO) to discuss cyber threats, mitigation strategies, and the United States energy infrastructure system. A lawyer by training, Sara led MRO's enforcement group and compliance monitoring team for 16 years before stepping into her position as CEO. What risks does AI pose to maintaining a reliable grid? How does MRO build resilience into the Northeast bulk power grid? What do smaller organizations need to be able to mitigate threats? “When we think about operations, we're a lot of times focused on the bigger organizations. But from a cyber perspective, it really doesn't matter the size of your organization. You're all susceptible,” Sara explained. Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

united states ceo president ai technology plan institute security plant hack risks north american northeast reliability power grid listen notes mro american power bryson bort ics village

Hack the Capital 7.0: Building Cybersecurity Connections with Bryson Bort & Tom Van Norman

Control System Cyber Security Association International: (CS)²AI

Play Episode Listen Later Nov 14, 2024 17:08

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: Hack the Capital 7.0: Building Cybersecurity Connections with Bryson Bort & Tom Van NormanPub date: 2024-11-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Derek Harp sits down with Bryson Bort and Tom Van Norman, co-founders of ICS Village and creators of Hack the Capital. They discuss the origins and evolution of Hack the Capital, now in its seventh year, and the conference's unique focus on bridging cybersecurity professionals with policy makers and industry leaders. They dive into the value of hands-on learning, the launch of Workforce Development Day, and the ongoing need for practical cybersecurity education and career opportunities for all. Bryson and Tom also highlight the significance of candor in the field and what attendees can look forward to at future conferences. Tune in for insights into the world of OT and ICS cybersecurity, hands-on training, and the importance of building community partnerships.The podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

capital connections hack cybersecurity ot norman hands on learning ics listen notes tom van bryson bort ics village

Hack the Capitol 7.0: Building Cybersecurity Connections with Bryson Bort & Tom Van Norman

Play Episode Listen Later Nov 12, 2024 17:08

In this episode, host Derek Harp sits down with Bryson Bort and Tom Van Norman, co-founders of ICS Village and creators of Hack the Capitol. They discuss the origins and evolution of Hack the Capitol, now in its seventh year, and the conference's unique focus on bridging cybersecurity professionals with policy makers and industry leaders. They dive into the value of hands-on learning, the launch of Workforce Development Day, and the ongoing need for practical cybersecurity education and career opportunities for all. Bryson and Tom also highlight the significance of candor in the field and what attendees can look forward to at future conferences. Tune in for insights into the world of OT and ICS cybersecurity, hands-on training, and the importance of building community partnerships.

connections hack capitol cybersecurity ot norman hands on learning ics tom van bryson bort ics village

Securing Embedded Systems

Play Episode Listen Later Oct 3, 2024 31:20

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Securing Embedded SystemsPub date: 2024-09-25In this episode, Bryson sits down with MITRE EMB3D co-founder Niyo Little Thunder Pearson. For nearly 20 years, Niyo has been at the forefront of protecting critical infrastructure systems. He previously led incident response for American Express, directing the company's Security Operations Center during the LulzSec and Anonymous attacks, and worked to develop an adversarial cyber defense program for the nation's third largest gas utility at ONE Gas Oklahoma. Now, Niyo has co-founded MITRE EMB3D, a groundbreaking global threat network aimed at enhancing the security of embedded devices. What is MITRE EMB3D? Who is the intended audience? What problems is it trying to solve? “There is such a gap that exists today on what we understand and how risk averse these [embedded] devices are. They do well and they operate well. They're built for what they're doing in a safety context, but the security was never brought forward with it,” Niyo said. Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology plan institute security plant hack anonymous securing american express listen notes embedded systems security operations center lulzsec niyo bryson bort ics village

From Concept to Reality: ResetCon and the Future of ICS Security Conferences

Play Episode Listen Later Jul 31, 2024 49:21

Podcast: PrOTect It AllEpisode: From Concept to Reality: ResetCon and the Future of ICS Security ConferencesPub date: 2024-07-24In this episode, host Aaron Crow dives into critical infrastructure and industrial control systems with special guests Matthew Miller and James Warne. Together, they introduce ResetCon—an upcoming conference to close the gap between technical research and practical applications in cybersecurity. Our listeners get an exclusive discount for attending ResetCon this year! Visit https://rstcon.org/2024/ and use the code PrOTect to receive a 10% discount on your tickets. The discussion highlights the importance of including cybersecurity in infrastructure design, tackling supply chain attacks, and fostering collaboration among industry experts. With the call for papers closing soon, listeners are encouraged to submit abstracts and join this revolutionary initiative. Episode 18 promises valuable insights into the intersection of IT, OT, and critical infrastructure cybersecurity. It emphasizes the need for more skilled professionals and community-driven solutions. Don’t miss this chance to learn, get inspired, and prepare for ResetCon! Key Moments: 03:32 ResetCon aims to deliver cutting-edge tech talks. 08:47 Debating cause, but the outcome is unchanged. 11:49 Conference seeks to address critical infrastructure issues. 16:06 ICS Village presence at key cybersecurity events vital. 18:34 Sharing industry knowledge and protecting brand integrity. 20:51 Colin O'Flynn presents cutting-edge hardware innovations. 26:05 Diverse audiences at the ponderous conference. 28:34 Understanding same team, goals, critical infrastructure, not experts. 30:37 Submitted on 3rd, some issues, resubmitted 6th. 35:52 High-tech talks, networking, and exploring Savannah. 38:39 Discussing boat transportation as part of long-term goal. 40:38 Collaboration can lead to innovative infrastructure solutions. 44:10 Discussing relevance of Wi-Fi and security measures. About the guests : James Warne Jay's work in research has affirmed his commitment to technology, security, and computation. His time on and leading high-performing teams codified his desire to enable and support his scientists and engineers. Jay constantly seeks ways to contribute to his field; one may find him testing his theories, reading and sharing papers, problem-solving with industry, arming investors with technical knowledge, coordinating RSTCON, developing instructive/ research presentations, mentoring new industry hopefuls, advising the Cornell Cyber Club, or outdoors. Matthew Miller Matthew spent eight years in the United States Navy and Special Operations as a CNO Operator. After the military, he shifted his career toward security research and software engineering. Recently, Matthew co-founded ResetCon to address growing cybersecurity concerns in critical infrastructure. He's passionate about his family, work, and about giving back to the community Know more about Reset Conference - https://rstcon.org/ Attend ResetCon this year! Visit https://rstcon.org/2024/ and use the code PrOTect to receive a 10% discount on your tickets. Connect With Aaron Crow: Website: www.corvosec.com LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co Website: https://protectitall.co/ X: https://twitter.com/protectitall YouTube: https://www.youtube.com/@PrOTectITAll FaceBook: https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at info@protectitall.coThe podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

future reality sharing conference protect collaboration concept wifi ot diverse conferences debating united states navy submitted special operations key moments listen notes matthew miller ics security ics village

The Case For A Cyber Force

Play Episode Listen Later Jul 30, 2024 41:55

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: The Case For A Cyber ForcePub date: 2024-07-23In this episode, Bryson sits down with Mark Montgomery, Senior Director at the Foundation for Defense of Democracies. For three years, Mark served as Executive Director of the Cyberspace Solarium Commission, created by congressional mandate to develop strategic approaches to defending against cyber attacks. Now, he directs CSC 2.0, an initiative that works to implement the recommendations of the Commission. What were the key recommendations of the Cyberspace Solarium Commission? What are the politics of cybersecurity? How do we ensure that our international partners have the same level of resiliency and recovery that we have domestically? “We'd like to fight our adversaries overseas. That means we have to fight with and through our allies and partners. So they have to have strong critical infrastructure as our forces arrive and execute their missions,” Mark said. Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology executive director foundation plan institute security defense plant hack commission senior director democracies csc listen notes cyberforce mark montgomery 23in bryson bort cyberspace solarium commission ics village

Supporting Ukrainian Electrical Grid Resilience in Wartime

Play Episode Listen Later Jun 25, 2024 32:19

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Supporting Ukrainian Electrical Grid Resilience in WartimePub date: 2024-06-21Joe Marshall is a Senior IoT Security Strategist at Cisco Talos Intelligence Group. When Russia invaded Ukraine in 2022, Joe helped coordinate a multinational, multi-company coalition of volunteers and experts to find a technological solution. Bryson and Joe sat down to discuss his efforts in Ukraine, how he got the go-ahead from Cisco leadership, and more. “They were like, yeah, we can't even get accurate timing to work on our transmission grid because of jamming that is interrupting GPS communications,” Joe explains. “A week later I was sitting in my office and I went, ‘I wonder if we have something inside of Cisco that can actually help with this.'” Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology russia ukraine plan institute resilience security plant gps hack ukrainian cisco wartime listen notes electrical grid bryson bort ics village

Supporting Ukrainian Electrical Grid Resilience in Wartime

Play Episode Listen Later Jun 25, 2024 32:19

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Supporting Ukrainian Electrical Grid Resilience in WartimePub date: 2024-06-21Joe Marshall is a Senior IoT Security Strategist at Cisco Talos Intelligence Group. When Russia invaded Ukraine in 2022, Joe helped coordinate a multinational, multi-company coalition of volunteers and experts to find a technological solution. Bryson and Joe sat down to discuss his efforts in Ukraine, how he got the go-ahead from Cisco leadership, and more. “They were like, yeah, we can't even get accurate timing to work on our transmission grid because of jamming that is interrupting GPS communications,” Joe explains. “A week later I was sitting in my office and I went, ‘I wonder if we have something inside of Cisco that can actually help with this.'” Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology russia ukraine plan institute resilience security plant gps hack ukrainian cisco wartime listen notes electrical grid bryson bort ics village

Preparing for the potential worst day

Play Episode Listen Later May 23, 2024 30:36

Podcast: Hack the Plant (LS 34 · TOP 5% what is this?)Episode: Preparing for the potential worst dayPub date: 2024-05-21In this episode, Bryson Bort is joined by Paul Shaver, Global OT Security Practice Lead at Mandiant / Google Cloud to discuss the cyber threat landscape. How did Paul's military background play a role in his decision to start working with control systems? What is the difference between an advanced persistent threat and a regular threat? What does Paul think is the best way to protect against documented threats from nation-state actors?“I think if we're not doing a better job of protecting critical infrastructure, protecting our assets, any one of the nation state actors could cause that level of mass scale outage or destruction of capability. It comes down to being better prepared to protect these environments,” Paul said. Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology preparing institute security plant hack worst day listen notes bryson bort ics village

Preparing for the potential worst day

She Said Privacy/He Said Security

Play Episode Listen Later May 23, 2024 30:36

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Preparing for the potential worst dayPub date: 2024-05-21In this episode, Bryson Bort is joined by Paul Shaver, Global OT Security Practice Lead at Mandiant / Google Cloud to discuss the cyber threat landscape. How did Paul's military background play a role in his decision to start working with control systems? What is the difference between an advanced persistent threat and a regular threat? What does Paul think is the best way to protect against documented threats from nation-state actors?“I think if we're not doing a better job of protecting critical infrastructure, protecting our assets, any one of the nation state actors could cause that level of mass scale outage or destruction of capability. It comes down to being better prepared to protect these environments,” Paul said. Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology preparing institute security plant hack worst day listen notes bryson bort ics village

Offensive Cybersecurity Strategies with Bryson Bort

Play Episode Listen Later May 9, 2024 34:10

Bryson Bort is the CEO and Founder of SCYTHE, a threat emulation platform. He is Co-founder of GRIMM, a cybersecurity consultancy and ICS Village, a 501c3 for industrial control security systems. He is recognized as a Top 50 in Cyber by Business Insider and SANS Difference Maker Awards' Innovator of the Year. In this episode… Any security or privacy protocol comes with a plan, and every plan fits into a larger strategy. Coordinating a large-scale strategy while maintaining the finer details is more complicated than it sounds. It helps to have professionals experienced not only in security, but also in strategy in general. Bryson Bort has translated much of his military experience into cybersecurity. His team-forward, offensive mindset has been the foundation of his consulting service and the SCYTHE tool. This framework has proven useful for many notable companies, and it could also work in your arsenal. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels speak with Bryson Bort, the CEO and Founder of SCYTHE, to discuss his offensive cybersecurity strategy. They talk about the issues with training, the problems SCYTHE solves, learning about ransomware, and his previous work with Target. They also touch on Bryson's process for grabbing and keeping attention.

ceo founders strategy target cybersecurity offensive cyber business insider innovators grimm coordinating scythe bryson bort ics village

The ICS Hacker

Play Episode Listen Later Apr 26, 2024 33:51

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: The ICS HackerPub date: 2024-04-23Claroty is a cybersecurity company that helps organizations to secure cyber-physical systems across industrial (OT), healthcare (IoMT), and enterprise (IoT) environments: the Extended Internet of Things (XIoT). In this episode, Bryson Bort sits down with Claroty director of research and industrial control system (ICS) vulnerability expert Sharon Brizinov to discuss everything ICS.What are the most common vulnerabilities threatening ICS security? What's the impact of cybersecurity controls standardization? And if he could wave a magic wand, what is one thing he'd change in the ICS industry? “Don't expose ICS equipment over the Internet,” Sharon said. “That's my wish. To eliminate all the ICS Internet-exposed devices.”Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

internet technology institute security plant hack ot hackers iot ics listen notes claroty iomt bryson bort ics village

The ICS Hacker

Play Episode Listen Later Apr 26, 2024 33:51

Podcast: Hack the Plant (LS 34 · TOP 5% what is this?)Episode: The ICS HackerPub date: 2024-04-23Claroty is a cybersecurity company that helps organizations to secure cyber-physical systems across industrial (OT), healthcare (IoMT), and enterprise (IoT) environments: the Extended Internet of Things (XIoT). In this episode, Bryson Bort sits down with Claroty director of research and industrial control system (ICS) vulnerability expert Sharon Brizinov to discuss everything ICS.What are the most common vulnerabilities threatening ICS security? What's the impact of cybersecurity controls standardization? And if he could wave a magic wand, what is one thing he'd change in the ICS industry? “Don't expose ICS equipment over the Internet,” Sharon said. “That's my wish. To eliminate all the ICS Internet-exposed devices.”Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

internet technology institute security plant hack ot hackers iot ics listen notes claroty iomt bryson bort ics village

Securing OT: Strategies for Prioritizing Vulnerabilities

Play Episode Listen Later Mar 24, 2024 42:26

Podcast: PrOTect It AllEpisode: Securing OT: Strategies for Prioritizing VulnerabilitiesPub date: 2024-03-14In this conversation, Bryson Bort discusses his background and the creation of Scythe, an offensive security platform. He also talks about the ICS Village and the Vulnerability Management Pavilion, as well as his collaboration with the Department of Energy on a vulnerability management research project. Bryson emphasizes the importance of prioritizing vulnerabilities in operational technology (OT) and understanding the risks in power plants. He also highlights the need to build trust with asset owners and gain leadership buy-in for cybersecurity initiatives. Finally, he discusses the importance of connecting technical expertise to business priorities. The conversation explores the importance of building trust and collaboration in the field of cybersecurity, particularly in the context of power utilities. It emphasizes the need for security professionals to be partners rather than adversaries, and highlights the role of organizations like the ICS Village in fostering collaboration and education. The conversation also delves into the concept of purple team exercises and the importance of starting small and growing in cybersecurity initiatives. Additionally, it discusses the significance of conversations with policymakers and the need for more cybersecurity professionals in the industry. More About The Episode Hosted by: Aaron Crow Guest: Sevak Avakians Connect with Bryson Bort: Website: scythe.io LinkedIn: https://www.linkedin.com/in/brysonbort/ Connect with Aaron Crow: Website: www.corvosec.com LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co Website: https://www.protectitall.co X: https://twitter.com/protectitall YouTube: https://www.youtube.com/@PrOTectITAll FaceBook: https://facebook.com/protectitallpodcast To be a guest, or suggest a guest/episode please email us at info@protectitall.co — Show notes by NMP. Audio production by NMP. We hear you loud and clear. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

strategy energy ot prioritizing securing vulnerabilities scythe listen notes nmp bryson bort ics village

Securing OT: Strategies for Prioritizing Vulnerabilities

Play Episode Listen Later Mar 24, 2024 42:26

Podcast: PrOTect It AllEpisode: Securing OT: Strategies for Prioritizing VulnerabilitiesPub date: 2024-03-14In this conversation, Bryson Bort discusses his background and the creation of Scythe, an offensive security platform. He also talks about the ICS Village and the Vulnerability Management Pavilion, as well as his collaboration with the Department of Energy on a vulnerability management research project. Bryson emphasizes the importance of prioritizing vulnerabilities in operational technology (OT) and understanding the risks in power plants. He also highlights the need to build trust with asset owners and gain leadership buy-in for cybersecurity initiatives. Finally, he discusses the importance of connecting technical expertise to business priorities. The conversation explores the importance of building trust and collaboration in the field of cybersecurity, particularly in the context of power utilities. It emphasizes the need for security professionals to be partners rather than adversaries, and highlights the role of organizations like the ICS Village in fostering collaboration and education. The conversation also delves into the concept of purple team exercises and the importance of starting small and growing in cybersecurity initiatives. Additionally, it discusses the significance of conversations with policymakers and the need for more cybersecurity professionals in the industry. More About The Episode Hosted by: Aaron Crow Guest: Sevak Avakians Connect with Bryson Bort: Website: scythe.io LinkedIn: https://www.linkedin.com/in/brysonbort/ Connect with Aaron Crow: Website: www.corvosec.com LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co Website: https://www.protectitall.co X: https://twitter.com/protectitall YouTube: https://www.youtube.com/@PrOTectITAll FaceBook: https://facebook.com/protectitallpodcast To be a guest, or suggest a guest/episode please email us at info@protectitall.co — Show notes by NMP. Audio production by NMP. We hear you loud and clear. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

strategy energy ot prioritizing securing vulnerabilities scythe listen notes nmp bryson bort ics village

Startup Growth, Leadership, and Navigating Market Challenges | A Conversation with with Bryson Bort | Loops and Lifecycles Podcast with Josh Mason

Play Episode Listen Later Mar 12, 2024 14:18

Guest: Bryson Bort, CEO and Founder at SCYTHE [@scythe_io]On LinkedIn | https://www.linkedin.com/in/brysonbort/On Twitter | https://twitter.com/brysonbort/Host: Josh MasonOn ITSPmagazine

Securing, Defending, and Bringing Resilience to Infrastructure

Play Episode Listen Later Mar 2, 2024 36:41

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Securing, Defending, and Bringing Resilience to InfrastructurePub date: 2024-02-28Psymetis creates Operational Technology (OT) security solutions that quickly and prevent electric grid outages and catastrophic infrastructure failures. Psymetis' Werewolf system provides condition monitoring and threat mitigation for the power grid, detecting cyberattacks, equipment failures, and physical damage in real-time. In this episode of Hack the Plant, Bryson sits down with Psymetis CEO Robert Shaughnessy to discuss his work with Psymetis, challenges to innovation in the private sector, and the role of government in developing new technologies. What ecosystem problem is Psymetis solving? How is the federal government involved? What threats do our critical infrastructure systems face? How is China involved?“We're not talking about shooting wars, we're talking about wars where adversaries–to include economic adversaries–can have advantage,” Shaughnessy said. “As we're looking out over the next couple of years… there's a lot of frightening indicators that want us to plan for these events, knowing the capabilities of our tier one adversaries.” Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

china technology institute resilience security plant hack infrastructure defending werewolf securing listen notes shaughnessy bryson bort ics village

Securing, Defending, and Bringing Resilience to Infrastructure

Play Episode Listen Later Mar 2, 2024 36:41

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Securing, Defending, and Bringing Resilience to InfrastructurePub date: 2024-02-28Psymetis creates Operational Technology (OT) security solutions that quickly and prevent electric grid outages and catastrophic infrastructure failures. Psymetis' Werewolf system provides condition monitoring and threat mitigation for the power grid, detecting cyberattacks, equipment failures, and physical damage in real-time. In this episode of Hack the Plant, Bryson sits down with Psymetis CEO Robert Shaughnessy to discuss his work with Psymetis, challenges to innovation in the private sector, and the role of government in developing new technologies. What ecosystem problem is Psymetis solving? How is the federal government involved? What threats do our critical infrastructure systems face? How is China involved?“We're not talking about shooting wars, we're talking about wars where adversaries–to include economic adversaries–can have advantage,” Shaughnessy said. “As we're looking out over the next couple of years… there's a lot of frightening indicators that want us to plan for these events, knowing the capabilities of our tier one adversaries.” Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

china technology institute resilience security plant hack infrastructure defending werewolf securing listen notes shaughnessy bryson bort ics village

CISA's Critical Infrastructure Protection Mission with Jen Easterly

Play Episode Listen Later Feb 5, 2024 50:54

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: CISA's Critical Infrastructure Protection Mission with Jen EasterlyPub date: 2024-02-02As America's Cyber Defense Agency and the National Coordinator for Critical Infrastructure Security and Resilience, the Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every day. In this episode of Hack the Plant, Bryson sits down with CISA Director Jen Easterly to discuss her work on leading CISA's critical infrastructure mission, implementing efforts to make products Secure by Design, and working with private companies to combat ransomware.How has CISA's role evolved since 2018? How do they advance critical infrastructure protection and cyber defense? What are Director Easterly's priorities for 2024? And if she could wave a magic wand, what is one thing she would change? “We need transparency so that we can all work together to protect the ecosystem, because the actors are not ever going to fight fair,” Easterly said. “We need all the collective strength of the community to keep Americans safe and secure.”Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology mission americans design institute resilience security plant secure hack cybersecurity cisa listen notes critical infrastructure national coordinator infrastructure security agency cisa easterly infrastructure protection bryson bort ics village

CISA's Critical Infrastructure Protection Mission with Jen Easterly

Play Episode Listen Later Feb 5, 2024 50:54

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: CISA's Critical Infrastructure Protection Mission with Jen EasterlyPub date: 2024-02-02As America's Cyber Defense Agency and the National Coordinator for Critical Infrastructure Security and Resilience, the Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every day. In this episode of Hack the Plant, Bryson sits down with CISA Director Jen Easterly to discuss her work on leading CISA's critical infrastructure mission, implementing efforts to make products Secure by Design, and working with private companies to combat ransomware.How has CISA's role evolved since 2018? How do they advance critical infrastructure protection and cyber defense? What are Director Easterly's priorities for 2024? And if she could wave a magic wand, what is one thing she would change? “We need transparency so that we can all work together to protect the ecosystem, because the actors are not ever going to fight fair,” Easterly said. “We need all the collective strength of the community to keep Americans safe and secure.”Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

technology mission americans design institute resilience security plant secure hack cybersecurity cisa listen notes critical infrastructure national coordinator infrastructure security agency cisa easterly infrastructure protection bryson bort ics village

Thomas VanNorman: ICS Security Takes a Village - Building an OT Security Community

Play Episode Listen Later Dec 9, 2023 45:31

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Thomas VanNorman: ICS Security Takes a Village - Building an OT Security CommunityPub date: 2023-12-07About Thomas VanNorman: Thomas VanNorman, a seasoned professional with almost three decades of experience in OT, is currently leading the CyPhy Product group at GRIMM. His primary focus involves securing Industrial Control Systems and networking within this domain. Additionally, Tom is a co-founder of the ICS Village, a 501(c)(3) non-profit organization dedicated to Control System security and awareness, where he has volunteered for almost a decade. Tom retired from the Air National Guard after serving in Cyber Warfare Operations, capping off a diverse career that included working on airplane control systems for 12 years.In this episode, Aaron and Thomas VanNorman discuss:Starting up The ICS VillageNavigating the world of industrial control systemsAddressing the unique challenges of OT securityThe chicken and egg dilemma in industrial cybersecurityInsights from recent SEC actions and the role of CISOs in risk acceptanceKey Takeaways:The ICS Village, founded eight years ago, focuses on educating and raising awareness about industrial control systems (ICS) and their security, using conferences, events, and roadshows to provide hands-on experiences, non-sales discussions, and tabletop exercises, with a mission to bridge knowledge gaps, address terminology variations, and emphasize the importance of both old and new threats in the ICS space.Addressing cybersecurity challenges in the OT space, particularly with aging technology, requires a unique approach due to potential impacts on production and safety, leading to the launch of a four-year apprenticeship program initially targeting veterans to bridge the skills gap.Navigating the challenges of cybersecurity in industrial settings requires a blend of technical expertise, an understanding of operational processes, and effective risk communication, as demonstrated by the importance of bridging the gap between IT and OT and addressing vulnerabilities in a context-specific manner.In the ever-evolving landscape of cybersecurity, the role of CISOs is becoming increasingly crucial, with recent legal actions targeting them personally; however, it's essential to recognize that CISOs often lack the executive power to make decisions, highlighting the need for a shift in organizational dynamics and a deeper understanding of the risks being accepted."Our role as technologists is to explain the facts: Why does this matter? What happens if you fix it? What happens if you don't fix it? It may cost millions of dollars to fix it. It might be for an air handler that operates the warehouse, which doesn't matter much. Or it could be an air handler for that warehouse that does matter because it has to be climate-controlled. Things go south quickly. It's the same piece of hardware, the same piece of technology, but with different applications." — Thomas VanNorman Connect with Thomas VanNorman: Email: tom@icsvillage.comWebsite: https://www.icsvillage.com/LinkedIn: https://www.linkedin.com/in/thomasvannorman/Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

community starting navigating security addressing village sec ot grimm ics cisos listen notes air national guard control systems turnkey podcast productions ot security industrial control systems ics security ics village

Thomas VanNorman: ICS Security Takes a Village - Building an OT Security Community

The PrOTect OT Cybersecurity Podcast

Play Episode Listen Later Dec 9, 2023 45:31

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Thomas VanNorman: ICS Security Takes a Village - Building an OT Security CommunityPub date: 2023-12-07About Thomas VanNorman: Thomas VanNorman, a seasoned professional with almost three decades of experience in OT, is currently leading the CyPhy Product group at GRIMM. His primary focus involves securing Industrial Control Systems and networking within this domain. Additionally, Tom is a co-founder of the ICS Village, a 501(c)(3) non-profit organization dedicated to Control System security and awareness, where he has volunteered for almost a decade. Tom retired from the Air National Guard after serving in Cyber Warfare Operations, capping off a diverse career that included working on airplane control systems for 12 years.In this episode, Aaron and Thomas VanNorman discuss:Starting up The ICS VillageNavigating the world of industrial control systemsAddressing the unique challenges of OT securityThe chicken and egg dilemma in industrial cybersecurityInsights from recent SEC actions and the role of CISOs in risk acceptanceKey Takeaways:The ICS Village, founded eight years ago, focuses on educating and raising awareness about industrial control systems (ICS) and their security, using conferences, events, and roadshows to provide hands-on experiences, non-sales discussions, and tabletop exercises, with a mission to bridge knowledge gaps, address terminology variations, and emphasize the importance of both old and new threats in the ICS space.Addressing cybersecurity challenges in the OT space, particularly with aging technology, requires a unique approach due to potential impacts on production and safety, leading to the launch of a four-year apprenticeship program initially targeting veterans to bridge the skills gap.Navigating the challenges of cybersecurity in industrial settings requires a blend of technical expertise, an understanding of operational processes, and effective risk communication, as demonstrated by the importance of bridging the gap between IT and OT and addressing vulnerabilities in a context-specific manner.In the ever-evolving landscape of cybersecurity, the role of CISOs is becoming increasingly crucial, with recent legal actions targeting them personally; however, it's essential to recognize that CISOs often lack the executive power to make decisions, highlighting the need for a shift in organizational dynamics and a deeper understanding of the risks being accepted."Our role as technologists is to explain the facts: Why does this matter? What happens if you fix it? What happens if you don't fix it? It may cost millions of dollars to fix it. It might be for an air handler that operates the warehouse, which doesn't matter much. Or it could be an air handler for that warehouse that does matter because it has to be climate-controlled. Things go south quickly. It's the same piece of hardware, the same piece of technology, but with different applications." — Thomas VanNorman Connect with Thomas VanNorman: Email: tom@icsvillage.comWebsite: https://www.icsvillage.com/LinkedIn: https://www.linkedin.com/in/thomasvannorman/Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

community starting navigating addressing village sec ot grimm ics cisos listen notes air national guard control systems turnkey podcast productions ot security industrial control systems ics security ics village

Thomas VanNorman: ICS Security Takes a Village - Building an OT Security Community

Play Episode Listen Later Dec 7, 2023 45:31

About Thomas VanNorman: Thomas VanNorman, a seasoned professional with almost three decades of experience in OT, is currently leading the CyPhy Product group at GRIMM. His primary focus involves securing Industrial Control Systems and networking within this domain. Additionally, Tom is a co-founder of the ICS Village, a 501(c)(3) non-profit organization dedicated to Control System security and awareness, where he has volunteered for almost a decade. Tom retired from the Air National Guard after serving in Cyber Warfare Operations, capping off a diverse career that included working on airplane control systems for 12 years.In this episode, Aaron and Thomas VanNorman discuss:Starting up The ICS VillageNavigating the world of industrial control systemsAddressing the unique challenges of OT securityThe chicken and egg dilemma in industrial cybersecurityInsights from recent SEC actions and the role of CISOs in risk acceptanceKey Takeaways:The ICS Village, founded eight years ago, focuses on educating and raising awareness about industrial control systems (ICS) and their security, using conferences, events, and roadshows to provide hands-on experiences, non-sales discussions, and tabletop exercises, with a mission to bridge knowledge gaps, address terminology variations, and emphasize the importance of both old and new threats in the ICS space.Addressing cybersecurity challenges in the OT space, particularly with aging technology, requires a unique approach due to potential impacts on production and safety, leading to the launch of a four-year apprenticeship program initially targeting veterans to bridge the skills gap.Navigating the challenges of cybersecurity in industrial settings requires a blend of technical expertise, an understanding of operational processes, and effective risk communication, as demonstrated by the importance of bridging the gap between IT and OT and addressing vulnerabilities in a context-specific manner.In the ever-evolving landscape of cybersecurity, the role of CISOs is becoming increasingly crucial, with recent legal actions targeting them personally; however, it's essential to recognize that CISOs often lack the executive power to make decisions, highlighting the need for a shift in organizational dynamics and a deeper understanding of the risks being accepted."Our role as technologists is to explain the facts: Why does this matter? What happens if you fix it? What happens if you don't fix it? It may cost millions of dollars to fix it. It might be for an air handler that operates the warehouse, which doesn't matter much. Or it could be an air handler for that warehouse that does matter because it has to be climate-controlled. Things go south quickly. It's the same piece of hardware, the same piece of technology, but with different applications." — Thomas VanNorman Connect with Thomas VanNorman: Email: tom@icsvillage.comWebsite: https://www.icsvillage.com/LinkedIn: https://www.linkedin.com/in/thomasvannorman/Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

community starting navigating security addressing village sec ot grimm ics cisos air national guard control systems turnkey podcast productions ot security industrial control systems ics security ics village

Don C. Weber: The Gray Area Between OT and IT

Play Episode Listen Later Dec 3, 2023 55:58

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Don C. Weber: The Gray Area Between OT and ITPub date: 2023-11-30About Don C. Weber: Don C. Weber is the Principal Consultant and Founder of Cutaway Security, LLC, an information security consulting firm based in Texas. With a master's degree in network security and a Certified Information Systems Security Professional (CISSP) certification, Don has a wealth of expertise gained over two decades. As a seasoned leader, he has spearheaded large-scale incident response efforts, overseen the certification and accreditation of classified federal and military systems, and managed distributed security teams safeguarding mission-critical Navy assets. A prolific contributor to open-source projects in the realm of information security and incident response, Don focuses his current efforts on assisting organizations in fortifying their critical infrastructure and operational technology environments through comprehensive vulnerability evaluations and strategic security solutions.In this episode, Aaron and Don C. Weber discuss:Navigating the convergence of IT and OT in cybersecurityAddressing the gray area in OT and IT collaborationEnhancing cybersecurity in control systemsEmbracing cloud technology in ICS securityKey Takeaways:Understanding the distinct languages, processes, and incident response approaches between IT and OT is crucial for effective cybersecurity in the evolving landscape, requiring a collaborative baseline to ensure efficient communication and decision-making during critical incidents.The integration of OT and IT in cybersecurity strategies is crucial, and addressing the often overlooked gray area between these domains requires proactive collaboration, communication, and education to bridge the gap and ensure a comprehensive approach to security measures.The integration of cybersecurity measures in control systems requires a holistic approach, involving clear requirements, collaboration between IT and OT experts, and a shift from the traditional "we've always done it this way" mindset to address evolving challenges and ensure the resilience and safety of critical infrastructure.As industries rapidly transition to cloud-based solutions, failure to integrate IT and OT teams, train IT professionals about OT, and prepare for potential vulnerabilities in cloud services can lead to increased costs, heightened risks, and a competitive disadvantage in the evolving landscape of ICS security."Does the OT side understand anything about cloud? No, that's not their job. Whose job is it? It's the job, right now every company has an IT admin or an IT team, a full team for managing cloud within the corporate environment. If you don't accept, if you don't allow some leadership people from those teams in and start building out your cloud team, you're going to quickly fall behind the times, you're going to be deploying solutions that are vulnerable to remote attacks." — Don C. Weber Additional Resources:SANS Industrial Control Systems Security: https://www.sans.org/industrial-control-systems-security/ICS Village: https://www.icsvillage.com/Connect with Don C. Weber: Email: don@cutawaysecurity.comWebsite: https://www.cutawaysecurity.comLinkedIn: https://www.linkedin.com/in/cutaway/GitHub: https://github.com/cutaway-securityConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

founders texas navigating llc navy ot weber github principal consultant ics gray area listen notes turnkey podcast productions ics village

Don C. Weber: The Gray Area Between OT and IT

The PrOTect OT Cybersecurity Podcast

Play Episode Listen Later Dec 3, 2023 55:58

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Don C. Weber: The Gray Area Between OT and ITPub date: 2023-11-30About Don C. Weber: Don C. Weber is the Principal Consultant and Founder of Cutaway Security, LLC, an information security consulting firm based in Texas. With a master's degree in network security and a Certified Information Systems Security Professional (CISSP) certification, Don has a wealth of expertise gained over two decades. As a seasoned leader, he has spearheaded large-scale incident response efforts, overseen the certification and accreditation of classified federal and military systems, and managed distributed security teams safeguarding mission-critical Navy assets. A prolific contributor to open-source projects in the realm of information security and incident response, Don focuses his current efforts on assisting organizations in fortifying their critical infrastructure and operational technology environments through comprehensive vulnerability evaluations and strategic security solutions.In this episode, Aaron and Don C. Weber discuss:Navigating the convergence of IT and OT in cybersecurityAddressing the gray area in OT and IT collaborationEnhancing cybersecurity in control systemsEmbracing cloud technology in ICS securityKey Takeaways:Understanding the distinct languages, processes, and incident response approaches between IT and OT is crucial for effective cybersecurity in the evolving landscape, requiring a collaborative baseline to ensure efficient communication and decision-making during critical incidents.The integration of OT and IT in cybersecurity strategies is crucial, and addressing the often overlooked gray area between these domains requires proactive collaboration, communication, and education to bridge the gap and ensure a comprehensive approach to security measures.The integration of cybersecurity measures in control systems requires a holistic approach, involving clear requirements, collaboration between IT and OT experts, and a shift from the traditional "we've always done it this way" mindset to address evolving challenges and ensure the resilience and safety of critical infrastructure.As industries rapidly transition to cloud-based solutions, failure to integrate IT and OT teams, train IT professionals about OT, and prepare for potential vulnerabilities in cloud services can lead to increased costs, heightened risks, and a competitive disadvantage in the evolving landscape of ICS security."Does the OT side understand anything about cloud? No, that's not their job. Whose job is it? It's the job, right now every company has an IT admin or an IT team, a full team for managing cloud within the corporate environment. If you don't accept, if you don't allow some leadership people from those teams in and start building out your cloud team, you're going to quickly fall behind the times, you're going to be deploying solutions that are vulnerable to remote attacks." — Don C. Weber Additional Resources:SANS Industrial Control Systems Security: https://www.sans.org/industrial-control-systems-security/ICS Village: https://www.icsvillage.com/Connect with Don C. Weber: Email: don@cutawaysecurity.comWebsite: https://www.cutawaysecurity.comLinkedIn: https://www.linkedin.com/in/cutaway/GitHub: https://github.com/cutaway-securityConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

founders texas navigating llc navy ot weber github principal consultant ics gray area listen notes turnkey podcast productions ics village

Don C. Weber: The Gray Area Between OT and IT

Play Episode Listen Later Nov 30, 2023 55:58

About Don C. Weber: Don C. Weber is the Principal Consultant and Founder of Cutaway Security, LLC, an information security consulting firm based in Texas. With a master's degree in network security and a Certified Information Systems Security Professional (CISSP) certification, Don has a wealth of expertise gained over two decades. As a seasoned leader, he has spearheaded large-scale incident response efforts, overseen the certification and accreditation of classified federal and military systems, and managed distributed security teams safeguarding mission-critical Navy assets. A prolific contributor to open-source projects in the realm of information security and incident response, Don focuses his current efforts on assisting organizations in fortifying their critical infrastructure and operational technology environments through comprehensive vulnerability evaluations and strategic security solutions.In this episode, Aaron and Don C. Weber discuss:Navigating the convergence of IT and OT in cybersecurityAddressing the gray area in OT and IT collaborationEnhancing cybersecurity in control systemsEmbracing cloud technology in ICS securityKey Takeaways:Understanding the distinct languages, processes, and incident response approaches between IT and OT is crucial for effective cybersecurity in the evolving landscape, requiring a collaborative baseline to ensure efficient communication and decision-making during critical incidents.The integration of OT and IT in cybersecurity strategies is crucial, and addressing the often overlooked gray area between these domains requires proactive collaboration, communication, and education to bridge the gap and ensure a comprehensive approach to security measures.The integration of cybersecurity measures in control systems requires a holistic approach, involving clear requirements, collaboration between IT and OT experts, and a shift from the traditional "we've always done it this way" mindset to address evolving challenges and ensure the resilience and safety of critical infrastructure.As industries rapidly transition to cloud-based solutions, failure to integrate IT and OT teams, train IT professionals about OT, and prepare for potential vulnerabilities in cloud services can lead to increased costs, heightened risks, and a competitive disadvantage in the evolving landscape of ICS security."Does the OT side understand anything about cloud? No, that's not their job. Whose job is it? It's the job, right now every company has an IT admin or an IT team, a full team for managing cloud within the corporate environment. If you don't accept, if you don't allow some leadership people from those teams in and start building out your cloud team, you're going to quickly fall behind the times, you're going to be deploying solutions that are vulnerable to remote attacks." — Don C. Weber Additional Resources:SANS Industrial Control Systems Security: https://www.sans.org/industrial-control-systems-security/ICS Village: https://www.icsvillage.com/Connect with Don C. Weber: Email: don@cutawaysecurity.comWebsite: https://www.cutawaysecurity.comLinkedIn: https://www.linkedin.com/in/cutaway/GitHub: https://github.com/cutaway-securityConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

founders texas navigating llc navy ot weber github principal consultant ics gray area turnkey podcast productions ics village

92: From Military Service to Cyber Luminary: Bryson Bort's Inspiring Journey

Control System Cyber Security Association International: (CS)²AI

Play Episode Listen Later Aug 15, 2023 57:08

Step into the cybersecurity world with Derek Harp for another riveting episode of the CS2AI podcast show! Derek has welcomed a vast array of industry titans onto the podcast, and this episode is no exception!Today's show features Bryson Bort, the CEO and luminary Founder of Scythe. Bryson's influence spans the domains he has touched, nurtured, advised, and meticulously built from the ground up. As the creator of the renowned ICS Village and the driving force behind Grimm, his story is an intricate tapestry of innovation and impact. A military veteran from the US Army, a nurturing father, a culinary maestro hosting his own show, a kayaker, a relentless charity fundraiser, and an all-around exceptional individual, Bryson embodies a remarkable depth that will most certainly captivate all listeners! Bryson spent his formative years in Germany and the Soviet Union. His linguistic journey began with German, followed by immersion language programs to master English, which was crucial for his educational pursuits. He spent his early years in Berlin until 1988, then in Moscow until 1990. His journey eventually culminated in the United States during his teenage years.Grab a seat and tune in as Derek unravels the narrative that shaped the exceptional Bryson Bort!Show highlights:How Bryson got into cybersecurity.How Bryson learned that procurement is your best friend.The importance of building relationships and providing exceptional service.Bryson shares his recommendations for working with individuals with technical backgrounds and getting them on board. The importance of understanding the business and mission of the company you work for.How cybersecurity eventually took over Bryson's career path.How Bryson got the nickname, Grimm.Bryson talks about starting his company.Bryson shares some advice for taking on new ideas.Bryson explains what the ICS Village is all about.Links and resources:(CS)²AI Derek Harp on LinkedInBryson Bort on LinkedInScytheGRIMMEpisode 79 withMegan Sanford

united states ceo founders english germany german berlin inspiring moscow cyber soviet union us army grimm military service luminary scythe bryson bort ics village

92: From Military Service to Cyber Luminary: Bryson Bort's Inspiring Journey

Tech Without Borders by DojoLIVE!

Play Episode Listen Later Aug 15, 2023 57:08

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 92: From Military Service to Cyber Luminary: Bryson Bort's Inspiring JourneyPub date: 2023-08-15Step into the cybersecurity world with Derek Harp for another riveting episode of the CS2AI podcast show! Derek has welcomed a vast array of industry titans onto the podcast, and this episode is no exception!Today's show features Bryson Bort, the CEO and luminary Founder of Scythe. Bryson's influence spans the domains he has touched, nurtured, advised, and meticulously built from the ground up. As the creator of the renowned ICS Village and the driving force behind Grimm, his story is an intricate tapestry of innovation and impact. A military veteran from the US Army, a nurturing father, a culinary maestro hosting his own show, a kayaker, a relentless charity fundraiser, and an all-around exceptional individual, Bryson embodies a remarkable depth that will most certainly captivate all listeners! Bryson spent his formative years in Germany and the Soviet Union. His linguistic journey began with German, followed by immersion language programs to master English, which was crucial for his educational pursuits. He spent his early years in Berlin until 1988, then in Moscow until 1990. His journey eventually culminated in the United States during his teenage years.Grab a seat and tune in as Derek unravels the narrative that shaped the exceptional Bryson Bort!Show highlights:How Bryson got into cybersecurity.How Bryson learned that procurement is your best friend.The importance of building relationships and providing exceptional service.Bryson shares his recommendations for working with individuals with technical backgrounds and getting them on board. The importance of understanding the business and mission of the company you work for.How cybersecurity eventually took over Bryson's career path.How Bryson got the nickname, Grimm.Bryson talks about starting his company.Bryson shares some advice for taking on new ideas.Bryson explains what the ICS Village is all about.Links and resources:(CS)²AI Derek Harp on LinkedInBryson Bort on LinkedInScytheGRIMMEpisode 79 withMegan SanfordThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

united states ceo founders english germany german berlin inspiring moscow cyber soviet union us army grimm military service luminary scythe listen notes bryson bort ics village

What Really Is the Threat in Cybersecurity?A Closer Look - Byron Bort

Play Episode Listen Later Jul 6, 2023 32:34

Who is behind the security breaches we read about, what are the motives, and what does this look like? Why do breaches keep happening and what can companies do about it? View the full video interview here. Bryson is the Founder of SCYTHE, a start-up building a next generation threat emulation platform, and GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow at the National Security Institute, Adjunct Senior Technical Advisor for Institute of Security and Technology, and an Advisor to the Army Cyber Institute. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. He was recognized as one of the Top 50 in Cyber by Business Insider, Security Executive Finalist of the Year by SC Media, and a Tech Titan in Washington DC.

Reducing Risk by addressing the Threats to your Cybersecurity program through innovative platforms, with our special guest, Bryson Bort.

Security Masterminds

Play Episode Listen Later Jun 21, 2023 46:04 Transcription Available

Check us out on our new LinkedIn Page! - https://www.linkedin.com/company/security-masterminds-podcast/Does this sound familiar? You've invested in threat intelligence data and spent countless hours analyzing it, yet you still feel vulnerable to cyber threats. Maybe you were told that having the data alone would be enough to protect your organization. But the reality is, simply having the data without knowing how to turn it into actionable insights leaves you exposed and frustrated. The pain of constantly worrying about cyber attacks and feeling powerless to stop them is all too real. In this episode, we'll show you how to transform your threat intelligence data into actionable intelligence, giving you the tools to defend against even the most sophisticated cyber threats.In this episode, you will be able to:Realize the urgency of embracing cybersecurity for your business's sustained success.Explore how actionable threat intelligence can augment your defenses against cyber adversaries.Absorb the advantages of using a joint and innovative approach to stay on top of evolving digital dangers.Discern the impact of robust communication and leadership skills in fostering a secure digital environment.Appreciate the role of attack simulation technology in unveiling security blind spots and improving protection.My special guest isBryson Bort is an accomplished cybersecurity veteran with more than two decades of experience under his belt. As the founder of Scythe, Bryson has cultivated a platform that empowers professionals in the cybersecurity space to effectively address and combat cyber threats. Simultaneously, he co-founded ICS Village, a non-profit that aims to increase knowledge and awareness of industrial control system security. With a strong background in both offensive and defensive security, Bryson's drive for constant improvement and growth has made him an influential figure within the cybersecurity community.Connect with Bryson Bort!Linkedin: https://www.linkedin.com/in/brysonbort/Twitter: https://twitter.com/brysonbortScythe: https://scythe.io/ICS Village: https://www.icsvillage.com/Testimonial for Scythe https://scythe.io/library/purple-team-approach-boosts-cybersecurityConnect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/Show Notes created with Capsho - www.capsho.com

explore threats addressing cybersecurity innovative realize platforms testimonials discern absorb scythe reducing risk capsho bryson bort ics village

Managing Risks When There Are Too Many Cooks in the Kitchen | ITSPmagazine Event Coverage: RSAC 2023 Broadcast Alley | A Conversation with Arvin Bansal and Justin Beachler | Tech Done Different Podcast With Ben Schmerler

Play Episode Listen Later Apr 30, 2023 40:21

Guests: Arvin Bansal, CISO Americas, Nissan Motor Corporation [@Nissan]On LinkedIn | https://www.linkedin.com/in/arvinbansal/Justin Beachler, Director of Trust and Security at BugCrowd [@Bugcrowd]On LinkedIn | https://www.linkedin.com/in/justin-beachler-4781177/____________________________Host: Host: Ben Schmerler, Host of Tech Done Different PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/ben-schmerler____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesThe segment is going to tie into the theme of RSAC, which is "Stronger Together." Ben's idea was to get decision makers together to discuss "Managing Security Risks When There Are Too Many Cooks In The Kitchen." More importantly, the idea is to talk about how managing security is challenging in part due to the fact that there isn't really one expert, product, service, or leader who knows all there is about security, yet we have to protect ourselves from a variety of risks anyway. We want to get into how to deal with these management and leadership challenges and hopefully get into strategy.The panel will cover:Prioritizing security risks from different security disciplines.Finding the right talent to handle these diverse risks and related expertise?What kinds of security management tasks make sense to outsource in order to achieve better results, and which require in house experts?How do you deal with the changes in how we view managing security and where do you think this is going in the future?____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Elephants in the Room: How the Pentesting and GRC Worlds Collide | ITSPmagazine Event Coverage: RSAC 2023 Broadcast Alley | A Conversation with Chaz Lever | Locked Down Podcast With Kayla Williams and Taylor Parsons

Play Episode Listen Later Apr 26, 2023 43:53

Guest: Dr. Chaz Lever, Senior Director, Security Research, Devo [@devo_Inc]On LinkedIn | https://www.linkedin.com/in/chazlever/On Twitter | https://twitter.com/chazlever____________________________Hosts: Kayla Williams, Co-Host of Locked Down PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/kayla-williamsTaylor Parsons, Co-Host of Locked Down PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/taylor-parsons____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this discussion our moderators and panelists will cover the intricacies of the deeply technical pentest capability (knowledge, actual testing pros/cons) and how the GRC function helps translate those tests and the results of them into business context to demonstrate ROI on security investments made in the cybersecurity strategy. The panel will cover:Pen testing is a necessary demonstration of controls design and implementation.Speaking in a language the business decision makers (execs, Board) understands in pertinent to building a sustainable, yet flexible cybersecurity strategy.Collaboration amongst internal red teams and external pen testing companies with GRC teams can help drive budget decisions and proven ROI.____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Bryson Bort: Security Is Defined By The Threat - Contextualizing Cyber Risks To Prioritize Security Efforts

The PrOTect OT Cybersecurity Podcast

Play Episode Listen Later Mar 31, 2023 52:40

Podcast: The PrOTect OT Cybersecurity Podcast (LS 28 · TOP 10% what is this?)Episode: Bryson Bort: Security Is Defined By The Threat - Contextualizing Cyber Risks To Prioritize Security EffortsPub date: 2023-03-30About Bryson Bort: Bryson Bort is a skilled cybersecurity professional with an impressive background as an entrepreneur and former U.S. Army Officer. He founded SCYTHE, a platform for next-generation attack emulation, and GRIMM, a cybersecurity consulting firm. Additionally, he co-founded the ICS Village, a non-profit organization dedicated to raising awareness about industrial control system security. Bryson has received numerous awards and recognitions, including being named one of the Top 50 in Cyber by Business Insider and a Tech Titan in Washington DC. He also served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom during his military career. Bryson earned his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point and completed various professional education courses in tactical communications and information assurance. With his extensive experience in the cybersecurity industry, Bryson is a respected thought leader and advisor in the field.In this episode, Aaron and Bryson Bort discuss:The challenges and cultural divide in addressing cybersecurity issues in OT, why IT security solutions don't work for OT, and why OT security is lagging behind IT securityBridging the gap between OT and IT through education, but also listening and building trust.Vulnerability management and patching versus risk mitigationRansomware in cars, geopolitical concerns, and positive developments in government efforts and regulation to support risk management in education and critical infrastructure's OT side.Key Takeaways:OT cybersecurity requires a different approach than IT cybersecurity due to the complex technical environment and the potential safety risks involved, and tools alone cannot bridge the cultural and skillset divide between OT and IT professionals.When it comes to vulnerability management, IT emphasizes patching and is often compliance driven. In OT it's important to recognize that systems in an operational environment often cannot be patched without disruption operations, so OT vulnerability management emphasizes risk mitigation, and putting safeguards around the vulnerability.Security is defined by the threat. Security is measured and validated against how well that threat is mitigated. So it's important to understand the behavioral characteristics of threats in order to take the actions that improve your security posture. Contextualizing what the security threat means to you is important for prioritization. Relatively speaking, the cybersecurity industry is still young, and the U.S. Government's cybersecurity programs are even younger. We will continue to see more development and improvements with regard to unified cybersecurity programs in the near future. "I think a lot of people forget how young this industry is and also how young the government's attempts are at this industry." — Bryson Bort Connect with Bryson Bort: Website: https://scythe.io/ and https://grimmcyber.com/Show: https://podcasts.apple.com/us/podcast/hack-the-plant/id1528852909LinkedIn: https://www.linkedin.com/in/brysonbort/Twitter: https://twitter.com/brysonbortHack the Capitol 2023: https://www.icsvillage.com/hack-the-capitol-2023Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Bryson Bort: Security Is Defined By The Threat - Contextualizing Cyber Risks To Prioritize Security Efforts

Play Episode Listen Later Mar 30, 2023 52:40

About Bryson Bort: Bryson Bort is a skilled cybersecurity professional with an impressive background as an entrepreneur and former U.S. Army Officer. He founded SCYTHE, a platform for next-generation attack emulation, and GRIMM, a cybersecurity consulting firm. Additionally, he co-founded the ICS Village, a non-profit organization dedicated to raising awareness about industrial control system security. Bryson has received numerous awards and recognitions, including being named one of the Top 50 in Cyber by Business Insider and a Tech Titan in Washington DC. He also served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom during his military career. Bryson earned his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point and completed various professional education courses in tactical communications and information assurance. With his extensive experience in the cybersecurity industry, Bryson is a respected thought leader and advisor in the field.In this episode, Aaron and Bryson Bort discuss:The challenges and cultural divide in addressing cybersecurity issues in OT, why IT security solutions don't work for OT, and why OT security is lagging behind IT securityBridging the gap between OT and IT through education, but also listening and building trust.Vulnerability management and patching versus risk mitigationRansomware in cars, geopolitical concerns, and positive developments in government efforts and regulation to support risk management in education and critical infrastructure's OT side.Key Takeaways:OT cybersecurity requires a different approach than IT cybersecurity due to the complex technical environment and the potential safety risks involved, and tools alone cannot bridge the cultural and skillset divide between OT and IT professionals.When it comes to vulnerability management, IT emphasizes patching and is often compliance driven. In OT it's important to recognize that systems in an operational environment often cannot be patched without disruption operations, so OT vulnerability management emphasizes risk mitigation, and putting safeguards around the vulnerability.Security is defined by the threat. Security is measured and validated against how well that threat is mitigated. So it's important to understand the behavioral characteristics of threats in order to take the actions that improve your security posture. Contextualizing what the security threat means to you is important for prioritization. Relatively speaking, the cybersecurity industry is still young, and the U.S. Government's cybersecurity programs are even younger. We will continue to see more development and improvements with regard to unified cybersecurity programs in the near future. "I think a lot of people forget how young this industry is and also how young the government's attempts are at this industry." — Bryson Bort Connect with Bryson Bort: Website: https://scythe.io/ and https://grimmcyber.com/Show: https://podcasts.apple.com/us/podcast/hack-the-plant/id1528852909LinkedIn: https://www.linkedin.com/in/brysonbort/Twitter: https://twitter.com/brysonbortHack the Capitol 2023: https://www.icsvillage.com/hack-the-capitol-2023Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

Adversary Emulation All The Things!

Simply Cyber

Play Episode Listen Later Feb 24, 2023 68:49

Cyber attacks are an everyday occurrence and emulation is a great way to test the efficacy of your controls but are you doing it right? Do you know where the gaps are?Join us as Bryson Bort visits to share his informed thoughts on adversary emulation, and so much more from his vast #cybersecurity career on Simply Cyber Live.Its Going to Be Epic!Bryson Bort is a significant #cybersecurity community member and CEO of Scythe, a nex-gen cyber attack emulation platform.

ICS Village Talks About ICS CTF At S4x23

Unsolicited Response Podcast

Play Episode Listen Later Jan 20, 2023 32:43

Podcast: Unsolicited Response (LS 33 · TOP 5% what is this?)Episode: ICS Village Talks About ICS CTF At S4x23Pub date: 2023-01-18Tom VanNorman and Don Weber join Dale to describe the ICS Capture The Flag competition they will be running at S4x23, Feb 13 - 16 in Miami South Beach. S4x23 web site The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

listen notes ics village don weber miami south beach

ICS Village Talks About ICS CTF At S4x23

Play Episode Listen Later Jan 18, 2023 32:43

Tom VanNorman and Don Weber join Dale to describe the ICS Capture The Flag competition they will be running at S4x23, Feb 13 - 16 in Miami South Beach. S4x23 web site

ics village don weber miami south beach

Villages, Unicorns, & the Not-So-Mythical Purple Team with SCYTHE's Bryson Bort

Hacker Valley Blue

Play Episode Listen Later Nov 3, 2022 59:53

Bryson Bort, CEO and Founder of SCYTHE, dons his unicorn getup and joins the pod this week to talk about purple teaming and building businesses with community in mind. After founding GRIMM, his first company, Bryson wanted to carve a path of purple team innovation in cyber and created SCYTHE to do just that. Along the way, Bryson saw a need to further engage the cyber community in education and accessibility, and co-founded the ICS Village to encourage training opportunities and bridge industry skill gaps. Timecoded Guide: [00:00] Transitioning from army intelligence into founding GRIMM & SCYTHE [11:38] Education, certifications, & training efforts with GRIMM & ICS Village [23:53] Data driven security efforts vs compliance checklists [32:32] Combining Plex Trac with SCYTHE & MITRE ATT&CK [41:34] OT vs IT environments & the key to understanding risks for both [50:50] Cooking up community philanthropy as the Unicorn Chef Sponsor Links: Thank you to our friends at Axonius and PlexTrac for sponsoring this episode! Life is complex. But it's not about avoiding challenges or fearing failure. Just ask adaptive athlete Amy Bream. Want to learn more about how Amy controls complexity? Watch her video at axonius.com/amy PlexTrac, the Proactive Cybersecurity Management Platform, brings red and blue teams together for better collaboration and communication. Check them out at plextrac.com/hackervalley How was the transition from Army intelligence into the world of commercial cybersecurity? Before attending West Point, Bryson had his own cybersecurity experience hacking small devices like calculators as a curious kid. He credits this early curiosity as a foundational knowledge that led him not only to a career in intelligence, but later becoming a founder of cybersecurity companies. Transitioning away from working for the government allowed Bryson to achieve a level of freedom with consulting opportunities that he previous didn't have. “From a discipline side, it's a unique experience. I couldn't get it anywhere else. That being said, working with government is working with government. I had fun with the missions, but it was time to go. I wanted to do cyber more on my own terms, which is why I founded GRIMM.” GRIMM and other projects you've worked on seem to see staff training as a priority. Why is that? As skills gaps widen and employee shortages continue, Bryson explains that companies that don't provide training opportunities for staff stand out as major barriers to entry in cyber. Bryson's previous company, GRIMM, and his current one, SCYTHE, both offer mentorship and training opportunities for team members. Expecting to hire someone with all the skills is unrealistic, Bryson explains, and training is necessary for security to manage threats. “There's more work and need than there are people, which means we need to invest in folks. Most jobs really don't come through cold calls or the web. Most jobs come through relationships. If you know somebody who's interested, help them get into your company.” Why is that “blue team vs red team” mindset so hard for security practitioners to break out of? Bryson explains that the error of security practitioners' ways lies in not seeing security as process improvement. Unfortunately, cybersecurity is still overrun by egotistical employees, relying on whiteness or masculinity to inflate their intelligence and self importance. This only succeeds in creating tension-filled environments where there is no comprehensive assurance of security. Blue teams end up overwhelmed and red teams end up frustrated. “We don't need the pen tester or the red team to just win. Sure, that feels good, but that's not the point. We cannot be ego driven, we can't be win driven, and we can't continue to just create work that we're throwing on top of people when they already have a day job.” How do we get more companies to embrace the “purple team” mindset as more than a buzzword? Sometimes, companies misunderstand the purpose of creating a purple team and force the blue and red teams into the same working space instead of having them work together. Bryson explains that business buy in and leadership focus are essential to the success of any purple team. If the business doesn't want to buy into creating that workflow and leadership doesn't care about creating a real purple team, nothing good will come of the situation. “The starting point to any purple team is leadership. If leadership doesn't care, don't bother. At the end of the day, if business doesn't buy in, it's not going to happen. The purple team process can build that momentum once you've got that, but you can't do it without that buy in.” --------------- Links: Keep up with our guest Bryson Bort on Twitter and LinkedIn Learn more about SCYTHE on LinkedIn and the SCYTHE website Thank you to our friends at Axonius and Plex Trac for sponsoring this episode! Connect with Davin Jackson on LinkedIn and Twitter Watch the live recording of this show on our YouTube Continue the conversation by joining our Discord Hear more from Hacker Valley Media and Hacker Valley Blue

ceo founders education data army cooking transitioning unicorns ot expecting west point grimm villages mythical scythe purple team axonius bryson bort hacker valley media ics village

Pipeline cybersecurity mitigation actions, contingency planning, and testing.

Control Loop: The OT Cybersecurity Podcast

Play Episode Listen Later Aug 11, 2022 41:19

Podcast: Control Loop: The OT Cybersecurity Podcast (LS 26 · TOP 10% what is this?)Episode: Pipeline cybersecurity mitigation actions, contingency planning, and testing.Pub date: 2022-08-10BlackCat ransomware gang hits Luxembourg energy company. Predatory Sparrow's assault on Iran's steel industry. MOXA issues patches for two vulnerabilities. ICS security advisories. Two security bills pass the US House. Insider threat: Spain arrests nuclear plant employees. The human risk to OT systems.Control Loop News Brief.BlackCat ransomware gang hits Luxembourg energy company.BlackCat ransomware gang hits Luxembourg energy supplier Creos (Computing)Luxembourg energy provider Encevo Group battles ransomware attack by BlackCat (Tech Monitor)BlackCat ransomware claims attack on European gas pipeline (BleepingComputer)Luxembourg energy companies struggling with alleged ransomware attack, data breach (The Record by Recorded Future) Predatory Sparrow's assault on Iran's steel industry.Predatory Sparrow: Who are the hackers who say they started a fire in Iran? (BBC News)Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents' (CyberScoop) MOXA issues patches for two vulnerabilities.Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks (SecurityWeek)Two Moxa Zerodays — ICSRange.com - Powered by En Garde Security (ICSRange.com - Powered by En Garde Security)ICS security advisories.Inductive Automation Ignition (CISA)Honeywell Safety Manager (CISA)Honeywell Saia Burgess PG5 (CISA)MOXA NPort 5110 (CISA)Mitsubishi MELSEC and MELIPC Series (Update D) (CISA)Rockwell Products Impacted by Chromium Type Confusion Vulnerability (CISA)Mitsubishi FA Engineering Software (Update B) (CISA)Mitsubishi Electric Factory Automation Engineering Software (Update C) (CISA)Mitsubishi Electric Factory Automation Products Path Traversal (Update C) (CISA)Mitsubishi Electric Factory Automation Engineering Products (Update H) (CISA)Mitsubishi Electric FA Engineering Software Products (Update F) (CISA)Delta Electronics DIAEnergie (Update C) (CISA)Delta Electronics DIAEnergie (Update C) (CISA)Security bills pass the US House.House Passes Cybersecurity Bills Focusing on Energy Sector, Information Sharing (SecurityWeek)Insider threat: Spain arrests nuclear plant employees.Spanish police arrest two accused of hacking radioactivity alert system (Record by Recorded Future)The human risk to OT systems.The 2022 State of Operational Technology (SCADAfence)Control Loop Interview.Bryson Bort from SCYTHE, on threat emulation for critical infrastructure, season 3 of Hack the Plant with the Atlantic Council, and the ICS Village at Def Con in collaboration with CISA.Bryson Bort on LinkedInControl Loop Learning Lab.Jim Gilsinn, Technical Leader at Dragos Global Services Team, discusses Security Directive Pipeline-2021-02C, pipeline cybersecurity mitigation actions, contingency planning, and testing, with Mark Urban, VP of Product Market Strategy at Dragos.Jim Gilsinn on LinkedIn Mark Urban on LinkedInU.S. Transportation Safety Administration (TSA) Pipeline Security DirectiveSubscribe to the Control Loop Newsletter here with new editions published every month.The podcast and artwork embedded on this page are from CyberWire Inc., which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Pipeline cybersecurity mitigation actions, contingency planning, and testing.

Play Episode Listen Later Aug 10, 2022 41:19

BlackCat ransomware gang hits Luxembourg energy company. Predatory Sparrow's assault on Iran's steel industry. MOXA issues patches for two vulnerabilities. ICS security advisories. Two security bills pass the US House. Insider threat: Spain arrests nuclear plant employees. The human risk to OT systems. Control Loop News Brief. BlackCat ransomware gang hits Luxembourg energy company. BlackCat ransomware gang hits Luxembourg energy supplier Creos (Computing) Luxembourg energy provider Encevo Group battles ransomware attack by BlackCat (Tech Monitor) BlackCat ransomware claims attack on European gas pipeline (BleepingComputer) Luxembourg energy companies struggling with alleged ransomware attack, data breach (The Record by Recorded Future) Predatory Sparrow's assault on Iran's steel industry. Predatory Sparrow: Who are the hackers who say they started a fire in Iran? (BBC News) Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents' (CyberScoop) MOXA issues patches for two vulnerabilities. Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks (SecurityWeek) Two Moxa Zerodays — ICSRange.com - Powered by En Garde Security (ICSRange.com - Powered by En Garde Security) ICS security advisories. Inductive Automation Ignition (CISA) Honeywell Safety Manager (CISA) Honeywell Saia Burgess PG5 (CISA) MOXA NPort 5110 (CISA) Mitsubishi MELSEC and MELIPC Series (Update D) (CISA) Rockwell Products Impacted by Chromium Type Confusion Vulnerability (CISA) Mitsubishi FA Engineering Software (Update B) (CISA) Mitsubishi Electric Factory Automation Engineering Software (Update C) (CISA) Mitsubishi Electric Factory Automation Products Path Traversal (Update C) (CISA) Mitsubishi Electric Factory Automation Engineering Products (Update H) (CISA) Mitsubishi Electric FA Engineering Software Products (Update F) (CISA) Delta Electronics DIAEnergie (Update C) (CISA) Delta Electronics DIAEnergie (Update C) (CISA) Security bills pass the US House. House Passes Cybersecurity Bills Focusing on Energy Sector, Information Sharing (SecurityWeek) Insider threat: Spain arrests nuclear plant employees. Spanish police arrest two accused of hacking radioactivity alert system (Record by Recorded Future) The human risk to OT systems. The 2022 State of Operational Technology (SCADAfence) Control Loop Interview. Bryson Bort from SCYTHE, on threat emulation for critical infrastructure, season 3 of Hack the Plant with the Atlantic Council, and the ICS Village at Def Con in collaboration with CISA. Bryson Bort on LinkedIn Control Loop Learning Lab. Jim Gilsinn, Technical Leader at Dragos Global Services Team, discusses Security Directive Pipeline-2021-02C, pipeline cybersecurity mitigation actions, contingency planning, and testing, with Mark Urban, VP of Product Market Strategy at Dragos. Jim Gilsinn on LinkedIn Mark Urban on LinkedIn Subscribe to the Control Loop Newsletter here with new editions published every month.

After More Than Two Decades, Where Are We On The Road To Better Cyber Defenses? | A Conversation With VC Bob Ackerman | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

Play Episode Listen Later Aug 8, 2022 30:22

25 years of BlackHat gatherings and related research. 20+ years of venture capital, investments, and mergers & acquisitions dedicated to CyberSecurity. That's a lot of time and presumably a lot of effort and money. So...where do we find ourselves on the road to better cyber defenses?Our guest for this episode is Bob Ackerman. Bob started AllegisCyber nearly 20 years ago with the vision to be the first venture firm to focus 100% on cyber security investing. We are experiencing a third downmarket where Bob has been as a dedicated cyber VC—a distinction shared by a select few—and he has helped hundreds of startups navigate these cycles. The geopolitical landscape, threats to civilian critical infrastructure, and heightened government involvement collectively make this market even more different, uncertain, and riddled with risk for the startups and investors new to the cyber domain. A lot has happened. But a lot has stayed the same as well. Let's explore this a bit during this chat as part of our Black Hat and DEF CON 2022 coverage.Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22____________________________GuestBob AckermanManaging Director & Founder - AllegisCyber Capital [@AllegisCyber]On LinkedIn | https://www.linkedin.com/in/bob-ackerman-a233336/On Twitter | https://twitter.com/BobAckerman____________________________This Episode's SponsorsCrowdSec | https://itspm.ag/crowdsec-b1vpEdgescan | https://itspm.ag/itspegwebPentera | https://itspm.ag/pentera-tyuw____________________________ResourcesForbes Article - New SEC Cybersecurity Reporting Requirements: What Companies Should Know About Regulations: https://www.forbes.com/sites/forbesfinancecouncil/2022/07/08/new-sec-cybersecurity-reporting-requirements-what-companies-should-know-about-regulationsForbes Article - New SEC Cybersecurity Reporting Requirements: Three Things Companies Need To Do Now: https://www.forbes.com/sites/forbesfinancecouncil/2022/05/25/new-sec-cybersecurity-reporting-requirements-three-things-companies-need-to-do-now____________________________For more Black Hat and DEF CON Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverageAre you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?

From Hackathon To Hacked: Web3's Security Journey | Chats On The Road | A Conversation With Nathan Hamiel | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

Play Episode Listen Later Aug 6, 2022 33:12

Web3 is a live experiment that is happening now. Around us. To us. By us. How will it affect privacy and security? Let's find out.In this conversation with Black Hat speaker, Nathan Hamiel, we explore the definition and promise of Web3 and its impact — positive and negative — on society.About the Session "From Hackathon to Hacked: Web3's Security Journey": If there's one prediction you can make with certainty, it's that security in the Web3/blockchain space will get a whole lot worse before it gets better. We have the perfect cocktail of inexperience mixed with emerging technology playing out in full public view with large sums at stake and the permanence of immutable transactions. The result is predictable. An environment free from constraints can seem like an innovation paradise, but when the stakes are so high, you have to get everything right the first time because there may not be a next time. We tend to forget that what we see from this space are experiments playing out in production, and the time between exploitation and losing millions of dollars worth of value can be measured in seconds. So, how did we get here? Is it all doom and gloom? What can be done?This talk is a grounded look at the factors contributing to the security failures we've witnessed, free from the hype and hatred associated with the space. We look at the similarities and differences between the development of this new technology and more traditional applications and how some of the attacks manifested. Better testing and tools aren't enough to solve the problem. We discuss actionable steps projects and chains can use today to address these issues and make the ecosystem safer for projects and users.Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22____________________________GuestNathan HamielSenior Director of Research at Kudelski Security [@KudelskiSec]On LinkedIn | https://www.linkedin.com/in/nathanhamiel/On Twitter | https://twitter.com/nathanhamiel____________________________This Episode's SponsorsCrowdSec | https://itspm.ag/crowdsec-b1vpEdgescan | https://itspm.ag/itspegwebPentera | https://itspm.ag/pentera-tyuw____________________________ResourcesSession | From Hackathon to Hacked: Web3's Security Journey: https://www.blackhat.com/us-22/briefings/schedule/index.html#from-hackathon-to-hacked-webs-security-journey-26692Kudelski Security Research Blog: https://research.kudelskisecurity.com/____________________________For more Black Hat and DEF CON Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverageAre you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?

IoT Village At DEF CON 30 | Chats On The Road | A Conversation With Rachael Tubbs | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

Play Episode Listen Later Aug 6, 2022 23:58

Everything is connected these days — from coffee machines to home security cameras to drones. And they all could use a good ole hacking. Regardless of your hacking skills level, join the IoT Village crew for good vibes and tons of stuff to get your hands on.Join us and our guest, Rachael Tubbs, as we get into the vibe of all things IoT Village at DEF CON 2022!About the IoT VillageIoT Village advocates for advancing security in the Internet of Things (IoT) industry through bringing researchers and industry together. IoT Village hosts talks by expert security researchers, interactive hacking labs, live bug hunting in the latest IoT tech, and competitive IoT hacking contests. Over the years IoT Village has served as a platform to showcase and uncover hundreds of new vulnerabilities, giving attendees the opportunity to learn about the most innovative techniques to both hack and secure IoT. IoT Village is organized by security consulting and research firm, Independent Security Evaluators (ISE), and the non-profit organization, Loudmouth Security.Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22____________________________GuestRachael TubbsMarketing and Events Lead at Independent Security Evaluators [@ISEsecurity]On LinkedIn | https://www.linkedin.com/in/rachael-tubbs-1a1085135/____________________________This Episode's SponsorsCrowdSec | https://itspm.ag/crowdsec-b1vpEdgescan | https://itspm.ag/itspegwebPentera | https://itspm.ag/pentera-tyuw____________________________ResourcesIoT Village DEF CON Schedule: https://www.iotvillage.org/defcon.htmlIoT Village website: https://www.iotvillage.org/On LinkedIn | https://www.linkedin.com/showcase/iotvillageAt DEF CON: https://forum.defcon.org/node/239789____________________________For more Black Hat and DEF CON Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverageAre you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?

ICS Village At DEF CON 30: Chats On The Road | A Conversation With Bryson Bort And Tom VanNorman | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

Play Episode Listen Later Aug 4, 2022 35:38

Podcast: ITSPmagazine (LS 36 · TOP 3% what is this?)Episode: ICS Village At DEF CON 30: Chats On The Road | A Conversation With Bryson Bort And Tom VanNorman | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco CiappelliPub date: 2022-08-03The ICS Village is one of the first DEF CON villages we ever connected with. A lot has changed over the years, including the threats faced by critical infrastructure entities around the world. Let's find out what to expect at this year's village.About the ICS VillageHigh profile industrial control system (ICS) security issues have grabbed headlines and sparked change throughout the global supply chain. The ICS Village allows defenders of any experience level to understand the unique failure modes of these systems and how to better prepare and respond to the changing threat landscape.Interactive simulated ICS environments, such as Hack the Plan(e)t and Howdy Neighbor, provide safe yet realistic environments to preserve safe, secure, and reliable operations. The ICS Village brings a compelling experience for all experience levels and types, with IT and industrial equipment. Our interactive learning approach invites you to get hands on with the equipment to build your skills.We bring you real components such as programmable logic controllers (PLC), human-machine interfaces (HMI), remote telemetry units (RTU), and actuators to simulate a realistic environment by using commonly used components throughout different industrial sectors. You will be able to connect your machine to the different industrial components and networks and try to assess these ICS devices with common security scanners to sniff the industrial traffic, and more!Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22____________________________GuestsBryson BortCo-Founder of the ICS Village [@ICS_Village]On LinkedIn | https://www.linkedin.com/brysonbortOn Twitter | https://mobile.twitter.com/brysonbortOn YouTube | https://youtube.com/c/ICSVillageTom VanNormanFounding member of the ICS VillageOn LinkedIn | https://www.linkedin.com/in/thomasvannorman/On Twitter | https://twitter.com/Tom_VanNorman____________________________This Episode's SponsorsCrowdSec | https://itspm.ag/crowdsec-b1vpEdgescan | https://itspm.ag/itspegweb____________________________ResourcesICS Village Website: https://www.icsvillage.com/ICS Village at DEF CON 30 Schedule: https://www.icsvillage.com/schedule-def-con-30ICS Village 360 Tour: https://www.exhibitstudiosmedia.com/tours/21396_ics_360_tour/____________________________For more Black Hat and DEF CON Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverageAre you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?

ICS Village At DEF CON 30: Chats On The Road | A Conversation With Bryson Bort And Tom VanNorman | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

Play Episode Listen Later Aug 3, 2022 35:38

The ICS Village is one of the first DEF CON villages we ever connected with. A lot has changed over the years, including the threats faced by critical infrastructure entities around the world. Let's find out what to expect at this year's village.About the ICS VillageHigh profile industrial control system (ICS) security issues have grabbed headlines and sparked change throughout the global supply chain. The ICS Village allows defenders of any experience level to understand the unique failure modes of these systems and how to better prepare and respond to the changing threat landscape.Interactive simulated ICS environments, such as Hack the Plan(e)t and Howdy Neighbor, provide safe yet realistic environments to preserve safe, secure, and reliable operations. The ICS Village brings a compelling experience for all experience levels and types, with IT and industrial equipment. Our interactive learning approach invites you to get hands on with the equipment to build your skills.We bring you real components such as programmable logic controllers (PLC), human-machine interfaces (HMI), remote telemetry units (RTU), and actuators to simulate a realistic environment by using commonly used components throughout different industrial sectors. You will be able to connect your machine to the different industrial components and networks and try to assess these ICS devices with common security scanners to sniff the industrial traffic, and more!Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22____________________________GuestsBryson BortCo-Founder of the ICS Village [@ICS_Village]On LinkedIn | https://www.linkedin.com/brysonbortOn Twitter | https://mobile.twitter.com/brysonbortOn YouTube | https://youtube.com/c/ICSVillageTom VanNormanFounding member of the ICS VillageOn LinkedIn | https://www.linkedin.com/in/thomasvannorman/On Twitter | https://twitter.com/Tom_VanNorman____________________________This Episode's SponsorsCrowdSec | https://itspm.ag/crowdsec-b1vpEdgescan | https://itspm.ag/itspegweb____________________________ResourcesICS Village Website: https://www.icsvillage.com/ICS Village at DEF CON 30 Schedule: https://www.icsvillage.com/schedule-def-con-30ICS Village 360 Tour: https://www.exhibitstudiosmedia.com/tours/21396_ics_360_tour/____________________________For more Black Hat and DEF CON Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverageAre you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?

ICS Village At DEF CON 30: Chats On The Road | A Conversation With Bryson Bort And Tom VanNorman | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

Play Episode Listen Later Aug 3, 2022 36:29

The ICS Village is one of the first DEF CON villages we ever connected with. A lot has changed over the years, including the threats faced by critical infrastructure entities around the world. Let's find out what to expect at this year's village.About the ICS VillageHigh profile industrial control system (ICS) security issues have grabbed headlines and sparked change throughout the global supply chain. The ICS Village allows defenders of any experience level to understand the unique failure modes of these systems and how to better prepare and respond to the changing threat landscape.Interactive simulated ICS environments, such as Hack the Plan(e)t and Howdy Neighbor, provide safe yet realistic environments to preserve safe, secure, and reliable operations. The ICS Village brings a compelling experience for all experience levels and types, with IT and industrial equipment. Our interactive learning approach invites you to get hands on with the equipment to build your skills.We bring you real components such as programmable logic controllers (PLC), human-machine interfaces (HMI), remote telemetry units (RTU), and actuators to simulate a realistic environment by using commonly used components throughout different industrial sectors. You will be able to connect your machine to the different industrial components and networks and try to assess these ICS devices with common security scanners to sniff the industrial traffic, and more!Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22____________________________GuestsBryson BortCo-Founder of the ICS Village [@ICS_Village]On LinkedIn | https://www.linkedin.com/brysonbortOn Twitter | https://mobile.twitter.com/brysonbortOn YouTube | https://youtube.com/c/ICSVillageTom VanNormanFounding member of the ICS VillageOn LinkedIn | https://www.linkedin.com/in/thomasvannorman/On Twitter | https://twitter.com/Tom_VanNorman____________________________This Episode's SponsorsCrowdSec | https://itspm.ag/crowdsec-b1vpEdgescan | https://itspm.ag/itspegwebPentera | https://itspm.ag/pentera-tyuw____________________________ResourcesICS Village Website: https://www.icsvillage.com/ICS Village at DEF CON 30 Schedule: https://www.icsvillage.com/schedule-def-con-30ICS Village 360 Tour: https://www.exhibitstudiosmedia.com/tours/21396_ics_360_tour/____________________________For more Black Hat and DEF CON Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverageAre you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?

Blue Team Village At DEF CON 30 | Chats On The Road | A Conversation With muteki And OMENScan | Black Hat 2022 And DEF CON 30 Las Vegas Event Coverage | Redefining CyberSecurity Podcast With Sean Martin And Marco Ciappelli

Play Episode Listen Later Aug 3, 2022 37:45

Sometimes the best offense is a good defense. The Blue Team Village aims to bring an amazing experience to DEF CON where the community joins together to hack the defensive side of security: mindset, techniques, tools, mentoring, and more.About the Blue Team VillageBlue Team Village (our friends just call us BTV) is both a place and a community built for and by defenders. It's a place to gather, talk, share, and learn from each other about the latest tools, technologies, and tactics that our community can use to detect attackers and prevent them from achieving their goals. Whether we are in the same physical space, or in the ether, BTV is a place for encouraging, teaching, and supporting Blue Teamers.We will have plenty of defender focused sessions held throughout the year. Don't forget to hang out in the Discord channels to ask questions, catch up with old friends, and meet new ones.BTV promises to be a firehose of Blue Team learning, sharing, and fun for the defenders who build things, defend things, and innovate. Come celebrate the other side of the hacking mirror with us. We'll keep a blue light on for you!Be sure to catch all of our conversations from Black Hat and DEF CON 2022 at https://www.itspm.ag/bhdc22____________________________GuestsCassandra Young (muteki)Director at the Blue Team Village [@BlueTeamVillage]On LinkedIn | https://www.linkedin.com/in/cassandrayOn Twitter | https://twitter.com/muteki_rtwOn YouTube | https://www.youtube.com/blueteamvillageDavid Porco (Quix0te/OMENScan)Director at the Blue Team Village [@BlueTeamVillage]On LinkedIn | https://www.linkedin.com/in/dporco/On Twitter | https://twitter.com/OMENScan____________________________This Episode's SponsorsCrowdSec | https://itspm.ag/crowdsec-b1vpEdgescan | https://itspm.ag/itspegwebPentera | https://itspm.ag/pentera-tyuw____________________________ResourcesBlue Team Village DEF CON Schedule: https://dc30.blueteamvillage.org/call-for-content-2022/schedule/#Blue Team Village website: https://blueteamvillage.org/On LinkedIn | https://www.linkedin.com/company/the-blue-team-village/At DEF CON: https://forum.defcon.org/node/239819____________________________For more Black Hat and DEF CON Event Coverage podcast and video episodes visit: https://www.itspmagazine.com/black-hat-2022-and-def-con-hacker-summer-camp-las-vegas-usa-cybersecurity-event-and-conference-coverageAre you interested in telling your story in connection with Black Hat and DEF CON by sponsoring our coverage?

40: ICS Village and Why You Should Attend DefCon with Bryson Bort and Tom VanNorman

Control System Cyber Security Association International: (CS)²AI

Play Episode Listen Later Jun 3, 2022 24:11

Podcast: Control System Cyber Security Association International: (CS)²AIEpisode: 40: ICS Village and Why You Should Attend DefCon with Bryson Bort and Tom VanNormanPub date: 2022-05-31Today, we got a special episode to highlight a really neat initiative that's been in the works for awhile. My guests are Bryson Bort and Tom VanNorman.Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow with the Atlantic Council's Cyber Statecraft Initiative, the National Security Institute, and an Advisor to the Army Cyber Institute. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. He was recognized as one of the Top 50 in Cyber in 2020 by Business Insider.Tom leads the CyPhy Product group at GRIMM, where his primary focus is securing Industrial Control Systems and the networking of such systems. Tom brings an unparalleled level of operational knowledge and experience, as he has been working in the Operational Technology (OT) field for almost three decades. He also has considerable knowledge in constructing Cyber Physical testing environments for OT systems.Tom co-founded the ICS Village, a non-profit organization focused on Control System security and awareness. He is also retired from the Air National Guard, where he worked in Cyber Warfare Operations.ICS Village is holding Def Con 29, a 100% virtual event that takes place Aug 6th-8th. There are sessions and workshops covering all aspects of ICS. Show Highlights:How ICS Village was startedThe original 2 events - RSA and DefConGRIMM and their involvement in ICS VillageWhy no one was thinking about Industrial control systems before ICS VillageThe artwork that started it allAll of the events that ICS Village has throughout the yearHow the pandemic changed DefCon and the other ICS Village eventsThe birth of Hack the Plant PodcastCapture the Flag and what we can learn from itHighlights of DefCon Table Talks and other sessionsLinks:CS2AI.orgICS VillageDefCon Event happening Aug 6-8The podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

40: ICS Village and Why You Should Attend DEF CON with Bryson Bort and Tom VanNorman

Play Episode Listen Later May 31, 2022 25:16

Today, we've got a special episode to highlight a really neat initiative that's been in the works for awhile. My guests are Bryson Bort and Tom VanNorman. Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow with the Atlantic Council's Cyber Statecraft Initiative, the National Security Institute, and an Advisor to the Army Cyber Institute. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. He was recognized as one of the Top 50 in Cyber in 2020 by Business Insider. Tom leads the CyPhy Product group at GRIMM, where his primary focus is securing Industrial Control Systems and the networking of such systems. Tom brings an unparalleled level of operational knowledge and experience, as he has been working in the Operational Technology (OT) field for almost three decades. He also has considerable knowledge in constructing Cyber Physical testing environments for OT systems. Tom co-founded the ICS Village, a non-profit organization focused on Control System security and awareness. He is also retired from the Air National Guard, where he worked in Cyber Warfare Operations. ICS Village is holding Def Con 29, a 100% virtual event that takes place Aug 6th-8th. There are sessions and workshops covering all aspects of ICS. Show Highlights: How ICS Village was started The original 2 events - RSA and DefCon GRIMM and their involvement in ICS Village Why no one was thinking about Industrial control systems before ICS Village The artwork that started it all All of the events that ICS Village has throughout the year How the pandemic changed DefCon and the other ICS Village events The birth of Hack the Plant Podcast Capture the Flag and what we can learn from it Highlights of Def Con Table Talks and other sessions Links: https://cs2ai.org/ (CS2AI.org) https://www.icsvillage.com/ (ICS Village) https://www.icsvillage.com/schedule-def-con-29 (DefCon Event happening Aug 6-8) Mentioned in this episode: Our Sponsors: We'd like to thank our sponsors for their faithful support of this podcast. Without their support we would not be able to bring you this valuable content. We'd appreciate it if you would support these companies because they support us! Network Perception Waterfall Security Tripwire KPMG Cyber Join CS2AI Join the largest organization for cybersecurity professionals. Membership has its benefits! We keep you up to date on the latest cybersecurity news and education. https://cs2ai.captivate.fm/cs2ai (Preroll Membership)

EP 45: Hacking Industrial Control Systems

The Hacker Mind

Play Episode Listen Later Apr 26, 2022 51:10

Can criminal hackers shut down a city's electrical grid? Well, nothing's impossible. But how might it actually happen? And how might we defend ourselves? Tom Van Norman, co-founder of the ICS Village, joins The Hacker Mind to share the group's upcoming plans for RSAC and DEF CON, where they will again present present virtual scenarios and hands on physical models of industrial control systems in order to expose hackers to their inner workings and to provide them with best practices to prevent potential threats to health, life, and safety.

hacking defcon rsac industrial control systems ics village

Tom VanNorman on OT Cybersecurity Skills Gap

Aperture: A Claroty Podcast

Play Episode Listen Later Jan 12, 2022 40:04

Podcast: Aperture: A Claroty PodcastEpisode: Tom VanNorman on OT Cybersecurity Skills GapPub date: 2022-01-12ICS Village cofounder Tom VanNorman joins the Aperture podcast to discuss the recently announced Cybersecurity & Industrial Infrastructure Security Apprenticeship Program that aims to improve cybersecurity knowledge within operational technology. ICS Village is part of a consortium behind this apprenticeship program along with Siemens Energy, SANS Institute, and a number of academic institutions. The aim is to integrate academic classes, training, and real-world job rotations at leading industrial companies. Tom also discusses the next iteration of ICS Village at the upcoming RSA Conference in June. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

cybersecurity aperture skills gap listen notes rsa conference sans institute claroty ics village

Tom VanNorman on OT Cybersecurity Skills Gap

Play Episode Play 57 sec Highlight Listen Later Jan 12, 2022 40:04

ICS Village cofounder Tom VanNorman joins the Aperture podcast to discuss the recently announced Cybersecurity & Industrial Infrastructure Security Apprenticeship Program that aims to improve cybersecurity knowledge within operational technology. ICS Village is part of a consortium behind this apprenticeship program along with Siemens Energy, SANS Institute, and a number of academic institutions. The aim is to integrate academic classes, training, and real-world job rotations at leading industrial companies. Tom also discusses the next iteration of ICS Village at the upcoming RSA Conference in June.

cybersecurity aperture skills gap rsa conference sans institute ics village

Tom Pace on SBOMs for ICS and OT

Aperture: A Claroty Podcast

Play Episode Listen Later Aug 24, 2021 48:58

Podcast: Aperture: A Claroty PodcastEpisode: Tom Pace on SBOMs for ICS and OTPub date: 2021-08-22Tom Pace, founder of security company NetRise joins Claroty's Aperture Podcast to discuss SBOMs, or software bill of materials, and how they can be leveraged to improve industrial control system and operational technology cybersecurity. SBOMs are analogous to ingredient labels on food products, or parts lists for automobiles. Yet for ICS and OT equipment, they are a rarity. That lack of visibility into software and firmware components puts organizations at risk in the event of an incident, or can hamper risk management efforts. Pace discusses the value proposition of SBOMs, how they can be created and consumed inside industrial enterprises, and takes down some misconceptions vendors and buyers may have around SBOMs giving attackers a network roadmap, or leaking intellectual property secrets. Pace also covered this subject in a talk at the recent ICS Village at DEFCON. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

pace ot defcon ics listen notes sboms claroty ics village

Tom Pace on SBOMs for ICS and OT

Play Episode Play 35 sec Highlight Listen Later Aug 22, 2021 48:58

Tom Pace, founder of security company NetRise joins Claroty's Aperture Podcast to discuss SBOMs, or software bill of materials, and how they can be leveraged to improve industrial control system and operational technology cybersecurity. SBOMs are analogous to ingredient labels on food products, or parts lists for automobiles. Yet for ICS and OT equipment, they are a rarity. That lack of visibility into software and firmware components puts organizations at risk in the event of an incident, or can hamper risk management efforts. Pace discusses the value proposition of SBOMs, how they can be created and consumed inside industrial enterprises, and takes down some misconceptions vendors and buyers may have around SBOMs giving attackers a network roadmap, or leaking intellectual property secrets. Pace also covered this subject in a talk at the recent ICS Village at DEFCON.

pace ot defcon ics sboms claroty ics village

Signals From The Villages | DEF CON 29 — ICS Village | What The Frak Is A PLC? | A Conversation With Bryson Bort | The National Blast With Keenan Skelly

Play Episode Listen Later Jul 26, 2021 25:57

Critical Infrastructure is the ground floor for all things built in our society. Every sector is built upon the rules of Cyber. Learn more about the ICS Village._______________________GuestBryson BortOn Linkedin

Episode 68: Scythe CEO Bryson Bort on Enhancing Security with Realistic Adversary Emulation

OODAcast

Play Episode Listen Later May 28, 2021 58:30

Bryson Bort is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a boutique cybersecurity consultancy. He is widely known in the cybersecurity community for helping advance concepts of defense across multiple critical domains. He is the co-founder of the ICS Village, a non-profit advancing awareness of industrial control system security. Bryson is also a Senior Fellow for Cybersecurity and National Security at R Street and the National Security Institute and an Advisor to the Army Cyber Institute. In this OODAcast we examine approaches Bryson has seen make positive differences in evaluating and mitigating risks to enterprises, specifically in the domain of adversary emulation. The discussion covers: A practitioner's view of the state of cybersecurity The demise of the perimeter as a security control What leaders need to know to mitigate risk Attack, Detect and Response tools and how their automation can help continuously mitigate risks Mitre ATT&CK and how to use it to help frustrate adversaries Assisting Blue Teams, Purple Teams and Red Teams with tooling The use of cyber threat intelligence to inform automated adversary emulation More on cybersecurity: Ransomware: An update on the nature of the threat The technology of ransomware has evolved in sophistication and the business models of the criminal groups behind it have as well. The result: The threat from ransomware has reached pandemic proportions. This post provides an executive level overview of the nature of this threat. It is designed to be read as an introduction to our accompanying post on how to mitigate the threat of ransomware to your organization. See: Ransomware, an update on the nature of the threat China's Plan for Countering Weaponized Interdependence In an article entitled “The international environment and countermeasures of network governance during the “14th Five-Year Plan” period” by Xu Xiujun (徐秀军) in the February 27, 2021 edition of China Information Security, we see the continuation of China's concerns over Weaponized Interdependence and China's desire to shape a global technology and economic environment that is less influenced by Western power. Xiujun identifies concerns in several interconnected areas including cybersecurity, economic centralization, and advancement in technologies like AI, Quantum, and 5G. See: China's Plan for Countering Weaponized Interdependence If SolarWinds Is a Wake-Up Call, Who's Really Listening? As the U.S. government parses through the Solar Winds software supply chain breach, many questions still remain as to the motive, the entities targeted, and length of time suspected nation state attackers remained intrenched unseen by the victims. The attack stands at the apex of similar breaches in not only the breadth of organizations compromised (~18,000), but how the attack was executed. See: If SolarWinds Is a Wake-Up Call, Who's Really Listening? Russian Espionage Campaign: SolarWinds The SolarWinds hacks have been described in every media outlet and new source, making this incident perhaps the most widely reported cyber incident to date. This report provides context on this incident, including the “so-what” of the incident and actionable insights into what likely comes next. Russian Espionage Campaign: SolarWinds The Cyber Threat to NASA Artemis Program: NASA is enabling another giant leap for humanity. With the Artemis program, humans will return to the Moon in a way that will enable establishment of gateways to further exploration of not just the Moon but eventually the entire solar system. The initial expenses of the program will return significant advances for scientific understanding and tangible economic returns. As Artemis continues, the project will eventually deliver improvements for humanity that as of yet have only been dreamed of. But there are huge threats. For more see: The Cyber Threat To Artemis Security In Space and Security of Space: The last decade has seen an incredible increase in the commercial use of space. Businesses and individual consumers now leverage space solutions that are so integrated into our systems that they seem invisible. Some of these services include: Communications, including very high-speed low latency communications to distant and mobile users. Learn more at: OODA Research Report: What Business Needs To Know About Security In Space Also see: Is Space Critical Infrastructure, and the special report on Cyber Threats to Project Artemis, and Mitigating Threats To Commercial Space Satellites

A Conversation With Bryson Bort | Candid CyberSec Podcast With Vandana Verma

Play Episode Listen Later Mar 16, 2021 15:43

Podcast: ITSPmagazine Podcast (LS 34 · TOP 5% what is this?)Episode: A Conversation With Bryson Bort | Candid CyberSec Podcast With Vandana VermaPub date: 2021-03-15Today we have a very special guest with us, Bryson Bort. Bryson is an army veteran and served as an officer in the US army. On the episode, we talked about what he has achieved with building a great team and a great culture and a commitment to giving back to the Community.In his free time, Bryson does huge amounts of work with ICS Village alongside Tom Norman, as he works with industrial control systems. They have been demonstrating the different kinds of breaches for several years in the village.Checkout this conversation to know more about the projects he is working on and the incredible initiatives with ICS Village."If you commit to a non-profit initiative, be determined to support"—Bryson BortGuestBryson Bort, Co-Founder, ICS Village (@brysonbort on Twitter)HostVandana VermaThis Episode’s Sponsors:If you’d like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsResources:Learn more about the ISC Village: https://www.icsvillage.com/For more podcast stories from Candid CyberSec With Vandana Verma: https://www.itspmagazine.com/candid-cybersec-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorshipsThe podcast and artwork embedded on this page are from ITSPmagazine, Marco Ciappelli, Sean Martin, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

community co founders checkout candid verma listen notes vandana sean martin cybersec bryson bort ics village tom norman

A Conversation With Bryson Bort | Candid CyberSec Podcast With Vandana Verma

Play Episode Listen Later Mar 15, 2021 15:43

Today we have a very special guest with us, Bryson Bort. Bryson is an army veteran and served as an officer in the US army. On the episode, we talked about what he has achieved with building a great team and a great culture and a commitment to giving back to the Community.In his free time, Bryson does huge amounts of work with ICS Village alongside Tom Norman, as he works with industrial control systems. They have been demonstrating the different kinds of breaches for several years in the village.Checkout this conversation to know more about the projects he is working on and the incredible initiatives with ICS Village."If you commit to a non-profit initiative, be determined to support"—Bryson BortGuestBryson Bort, Co-Founder, ICS Village (@brysonbort on Twitter)HostVandana VermaThis Episode's Sponsors:If you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsResources:Learn more about the ICS Village: https://www.icsvillage.com/For more podcast stories from Candid CyberSec With Vandana Verma: https://www.itspmagazine.com/candid-cybersec-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

The Future of War with P.W. Singer

Play Episode Listen Later Sep 1, 2020 38:47

Podcast: Hack the PlantEpisode: The Future of War with P.W. SingerPub date: 2020-08-31Learn more about the R Street Institute at www.rstreet.org and follow them on Twitter @RSI. Learn more about ICS Village at www.icsvillage.com and follow them on Twitter @ICS_Village. Learn more about P.W. Singer at www.pwsinger.com and follow him on Twitter @peterwsinger. He is strategist and senior fellow at New America and the author of several books including Ghost Fleet, Burn-in, LikeWar, Wired for War, Corporate Warriors, and others. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

war burn singer wired new america listen notes r street institute ghost fleet bryson bort ics village

The Future of War with P.W. Singer

Hack the Plant

Play Episode Listen Later Aug 31, 2020 38:47

“Our dependence on connected technology is growing faster than our ability to secure it, especially in areas affecting public safety and human life.” Author and strategist P.W. Singer examines the future of war, and explains the difficulty in securing critical infrastructure against cyber attacks and technologies that are cheaper and easier for foreign and non-state actors to acquire. He also discusses how he uses the "technothriller" novel type to communicate his nonfiction research to more audiences.---Learn more about the R Street Institute at www.rstreet.org and follow them on Twitter @RSI. Learn more about ICS Village at www.icsvillage.com and follow them on Twitter @ICS_Village. Learn more about P.W. Singer at www.pwsinger.com and follow him on Twitter @peterwsinger. He is strategist and senior fellow at New America and the author of several books including Ghost Fleet, Burn-in, LikeWar, Wired for War, Corporate Warriors, and others.

technology war burn singer cybersecurity wired cyberspace new america critical infrastructure r street institute ghost fleet ics village

ICS Village & CISA Talk DEFCON And The Future Of Critical Infrastructure | Bryson Bort & Bryan Ware

Play Episode Listen Later Aug 6, 2020 40:58

Podcast: ITSPmagazine | Technology. Cybersecurity. Society.Episode: ICS Village & CISA Talk DEFCON And The Future Of Critical Infrastructure | Bryson Bort & Bryan WarePub date: 2020-08-04Stories From Our Event Coverage And From Around The World Sometimes we are there, sometimes we are not — either way, we still get the best stories. ICS Village & CISA Talk DEFCON And The Future Of Critical Infrastructure | Bryson Bort & Bryan Ware | DEFCON 2020 #SafeMode Event Coverage Guests: - Bryan Ware, CISA - Bryson Bort, Co-Founder ICS Village People around the world rely on local, state, national - and sometimes international - services enabled by critical infrastructure and related devices, systems, and applications. Sometimes they realize it - sometimes not. Many times, the services are taken for granted, only noticed when they go offline or otherwise malfunction. The bottom line, humanity id dependent upon critical infrastructure and we need to take an active role to ensure all stakeholders and leaders recognize the cyber risk it possesses such that proper risk mitigation, attack protection and incident response measures are identified and implemented. That's the goal both of our guests are driving during this conversation: Bryan Ware from the government, public sector perspective, and Bryson Bort from the commercial, private sector perspective. As was evident during the conversation the current and future states of cybersecurity for our IT, OT, ICS and critical infrastructure at large depends on raising awareness, support research, enabling security-by-design at the directly at development layer, and interconnectivity between critical infrastructure elements (water, power, health, travel, etc.) AND between critical infrastructure constituents (government, academia, commercial, and society). There's too much to recap here in this very important conversation. Have a listen, enjoy, share, and then spend some time with the ICS Village team and the CISA team as the conversations continue in both places. Of course, we'll be part of those conversations as well - it's far too important a topic to sit this one out. ______________________________ Learn more about this channel's sponsors: - Cequence: itspm.ag/itspcequweb - ReversingLabs: itspm.ag/itsprvslweb - Semperis: itspm.ag/itspsempweb Be sure to catch all of our DEFCON #SafeMode 2020 Coverage here: https://www.itspmagazine.com/itspmagazine-event-coverage Interested in sponsoring our coverage? You can explore podcast sponsorship options here: https://www.itspmagazine.com/podcast-series-sponsorshipsThe podcast and artwork embedded on this page are from ITSPmagazine | Technology. Cybersecurity. Society., which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

society cybersecurity ot coverage ware defcon cisa ics listen notes critical infrastructure bryson bort semperis reversinglabs ics village

ICS Village & CISA Talk DEFCON And The Future Of Critical Infrastructure | Bryson Bort & Bryan Ware

info@theworkforceshow.com

Play Episode Listen Later Aug 4, 2020 40:58

Stories From Our Event Coverage And From Around The World Sometimes we are there, sometimes we are not — either way, we still get the best stories. ICS Village & CISA Talk DEFCON And The Future Of Critical Infrastructure | Bryson Bort & Bryan Ware | DEFCON 2020 #SafeMode Event Coverage Guests: - Bryan Ware, CISA - Bryson Bort, Co-Founder ICS Village People around the world rely on local, state, national - and sometimes international - services enabled by critical infrastructure and related devices, systems, and applications. Sometimes they realize it - sometimes not. Many times, the services are taken for granted, only noticed when they go offline or otherwise malfunction. The bottom line, humanity id dependent upon critical infrastructure and we need to take an active role to ensure all stakeholders and leaders recognize the cyber risk it possesses such that proper risk mitigation, attack protection and incident response measures are identified and implemented. That's the goal both of our guests are driving during this conversation: Bryan Ware from the government, public sector perspective, and Bryson Bort from the commercial, private sector perspective. As was evident during the conversation the current and future states of cybersecurity for our IT, OT, ICS and critical infrastructure at large depends on raising awareness, support research, enabling security-by-design at the directly at development layer, and interconnectivity between critical infrastructure elements (water, power, health, travel, etc.) AND between critical infrastructure constituents (government, academia, commercial, and society). There's too much to recap here in this very important conversation. Have a listen, enjoy, share, and then spend some time with the ICS Village team and the CISA team as the conversations continue in both places. Of course, we'll be part of those conversations as well - it's far too important a topic to sit this one out. ______________________________ Learn more about this channel's sponsors: - Cequence: itspm.ag/itspcequweb - ReversingLabs: itspm.ag/itsprvslweb - Semperis: itspm.ag/itspsempweb Be sure to catch all of our DEFCON #SafeMode 2020 Coverage here: https://www.itspmagazine.com/itspmagazine-event-coverage Interested in sponsoring our coverage? You can explore podcast sponsorship options here: https://www.itspmagazine.com/podcast-series-sponsorships

ot coverage ware defcon cisa ics critical infrastructure bryson bort semperis reversinglabs ics village

Bryson Bort-Founder of SCYTHE, a Cyber Company

Play Episode Listen Later Jun 24, 2019 25:54

Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a boutique cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a National Security Institute Fellow. Prior, Bryson led an elite offensive capabilities development group. As a U.S. Army Officer, Bryson was a tank commander and led a tactical communications platoon. He served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. Brysonreceived his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point. He holds a Master's Degree in Telecommunications Management from the University of Maryland, a Master's in Business Administration from the University of Florida, and completed graduate studies in Electrical Engineering and Computer Science at the University of Texas. Hosts: Jeremy Haas and Olga Polishchuk, TWFS-Cyber Edition Sponsor: LookingGlassCyber

university founders texas master science co founders army bachelor maryland captain degree cyber computer science business administration west point grimm electrical engineering operation iraqi freedom united states military academy scythe army officer bryson bort ics village telecommunications management

RSA Conference / ICS Village Report