Podcasts about industrial control systems ics

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: The Intersection of AI, OT, and Cybersecurity with Sulaiman AlhasawiPub date: 2025-03-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by Sulaiman Alhasawi, a cybersecurity expert based in Kuwait. Sulaiman shares his journey into OT security, beginning with his PhD research in Liverpool and leading to his creation of ICSrank.com, a search engine for OT devices.    The discussion gets into individuals' unique cybersecurity paths, emphasizing the importance of learning from diverse experiences. They explore the challenges asset owners face in understanding vulnerabilities, the role of AI in cybersecurity, and the international perspective on OT security.    Throughout the episode, Aaron and Sulaiman highlight the significance of community, knowledge sharing, and taking actionable steps to improve cybersecurity posture in critical infrastructure. Whether you're an industry veteran or a newcomer, this episode is packed with insights and practical advice to help you protect it all.   Key Moments:  01:10 Sharing Diverse Experiences 05:44 Simplifying Asset Management Challenges 08:15 Action Transforms Ideas to Value 11:44 Unexpected Targets in Cyber Attacks 13:20 "Obscurity Isn't Security" 16:50 Simplifying Cybersecurity Communication 21:12 Unintended Internet Exposure Risks 24:49 Podcasting for Community Impact 28:53 OT's Vital Role in Hospitals 32:26 Diverse Experiences in Power Plants 35:54 OT Data Integration Priorities 36:55 Prioritizing Safety Over Immediate Updates 42:10 Global Business Resource Allocation Challenges 46:08 Finding Our Podcast & Resources 47:25 Global Unity in Shared Struggles   About The Guest :    Sulaiman Alhasawi is an active researcher  in ICS/OT cybersecurity, with a PhD specializing in securing critical infrastructure. He is the founder of ICSrank.com, a platform dedicated to discovering and assessing security risks in Industrial Control Systems (ICS), Operational Technology (OT), and Industrial IoT. As the host of the ICS Arabia Podcast, Sulaiman brings together global experts to discuss cutting-edge topics in OT security, bridging the gap between research, industry, and real-world cyber threats. His latest research, "How to Find Water Systems on the Internet", was featured in SecurityWeek magazine, shedding light on OSINT techniques used to uncover vulnerable water infrastructure. (Read it here: https://zerontek.com/zt/2024/09/30/how-to-find-water-systems-on-the-internet-a-guide-to-ics-ot-osint/) Follow Sulaiman for insights on ICS/OT security, threat intelligence, and ethical hacking:   ICSrank Website: ICSrank.com ICS Arabia Podcast (X): https://www.youtube.com/@icsarabiapodcast Twitter (X): @alhasawi Linkedin : https://www.linkedin.com/in/alhasawi   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4  The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: Rapid7's Approach to ICS and OT Security: Lessons from the FieldPub date: 2024-12-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJoin Derek Harp and his guests from Rapid7—Lonnie Best, William Price, and Nicholas Butcher—as they delve into the critical challenges and exciting opportunities within the Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity landscape. Recorded live at Hack the Capitol 7.0, this episode highlights the growing demand for OT cybersecurity, innovative approaches to managing threats, and the evolving dynamics between IT and OT professionals.In this episode, the panel discusses real-world examples of managing ICS threats, the nuances of integrating OT into traditional IT security frameworks, and the importance of trust and communication in bridging gaps between teams. Learn how managed security services are adapting to meet the unique demands of OT environments and why collaboration across roles and expertise is essential.Whether you're a seasoned professional or new to the field, this episode offers actionable insights and inspiring stories that highlight the importance of securing critical infrastructure in today's evolving threat landscape. Visit cs2ai.org to learn more about resources, events, and professional development opportunities in OT and ICS cybersecurity.The podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Join Derek Harp and his guests from Rapid7—Lonnie Best, William Price, and Nicholas Butcher—as they delve into the critical challenges and exciting opportunities within the Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity landscape. Recorded live at Hack the Capitol 7.0, this episode highlights the growing demand for OT cybersecurity, innovative approaches to managing threats, and the evolving dynamics between IT and OT professionals.In this episode, the panel discusses real-world examples of managing ICS threats, the nuances of integrating OT into traditional IT security frameworks, and the importance of trust and communication in bridging gaps between teams. Learn how managed security services are adapting to meet the unique demands of OT environments and why collaboration across roles and expertise is essential.Whether you're a seasoned professional or new to the field, this episode offers actionable insights and inspiring stories that highlight the importance of securing critical infrastructure in today's evolving threat landscape. Visit cs2ai.org to learn more about resources, events, and professional development opportunities in OT and ICS cybersecurity.

In Episode 123 of Reimagining Cyber, Rob and the team dives into the complex world of cybersecurity for Industrial Control Systems (ICS) and Operational Technology (OT). Reflecting on insights from recent conversations with industry experts like Eric O'Neill and Tiffany Snyder, the show explores the evolving risks, vulnerabilities, and essential security measures in these critical infrastructure environments. They discuss the role of threat intelligence, the growing need for tailored incident response plans, and the challenges of securing legacy systems against modern cyber threats. Rob also unpacks findings from the latest SANS ICS/OT Cybersecurity Survey, shedding light on current trends such as cloud adoption, AI integration, and the ongoing struggle to bridge IT and OT security gaps. With potential threats looming, this episode underscores the urgent need to strengthen defenses across critical industries.SANS ICS/OT Cybersecurity Survey:https://www.sans.org/white-papers/sans-2024-state-ics-ot-cybersecurity/Previous episodes mention in this edition:From Espionage to Cybersecurity: Lessons from an FBI Legend - Ep 120 with Eric O'Neill Critical Infrastructure Under Siege: Cyber Threats and Counterintelligence - Ep 121 with Eric O' NeillCybersecurity in Orbit: NASA's Digital Defense - Ep 117 with Tiffany SnyderNew Perspectives in Cyber - Ep 23 with Brett HarrisEnergizing Cybersecurity - Ep 60 with Virginia 'Ginger' WrightFollow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

Podcast: Error Code (LS 26 · TOP 10% what is this?)Episode: EP 49: Hacking Android-Based ICS DevicesPub date: 2024-11-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybercriminal tactics against ICS include direct threats against individuals for MFA credentials, sometimes escalating to physical violence if they won't share. Jim Coyle, US Public Sector CTO for Lookout, warns about the increasing use of Android in critical Industrial Control Systems (ICS), such as HVAC systems, and how stealing MFA tokens from mobile devices could affect critical services like healthcare, finance, and water supply, depending on the goals of the attackers. The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Cybercriminal tactics against ICS include direct threats against individuals for MFA credentials, sometimes escalating to physical violence if they won't share. Jim Coyle, US Public Sector CTO for Lookout, warns about the increasing use of Android in critical Industrial Control Systems (ICS), such as HVAC systems, and how stealing MFA tokens from mobile devices could affect critical services like healthcare, finance, and water supply, depending on the goals of the attackers.

Industrial Control Systems (ICS) and Operational Technology (OT) used to stand apart from traditional IT. But those worlds are converging, and IT pros, including infosec teams and network engineers, need to become familiar with the operational challenges and quirks of ICS/OT systems. On today’s Packet Protector, guest Mike Holcomb demystifies ICS and OT for IT... Read more »

Industrial Control Systems (ICS) and Operational Technology (OT) used to stand apart from traditional IT. But those worlds are converging, and IT pros, including infosec teams and network engineers, need to become familiar with the operational challenges and quirks of ICS/OT systems. On today’s Packet Protector, guest Mike Holcomb demystifies ICS and OT for IT... Read more »

Recent years have been pivotal in the field of Industrial Control Systems (ICS) security, with a large number of high-profile attacks exposing the lack of a design-for-security initiative in ICS. The evolution of ICS abstracting the control logic to a purely software level hosted on a generic OS, combined with hyperconnectivity and the integration of popular open source libraries providing advanced features, have expanded the ICS attack surface by increasing the entry points and by allowing traditional software vulnerabilities to be repurposed to the ICS domain. In this seminar, we will shed light to the security landscape of modern ICS, dissecting firmware from the dominant vendors and motivating the need of employing appropriate vulnerability assessment tools. We will present methodologies for blackbox fuzzing of modern ICS, both directly using the device and by using the development software. We will then proceed with methodologies on hotpatching, since ICS cannot be easily restarted in order to patch any discovered vulnerabilities. We will demonstrate our proposed methodologies on various critical infrastructure testbeds. About the speaker: Michail (Mihalis) Maniatakos is an Associate Professor of Electrical and Computer Engineering at New York University (NYU) Abu Dhabi, UAE, and a Research Associate Professor at the NYU Tandon School of Engineering, New York, USA. He is the Director of the MoMA Laboratory (nyuad.nyu.edu/momalab), NYU Abu Dhabi. He received his Ph.D. in Electrical Engineering, as well as M.Sc., M.Phil. degrees from Yale University. He also received the B.Sc. and M.Sc. degrees in Computer Science and Embedded Systems, respectively, from the University of Piraeus, Greece. His research interests, funded by industrial partners, the US government, and the UAE government include privacy-preserving computation and industrial control systems security.

In the modern era, where industries are getting more automated and interconnected, it is essential to understand the intricate technical web of these critical systems. Industrial Control Systems (ICS) are the backbone of multiple essential infrastructure sectors, including healthcare, water supply/power plants, manufacturing, and transportation. ICS plays a pivotal role in regulating and monitoring key infrastructure physical processes. Understanding the ICS's network architecture and the protocols that control their communication is vital for their efficiency, reliability, and security. ICS Network Architecture Industrial Control System (ICS) Network Architecture is a well-organized framework utilized to design, construct, and oversee the network infrastructure crucial for supporting vital industrial operations and systems. It is designed to facilitate the seamless interconnection of field devices, control systems, and SCADA systems, enabling the real-time exchange and management of data. The objective is to ensure that everything functions smoothly with: High reliability Low latency real-time performance Scalability to meet changing industrial requirements Rigorous cybersecurity to protect against threats Basically, ICS Network Architecture is the foundation that helps operators and engineers keep an eye on, control, and improve industrial processes, which helps make critical infrastructure sectors safer, more productive, and more sustainable. View More: ICS Network Architecture and Protocols

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Ron Fabela: Secure Access That Makes Sense for OperationsPub date: 2023-12-21About Ron Fabela: Ron Fabela, a seasoned cybersecurity professional with over 20 years of experience, specializes in safeguarding Industrial Control Systems (ICS) and Operations Technology (OT). Currently serving as the Field CTO at XONA, Ron leads initiatives to establish secure industrial access, ensuring safe operations for asset owners globally. With a background rooted in hands-on experience across diverse critical infrastructure sectors such as power generation, offshore oil, and refineries, he excels in overcoming industry-specific challenges and possesses a unique skill set to articulate technical and business concepts effectively to a broad audience.In this episode, Aaron and Ron Fabela discuss:Adopting secure remote access in OT as an operational requirementThe complex landscape of active scanning in ICSBuilding trust and bridging the gap between cybersecurity and OTBalancing innovation, risk, and security in a changing landscapeKey Takeaways:In the dynamic world of ICS, securing remote access is not just a cybersecurity necessity but a practical operational requirement, as witnessed through the evolution from air gaps to accepted industry practices, embracing the concept of zero trust while facilitating secure access is not only a cybersecurity feat but a collaborative effort aligning operational needs with stringent security measures.The shift from passive to active scanning is crucial for effective threat detection and asset visibility; while skepticism persists, bridging the gap between security and operations through trust-building and advocacy is essential to navigate the challenges and seize the opportunities in securing critical infrastructure.To establish trust and enhance cybersecurity in operational environments, genuine collaboration, understanding the challenges of control system engineers, and acknowledging small victories are crucial steps toward securing critical infrastructure and ensuring operational resilience.The future of industrial cybersecurity brings excitement and concern with the shift to advanced systems like cloud, edge, and virtualization, offering scalability but inheriting a substantial attack surface. This underscores the importance of a strategic security approach in this evolving landscape. "I appreciate where I'm at. That's why I stay in the community. I don't think I could ever go back to enterprise and have that same feeling of mission and importance without letting it get to you. Early on, a lot of us were like, "We're saving the world." It's like, "No, no, no. We're just trying to help people, and we're helping ourselves in the process." That's why I love the community." — Ron Fabela Connect with Ron Fabela: Email: ron@fabela.co (unofficial business) & ron@xonasystems.com (official business)LinkedIn: https://www.linkedin.com/in/ronniefabela/Twitter: https://twitter.com/ron_fabConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Ron Fabela: Secure Access That Makes Sense for OperationsPub date: 2023-12-21About Ron Fabela: Ron Fabela, a seasoned cybersecurity professional with over 20 years of experience, specializes in safeguarding Industrial Control Systems (ICS) and Operations Technology (OT). Currently serving as the Field CTO at XONA, Ron leads initiatives to establish secure industrial access, ensuring safe operations for asset owners globally. With a background rooted in hands-on experience across diverse critical infrastructure sectors such as power generation, offshore oil, and refineries, he excels in overcoming industry-specific challenges and possesses a unique skill set to articulate technical and business concepts effectively to a broad audience.In this episode, Aaron and Ron Fabela discuss:Adopting secure remote access in OT as an operational requirementThe complex landscape of active scanning in ICSBuilding trust and bridging the gap between cybersecurity and OTBalancing innovation, risk, and security in a changing landscapeKey Takeaways:In the dynamic world of ICS, securing remote access is not just a cybersecurity necessity but a practical operational requirement, as witnessed through the evolution from air gaps to accepted industry practices, embracing the concept of zero trust while facilitating secure access is not only a cybersecurity feat but a collaborative effort aligning operational needs with stringent security measures.The shift from passive to active scanning is crucial for effective threat detection and asset visibility; while skepticism persists, bridging the gap between security and operations through trust-building and advocacy is essential to navigate the challenges and seize the opportunities in securing critical infrastructure.To establish trust and enhance cybersecurity in operational environments, genuine collaboration, understanding the challenges of control system engineers, and acknowledging small victories are crucial steps toward securing critical infrastructure and ensuring operational resilience.The future of industrial cybersecurity brings excitement and concern with the shift to advanced systems like cloud, edge, and virtualization, offering scalability but inheriting a substantial attack surface. This underscores the importance of a strategic security approach in this evolving landscape. "I appreciate where I'm at. That's why I stay in the community. I don't think I could ever go back to enterprise and have that same feeling of mission and importance without letting it get to you. Early on, a lot of us were like, "We're saving the world." It's like, "No, no, no. We're just trying to help people, and we're helping ourselves in the process." That's why I love the community." — Ron Fabela Connect with Ron Fabela: Email: ron@fabela.co (unofficial business) & ron@xonasystems.com (official business)LinkedIn: https://www.linkedin.com/in/ronniefabela/Twitter: https://twitter.com/ron_fabConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

About Ron Fabela: Ron Fabela, a seasoned cybersecurity professional with over 20 years of experience, specializes in safeguarding Industrial Control Systems (ICS) and Operations Technology (OT). Currently serving as the Field CTO at XONA, Ron leads initiatives to establish secure industrial access, ensuring safe operations for asset owners globally. With a background rooted in hands-on experience across diverse critical infrastructure sectors such as power generation, offshore oil, and refineries, he excels in overcoming industry-specific challenges and possesses a unique skill set to articulate technical and business concepts effectively to a broad audience.In this episode, Aaron and Ron Fabela discuss:Adopting secure remote access in OT as an operational requirementThe complex landscape of active scanning in ICSBuilding trust and bridging the gap between cybersecurity and OTBalancing innovation, risk, and security in a changing landscapeKey Takeaways:In the dynamic world of ICS, securing remote access is not just a cybersecurity necessity but a practical operational requirement, as witnessed through the evolution from air gaps to accepted industry practices, embracing the concept of zero trust while facilitating secure access is not only a cybersecurity feat but a collaborative effort aligning operational needs with stringent security measures.The shift from passive to active scanning is crucial for effective threat detection and asset visibility; while skepticism persists, bridging the gap between security and operations through trust-building and advocacy is essential to navigate the challenges and seize the opportunities in securing critical infrastructure.To establish trust and enhance cybersecurity in operational environments, genuine collaboration, understanding the challenges of control system engineers, and acknowledging small victories are crucial steps toward securing critical infrastructure and ensuring operational resilience.The future of industrial cybersecurity brings excitement and concern with the shift to advanced systems like cloud, edge, and virtualization, offering scalability but inheriting a substantial attack surface. This underscores the importance of a strategic security approach in this evolving landscape. "I appreciate where I'm at. That's why I stay in the community. I don't think I could ever go back to enterprise and have that same feeling of mission and importance without letting it get to you. Early on, a lot of us were like, "We're saving the world." It's like, "No, no, no. We're just trying to help people, and we're helping ourselves in the process." That's why I love the community." — Ron Fabela Connect with Ron Fabela: Email: ron@fabela.co (unofficial business) & ron@xonasystems.com (official business)LinkedIn: https://www.linkedin.com/in/ronniefabela/Twitter: https://twitter.com/ron_fabConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

Cybersecurity training could seem as exciting as watching paint dry. However, the Idaho National Lab has found a way to make such training much more interesting. In this podcast I interview Jeff Hahn who is the project manager and Critical Infrastructure Cybersecurity Engineer at the Idaho National Laboratory (INL). He leads the Cybersecurity for Industrial Control Systems (ICS) training aligned with the Department of Homeland Security (DHS) Critical Infrastructure Security Agency (CISA). They use “Escape Room” concepts to train people and teams on different aspects of cybersecurity. Mr. Hahn is a Professional Engineer, a Certified Information Systems Security Professional, and has over 35 years of experience in both the public and private sector. For more information, Google “CISA ICS Training” or email itstraining@inl.gov.  This episode is sponsored by AshBritt, a national rapid-response emergency management and logistics company. Celebrating its 30th year, AshBritt has led response efforts following 60 federally declared disasters across 30 states and has conducted more than 400 missions, successfully serving over 600 clients. AshBritt is the trusted emergency management contractor for cities, counties, states and for federal agencies, including the Department of Defense where AshBritt holds a pre-position debris management contract which covers 25 U.S. states.  Eric Holdeman is a professional emergency manager who is passionate about providing information that can help families, businesses & governments become better prepared for disasters of all types. Hear first hand expert insights from Eric on his Podcast, Blog & EricHoldeman.com.

We're kicking off a mini-series on the Transatlantic Cable Podcast, where our crew dives into the world of critical infrastructure with the team from Industrial Control Systems (ICS) research team to talk about research, new developments and upcoming events. The very first episode the team sit down with Evgeny Goncharov and Vladimir Dashchenko to talk about some of their latest research.  The first piece of a look at data for Industrial Control Systems for H1, whilst the second was a deep dive into upcoming Internet Of Things threats for 2023.   If you'd like to hear more about this, be sure to subscribe. Overview of IoT threats in 2023 Threat landscape for industrial automation systems. Statistics for H1 2023

In today's digital era, where technology permeates every aspect of our lives, protecting critical infrastructure and Industrial Control Systems (ICS) has become an utmost priority. With cyber threats looming large, organizations are turning to Operational Technology (OT) and ICS security professionals to defend against potential attacks and ensure the uninterrupted functioning of essential operations. This blog explores the vital roles and responsibilities shouldered by these skilled individuals and their indispensable contributions to cybersecurity in critical sectors. View More: Roles and Responsibilities of OT Security Professionals

The growing reliance on Operational Technology (OT) and Industrial Control Systems (ICS) in various industries has led to an increased demand for professionals skilled in OT/ICS security. This exciting and evolving field offers numerous opportunities for individuals looking to make a career transition. If you are interested in pursuing an OT Security Career in 2023, you might be wondering how to make a career transition from your current role. OT and ICS security is a growing and challenging domain that requires a combination of technical skills, domain knowledge, and a security mindset. Here we will discuss and share some tips and resources on how to prepare yourself for a successful career transition to OT/ICS security. View More: How to Make a Career Transition to OT Security

Podcast: Critical Assets PodcastEpisode: Simplifying ICS Security MetricsPub date: 2023-03-09Getting started with ICS and OT security metrics can be hard. What do you measure? How do you represent it? Do you even have the data? In this podcast, we talk with Erin Torruella to share her experience from building and managing metrics for multiple different sectors. She provides great advice on where to start and how to get the effort going in the right direction.ChatGPT response was…Operational Technology (OT) and Industrial Control Systems (ICS) are crucial components of critical infrastructure, and their security is essential for ensuring the safety, reliability, and availability of essential services. To measure the success or failure of an OT/ICS security program, several metrics can be considered, such as:1. Vulnerability Management Metrics: This metric measures the number of vulnerabilities identified, the number of vulnerabilities remediated, and the time it takes to remediate the vulnerabilities.2. Incident Response Metrics: This metric measures the effectiveness of the incident response process. It includes the time it takes to detect, contain, and resolve an incident, as well as the number and severity of incidents.3. Compliance Metrics: This metric measures compliance with relevant security standards, regulations, and policies. It includes the number of audits conducted, the number of non-compliances identified, and the time it takes to remediate non-compliances.4. Risk Management Metrics: This metric measures the effectiveness of the risk management program. It includes the number and severity of risks identified, the number of risks mitigated, and the time it takes to mitigate the risks.5. Awareness Metrics: This metric measures the effectiveness of the security awareness program. It includes the number of training sessions conducted, the number of employees trained, and the level of understanding demonstrated by employees.6. Asset Management Metrics: This metric measures the effectiveness of the asset management program. It includes the number and types of assets identified, the level of asset classification, and the accuracy of the asset inventory.7. Performance Metrics: This metric measures the performance of the OT/ICS infrastructure. It includes uptime, availability, and response time.Thanks for listening!Show links:Erin Torruella...LinkedIn - https://www.linkedin.com/in/erin-torruella/Twitter - https://twitter.com/LadySqrrlMastodon - https://infosec.exchange/@ladysqrrlJD Christopher SANS talk on ICS Security Metrics - https://www.youtube.com/watch?v=gIsLP_Dtv7MJD Christopher SANS blog post on ICS Security Metrics -https://www.sans.org/blog/mature-ics-security-with-metrics/S.M.A.R.T. Methodology - https://en.wikipedia.org/wiki/SMART_criteriaDHS CISA Cross-Sector Cyber Performance Goals - https://www.cisa.gov/cross-sector-cybersecurity-performance-goalsThe podcast and artwork embedded on this page are from Patrick Miller, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 70: OT Monitoring Tools- A Case Study on How to Choose One- Post Q&A with Raph ArakelianPub date: 2023-02-21Raphael Arakelian joins Derek Harp today for a slightly different podcast.Raphael is currently the Manager of OT and IoT Cybersecurity at PwC Canada. He is a cybersecurity practitioner specializing in Operational Technology (OT), the Internet of Things (IoT), and Industrial Control Systems (ICS).It has always been challenging for purchasers and end-users to understand how to differentiate between various OT products and determine which tools to select. Raph has developed a methodology for comparing monitoring tools. On the 25th of January this year, he did a CS2AI online show with Derek called OT Monitoring Tools: A Case Study on How to Choose One. It was a popular event, and many questions got submitted. Unfortunately, all the questions could not get answered within the allotted time. So they decided to follow up with a collaborative bonus session to get to the bottom of more of those questions.In his episode, Raph discusses his systematic methodology for overcoming the challenge that organizations often face when looking at different vendors in the OT security space to select the right tool for a given situation. He also responds to several unanswered questions from the online CS2AI event. Show highlights:Raph shares the idea behind his systematic approach and explains what led him to devise it.The nine technical areas that get evaluated with Raph's methodology.The nuances that led Raph to the three candidate vendors with whom he did his proof of concept.Raph recaps his methodology, discusses the source of truth data critical for the assessment, and explains what happens if an organization does not have the asset inventory beforehand.How to differentiate between IT and OT assets.Raph gives a quick explanation of industrial protocols.Question: During the proof of concept, was there a concern about connecting the tools and a laptop to an active utility system? Was port mirroring enough to ensure one-way communication?How to address devices that are not active on the network.Question: “Based on your study, How is Asset Characterization for OT Monitoring Tools it seems that there could be a lot of manual edits needed to fix mischaracterization.”Raph shares his thoughts on the following: “For most tools, it seems that CDE detection and remediation guidance has a shotgun approach without regard to the hardware on which the CDE is found.” Instances in which vendors will be willing to update their products.Why Raph believes OT monitoring tools are helpful.Links and resources:(CS)²AI Sign up here to become a member of our on-demand library. PwC CanadaRaphael Arakelian on LinkedInMentioned in this episode:Our Sponsors:We'd like to thank our sponsors for their faithful support of this podcast. Without their support we would not be able to bring you this valuable content. We'd appreciate it if you would support these companies because they support us! Network Perception Waterfall Security Tripwire KPMG CyberJoin CS2AIJoin the largest organization for cybersecurity professionals. Membership has its benefits! We keep you up to date on the latest cybersecurity news and education. Preroll MembershipThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode, our host JoAnn Meyer talks with Jim Gilsinn, a Technical Leader with Dragos with decades of experience with Industrial Control Systems (ICS) and OT. He shares the challenges that exist as IT and OT become ever more integrated. With the increasing complexity associated with each side of a company's technological landscape, having the depth of knowledge and experience to understand the risks, detect threats and plan and execute a response on both sides is almost impossible without a little help. Don't miss Jim's description near the end of the episode of how Dragos helps companies perform a Crown Jewel Analysis  and sometimes what's most important might not even be high-tech. This episode is made possible by Hewlett-Packard Enterprise. Jim Gilsinn LinkedIn Dragos Advice on implementing the recent TSA Pipeline Security Directive Click here to take it one question survey and receive OGGN hardhat/laptop stickers Enjoying the show? Leave me a review here Brought to you on the Oil and Gas Global Network, the largest and most listened-to podcast network for the oil and energy industry. More from OGGN ... Podcasts LinkedIn Group LinkedIn Company Page Get notified about industry events

Raphael Arakelian joins Derek Harp today for a slightly different podcast.Raphael is currently the Manager of OT and IoT Cybersecurity at PwC Canada. He is a cybersecurity practitioner specializing in Operational Technology (OT), the Internet of Things (IoT), and Industrial Control Systems (ICS).It has always been challenging for purchasers and end-users to understand how to differentiate between various OT products and determine which tools to select. Raph has developed a methodology for comparing monitoring tools. On the 25th of January this year, he did a CS2AI online show with Derek called OT Monitoring Tools: A Case Study on How to Choose One. It was a popular event, and many questions got submitted. Unfortunately, all the questions could not get answered within the allotted time. So they decided to follow up with a collaborative bonus session to get to the bottom of more of those questions.In his episode, Raph discusses his systematic methodology for overcoming the challenge that organizations often face when looking at different vendors in the OT security space to select the right tool for a given situation. He also responds to several unanswered questions from the online CS2AI event. Show highlights:Raph shares the idea behind his systematic approach and explains what led him to devise it.The nine technical areas that get evaluated with Raph's methodology.The nuances that led Raph to the three candidate vendors with whom he did his proof of concept.Raph recaps his methodology, discusses the source of truth data critical for the assessment, and explains what happens if an organization does not have the asset inventory beforehand.How to differentiate between IT and OT assets.Raph gives a quick explanation of industrial protocols.Question: During the proof of concept, was there a concern about connecting the tools and a laptop to an active utility system? Was port mirroring enough to ensure one-way communication?How to address devices that are not active on the network.Question: “Based on your study, How is Asset Characterization for OT Monitoring Tools it seems that there could be a lot of manual edits needed to fix mischaracterization.”Raph shares his thoughts on the following: “For most tools, it seems that CDE detection and remediation guidance has a shotgun approach without regard to the hardware on which the CDE is found.” Instances in which vendors will be willing to update their products.Why Raph believes OT monitoring tools are helpful.Links and resources:(CS)²AI Sign up here to become a member of our on-demand library. PwC CanadaRaphael Arakelian on LinkedIn

Industrial Control Systems (ICS) in the cloudCan the cloud fundamentally revolutionise Operational Technology (OT) security?To help Robby understand some of the nuances of OT security and help connect the dots between IT and OT, we're joined by Vivek Ponnada from the OT, ICS & IoT security company Nozomi Networks.Vivek shares from his 24 years of experience working with ICS, and explains how much cloud is and is going to be utilised within OT in the years to come.He also shares what threats he is seeing in the OT space, as well as some examples of what's up-and-coming in OT security

Podcast: CS2AI Control System Cyber Security Association International: (CS)²AIEpisode: 59: Staying Curious and Learning New Things is an Asset in Cyber Security with David BacquePub date: 2022-11-29Derek Harp interviews David Bacque today. David is currently the Vice President of Strategic Development and Director of OT/ICS Cybersecurity at RED Group. RED Group is an Industrial Control Systems (ICS) technology development and integration firm specializing in Process Automation, IT/OT Consulting, and Industrial Cybersecurity. Dave is an experienced industrial cybersecurity and operational technology (OT) professional who has led, advised on, and delivered cybersecurity projects and initiatives with industrial clients around the world to help operators of critical infrastructure become more resilient to cyber threats. He has a B.S. in Information Systems and Decision Sciences from Louisiana State University and is a holder of the Global Industrial Cybersecurity Professional (GICSP) and Project Management Professional (PMP) certifications.Dave grew up and went to school in a small town in South Louisiana. He has many years of experience in the OT space. As well as being an OT/ICS Cybersecurity leader, he is also a father, sailor, chef, barista, traveler, motorcyclist, and hiker. He joins Derek today to talk about his background, education, and career trajectory and discuss the importance of staying curious and being open to learning new things.This episode is a must for anyone looking to get into the cybersecurity space! Tune in to hear Dave's story, learn from his insights and experience, and benefit from his valuable nuggets of career advice! Show highlights:How his dad's background in mechanical design led to David's first interactions with technology.The many interesting things that took place around the time Dave graduated from LSU in 2001.What Dave did and learned when he started his career with Total in the early days of IT and OT convergence.The value of getting to know your co-workers personally and building community within organizations.Some changes in the OT security space that happened during the course of Dave's career.What does it take for engineers and IT people to become OT cybersecurity qualified and savvy?Dave offers advice for leaders looking to get people together to build cross-functional teams.What Dave did in his first career roles.Dave dives into the power of building long-term relationshipsDave discusses the informal mentor/mentee relationships he has had in his careerThe value of being able to tell people your story.Links and resources:(CS)²AIRED GroupDave Bacque on LinkedInMentioned in this episode:Our Sponsors:We'd like to thank our sponsors for their faithful support of this podcast. Without their support we would not be able to bring you this valuable content. We'd appreciate it if you would support these companies because they support us! Network Perception Waterfall Security Tripwire KPMG CyberJoin CS2AIJoin the largest organization for cybersecurity professionals. Membership has its benefits! We keep you up to date on the latest cybersecurity news and education. Preroll MembershipThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Derek Harp interviews David Bacque today. David is currently the Vice President of Strategic Development and Director of OT/ICS Cybersecurity at RED Group. RED Group is an Industrial Control Systems (ICS) technology development and integration firm specializing in Process Automation, IT/OT Consulting, and Industrial Cybersecurity. Dave is an experienced industrial cybersecurity and operational technology (OT) professional who has led, advised on, and delivered cybersecurity projects and initiatives with industrial clients around the world to help operators of critical infrastructure become more resilient to cyber threats. He has a B.S. in Information Systems and Decision Sciences from Louisiana State University and is a holder of the Global Industrial Cybersecurity Professional (GICSP) and Project Management Professional (PMP) certifications.Dave grew up and went to school in a small town in South Louisiana. He has many years of experience in the OT space. As well as being an OT/ICS Cybersecurity leader, he is also a father, sailor, chef, barista, traveler, motorcyclist, and hiker. He joins Derek today to talk about his background, education, and career trajectory and discuss the importance of staying curious and being open to learning new things.This episode is a must for anyone looking to get into the cybersecurity space! Tune in to hear Dave's story, learn from his insights and experience, and benefit from his valuable nuggets of career advice! Show highlights:How his dad's background in mechanical design led to David's first interactions with technology.The many interesting things that took place around the time Dave graduated from LSU in 2001.What Dave did and learned when he started his career with Total in the early days of IT and OT convergence.The value of getting to know your co-workers personally and building community within organizations.Some changes in the OT security space that happened during the course of Dave's career.What does it take for engineers and IT people to become OT cybersecurity qualified and savvy?Dave offers advice for leaders looking to get people together to build cross-functional teams.What Dave did in his first career roles.Dave dives into the power of building long-term relationshipsDave discusses the informal mentor/mentee relationships he has had in his careerThe value of being able to tell people your story.Links and resources:(CS)²AIRED GroupDave Bacque on LinkedInMentioned in this episode:Our Sponsors:We'd like to thank our sponsors for their faithful support of this podcast. Without their support we would not be able to bring you this valuable content. We'd appreciate it if you would support these companies because they support us! Network Perception Waterfall Security Tripwire KPMG CyberJoin CS2AIJoin the largest organization for cybersecurity professionals. Membership has its benefits! We keep you up to date on the latest cybersecurity news and education. Preroll Membership

Graham Williamson has teamed up with John Tolbert to research the current state of the Operational Technology (OT) and Industrial Control Systems (ICS) sectors. They documented the ability of the main industry players to support a coordinated approach to detecting, responding to, and recovering from, cybersecurity attacks and intrusions. Graham joins Matthias to provide insight into this market on the occasion of the publication of the Market Compass Cybersecurity for Industrial Control Systems. For feedback, please reach out to Matthias at mr@kuppingercole.com.

Graham Williamson has teamed up with John Tolbert to research the current state of the Operational Technology (OT) and Industrial Control Systems (ICS) sectors. They documented the ability of the main industry players to support a coordinated approach to detecting, responding to, and recovering from, cybersecurity attacks and intrusions. Graham joins Matthias to provide insight into this market on the occasion of the publication of the Market Compass Cybersecurity for Industrial Control Systems. For feedback, please reach out to Matthias at mr@kuppingercole.com.

Join this episode as we will talk about Industrial Control Systems (ICS), Megan's genius idea of Incident Command System for ICS, why are ICS systems critical and what makes them different from traditional IT and learn more about what does the role of a Chief Product Security Officer entail!

Podcast: Control System Cyber Security Association International: (CS)²AIEpisode: 30: Engineers Should Consider a Cybersecurity Career with Graham SpeakePub date: 2022-03-15Today, Derek Harp is excited to have Graham Speake, the Director of Industrial Security at Waterfall Security Solutions, joining him on the show! Graham started very early on as an engineer in control systems. He is an interesting and well-rounded individual with a long history in engineering. Graham was born in Wales and moved to London when he started working. He has been living in America for the past twenty years. He is a senior Cyber Security professional with broad experience leading global Operational Technology (OT) and Information Technology (IT) cybersecurity programs for protecting mission-critical systems and infrastructure. He is an expert in developing and delivering security training courses and security awareness. He has subject-matter expertise in Industrial Control Systems (ICS) and SCADA cybersecurity, particularly in oil and gas majors, and for risk managing large capital value projects and architecting global solutions for Oil and Gas and Industrial Automation customers. He is a music lover, photographer, and world traveler who has recently become an RV traveler. He is also a husband, father, grandfather, and raspberry pie enthusiast!In this episode of the (CS)²AI Podcast, Graham talks about his background and career journey and discusses what led him to where he is today. He also offers valuable nuggets of advice for listeners who would like to make a career in or transition into cyber security.This is one episode you will not want to miss if you are looking to make a career in the cyber security space or are an engineer and would like to add cyber security to your career path. Stay tuned for more!Show highlights:Graham's early experiences inspired him to do electrical/ electronic engineering at college and then move into working with electronics and electricity in an industrial setting. (3:13)The benefits of having an engineering background. (8:05)Graham shares his recommendations for engineers who would like to add cyber security to their professional path. (9:08)The US government offers free security training through the Idaho National Laboratory (INL). (10:22)Graham talks about the mentorship he received and offers advice for finding a mentor and doing a mentorship exchange. (12:07)Security only intersected with his journey much later in his career. (17:16)9/11 was a pivot- point in his career. (20:08)Graham talks about various types of industrial proprietary communication protocols. (26:04)Graham talks about how he got into his interesting role at Yokogawa and how it differed from what he did at BP. (29:58)Graham discusses what happened in the security space after being invited to be part of a training course and certification program in 2011. (36:58)Learning the basic working vocabulary and terminology is a way to build bridges and get teams from different industries to work together. (42:22)Graham explains why he could not say no to working for Waterfall. (54:00)Relationships you form early in your career in the security space end up being very powerful later on. (57:40)Links:(CS)²AIWaterfall Security SolutionsGraham Speake on LinkedInINL Critical Infrastructure Protection TrainingThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Today, Derek Harp is excited to have Graham Speake, the Director of Industrial Security at Waterfall Security Solutions, joining him on the show! Graham started very early on as an engineer in control systems. He is an interesting and well-rounded individual with a long history in engineering.  Graham was born in Wales and moved to London when he started working. He has been living in America for the past twenty years. He is a senior Cyber Security professional with broad experience leading global Operational Technology (OT) and Information Technology (IT) cybersecurity programs for protecting mission-critical systems and infrastructure. He is an expert in developing and delivering security training courses and security awareness. He has subject-matter expertise in Industrial Control Systems (ICS) and SCADA cybersecurity, particularly in oil and gas majors, and for risk managing large capital value projects and architecting global solutions for Oil and Gas and Industrial Automation customers. He is a music lover, photographer, and world traveler who has recently become an RV traveler. He is also a husband, father, grandfather, and raspberry pie enthusiast! In this episode of the (CS)²AI Podcast, Graham talks about his background and career journey and discusses what led him to where he is today. He also offers valuable nuggets of advice for listeners who would like to make a career in or transition into cyber security. This is one episode you will not want to miss if you are looking to make a career in the cyber security space or are an engineer and would like to add cyber security to your career path. Stay tuned for more! Show highlights: Graham's early experiences inspired him to do electrical/ electronic engineering at college and then move into working with electronics and electricity in an industrial setting. (3:13) The benefits of having an engineering background. (8:05) Graham shares his recommendations for engineers who would like to add cyber security to their professional path. (9:08) The US government offers free security training through the Idaho National Laboratory (INL). (10:22) Graham talks about the mentorship he received and offers advice for finding a mentor and doing a mentorship exchange. (12:07) Security only intersected with his journey much later in his career. (17:16) 9/11 was a pivot- point in his career. (20:08) Graham talks about various types of industrial proprietary communication protocols. (26:04) Graham talks about how he got into his interesting role at Yokogawa and how it differed from what he did at BP. (29:58) Graham discusses what happened in the security space after being invited to be part of a training course and certification program in 2011. (36:58) Learning the basic working vocabulary and terminology is a way to build bridges and get teams from different industries to work together. (42:22) Graham explains why he could not say no to working for Waterfall. (54:00) Relationships you form early in your career in the security space end up being very powerful later on. (57:40) Links: https://www.cs2ai.org/ ((CS)²AI) https://waterfall-security.com/ (Waterfall Security Solutions) https://www.linkedin.com/search/results/all/?keywords=graham%2520speake&origin=RICH_QUERY_SUGGESTION&position=1&searchId=94ecb726-8b32-41b5-bfdd-ee1a1fc451e5&sid=W0p (Graham Speake on LinkedIn) https://inl.gov/critical-infrastructure-protection-training/ (INL Critical Infrastructure Protection Training) Mentioned in this episode: Join CS2AI Join the largest organization for cybersecurity professionals. Membership has its benefits! We keep you up to date on the latest cybersecurity news and education. https://cs2ai.captivate.fm/cs2ai (Preroll Membership) Our Sponsors: We'd like to thank our sponsors for their faithful support of this podcast. Without their support we would not be able to bring you this valuable content. We'd appreciate it if you would support...

Ransomware attacks have been growing in popularity, especially in critical infrastructure. Due to the importance of critical infrastructure, the need to secure the environments is an impending issue. The technology used in ICS environments is sensitive and often based on older protocols. The desire for connectivity has created an opportune target for malicious actors. Join […] The post Webcast: Intro to Ransomware and Industrial Control Systems (ICS) appeared first on Black Hills Information Security.

John Tolbert sits down with Matthias and shares his insights into current approaches for protecting and defending essential enterprise systems beyond traditional, often office-focused cybersecurity. Safeguarding Operational Technology (OT), Industrial Control Systems (ICS), and the Industrial Internet of Things (IIoT) is getting increasingly important. John explains that modern approaches like Network Detection and Response (NDR) and especially Distributed Deception Platforms (DDP) can be valuable building blocks in an overall strategy for defending, for example, the factory floor or critical clinical systems.

John Tolbert sits down with Matthias and shares his insights into current approaches for protecting and defending essential enterprise systems beyond traditional, often office-focused cybersecurity. Safeguarding Operational Technology (OT), Industrial Control Systems (ICS), and the Industrial Internet of Things (IIoT) is getting increasingly important. John explains that modern approaches like Network Detection and Response (NDR) and especially Distributed Deception Platforms (DDP) can be valuable building blocks in an overall strategy for defending, for example, the factory floor or critical clinical systems.

We're starting a new series of episodes on cyber security and how that relates to Industrial Control Systems (ICS) and OT infrastructure.In part 1 of this series, Network Specialists, Brandon Singh and Joe Belaschky, introduce cyber security from a broad perspective.  What is it?  What are some of the threats?  Who are the threat actors?  And why would someone want to attack us anyway?References:Networking SolutionsTechnical Support Team

In this week's Realcomm Live Episode, we speak with Lucian Niemeyer, national security expert and CEO of The Niemeyer Group, and Billy Rios, Founder of WhiteScope and one of the world's most respected experts on emerging threats related to software security, Industrial Control Systems (ICS), Critical Infrastructure (CI), and medical devices. These two cybersecurity experts will share their insight and important defense takeaways to help building owners and operators assess vulnerabilities and protect their organizations from cyberterrorism.

Industrial Control Systems (ICS) and Operational Technology (OT) have risks and consequences in the real world, such as the health and safety of people, but how those industries handle the potential cybersecurity risks varies greatly depending on the regulation that has been applied. The US Government has declared many different industries as critical infrastructures with different levels of prioritization placed on cybersecurity regulation.   Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw64

This week, we welcome Jim Gilsinn, Principal Industrial Consultant at Dragos, to discuss ICS/OT Regulation! Industrial Control Systems (ICS) and Operational Technology (OT) have risks and consequences in the real world, such as the health and safety of people, but how those industries handle the potential cybersecurity risks varies greatly depending on the regulation that has been applied. The US Government has declared many different industries as critical infrastructures with different levels of prioritization placed on cybersecurity regulation.   Show Notes: https://securityweekly.com/scw64 Visit https://www.securityweekly.com/scw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Industrial Control Systems (ICS) and Operational Technology (OT) have risks and consequences in the real world, such as the health and safety of people, but how those industries handle the potential cybersecurity risks varies greatly depending on the regulation that has been applied. The US Government has declared many different industries as critical infrastructures with different levels of prioritization placed on cybersecurity regulation.   Visit https://www.securityweekly.com/scw for all the latest episodes! Show Notes: https://securityweekly.com/scw64

This week, we welcome Jim Gilsinn, Principal Industrial Consultant at Dragos, to discuss ICS/OT Regulation! Industrial Control Systems (ICS) and Operational Technology (OT) have risks and consequences in the real world, such as the health and safety of people, but how those industries handle the potential cybersecurity risks varies greatly depending on the regulation that has been applied. The US Government has declared many different industries as critical infrastructures with different levels of prioritization placed on cybersecurity regulation.   Show Notes: https://securityweekly.com/scw64 Visit https://www.securityweekly.com/scw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Podcast: The CyberWire Daily (LS 59 · TOP 0.5% what is this?)Episode: Manufacturing sector is increasingly a target for adversaries. [Research Saturday]Pub date: 2021-01-16Guest Selena Larson, senior cyber threat analyst at Dragos, Inc., joins us to discuss their research into recent observations of ICS-targeting threats to manufacturing organizations. Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from Industrial Control Systems (ICS)-targeting adversaries. Dragos currently publicly tracks five ICS-focused activity groups targeting manufacturing: CHRYSENE, PARISITE, MAGNALLIUM, WASSONITE, and XENOTIME in addition to various ransomware activities capable of disrupting operations. Manufacturing relies on ICS to scale, function, and ensure consistent quality control and product safety. It provides crucial materials, products, and medicine and is classified as critical infrastructure. Due to the interconnected nature of facilities and operations, an attack on a manufacturing entity can have ripple effects across the supply chain that relies on timely and precise production to support product fulfillment, health and safety, and national security objectives. Ransomware adversaries are adopting ICS-aware functionality with the ability to stop industrial related processes and cause disruptive – and potentially destructive – impacts. Dragos has not observed ICS-specific malware targeting manufacturing operations on the same scale or sophistication as that used in the disruptive TRISIS and CRASHOVERRIDE malware attacks that targeted energy operations in Saudi Arabia and Ukraine, respectively. However, known and ongoing threats to manufacturing can have direct and indirect impact to operations. This report provides a snapshot of the threat landscape as of October 2020 and is expected to change in the future as adversaries and their behaviors evolve. The research can be found here:ICS Threat Activity on the Rise in Manufacturing SectorThe podcast and artwork embedded on this page are from CyberWire, Inc., which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Guest Selena Larson, senior cyber threat analyst at Dragos, Inc., joins us to discuss their research into recent observations of ICS-targeting threats to manufacturing organizations.  Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from Industrial Control Systems (ICS)-targeting adversaries. Dragos currently publicly tracks five ICS-focused activity groups targeting manufacturing: CHRYSENE, PARISITE, MAGNALLIUM, WASSONITE, and XENOTIME in addition to various ransomware activities capable of disrupting operations.  Manufacturing relies on ICS to scale, function, and ensure consistent quality control and product safety. It provides crucial materials, products, and medicine and is classified as critical infrastructure. Due to the interconnected nature of facilities and operations, an attack on a manufacturing entity can have ripple effects across the supply chain that relies on timely and precise production to support product fulfillment, health and safety, and national security objectives.  Ransomware adversaries are adopting ICS-aware functionality with the ability to stop industrial related processes and cause disruptive – and potentially destructive – impacts. Dragos has not observed ICS-specific malware targeting manufacturing operations on the same scale or sophistication as that used in the disruptive TRISIS and CRASHOVERRIDE malware attacks that targeted energy operations in Saudi Arabia and Ukraine, respectively. However, known and ongoing threats to manufacturing can have direct and indirect impact to operations. This report provides a snapshot of the threat landscape as of October 2020 and is expected to change in the future as adversaries and their behaviors evolve.  The research can be found here: ICS Threat Activity on the Rise in Manufacturing Sector

Guest Selena Larson, senior cyber threat analyst at Dragos, Inc., joins us to discuss their research into recent observations of ICS-targeting threats to manufacturing organizations.  Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from Industrial Control Systems (ICS)-targeting adversaries. Dragos currently publicly tracks five ICS-focused activity groups targeting manufacturing: CHRYSENE, PARISITE, MAGNALLIUM, WASSONITE, and XENOTIME in addition to various ransomware activities capable of disrupting operations.  Manufacturing relies on ICS to scale, function, and ensure consistent quality control and product safety. It provides crucial materials, products, and medicine and is classified as critical infrastructure. Due to the interconnected nature of facilities and operations, an attack on a manufacturing entity can have ripple effects across the supply chain that relies on timely and precise production to support product fulfillment, health and safety, and national security objectives.  Ransomware adversaries are adopting ICS-aware functionality with the ability to stop industrial related processes and cause disruptive – and potentially destructive – impacts. Dragos has not observed ICS-specific malware targeting manufacturing operations on the same scale or sophistication as that used in the disruptive TRISIS and CRASHOVERRIDE malware attacks that targeted energy operations in Saudi Arabia and Ukraine, respectively. However, known and ongoing threats to manufacturing can have direct and indirect impact to operations. This report provides a snapshot of the threat landscape as of October 2020 and is expected to change in the future as adversaries and their behaviors evolve.  The research can be found here: ICS Threat Activity on the Rise in Manufacturing Sector

Forensic Readiness | OT miniseriesWe're continuing our Operational Technology (OT) miniseries where we look into the security challenges in the OT space. This time around, Robby's invited a fellow security podcaster and former head of forensics at Volvo, Rikard Bodforss.Rikard has been working with security in the Industrial Control Systems (ICS) and OT space for a long time, both from the private sector and as IT and Security Manager in the City of Gothenburg's water and waste department. In his conversation with Robby he shares from his experience in the field, and explains what exactly forensic readiness is, and why it's important. He also shares what he believes are some generic truths and recommendations for organizations that operate in ICS and OT environments.Stay tuned for more episodes in our OT miniseries coming soon.Technical level: 2/5Host: Robby PeraltaProducer: Paul Jægerhttps://mnemonic.no/podcast 

Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time. Speaker(s) Amy Bejtlich, Threat Intelligence, Dragos Marc Seitz, Threat Analyst, Dragos Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146207 Product: Splunk Enterprise Security, Splunk for Industrial IoT Track: Internet of Things Level: Good for all skill levels

Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time. Speaker(s) Amy Bejtlich, Threat Intelligence, Dragos Marc Seitz, Threat Analyst, Dragos Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146225 Product: Splunk Enterprise Security, Splunk for Industrial IoT Track: Internet of Things Level: Good for all skill levels

Today’s industrial, manufacturing, and building management systems rely on an array of on-demand, uninterruptable technologies, like Industrial Control Systems (ICS), for their day-to-day operations. Escalations in cyber-related attacks have made increased visibility into these often overlooked systems paramount. Over the past year, Booz Allen has built an OT cybersecurity monitoring solution called ControlWatch that provides enhanced visibility and anomaly detection with a focus on OT environments. By aggregating data from within and around the process, the solution provides a critical view for plant managers, C-level decision-makers, or the boots on the ground. We’ll highlight the context into, detection of, and alerting on a myriad of malicious and misaligned activities. We have implemented unique OT-centric use cases and will walk-through a day-in-the-life scenario to show you how the solution increases cybersecurity awareness and resilience in a production organization at all levels. Speaker(s) Chris Weule, Booz Allen Hamilton Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT2128.pdf?podcast=1577146223 Product: Splunk Enterprise Track: Internet of Things Level: Good for all skill levels

Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time. Speaker(s) Amy Bejtlich, Threat Intelligence, Dragos Marc Seitz, Threat Analyst, Dragos Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146235 Product: Splunk Enterprise Security, Splunk for Industrial IoT Track: Internet of Things Level: Good for all skill levels

Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time. Speaker(s) Amy Bejtlich, Threat Intelligence, Dragos Marc Seitz, Threat Analyst, Dragos Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146263 Product: Splunk Enterprise Security, Splunk for Industrial IoT Track: Internet of Things Level: Good for all skill levels

Today’s industrial, manufacturing, and building management systems rely on an array of on-demand, uninterruptable technologies, like Industrial Control Systems (ICS), for their day-to-day operations. Escalations in cyber-related attacks have made increased visibility into these often overlooked systems paramount. Over the past year, Booz Allen has built an OT cybersecurity monitoring solution called ControlWatch that provides enhanced visibility and anomaly detection with a focus on OT environments. By aggregating data from within and around the process, the solution provides a critical view for plant managers, C-level decision-makers, or the boots on the ground. We’ll highlight the context into, detection of, and alerting on a myriad of malicious and misaligned activities. We have implemented unique OT-centric use cases and will walk-through a day-in-the-life scenario to show you how the solution increases cybersecurity awareness and resilience in a production organization at all levels. Speaker(s) Chris Weule, Booz Allen Hamilton Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT2128.pdf?podcast=1577146206 Product: Splunk Enterprise Track: Internet of Things Level: Good for all skill levels

"Digital transformation" might sound like a vapid buzzword, but make no mistake: when you get down to brass tacks, the digitization of long-held industry processes is providing actionable information from massive amounts of data. On this episode of the Energy Podcast brought to you by MarketScale, we'll discuss machine learning's critical impact on oil and gas industry control rooms with Dan Nagala, president and CEO of UTSI International Corporation. Texas-based UTSI is a vendor-independent consulting and engineering services company that focuses on Industrial Control Systems (ICS) for oil and gas pipelines and related critical infrastructure facilities. Nagala has been leading the company's initiatives as CEO for an astonishing 30 years and has seen machine learning and artificial intelligence in its earliest iterations. “AI and machine learning had a rocky start,” Nagala said, explaining how AI has finally come into its own in the last decade. Nagala shared four types of analytics that are taking hold of critical infrastructure control rooms. Diagnostic analytics figures out what happened from an incident from past data that wasn't immediately available or obvious at the time, Nagala said. Descriptive analytics looks at past data for correlations. Predictive analytics uses historical data from, for example, an equipment's long term use. Prescriptive analytics looks at historical data and creates what-if scenarios based on it. “If you can predict failure before it happens, you can get in there to schedule a maintenance run and avoid a failure that'll require more time to repair and cost more money,” Nagala said.

Podcast: Recorded Future - Inside Threat Intelligence for Cyber SecurityEpisode: 034 ICS is Serious Business, But There's No Need to PanicPub date: 2017-12-04There’s been a good bit of attention aimed at Industrial Control Systems (ICS), lately, the systems that monitor and help keep our critical infrastructure running. The electrical grid tends to get the most attention, but ICS includes water, dams, communications systems, pipelines, natural gas, transportation, and other process control systems. As more and more of these systems get connected to the internet they can make an attractive target for cyber criminals or state actors who are up to no good.   Our guest this week is Robert M. Lee. He’s CEO at Dragos , a company dedicated to the security of critical systems. Before Dragos he was in the U.S. Air Force, where he served as a Cyber Warfare Operations Officer in the U.S. Intelligence Community.The podcast and artwork embedded on this page are from Recorded Future, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

There’s been a good bit of attention aimed at Industrial Control Systems (ICS), lately, the systems that monitor and help keep our critical infrastructure running. The electrical grid tends to get the most attention, but ICS includes water, dams, communications systems, pipelines, natural gas, transportation, and other process control systems. As more and more of these systems get connected to the internet they can make an attractive target for cyber criminals or state actors who are up to no good.   Our guest this week is Robert M. Lee. He’s CEO at Dragos , a company dedicated to the security of critical systems. Before Dragos he was in the U.S. Air Force, where he served as a Cyber Warfare Operations Officer in the U.S. Intelligence Community.

There's been a good bit of attention aimed at Industrial Control Systems (ICS), lately, the systems that monitor and help keep our critical infrastructure running. The electrical grid tends to get the most attention, but ICS includes water, dams, communications systems, pipelines, natural gas, transportation, and other process control systems. As more and more of these systems get connected to the internet they can make an attractive target for cyber criminals or state actors who are up to no good.   Our guest this week is Robert M. Lee. He's CEO at Dragos , a company dedicated to the security of critical systems. Before Dragos he was in the U.S. Air Force, where he served as a Cyber Warfare Operations Officer in the U.S. Intelligence Community.

As operational technology (OT) networks are used with specialized Industrial Control Systems (ICS) to monitor and control physical processes such as assembly lines, mixing tanks, and blast furnaces, these networks have become ripe targets for adversaries. The lack of basic protections like antivirus can enable attackers to quietly perform reconnaissance before sabotaging these physical processes and compromising industrial devices. Once attackers have compromised an OT network, it is easier for them to learn how the equipment is configured and eventually manipulate it.   In this podcast, LBMC Information Security’s Bill Dean discusses how the manufacturing and industrial sectors are prime targets for cyber-attackers.     Listen, and discover these key takeaways:   Reasons we don’t often hear about industrial and manufacturing network breaches Reasons for industrial and manufacturing attacks and what attackers are looking for Reasons industrial and manufacturing sectors should be concerned How NIST’s Cybersecurity Framework Manufacturing Profile can help Information about how third-party risk assessments are beneficial to manufacturers   Subscribe to the Cybersecurity Sense Podcast on iTunes or listen to this podcast HERE. (insert link)   To learn more about LBMC Information Security or to speak to one of our trusted professionals about our services, including how to avoid manufacturing and industrial sector attacks, contact us today!  

A Recent SANS survey of ICS security practitioners titled Securing Industrial Control Systems – 2017 found that 69% of respondents view threats to Industrial Control Systems (ICS) as high or severe/critical, and 40% lack visibility or sufficient supporting intelligence into their ICS networks. In this episode of the InSecurity Podcast, host Shaun Walsh is joined by special guest Eric Cornelius, VP of Innovation at Cylance and certified SANS instructor, to discuss how teams can better perform security assessments or audits of control systems and control system networks and increase visibility into control system cyber assets and configurations.