Podcasts about it ot

  • 113PODCASTS
  • 242EPISODES
  • 34mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • May 16, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about it ot

Latest podcast episodes about it ot

Security Breach
Dark AI Speeding Hacker Evolution

Security Breach

Play Episode Listen Later May 16, 2025 36:41


In many instances the biggest challenge facing OT cybersecurity practitioners is knowing where to focus resources, especially their time. In other words, what are the priorities for the enterprise, facility and people?I recently sat down with Securin's Lead Threat Intelligence Analyst - Aviral Verma. And while I anticipated a conversation focused on vulnerabilities and the threat landscape, discussing these topics led to deeper dives on a range of topics that also included breaking down IT/OT silos, artificial intelligence, the dark web and patching strategies. Listen as we discuss:The transformation of threat actors and how they've been able to cut timelines for exploiting vulnerabilities to 15 days.How hackers are using Dark Web versions of ChatGPT to design more effective credential and data harvesting schemes.Why the security of every software platform, especially those embedded within industrial assets, cannot be assumed.How the legacy dynamic of many OT assets has led hackers to exploit vulnerabilities that have been around for as long as five years.Addressing patching challenges by breaking down silos and getting a deeper understanding of the unique elements of each OT environment.How threat detection needs to evolve, especially with state-sponsored hackers executing "quieter" strategies for attacking manufacturing and critical infrastructure. As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.Promoguy Talk PillsAgency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama...Listen on: Apple Podcasts SpotifyTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com. To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.

IIoT Use Case Podcast | Industrie
#168 | (EN) Real-Time Data with Apache Flink: How Ververica and Steadforce Drive IIoT Success | Steadforce & Ververica

IIoT Use Case Podcast | Industrie

Play Episode Listen Later May 14, 2025 34:31


www.iotusecase.com#ApacheFlink #StreamProcessing #RealTimeData In Episode 168 of the IoT Use Case Podcast, host Ing. Madeleine Mickeleit speaks with Ben Gamble, Product Manager at Ververica, and Stephan Schiffner, Head of Data + AI at Steadforce, about real-time data processing with Apache Flink. Ververica, co-creator of Flink, provides a production-ready platform for stream processing. Steadforce brings years of project experience from industrial environments. Together, they share insights into real-world IIoT projects and explain how production processes, anomaly detection, and supply chains can be optimized through streaming technologies—and why “evolution over revolution” is key to success.Podcast episode summaryReal-Time over Downtime – Why Apache Flink Is Becoming a Key Technology for Industrial Data ProjectsWhether it's predictive maintenance, anomaly detection, or adaptive production control – modern industrial companies face the challenge of not just collecting data, but acting on it in real time. Apache Flink has emerged as the leading tool for stream processing.This episode dives into real-world applications in manufacturing, logistics, and infrastructure – from reducing work-in-progress and monitoring temperature trends to optimizing complex supply chains. You'll learn how companies gradually extend their existing IT/OT architectures with Flink, what common mistakes to avoid, and why “evolution over revolution” is often the smarter strategy.Also in focus: Why investments in streaming technologies often pay off before the ROI becomes measurable in monetary terms – and how projects can get started efficiently using starter kits, Flink SQL, and the Ververica Cloud.For OT/IT leaders, data architects, and decision-makers in Industrial IoT who want to build scalable, secure, and maintainable streaming use cases.-----Relevant links from this episode:Madeleine (https://www.linkedin.com/in/madeleine-mickeleit/)Stephan (https://www.linkedin.com/in/stephan-schiffner/)Ben (https://www.linkedin.com/in/bengamble7/)Ververica Cloud (https://www.ververica.com/deployment/managed-service)Jetzt IoT Use Case auf LinkedIn folgen

Nexus

Nexus

Play Episode Listen Later May 13, 2025 36:19


Episode 179 features James Dice, Rosy and Brad Bonavida from Nexus Labs, as well as Andrew Rogers from ACE IoT Solutions. In this episode of the Nexus Podcast, the Nexus Labs team breaks down the top stories relevant to energy managers, facility managers, IT/OT managers, and workplace managers.Find full show notes and episode transcript on The Nexus Podcast: Episode 179 webpage.Sign-up (or refer a friend!) to the Nexus Newsletter.Learn more about The Smart Building Strategist Course and the Nexus Courses Platform.Check out the Nexus Labs Marketplace.Learn more about Nexus Partnership Opportunities.

Azizi Podcast
#122 - John Caballero | Hacking the Human Mind – Cybersecurity, AI & Psychology

Azizi Podcast

Play Episode Listen Later May 6, 2025 57:32


Can your mind be hacked? In this gripping episode of the Azizi Podcast, Samir Azizi sits down with cybersecurity veteran John Caballero – an expert with over two decades of experience securing IT/OT infrastructures and educating Fortune 500 companies, government agencies, and even the Department of Defense. This conversation goes beyond firewalls and phishing—it dives deep into the human factor and the psychology behind modern cyber threats.

Programa del Motor: AutoFM
El apagón de 2025 en las fábricas de coches españolas.

Programa del Motor: AutoFM

Play Episode Listen Later May 5, 2025 9:42


Esto es un extracto de la Tertulia de AutoFM que se emite cada jueves en Onda Cero Comentamos cómo ha afectado el apagón a la industria española, especialmente a la de la automoción y detalles sobre el rearranque de las fábricas de coches en España. • Parón industrial masivo tras el gran apagón en la Península • El corte eléctrico del 29 de abril dejó sin suministro a España y Portugal, forzando paradas de emergencia en refinerías (Petronor Muskiz, Repsol Tarragona, Cepsa/Moeve) y activando antorchas de seguridad con visibles columnas de humo. • Las plantas siguen detenidas y no hay fecha de reactivación; el impacto económico aún no se ha podido cuantificar. • Automoción: más de 4 000 vehículos sin producir y líneas paralizadas • Ford Almussafes, VW Landaben, Seat Martorell, Ebro Factory y otros centros detuvieron todas las cadenas a las 12:30 h; generadores propios no cubren la demanda total. • Fabricantes evalúan añadir turnos de fin de semana en mayo para recuperar atrasos; de momento se descartan ERTE y se aplicará bolsa de horas. • Efectos en siderurgia, química y proveedores • La siderúrgica Celsa y firmas petroquímicas de Tarragona interrumpieron operaciones de alto consumo energético. • Proveedores de componentes de automoción y otras grandes industrias también frenaron producción a la espera de restablecer el sistema eléctrico. • Sector farmacéutico y pymes: resiliencia parcial • Multinacionales como Grifols y Boehringer mantuvieron actividad gracias a grupos electrógenos; patronales aconsejan priorizar comunicaciones y seguridad con generadores propios. • El incidente revela la vulnerabilidad del tejido productivo ante interrupciones súbitas y la dificultad de reiniciar plantas complejas. • Riesgos sistémicos y contexto • Red Eléctrica investiga la causa del colapso; la dependencia de renovables y el papel crítico de la nuclear vuelven al debate. • El apagón llegó días después de que Repsol alertara de un gran fallo de suministro en Cartagena, subrayando la necesidad de planes de contingencia energética. 1. Activación del Plan de Contingencia y Comité de Crisis 1.1 Inmediatamente después del blackout, convoque al Comité de Crisis (Dirección de Planta, Mantenimiento, EHS, Calidad, IT/OT, Producción, Utilities). 1.2 Compruebe que el Manual de Plan de Contingencia Eléctrica (versión vigente) esté a mano en sala de Control. 1.3 Designe a un Coordinador de Re-arranque que centralice la comunicación con el Centro de Control Eléctrico (REE o distribuidora local) y con los responsables de área. 2. Aseguramiento inmediato de la seguridad operacional 2.1 Verifique que todas las líneas se encuentran mecanicamente bloqueadas (paros de emergencia, enclavamientos de prensas, robots en posición segura, válvulas neumáticas cerradas). 2.2 Confirme la activación de UPS y grupos electrógenos críticos (servicios contra-incendios, servidores MES/ERP, iluminación de evacuación). 2.3 Realice un pase de seguridad por todas las áreas de alto riesgo: soldadura robotizada, cabinas de pintura con compuestos volátiles, pits de prensas y fosos de catforesis. 3. Evaluación del estado de suministro y calidad eléctrica 3.1 Reciba confirmación oficial de la energía de retorno (grid OK). 3.2 Revise parámetros de calidad: tensión (±5 %), frecuencia (49,8-50,2 Hz), THD (0,95). 3.3 Realice pruebas de carga gradual en CCMs secundarios antes de energizar MCCs de proceso. 4. Inspección eléctrica y de utilidades internas 4.1 Compruebe interruptores de potencia, fusibles, barras y tierras en subestación 30/6 kV y celdas de media tensión. 4.2 Inspeccione transformadores de distribución: nivel de aceite, temperatura y ΔP en bombas ONAN/ONAF. 4.3 Verifique arranque secuencial de compresores de aire, grupos de refrigeración, calderas y HVAC de cabinas. 5. Revisión de equipos de proceso y sistemas de control 5.1 Realice checklist mecánico-eléctrico en:  • Prensas Transfer & Tandem: nivel hidráulico, enclavamientos, finales de carrera.  • Robots soldadura: home position, circuitos de agua/glycol, pinzas.  • Catenarias de pintura: tensiones de cadena, sensórica de posición.  • AGVs y EMS: estado de baterías, comunicaciones Wi-Fi/5G. 5.2 Reinicie secuencialmente PLCs y Safety-PLC; valide checksum de programas y tiempos de ciclo. 5.3 Arranque servidores MES, SCADA y dispositivos IoT; compruebe sincronismo con ERP; habilite interconexión EDI con proveedores Just-in-Time. 6. Pruebas en vacío y con “racks testigo” 6.1 Ejecute “dry-run” de cada línea (sin piezas) para observar vibraciones, paradas inesperadas o alarms críticas. 6.2 Introduzca racks testigo (carrocerías dummy, bastidores de tren motriz) y realice el primer First-Off controlado por Calidad. 6.3 Liberación gradual: Soldadura > Pintura > Montaje final > Pruebas de pista interna. 7. Validación de Calidad y recalibración de procesos 7.1 Dimensional: pase de carrocería por CMM y láser gap-flush; tolerancias ISO 8062/8015. 7.2 Pintura: ensayo de espesor (μm), adhesión (cross-cut), brillos (GU) y cabina clase A. 7.3 Powertrain: correas de rodaje y dinamómetro en banco EoL; correlación con SPC histórico. 7.4 Ajuste fino de parámetros si se detectan derivas >1 σ respecto al CP/CPK nominal. 8. Reactivación de logística interna y externa 8.1 Reinicie kanban y milk-run; notifique a proveedores Tier 1/Tier 2 el ETR (Estimated Time to Resume). 8.2 Verifique que almacenes automatizados (AS/RS) y shuttle conveyors funcionan con inventario correcto. 8.3 Establezca plan de recuperación de volumen: horas extras, turnos de fin de semana, line-balancing temporal. 9. Comunicación y reporting 9.1 Informe interno a Dirección y casa matriz: duración de parada, líneas afectadas, producción perdida, OEE estimado, coste preliminar. 9.2 Parte a autoridades laborales/regionales si procede (>4 h de parada o activación de plan de emergencia). 9.3 Comunicación transparente a clientela OEM (si planta de componentes) o red comercial (si planta vehículo completo) con nuevo week-plan de envíos. 10. Revisión post-evento y acciones de robustez 10.1 Reunión “hot-wash” 24 h después: listado de incidencias, MTTR, piezas dañadas, mejoras de mantenimiento predictivo. 10.2 Actualizar Plan de Continuidad de Negocio:  • Capacidad mínima de back-up (generadores diésel >20 % demanda pico).  • Protecciones de sobretensión y almacenamiento energético (BESS).  • Prácticas ciberseguras OT-IT (segmented VLAN, firewalls, backups off-line). 10.3 Programar simulacro anual de pérdida total de red para verificar tiempos de respuesta y ajuste de roles. Todos los podcast: https://www.podcastmotor.es Twitter: @AutoFmRadio Instagram: https://www.instagram.com/autofmradio/ YouTube: https://www.youtube.com/@AutoFM Contacto: info@autofm.es

Nexus

Nexus

Play Episode Listen Later Apr 29, 2025 40:20


Episode 178 features James Dice, Rosy and Brad Bonavida from Nexus Labs, as well as Keilly Witman from Refrigerant Management Solutions. In this episode of the Nexus Podcast, the Nexus Labs team breaks down the top stories relevant to energy managers, facility managers, IT/OT managers, and workplace managers.Find full show notes and episode transcript on The Nexus Podcast: Episode 178 webpage.Sign-up (or refer a friend!) to the Nexus Newsletter.Learn more about The Smart Building Strategist Course and the Nexus Courses Platform.Check out the Nexus Labs Marketplace.Learn more about Nexus Partnership Opportunities.

@BEERISAC: CPS/ICS Security Podcast Playlist
Simplifying OT Cybersecurity: Tools and Strategies for Non-Experts in Critical Infrastructure with Steve Kiss

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Apr 22, 2025 61:41


Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Simplifying OT Cybersecurity: Tools and Strategies for Non-Experts in Critical Infrastructure with Steve KissPub date: 2025-04-21Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Protect It All, host Aaron Crow sits down with Steve Kiss, founder and CEO of IPMeter, for an eye-opening discussion on the future of OT (Operational Technology) and IT cybersecurity. With over 25 years of hands-on experience, Steve shares his journey from network engineering to designing practical cybersecurity tools for real-world OT environments. They dive into the unique challenges faced by operators in sectors like wastewater treatment, building management, and power utilities—where frontline professionals often shoulder critical cybersecurity responsibilities without formal training or extensive resources. Steve and Aaron emphasize the urgent need for simple, scalable, and reliable tools that empower these “full stack” operators to secure critical infrastructure effectively. From bridging the IT-OT divide to managing legacy system risks and improving procurement practices, this conversation offers actionable insights for municipalities, utilities, and smaller organizations aiming to take greater ownership of their cyber defenses. Packed with real-world examples, strategic advice, and a touch of industry humor, this episode is essential listening for anyone focused on protecting essential services and strengthening community resilience. Key Moments:  10:40 Understanding Factory Acceptance Test (FAT) 16:41 Transitioning to Local Water Management 19:52 Compliance and Cybersecurity Standards 25:03 "Digital Spins on Security Concepts" 32:30 Standardizing Power Systems Configurations 35:00 Basic Security Steps for Operators 40:28 Balancing IoT Features and Control 45:01 Durability and Setup for Rail Tech 48:58 "Basic Network Foundations Needed" 54:35 Wastewater's Overlooked Importance About the guest:    Steve Kiss is a seasoned cybersecurity leader with over two decades of experience in engineering, infrastructure security, and strategic leadership. As the inventor of IPMeter™ and a contributor to the NIST 800-53 SP2 standards, he has played a pivotal role in advancing vulnerability management practices. Throughout his career, Steve has been deeply involved in the design, construction, and security of critical infrastructure across sectors such as aviation, defense, data centers, and utilities.  His expertise uniquely bridges the worlds of operational technology (OT) and information technology (IT), addressing the evolving challenges of modern network environments. In addition to founding multiple companies focused on infrastructure security, Steve regularly shares his insights at industry events, including the IMRON Security & Safety Summit at SoFi Stadium.  He also publishes a weekly newsletter, HOTw (Hack of the Week), spotlighting trends and incidents in OT cybersecurity. Through his latest venture, IPMeter, Steve continues to drive innovation in cybersecurity testing and resilience.   How to connect Steve :    Website for IPMeter www.ipmeter.net   LinkedIn https://www.linkedin.com/in/stevekiss/   Blog (once to twice a month- includes HOTw (IoT hack of the week) https://www.ipmeter.net/blog   Contact for IPMeter demos sales@ipmeter.net   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Manufacturing Hub
Ep. 205 - What Manufacturers Need to Know About UNS, MQTT, and Ignition After Prove It

Manufacturing Hub

Play Episode Listen Later Apr 17, 2025 38:56


Welcome back to a special Thursday edition of Manufacturing Hub!In this episode, we dive deep into one of the standout presentations from the Prove It conference — featuring Travis Cox from Inductive Automation and Arlen Nipper from Cirrus Link Solutions.

Nexus

Nexus

Play Episode Listen Later Apr 15, 2025 34:12


Episode 176 features James Dice, Rosy and Brad Bonavida from Nexus Labs. In this episode of the Nexus Podcast, the Nexus Labs team breaks down the top stories relevant to energy managers, facility managers, IT/OT managers, and workplace managers.Find full show notes and episode transcript on The Nexus Podcast: Episode 176 webpage.Sign-up (or refer a friend!) to the Nexus Newsletter.Learn more about The Smart Building Strategist Course and the Nexus Courses Platform.Check out the Nexus Labs Marketplace.Learn more about Nexus Partnership Opportunities.

@BEERISAC: CPS/ICS Security Podcast Playlist
A Year in Cyber Podcasting: Building Trust and Community in Cybersecurity

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Apr 8, 2025 21:49


Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: A Year in Cyber Podcasting: Building Trust and Community in CybersecurityPub date: 2025-04-07Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow celebrates the first anniversary of this insightful podcast. Over the past year, Aaron has delved deep into the world of cybersecurity, bringing listeners compelling stories and expert insights from across the globe, including guests from the United States, Iraq, South Africa, and New Zealand. In this milestone episode, Aaron reflects on the journey so far, recounting pivotal moments and important lessons learned. The podcast has covered a wide range of topics, from AI and cloud technology to IT/OT convergence, always aiming to provide real value and foster a community of learners and protectors. Listeners can expect a continuation of this engaging content, with plans for more panel discussions, live events, and an ongoing focus on building trusted relationships in the cybersecurity field.  As Aaron emphasizes, the podcast isn't just about defending digital assets; it's about empowering individuals, fostering dialogue, and driving innovation in the industry.  Join Aaron in celebrating this landmark and look forward to the exciting path ahead. Key Moments:    06:21 Building Trust in Cybersecurity Careers 08:36 Candid Cybersecurity Conversations 13:16 Unified IT and OT Collaboration 16:03 "Embrace Salesmanship and Global Insights" 19:22 "Podcast Topic Suggestions Welcome" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Nexus

Episode 175 features James Dice, Rosy and Brad Bonavida from Nexus Labs. In this episode of the Nexus Podcast, the Nexus Labs team breaks down the top stories relevant to energy managers, facility managers, IT/OT managers, and workplace managers.Find full show notes and episode transcript on The Nexus Podcast: Episode 175 webpage.Sign-up (or refer a friend!) to the Nexus Newsletter.Learn more about The Smart Building Strategist Course and the Nexus Courses Platform.Check out the Nexus Labs Marketplace.Learn more about Nexus Partnership Opportunities.

Manufacturing Hub
Ep. 200 - From Plant Floor to Enterprise: Tatsoft Shows Off Frameworks IIoT Platform

Manufacturing Hub

Play Episode Listen Later Mar 27, 2025 38:51


In this episode recorded live at the ProveIt Conference, we sit down with Mark and Harry from Tatsoft, creators of the industrial IIoT platform Frameworks. We dive deep into how Tatsoft is redefining what a true industrial platform should be — built from the ground up for the factory floor, yet scalable across the enterprise.Mark and Harry walk us through:Their platform's positioning as a SCADA, HMI, MES, and IIoT toolbox — all in oneHow Frameworks handles real-time data, from connectivity (MQTT, OPC UA, SQL) to transformation and dynamic visualizationWhy the “extra I in IIoT” matters when building for industrial environmentsThe challenges of IT/OT integration, people gaps, and legacy systems — and how Tatsoft tackles them head-onA demo of their ProveIt solution, showing off auto-recognition of new assets, dynamic UI, and high-performance visualization across devicesWhether you're an end user, system integrator, or OEM, this episode will help you understand how Tatsoft's Frameworks V10 is enabling fast, scalable, and future-proof industrial applications — without compromise.

@BEERISAC: CPS/ICS Security Podcast Playlist
Staying Ahead of an Industrial Cybersecurity Attack with Carlos Buenaño, Armis CTO

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 22, 2025 30:03


Podcast: Industrial Cybersecurity InsiderEpisode: Staying Ahead of an Industrial Cybersecurity Attack with Carlos Buenaño, Armis CTOPub date: 2025-03-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino Busalachi sits down with Carlos Buenaño, CTO of Armis, to explore the evolving cybersecurity challenges in industrial control systems (ICS) and operational technology (OT). Carlos shares insights from his extensive experience in process control engineering, industrial network security, and IT-OT convergence. He sheds light on how organizations can gain visibility into their OT environments, mitigate cyber risks, and implement effective security frameworks. From real-world ransomware incidents to strategies for network segmentation and asset monitoring, this discussion provides actionable insights for anyone involved in securing industrial infrastructure. Whether you're a plant manager, security leader, or IT-OT strategist, this episode is packed with valuable takeaways.Chapters:00:00:00 - The High-Stakes World of Plant Management and Control Systems00:01:20 - Meet the Experts: Dino and Carlos on Industrial Cybersecurity00:01:55 - From Engineer to CTO: Carlos' Journey in Securing ICS00:03:15 - Designing Secure Control Networks: Lessons from Australia00:05:17 - IT vs. OT: Why the Security Approach Must Change00:08:14 - Breaking Down IT-OT Conflicts and Finding Common Ground00:13:52 - Hidden Cyber Threats in Industrial Control Systems00:23:16 - How to Stay Ahead of Cyber Attacks in OT Environments00:24:15 - Key Takeaways and Actionable Steps for Industrial SecurityLinks And Resources:Juan Carlos (Carlos) Buenaño on LinkedInCybersecurity & Digital Safety Group on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Nexus

Nexus

Play Episode Listen Later Mar 18, 2025 30:38


Episode 174 features James Dice, Rosy and Brad Bonavida from Nexus Labs. In this episode of the Nexus Podcast, the Nexus Labs team breaks down the top stories relevant to energy managers, facility managers, IT/OT managers, and workplace managers.Find full show notes and episode transcript on The Nexus Podcast: Episode 174 webpage.Sign-up (or refer a friend!) to the Nexus Newsletter.Learn more about The Smart Building Strategist Course and the Nexus Courses Platform.Check out the Nexus Labs Marketplace.Learn more about Nexus Partnership Opportunities.

Security Breach
Manufacturing's Internal Cyber Struggles

Security Breach

Play Episode Listen Later Mar 13, 2025 27:48


Breaking down silos while securing the cloud and leveraging secure-by-design advancements.The challenges facing the industrial OT landscape that emanate from external sources are … varied, complex and constantly evolving. Smarter hacking groups, AI-driven phishing schemes and deceptive malware viruses head the list of concerns.And while these factors show no signs of fading, the reality is that there are just as many challenges facing industrial cybersecurity that are embedded within the very foundation of our operations. These legacy dynamics have created internal battles that absorb valuable resources, waste precious talent and help the bad guys stay a step ahead. With this in mind, we're going to tap into two key industry leaders to get their take on pressing, internal liabilities that are ensuring key production assets remain exposed. We'll hear from Silverfort's Rob Larsen, as he discusses the ongoing struggles created by IT/OT silos, as well secure-by-design initiatives. Mandiant's Paul Shaver will also offer his take on these silos, and how decisions related to cloud networking are impacting the security stature of key data, assets and network connections.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.Promoguy Talk PillsAgency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama...Listen on: Apple Podcasts SpotifyTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com. To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.

Manufacturing Hub
Ep. 197 - Inside ProveIt 2025: How 36 Vendors Connected to One Unified Factory

Manufacturing Hub

Play Episode Listen Later Mar 10, 2025 58:20


We're coming to you LIVE from the ProveIt Conference in Dallas, TX, where we're witnessing one of the most groundbreaking manufacturing and industrial automation events in history. Hosted by Walker Reynolds and the 4.0 Solutions team, ProveIt brings together 36+ vendors, industry leaders, and a massive community to showcase real-world digital transformation solutions—all connected to a unified namespace (UNS) virtual factory.In this episode, Dave and Vlad from Manufacturing Hub go behind the scenes with Walker Reynolds, discussing:✅ The vision behind ProveIt – What it takes to create a community-driven industry event✅ How vendors were challenged to solve real-world problems using real factory data✅ Key takeaways from top presentations – Tulip, Litmus, Concept Reply/Snowflake, Google Cloud, Dell Native Edge, and more✅ Lessons learned from integrating 36 vendors into a single, fully functional UNS✅ The future of ProveIt – What's coming for 2026 and beyond

@BEERISAC: CPS/ICS Security Podcast Playlist
Avoiding Compliance Risks : From Audit to Action

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 5, 2025 23:18


Podcast: Industrial Cybersecurity InsiderEpisode: Avoiding Compliance Risks : From Audit to ActionPub date: 2025-03-04Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIndustrial cybersecurity is no longer an option—it's a necessity. In this episode, Kimberly Anderson, Managing Director at UHY, joins Craig Duckworth to explore the growing cybersecurity challenges facing manufacturers and industrial operations. They discuss the gaps in cybersecurity accountability, IT/OT entanglement, and why network segregation is still a major hurdle. Kimberly shares insights on cyber insurance pitfalls, compliance best practices, and why businesses should move beyond "checking the box" to build a truly resilient cybersecurity program. Whether you're facing vendor or OEM remote access risks, securing legacy systems, or navigating industrial cybersecurity regulations, this conversation provides actionable insights to help you stay in compliance and ahead of common cybersecurity pitfalls.Chapters:00:00:00 - Ransomware Isn't Your Biggest Threat—Human Error Is00:00:44 - Meet Kimberly Anderson: From Chemistry to Cybersecurity Leadership00:01:17 - Why Technology Risk & Compliance Can't Be Ignored in Industrial Cybersecurity00:02:29 - IT/OT Security Integration: Why It's a Struggle and How to Get It Right00:03:56 - Network Segregation: The Critical Security Step Most Companies Overlook00:05:42 - The IT/OT “Divorce”: Why Separating Networks is a Game-Changer00:06:41 - Rushing to the Cloud? Avoid These Vendor Security Pitfalls00:11:48 - Cyber Insurance Isn't a Safety Net—Here's What You're Missing00:14:43 - Beyond “Checking the Box”: How to Build a Resilient Cybersecurity Strategy00:18:25 - Final Takeaways: Simple Steps to Strengthen Your Security TodayLinks And Resources:Kimberly Anderson on LinkedInUHY Advisors, Inc.Industrial Cybersecurity LinkedIn GroupDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Nexus

Episode 173 features James Dice, Rosy Khalife, and Brad Bonavida from Nexus Labs. In this episode of the Nexus Podcast, the Nexus Labs team breaks down the top stories relevant to energy managers, facility managers, IT/OT managers, and workplace managers.Find full show notes and episode transcript on The Nexus Podcast: Episode 173 webpage.Sign-up (or refer a friend!) to the Nexus Newsletter.Learn more about The Smart Building Strategist Course and the Nexus Courses Platform.Check out the Nexus Labs Marketplace.Learn more about Nexus Partnership Opportunities.

Manufacturing Hub
Ep. 195 - Unlocking Digital Transformation: The Unified Namespace, Industrial Data, and Prove It!

Manufacturing Hub

Play Episode Listen Later Feb 27, 2025 71:53


Welcome to Manufacturing Hub, where we dive deep into the world of industrial automation, software, and digital transformation. In this episode, hosts Dave and Vlad are joined by Zach Scriven, an industrial automation expert, digital transformation evangelist, and a key player in the development of Prove It, a groundbreaking industry conference.This conversation explores a range of topics, from Zach's personal journey in industrial automation and SCADA integration to his pioneering work in digital transformation education. We discuss Unified Namespace (UNS)—a powerful framework for structuring and scaling industrial data—and its role in breaking down silos and creating scalable, interoperable architectures.Key Topics Discussed:✅ Zach Scriven's Background: His journey from SCADA integration in the water industry to co-founding 4.0 Solutions and IoT University.✅ Unified Namespace (UNS): What it is, why it matters, and how it enables scalable industrial data architectures.✅ Digital Transformation in Manufacturing: The need for a clear strategy, the challenges of data silos, and the shift toward IT-OT convergence.✅ Edge Computing & Industrial Data Platforms: How Ignition, MQTT, Litmus Edge, HighByte, and HiveMQ are changing the landscape of industrial automation.✅ Challenges in Legacy Industrial Systems: How companies with aging infrastructure can begin their digital transformation journey.✅ The Future of Industrial Conferences – Prove It: Why traditional conferences fail to deliver value and how Prove It is disrupting the model by requiring vendors to "prove" their solutions in a real-world simulated environment.References & Companies Mentioned:

@BEERISAC: CPS/ICS Security Podcast Playlist
Overlooked Risks With IIoT in Industrial Cybersecurity

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Feb 12, 2025 22:28


Podcast: Industrial Cybersecurity InsiderEpisode: Overlooked Risks With IIoT in Industrial CybersecurityPub date: 2025-02-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino dive deep into the critical yet often overlooked aspects of industrial cybersecurity in relation to IIoT. They discuss the misconception that many OT assets are isolated when, in reality, they are interconnected and vulnerable. The conversation highlights the importance of complete asset inventory, IT-OT collaboration, and the hidden risks posed by vendor access, remote connections, and unmonitored network traffic. With real-world insights, they explore how organizations can leverage cybersecurity tools not just for threat prevention but also for process integrity and operational efficiency. If you've ever wondered how to bridge the gap between IT-driven cybersecurity and OT-focused operations, this episode is a must-listen.Chapters:00:00:00 - Introduction: Why OT Security Matters More Than You Think00:01:08 - Meet Craig and Dino: Experts in Industrial Cybersecurity00:01:16 - Breaking Down IoT vs. OT: Understanding the Differences00:02:33 - Why Asset Inventory in Industrial Environments is a Challenge00:03:42 - The Hidden Risks of Overlooking Connected OT Assets00:04:32 - The IT-OT Divide: Why Collaboration is Crucial for Security00:08:29 - Industrial IoT Blind Spots: What You're Missing00:09:08 - Preventing Downtime: How Cybersecurity Tools Can Help00:12:00 - How Sensors and Data Can Predict and Prevent Failures00:14:20 - Digital Threats to OT: Why Anomalies Matter00:16:42 - Why OT Teams Need to Fully Understand Cybersecurity Tools00:19:13 - Finding the Right Partner for IT-OT Cybersecurity Integration00:20:04 - Bridging the Gap: Building Stronger IT and OT Relationships00:21:07 - Final Thoughts: How to Take Action on OT Security TodayLinks And Resources:Velta TechnologyDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Manufacturing Hub
Ep. 192 - Kicking Off 2025 – Plans, Trends & The State of Manufacturing

Manufacturing Hub

Play Episode Listen Later Feb 10, 2025 57:56


As we enter 2025, the manufacturing and industrial automation sectors are facing a period of significant transformation. In this episode of Manufacturing Hub, Dave and Vlad outline their plans for the year, covering everything from the direction of the podcast to industry trends shaping the future of manufacturing.This episode kicks off with an overview of the podcast's 2025 format, which continues to be structured around monthly themes. This year, topics such as ERP, modern maintenance strategies, workforce upskilling, and industrial data management will take center stage. While some recurring topics like robotics, systems integration, and manufacturing intelligence will return, the podcast will also explore new themes to address emerging challenges in the industry.Beyond the podcast, Dave and Vlad discuss the state of manufacturing going into 2025, breaking it down by key business functions:Finance & Capital Investments – Companies are resuming automation and technology investments after a period of budget constraints. However, challenges remain in securing funding for new initiatives, especially for mid-sized manufacturers looking to scale operations. With interest rates still relatively high and economic uncertainty lingering, capital expenditures will need strong justification, emphasizing ROI and long-term cost reductions.Workforce & Hiring Challenges – The talent shortage remains one of the biggest obstacles for manufacturing organizations. While many companies are investing in workforce development and training, the gap between available talent and industry demand continues to widen. The increasing complexity of industrial automation systems, combined with the push toward IT-OT integration, is making it even harder to find individuals with the right mix of skills. This challenge is particularly evident in sectors that require highly specialized knowledge, such as SCADA, MES, and industrial cybersecurity.IT & Digital Transformation – More manufacturers are accelerating their adoption of cloud computing, IIoT, and advanced analytics, yet IT departments are often understaffed and struggling to implement these technologies effectively. The ongoing debate over who owns industrial data—IT or OT—continues to create friction in many organizations. Additionally, IT teams are being tasked with addressing growing cybersecurity risks, particularly as legacy systems remain vulnerable and require modernization.Sales & Marketing in Industrial Automation – As the industry becomes more competitive, companies selling hardware, software, and integration services must refine their messaging to better communicate value to specific audiences. Instead of broad, generic marketing efforts, more targeted, technical content and direct engagement with decision-makers will be key. The challenge lies in translating technical capabilities into business outcomes, ensuring that sales strategies align with the evolving priorities of manufacturing leaders.Operations & Production Management – The pressures on operations teams remain as high as ever. Whether due to supply chain fluctuations, increased product customization demands, or workforce shortages, maintaining efficiency while improving uptime is becoming increasingly complex. The role of data-driven decision-making in operations is expanding, with more companies seeking to optimize production through real-time monitoring and predictive maintenance strategies. However, the challenge remains in ensuring that frontline workers and plant managers have access to actionable insights rather than overwhelming amounts of raw data.Additionally, Dave and Vlad outline their plans for attending major industry events in 2025, including Automate, Hannover Messe, Ignition Community Conference, and the Prove It Conference. While their focus will be on attending key events rather than producing content at every trade show, they emphasize the importance of staying engaged with industry developments and fostering in-person conversations.This episode serves as a comprehensive preview of what to expect in manufacturing, automation, and industrial technology in 2025. The year ahead promises to be one of both challenges and opportunities, with companies navigating economic pressures, workforce shortages, and the rapid evolution of digital manufacturing technologies.Join us as we set the stage for 2025, explore what's ahead, and continue the conversation on how manufacturers can adapt, innovate, and stay competitive in an increasingly complex landscape.******Connect with UsVlad RomanovDave GriffithManufacturing HubSolisPLCJoltek

Manufacturing Hub
Ep. 191 - Bridging IT and OT: 4IR Solutions, Ignition 8.3, and the Future of Industrial Automation

Manufacturing Hub

Play Episode Listen Later Feb 6, 2025 17:24


In this episode of Manufacturing Hub, recorded live at ICC 2023, hosts Dave and Vlad welcome back James Burnand, CEO of 4IR Solutions, to discuss IT-OT convergence, the role of 4IR Solutions in the Ignition Community, and key takeaways from Ignition 8.3.4IR Solutions and IT-OT Convergence4IR Solutions is a Solutions Partner within the Ignition Community, focusing on OT as a Service to help manufacturers manage patching, security, and system monitoring—common pain points for system integrators. Ignition has evolved from a SCADA tool to a data-centric platform that facilitates enterprise-wide connectivity.James explains that IT and OT have historically operated in silos, but the adoption of Docker and Kubernetes in industrial environments is breaking these barriers. Traditional OT systems prioritize stability and uptime, while IT is focused on scalability and security. The challenge is implementing modern IT principles in an OT-friendly way.Key Features of Ignition 8.3The Ignition 8.3 update introduces file-based gateway configurations, making automation and scaling more efficient for system integrators. New drawing tools and event streams enhance real-time data visualization and workflow automation. Additionally, Helm charts offer enterprises a better way to manage large-scale deployments.Bridging the IT-OT DivideJames highlights the organizational challenges of IT-OT convergence, noting that many manufacturers lack dedicated IT-OT professionals. 4IR Solutions often serves as a mediator between IT and OT teams, helping ensure security, compliance, and operational stability while enabling modernization efforts.Takeaways from ICC 2023James praises ICC's community-driven atmosphere, where integrators, end users, and Inductive Automation's leadership openly share knowledge. The collaborative nature of the conference allows for real-time feedback, which directly influences Ignition's ongoing development.Looking Ahead4IR Solutions is leveraging Ignition 8.3 to improve automation, reduce costs, and enhance scalability for its customers. As IT-OT integration continues to evolve, manufacturers must embrace flexibility, security, and data-driven decision-making to stay competitive.References from the Episode4IR Solutions (James Burnand, CEO)Ignition by Inductive Automation (SCADA, MES, Unified Namespace)Docker & Kubernetes in Industrial AutomationHelm Charts & Enterprise Deployment StrategiesIT-OT Convergence & Security in OT EnvironmentsThis version keeps the depth while making it easier to read. Let me know if you need further refinements.******Connect with UsVlad RomanovDave GriffithManufacturing HubSolisPLCJoltek

Augmented - the industry 4.0 podcast
Scaling Open Source in Manufacturing with FlowFuse's ZJ van de Weg

Augmented - the industry 4.0 podcast

Play Episode Listen Later Feb 5, 2025 26:57


This week's guest is ZJ van de Weg (https://www.linkedin.com/in/zegerjan/), CEO of FlowFuse. ZJ shares his journey from an intern at GitLab to now leading FlowFuse, how open-source technology is transforming industrial operations, and why Node-RED has become the go-to platform for low-code manufacturing connectivity. He also takes a deep dive into the challenges of scaling open source solutions in enterprise environments, the value of an ‘open-core' business model, and the future of IT/OT collaboration. Augmented Ops is a podcast for industrial leaders, citizen developers, shop floor operators, and anyone else that cares about what the future of frontline operations will look like across industries. This show is presented by Tulip (https://tulip.co/), the Frontline Operations Platform. You can find more from us at Tulip.co/podcast (https://tulip.co/podcast) or by following the show on LinkedIn (https://www.linkedin.com/company/augmentedpod/). Special Guest: ZJ van de Weg.

Workforce 4.0
Future Skills For The Future of Work (with Vladimir Romanov, JolTek)

Workforce 4.0

Play Episode Listen Later Feb 5, 2025 44:37


In this episode of Workforce 4.0, host Ann Wyatt sits down with Vlad Romanoff, co-host of Manufacturing Hub and Managing Partner of JolTek, to discuss the evolving landscape of manufacturing careers. Vlad shares his journey from electrical engineering to content creation, emphasizing the importance of technical education and networking. Throughout this episode, Ann and Vlad delve into the challenges facing the manufacturing industry, including workforce shortages and the increasing complexity of technology. Vlad also shares personal anecdotes about overcoming workforce challenges and underscores the importance of maintaining professional relationships. The conversation highlights the critical role of technical content in up-skilling and supporting the future workforce. In This Episode: -00:32: Meet Vlad Romanoff: Manufacturing Expert -12:50: The Importance of Networking in Career Development -19:38: Overcoming Challenges in Technical Projects -23:11: Handling Key Personnel Departures -23:55: Building and Maintaining Relationships -27:07: The Future of Work and Manufacturing -32:49: Challenges in Talent Acquisition -39:40: Encouraging the Next Generation -43:15: Conclusion and Contact InformationMore About Vlad:Vladimir is the founder and managing partner of Joltek. With over a decade of experience in some of the largest manufacturers followed by start-up experience, he's an expert in manufacturing excellence, digital transformation, IT / OT convergence, and more. With over a decade of experience in some of the largest manufacturers followed by start-up experience, he's an expert in manufacturing excellence, digital transformation, IT / OT convergence, and more. Vlad also co-hosts the popular industry centric podcast called "Manufacturing Hub." To learn more about Vlad, connect with him here. The Future of Work (and this Episode) Is Brought To You By Secchi:Secchi is a revolutionary workforce engagement tool created for organizations to make data-driven frontline decisions in real-time. By measuring and combining multiple people-related lead indicators, Secchi provides in-the-moment visibility into individual frontline employee performance, team performance, engagement/turnover risks, and positive employee behaviors all while removing the traditional barriers of administrative burden on leaders. To learn more about Secchi, check them out here.

ITSPmagazine | Technology. Cybersecurity. Society
From Signaling to Safety: Protecting Critical Infrastructure and the Modern Railway from Digital Threats | A Conversation with Fahad Mughal | Redefining CyberSecurity with Sean Martin

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jan 31, 2025 52:43


Guest: Fahad Mughal, Senior Cyber Solutions Architect - SecurityOn LinkedIn | https://www.linkedin.com/in/fahadmughal/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesModern railway systems are increasingly digital, integrating operational technology (OT) to enhance efficiency, reliability, and safety. However, as railways adopt automated and interconnected systems, they also become more vulnerable to cyber threats. In this episode of Redefining Cybersecurity on ITSP Magazine, host Sean Martin speaks with Fahad Ali Mughal, a cybersecurity professional with extensive experience in OT security architecture, about the challenges and priorities of securing railway infrastructure.The Growing Role of Cybersecurity in RailwaysRailway systems have evolved from steam-powered locomotives to autonomous, driverless trains that rely on sophisticated digital controls. OT now plays a crucial role in managing train operations, signaling, interlocking, and trackside equipment. These advancements improve efficiency but also expose railway networks to cyber threats that can disrupt service, compromise safety, and even impact national security. Unlike traditional IT environments, where the focus is on confidentiality, integrity, and availability (CIA), OT in railways prioritizes reliability, availability, and public safety. Ensuring the safe movement of trains requires a cybersecurity strategy tailored to the unique needs of railway infrastructure.Critical OT Systems in RailwaysMughal highlights key OT components in railways that require cybersecurity protection:• Signaling Systems: These function like traffic lights for trains, ensuring safe distances between locomotives. Modern communication-based train control (CBTC) and European Rail Traffic Management Systems (ERTMS) are vulnerable to cyber intrusions.• Interlocking Systems: These systems prevent conflicting train movements, ensuring safe operations. As they become digitized, cyber risks increase.• Onboard OT Systems: Automatic Train Control (ATC) regulates speed and ensures compliance with signaling instructions. A cyberattack could manipulate these controls.• SCADA Systems: Supervisory Control and Data Acquisition (SCADA) systems oversee infrastructure operations. Any compromise here can impact an entire railway network.• Safety-Critical Systems: Fail-safe mechanisms like automatic braking and failover controls are vital in preventing catastrophic accidents.The increasing digitization and interconnection of these systems expand the attack surface, making cybersecurity a top priority for railway operators.Real-World Cyber Threats in RailwaysMughal discusses several significant cyber incidents that highlight vulnerabilities in railway cybersecurity:• 2023 Poland Attack: Nation-state actors exploited vulnerabilities in railway radio communication systems to send unauthorized emergency stop commands, halting trains across the country. The attack exposed weaknesses in authentication and encryption within OT communication protocols.• 2021 Iran Railway Incident: Hackers breached Iran's railway scheduling and digital message board systems, displaying fake messages and causing widespread confusion. While safety-critical OT systems remained unaffected, the attack disrupted operations and damaged public trust.• 2016 San Francisco Muni Ransomware Attack: A ransomware attack crippled the fare and scheduling system, leading to free rides for passengers and operational delays. Though IT systems were the primary target, the impact on OT operations was evident.These incidents underscore the urgent need for stronger authentication, encryption, and IT-OT segmentation to protect railway infrastructure.Cybersecurity Standards and Best Practices for Railways (links to resources below)To build resilient railway cybersecurity, Mughal emphasizes the importance of international standards:• IEC 62443: A globally recognized framework for securing industrial control systems, widely applied to OT environments, including railways. It introduces concepts such as network segmentation, risk assessment, and security levels.• TS 50701: A European standard specifically designed for railway cybersecurity, expanding on IEC 62443 with guidance for securing signaling, interlocking, and control systems.• EN 50126 (RAMS Standard): A safety-focused standard that integrates reliability, availability, maintainability, and safety (RAMS) into railway operations.Adopting these standards helps railway operators establish secure-by-design architectures that mitigate cyber risks.Looking Ahead: Strengthening Railway CybersecurityAs railway systems become more automated and interconnected with smart cities, vehicle transportation, and supply chain networks, cyber threats will continue to grow. Mughal stresses the need for industry collaboration between railway engineers and cybersecurity professionals to ensure that security is integrated into every stage of railway system design.He also emphasizes the importance of real-time OT threat monitoring, anomaly detection, and Security Operations Centers (SOCs) that understand railway-specific cyber risks. The industry must stay ahead of adversaries by adopting proactive security measures before a large-scale cyber incident disrupts critical transportation networks.The conversation makes it clear: cybersecurity is now a fundamental part of railway safety and reliability. As Mughal warns, it's not a question of if railway cyber incidents will happen, but when.To hear the full discussion, including insights into OT vulnerabilities, real-world case studies, and cybersecurity best practices, listen to this episode of Redefining Cybersecurity on ITSP Magazine.___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Redefining CyberSecurity
From Signaling to Safety: Protecting Critical Infrastructure and the Modern Railway from Digital Threats | A Conversation with Fahad Mughal | Redefining CyberSecurity with Sean Martin

Redefining CyberSecurity

Play Episode Listen Later Jan 31, 2025 52:43


Guest: Fahad Mughal, Senior Cyber Solutions Architect - SecurityOn LinkedIn | https://www.linkedin.com/in/fahadmughal/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesModern railway systems are increasingly digital, integrating operational technology (OT) to enhance efficiency, reliability, and safety. However, as railways adopt automated and interconnected systems, they also become more vulnerable to cyber threats. In this episode of Redefining Cybersecurity on ITSP Magazine, host Sean Martin speaks with Fahad Ali Mughal, a cybersecurity professional with extensive experience in OT security architecture, about the challenges and priorities of securing railway infrastructure.The Growing Role of Cybersecurity in RailwaysRailway systems have evolved from steam-powered locomotives to autonomous, driverless trains that rely on sophisticated digital controls. OT now plays a crucial role in managing train operations, signaling, interlocking, and trackside equipment. These advancements improve efficiency but also expose railway networks to cyber threats that can disrupt service, compromise safety, and even impact national security. Unlike traditional IT environments, where the focus is on confidentiality, integrity, and availability (CIA), OT in railways prioritizes reliability, availability, and public safety. Ensuring the safe movement of trains requires a cybersecurity strategy tailored to the unique needs of railway infrastructure.Critical OT Systems in RailwaysMughal highlights key OT components in railways that require cybersecurity protection:• Signaling Systems: These function like traffic lights for trains, ensuring safe distances between locomotives. Modern communication-based train control (CBTC) and European Rail Traffic Management Systems (ERTMS) are vulnerable to cyber intrusions.• Interlocking Systems: These systems prevent conflicting train movements, ensuring safe operations. As they become digitized, cyber risks increase.• Onboard OT Systems: Automatic Train Control (ATC) regulates speed and ensures compliance with signaling instructions. A cyberattack could manipulate these controls.• SCADA Systems: Supervisory Control and Data Acquisition (SCADA) systems oversee infrastructure operations. Any compromise here can impact an entire railway network.• Safety-Critical Systems: Fail-safe mechanisms like automatic braking and failover controls are vital in preventing catastrophic accidents.The increasing digitization and interconnection of these systems expand the attack surface, making cybersecurity a top priority for railway operators.Real-World Cyber Threats in RailwaysMughal discusses several significant cyber incidents that highlight vulnerabilities in railway cybersecurity:• 2023 Poland Attack: Nation-state actors exploited vulnerabilities in railway radio communication systems to send unauthorized emergency stop commands, halting trains across the country. The attack exposed weaknesses in authentication and encryption within OT communication protocols.• 2021 Iran Railway Incident: Hackers breached Iran's railway scheduling and digital message board systems, displaying fake messages and causing widespread confusion. While safety-critical OT systems remained unaffected, the attack disrupted operations and damaged public trust.• 2016 San Francisco Muni Ransomware Attack: A ransomware attack crippled the fare and scheduling system, leading to free rides for passengers and operational delays. Though IT systems were the primary target, the impact on OT operations was evident.These incidents underscore the urgent need for stronger authentication, encryption, and IT-OT segmentation to protect railway infrastructure.Cybersecurity Standards and Best Practices for Railways (links to resources below)To build resilient railway cybersecurity, Mughal emphasizes the importance of international standards:• IEC 62443: A globally recognized framework for securing industrial control systems, widely applied to OT environments, including railways. It introduces concepts such as network segmentation, risk assessment, and security levels.• TS 50701: A European standard specifically designed for railway cybersecurity, expanding on IEC 62443 with guidance for securing signaling, interlocking, and control systems.• EN 50126 (RAMS Standard): A safety-focused standard that integrates reliability, availability, maintainability, and safety (RAMS) into railway operations.Adopting these standards helps railway operators establish secure-by-design architectures that mitigate cyber risks.Looking Ahead: Strengthening Railway CybersecurityAs railway systems become more automated and interconnected with smart cities, vehicle transportation, and supply chain networks, cyber threats will continue to grow. Mughal stresses the need for industry collaboration between railway engineers and cybersecurity professionals to ensure that security is integrated into every stage of railway system design.He also emphasizes the importance of real-time OT threat monitoring, anomaly detection, and Security Operations Centers (SOCs) that understand railway-specific cyber risks. The industry must stay ahead of adversaries by adopting proactive security measures before a large-scale cyber incident disrupts critical transportation networks.The conversation makes it clear: cybersecurity is now a fundamental part of railway safety and reliability. As Mughal warns, it's not a question of if railway cyber incidents will happen, but when.To hear the full discussion, including insights into OT vulnerabilities, real-world case studies, and cybersecurity best practices, listen to this episode of Redefining Cybersecurity on ITSP Magazine.___________________________SponsorsImperva: https://itspm.ag/imperva277117988LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Feds At The Edge by FedInsider
Ep. 185 Dedicating Cybersecurity Resources to Critical Infrastructure

Feds At The Edge by FedInsider

Play Episode Listen Later Jan 30, 2025 58:43


Protecting operational technology (OT) environments is more complex than ever, requiring precise inventory, continuous monitoring, and strong IT-OT collaboration.  This week on Feds At the Edge, our expert panel unpacks the key cybersecurity challenges operators face in securing their OT systems.  Anthony J. DiPietro, Technical Director, Defense Critical Infrastructure Division for NSA, underscores the importance of maintaining an accurate inventory, especially in remote environments where “ghost” assets can appear unnoticed.   We'll discuss how continuous monitoring helps mitigate these risks and why traditional IT security methods, like sandboxes and automatic updates, don't always work for OT systems.  We also explore the evolving role of AI and Machine learning in OT security, workforce development, and the ever-growing threats posed by interconnected IoT and OT networks.   Tune in on your favorite podcast platform for expert insights on fortifying OT environments against emerging cyber threats.   

Manufacturing Hub
Ep. 189 - Building Careers & SCADA Solutions Kent Melville Sales Engineering at Inductive Automation

Manufacturing Hub

Play Episode Listen Later Jan 23, 2025 80:05


Welcome back to Manufacturing Hub. In this episode, we sit down with Kent Melville, Director of Sales Engineering at Inductive Automation, to explore career growth, sales engineering, and the evolving landscape of industrial automation.Kent shares his fascinating journey, starting as a computer science graduate with a background in web development, ERP systems, and industrial automation before making his way into Inductive Automation. He takes us through the challenges and opportunities he encountered as he transitioned from technical roles into sales engineering, growing from one of the first hires in his division to leading a 30-plus-person team today.What You'll Learn in This EpisodeKent explains the role of a sales engineer and how it differs from traditional technical sales. He breaks down how sales engineers bridge technical expertise and customer engagement, ensuring that solutions meet real-world manufacturing challenges. He also discusses the growth of Inductive Automation, the company culture that has fueled his success, and how the Ignition platform has shaped the industrial automation industry.Another key topic in this discussion is the Ignition Community Conference (ICC), which has become a central event for the Ignition ecosystem. Kent shares how the Build-a-Thon, a live competition where integrators showcase their automation skills, became a major attraction and why it highlights the true power of rapid development with Ignition.Insights on Future Industry TrendsKent provides his perspective on where the industry is heading, especially in terms of IT-OT convergence. He discusses how containerization and DevOps principles are making their way into manufacturing and why version control and structured deployments will become the norm. He also shares insights on how Ignition's flexibility enables organizations to modernize their operations and prepare for the future.Career Lessons and Key TakeawaysThis episode is filled with valuable career advice for engineers and professionals looking to move into sales or leadership roles. Kent emphasizes the importance of working for a company that aligns with your goals rather than constantly chasing small pay increases. He discusses the need for clear communication, initiative, and the ability to adapt to different work styles.For those considering a transition from technical roles to sales engineering, Kent breaks down the key skills required, the training process, and how Inductive Automation prepares its team members for success. He also highlights the importance of building a reputation within an organization, taking on new challenges, and creating opportunities through proactive engagement.Behind-the-Scenes Stories and Fun MomentsBeyond the technical and career discussions, Kent shares some of the most entertaining moments from his time at Inductive Automation. He talks about how an impromptu on-stage rap performance during an Ignition product launch unexpectedly boosted his visibility within the company. He also gives a behind-the-scenes look at how Inductive Automation uses its own software for internal processes, from CRM and training to office automation.Who Should Watch This Episode?This conversation is ideal for industrial professionals looking to understand the role of sales engineering, engineers considering a move into customer-facing roles, and manufacturing leaders exploring Ignition's capabilities. It also offers practical career insights for anyone looking to grow within their organization and stand out in the industry.If you have any questions or thoughts, feel free to share them in the comments. Make sure to like, subscribe, and follow Manufacturing Hub for weekly conversations on manufacturing, automation, and technology.******Connect with UsVlad RomanovDave GriffithManufacturing HubSolisPLCJoltekReferences1. Inductive Automation & Ignition SCADAInductive Automation - Official Websitehttps://inductiveautomation.com/Ignition SCADA - Overview & Featureshttps://inductiveautomation.com/scada/Download Ignition (Free Trial & Maker Edition for Personal Use)https://inductiveautomation.com/downloads/Ignition Exchange (Free Industrial Automation Templates & Modules)https://inductiveautomation.com/exchange/Ignition Community Conference (ICC) – Annual Conferencehttps://inductiveautomation.com/resources/icc/Inductive Automation's YouTube Channel (Webinars, Case Studies, Training)https://www.youtube.com/@InductiveAutomation2. Sales Engineering & Career DevelopmentThe Sales Engineer Handbook: A Guide to Sales Engineering & Technical Sales (Patrick Pissang)https://www.amazon.com/Sales-Engineer-Handbook-Technical-Engineering/dp/3982171402Mastering Technical Sales: The Sales Engineer's Handbook (John Care, Aron Bohlig)https://www.amazon.com/Mastering-Technical-Sales-Engineers-Handbook/dp/1608324262Harvard Business Review - What Makes a Great Sales Engineer?https://hbr.org/2019/04/what-makes-a-great-sales-engineerLinkedIn Sales Engineering Community – Discussions, Networking, and Career Advicehttps://www.linkedin.com/groups/8948750/3. IT-OT Convergence & Industrial Automation TrendsISA (International Society of Automation) – IT-OT Convergence Resourceshttps://www.isa.org/topics/it-ot-convergenceIndustrial DevOps and Containerization in Manufacturing (Inductive Automation Blog)https://inductiveautomation.com/resources/article/modernizing-scada-with-devops/Understanding Unified Namespace (UNS) and MQTT for Industrial Automationhttps://cirrus-link.com/what-is-unified-namespace/ISA-95 Standard – Best Practices for IT and OT Integrationhttps://www.isa.org/standards-and-publications/isa-standards/isa-954. Home Automation & Ignition for Personal UseIgnition Maker Edition (Free Version for Personal & Home Automation Projects)https://inductiveautomation.com/ignition/maker-edition/Home Automation with Ignition - Community Projects & Discussionshttps://forum.inductiveautomation.com/tags/home-automationTravis Cox on Using Ignition for Smart Home Automation (Podcast)https://www.theautomatorpodcast.com/episodes/travis-cox-home-automation-ignition5. Kent Melville & Inductive Automation SocialsKent Melville on LinkedInhttps://www.linkedin.com/in/kentmelville/Inductive Automation on LinkedIn

@BEERISAC: CPS/ICS Security Podcast Playlist
Understanding Cybersecurity Challenges in Industrial Settings with Lesley Carhart

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Jan 16, 2025 58:38


Podcast: PrOTect It All (LS 24 · TOP 10% what is this?)Episode: Understanding Cybersecurity Challenges in Industrial Settings with Lesley CarhartPub date: 2025-01-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow converses with Lesley Carhart, Technical Director at Dragos, who brings over 15 years of experience in incident response and forensics within critical infrastructure sectors. The episode dives deep into the standard practices in industrial settings, such as operators shutting down power plants for safety and the lack of forensic investigation into equipment failures. Lesley emphasizes the importance of integrating cybersecurity into these environments, pointing out that many failures are due to maintenance or human error, though a notable portion does involve cyber threats. Listeners will learn about the challenges and necessary collaborations between operational technology (OT) and information technology (IT) teams. The discussion addresses cultural and trust barriers that hinder effective cybersecurity measures and advises on how organizations can improve their defenses regardless of size and resources. Lesley also highlights the evolving landscape of cyber threats, including the increasing sophistication of adversaries and the vulnerabilities caused by standardizations in industrial systems. Real-world examples underscore the complexity of securing these environments, emphasizing the need for proactive and informed cybersecurity practices, such as "cyber-informed engineering." Tune in to better understand the critical intersections of cybersecurity and industrial operations, and learn practical strategies to safeguard essential services. Key Moments:  05:00 IT-OT miscommunication leads to cybersecurity risks. 09:23 IT processes are too slow; bypassing is required for solutions. 11:36 Leaving an outdated system may pose less risk. 15:09 Slow changes in OT due to unforeseen impacts. 19:17 Include cybersecurity in root cause analysis discussions. 20:31 Nation-states analyze and bypass industrial control systems. 25:40 Cybersecurity is essential to combat potential system threats. 29:27 Communication, champions, and leadership crucial for cybersecurity. 31:37 Cybersecurity struggle due to resources community helps. 35:03 OT vs. IT language differences affect incident classification. 38:08 Empowered safety culture prevents accidents and retribution. 40:22 Few people have diverse cybersecurity skills and experience. 45:05 Experience across all 17 critical infrastructure verticals. 48:29 Evading detection in the nuclear enrichment process. 51:25 Identify industrial devices, build security program. About the guest :  Lesley Carhart is a renowned cybersecurity expert specializing in industrial control systems (ICS) security. With a keen understanding of the convergence between traditional IT and operational technology (OT), Lesley has been at the forefront of safeguarding critical infrastructures. Her work emphasizes the vulnerabilities of human-machine interfaces (HMIs) and programming devices, which are increasingly resembling typical computers and thus becoming prime targets for malware and ransomware attacks. Lesley's insights highlight the significant risks posed by these hybrid systems, underscoring the importance of robust cybersecurity measures in protecting essential processes. Lesley is honored to be retired from the United States Air Force Reserves, and to have received recognition such as “DEF CON Hacker of the Year”, “SANS Difference Maker”, and “Power Player” from SC Magazine. How to connect Lesley:  Instagram : https://www.instagram.com/hacks4pancakes/ Blog: https://tisiphone.ne Mastodon : https://infosec.exchange/@hacks4pancakes Linkedin : https://www.linkedin.com/in/lcarhart/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

IoT For All Podcast
What is Unified Namespace? | HiveMQ's Dominik Obermaier | Internet of Things Podcast

IoT For All Podcast

Play Episode Listen Later Jan 7, 2025 21:12


On this episode of the IoT For All Podcast, Dominik Obermaier, Co-Founder and CTO of HiveMQ, joins Ryan Chacon to discuss unified namespace (UNS). The conversation covers how UNS eases new data architecture adoption, how UNS is changing how enterprises think about data, what makes UNS different from other data architectures, IT/OT convergence, MQTT, trends in industrial data management, advice for transitioning to unified namespace, and unified namespace use cases. Dominik Obermaier is the Co-Founder and CTO of HiveMQ. He is a member of the OASIS Technical Committee and is part of the standardization committee for MQTT 3.1.1 and MQTT 5. He is the co-author of the book "The Technical Foundations of IoT" and a frequent speaker on IoT, MQTT, and messaging. HiveMQ empowers businesses to transform with the most trusted MQTT platform. Designed to connect, communicate, and control IoT data under real-world stress, the HiveMQ MQTT Platform is the proven enterprise standard and powers use cases in automotive, energy, logistics, smart manufacturing, transportation, and more. Leading brands like Audi, BMW, Liberty Global, Mercedes-Benz, Siemens, and ZF choose HiveMQ to build smarter IoT projects, modernize factories, and create better customer experiences. Discover more about IoT at https://www.iotforall.com Find IoT solutions: https://marketplace.iotforall.com More about HiveMQ: https://www.hivemq.com Connect with Dominik: https://www.linkedin.com/in/dobermai/ (00:00) Intro (00:12) Dominik Obermaier and HiveMQ (00:54) What is unified namespace? (04:46) How does UNS ease new data architecture adoption? (07:20) How is UNS changing how enterprises think about data? (10:00) What makes UNS different and IT/OT convergence (12:50) What to look for in an MQTT platform when using UNS (15:21) Trends in industrial data management (17:08) Advice for transitioning to unified namespace (18:28) Unified namespace use cases (20:15) Learn more and follow up Subscribe on YouTube: https://bit.ly/2NlcEwm Join Our Newsletter: https://newsletter.iotforall.com Follow Us on Social: https://linktr.ee/iot4all

Automation Chat
Our #1 Episode of 2024! What's Really Happening with Industrial Cybersecurity & What You Can Learn

Automation Chat

Play Episode Listen Later Dec 17, 2024 19:25


This is a special encore presentation of our #1 most popular episode of 2024 in our “best of” series! Manufacturing is now the #1 target for hackers. Smart, connected devices on the plant floor are high-value cyberattack targets because of the intellectual property they contain — and just one day of downtime can cost millions. In this episode, Executive Editor Theresa Houck talks with Richard Springer, Director of Marketing, OT Solutions at Fortinet, about findings of its revealing study, “Advancing Digital Transformation in a Time of Unprecedented Cybersecurity Risk,” developed in collaboration with the Manufacturers Alliance Foundation. They discuss key takeaways, cybersecurity trends, and lessons that can help manufacturers fortify their cybersecurity efforts. Also learn how IT/OT collaboration is a key to finding mutual goals that balance security and operational priorities. And discover what the U.S. SEC has to do with cyberattack reporting. And as always, get your family-friendly, silly Joke of the Day. Resources from this episode: Download the report, “Advancing Digital Transformation in a Time of Unprecedented Cybersecurity Risk.” Richard Springer on LinkedIn. Fortinet. Manufacturer's Alliance. Subscribe to our 4 digital magazines at http://rok.auto/thejournal-subscribe. You can also watch Theresa & Richard's conversation on YouTube at https://youtu.be/esFAKPAbCSY. Automation Chat is brought to you by The Journal From Rockwell Automation and Our PartnerNetwork magazine. Find us on LinkedIn. Find us on Facebook. Find us on X (Twitter).  ** Named Best Podcast 3 Consecutive Years! 2022 – 2024 Apex Awards of Publication Excellence.

@BEERISAC: CPS/ICS Security Podcast Playlist
Keys to Bridging the Industrial Cybersecurity IT/OT Gap

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Dec 12, 2024 24:25


Podcast: Industrial Cybersecurity InsiderEpisode: Keys to Bridging the Industrial Cybersecurity IT/OT GapPub date: 2024-12-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this week's episode, Dino and Craig dive into the persistent disconnect between IT and OT teams and its impact on industrial cybersecurity. They explore why IT tools often fall short on the plant floor and provide actionable insights to achieve true IT/OT convergence. From addressing the challenges of resource gaps to fostering collaboration between teams, this conversation sheds light on practical strategies to bridge the divide and create a unified approach to industrial cybersecurity on the plant floor and for critical infrastructure.Chapters:00:00:00 - Why Local Collaboration is Critical for Cybersecurity Success00:01:07 - Meet Dino and Craig: Experts in IT/OT Integration00:01:49 - Unpacking the Challenges of IT/OT Convergence00:02:28 - Why IT and OT Teams Often Struggle to Align00:04:48 - Building Collaborative Frameworks for Stronger Cybersecurity00:07:33 - The Role of CIOs and CISOs in Driving Change00:08:44 - Navigating the Complexities of Diverse Plant Environments00:10:23 - Partnering with Vendors to Enhance Security Outcomes00:11:16 - Key Questions to Evaluate System Integrators Effectively00:16:35 - Using Tabletop Exercises to Align IT and OT Teams00:22:20 - Closing Thoughts: Bridging the Divide for Unified CybersecurityLinks And Resources:Industrial Cybersecurity LinkedIn GroupDino Busalachi on LinkedInCraig Duckworth on LinkedInJim Cook on LinkedInVelta TechnologyThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Manufacturing Hub
Ep. 186 - Automation Leadership: Controls, IT/OT Convergence, and Manufacturing Insights w/ Alicia

Manufacturing Hub

Play Episode Listen Later Dec 5, 2024 65:01


This week, Dave and Vlad are thrilled to be joined by Alicia Lomas, a powerhouse in manufacturing, automation, and leadership. Alicia shares her inspiring journey from studying chemical engineering to becoming a key figure in the controls and automation world. Along the way, she has worked with major brands like Chobani, where she helped revamp and optimize operations, and fast-paced startups like Redwood Materials, where she built automation teams and delivered large-scale projects. With years of hands-on experience in both legacy manufacturing environments and cutting-edge greenfield facilities, Alicia brings a wealth of knowledge to this conversation.In this episode, Alicia opens up about her transition from process engineering to controls engineering and the lessons learned while navigating these fields. She explains how mentors shaped her career, how she tackled the steep learning curves of PLC programming, and why curiosity and emotional intelligence are essential for success in automation. Alicia also talks about her experience building high-performing technical teams, hiring engineers from diverse backgrounds, and fostering a culture of mentorship and growth.We take a deep dive into the complexities of choosing the right control platforms, including Alicia's candid comparison of Siemens and Rockwell, and her decision-making process when leading automation strategy for a startup. She also discusses the importance of data collection, MES systems, and predictive maintenance, emphasizing how organizations can start small and scale their digital transformation efforts over time.Alicia shares her thoughts on the convergence of IT and OT, the future of automation, and how collaboration between controls engineers, software developers, and IT professionals will shape the industry. Her optimism for the future is inspiring, as she envisions a world where technology, processes, and people come together to solve complex manufacturing challenges.Whether you're an automation veteran, a newcomer to the industry, or simply curious about the future of manufacturing, this episode is packed with actionable insights, career advice, and thought-provoking discussions.

@BEERISAC: CPS/ICS Security Podcast Playlist
ICS/OT Cybersecurity: Events, Networking, and Industry Discussions with Mike Holcomb

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Dec 4, 2024 50:39


Podcast: PrOTect It All (LS 24 · TOP 10% what is this?)Episode: ICS/OT Cybersecurity: Events, Networking, and Industry Discussions with Mike HolcombPub date: 2024-12-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by special guest  Mike Holcomb to discuss the intricate realm of Industrial Control Systems and Operational Technology (ICS/OT) cybersecurity. The episode also spotlights the upcoming event B Sides ICS, an open and community-centric conference set to run alongside the prestigious S4 conference in Tampa.   Mike Holcomb provides insights into the much-anticipated ticket sales for the event and underscores the importance of submitting papers or presentations by the end of the year. The discussion emphasizes the significance of expertise in OT, cyber, and enterprise operations for top-level management and how events like B Sides ICS and S4 promote networking, learning, and professional development.   Listeners will gain a deeper understanding of the origins of B Sides events, the excitement surrounding B Sides ICS, and the impactful discussions and innovations poised to shape the future of ICS/OT cybersecurity. Whether the audience comprises newcomers or seasoned professionals, this episode offers valuable takeaways for everyone.   Key Moments:    00:00 Educating and supporting ICS & OT cybersecurity communities. 04:28 Passionate about learning and sharing cybersecurity knowledge. 08:59 B Sides: Global community-focused conference events. 10:43 Bringing B-Sides to Greenville increased attendance. 16:29 Promote diverse perspectives in OT cybersecurity. 19:01 Active Directory challenges in IT-OT integration. 21:07 Active Directory simplifies system management, poses risks. 28:57 Lean on IT for the correct Active Directory setup. 31:52 Availability is crucial in an OT environment. 34:14 Integrating IT and OT for enhanced cybersecurity collaboration. 36:16 IT and OT integration needs improvement. 40:54 Exploring cybersecurity in ICSOT across various sectors.   About the guest :    Mike Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world's largest engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world's largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries. He has his Masters degree in ICS/OT cybersecurity from the SANS Technology Institute. Additionally, he maintains cyber security and ICS/OT certifications such as the CISSP, GRID, GICSP, GCIP, GPEN, GCIH, ISA 62443, and more. He posts regularly on LinkedIn and YouTube to help others learn more about securing ICS/OT and critical infrastructure.   How to contact Mike:  Website : https://www.mikeholcomb.com/ Youtube :  https://www.youtube.com/@utilsec LinkedIn: https://www.linkedin.com/in/mikeholcomb/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

IoT For All Podcast
Taking IoT Security Seriously | Kyndryl's Paul Savill | Internet of Things Podcast

IoT For All Podcast

Play Episode Listen Later Dec 3, 2024 20:06


In this episode of the IoT For All Podcast, Paul Savill, Global Practice Leader for Network and Edge Computing at Kyndryl, joins Ryan Chacon to discuss taking IoT security seriously. The conversation also covers the IT/OT divide, the challenges of IoT adoption, the security vulnerabilities of legacy infrastructure, the importance of strict security policies and training, the impact of new regulations, when it makes sense to have an in-house security team, strategies for businesses to enhance their security posture, and advice for companies on staying up-to-date with the latest cybersecurity threats. Kyndryl Readiness Report: https://www.kyndryl.com/us/en/about-us/news/readiness-report Paul Savill is the Global Practice Leader for Network and Edge Computing at Kyndryl. He came to Kyndryl from Lumen Technologies, where he was Senior Vice President of Product Management and Services. He has deep expertise across a range of network and edge domains, including edge/cloud, cloud connectivity, SD-WAN, optical networking, content delivery services, and IT services. Kyndryl is the world's largest IT infrastructure services provider, serving thousands of enterprise customers in more than 60 countries. The company designs, builds, manages, and modernizes the complex, mission-critical information systems that the world depends on every day. Discover more about IoT at https://www.iotforall.com Find IoT solutions: https://marketplace.iotforall.com More about Kyndryl: https://www.kyndryl.com Connect with Paul: https://www.linkedin.com/in/paul-savill-6162965/ Our sponsor: https://www.qoitech.com (00:00) Sponsor (00:34) Intro (00:44) Paul Savill and Kyndryl (03:44) Biggest challenges in IoT adoption (07:02) How has the IT/OT divide created security threats (08:37) Security threats of outdated hardware (10:39) How to secure your organization (13:40) How to know how secure you are (15:55) Staying up-to-date on security threats (17:39) When should security be brought in-house? (19:22) Learn more and follow up Subscribe on YouTube: https://bit.ly/2NlcEwm Join Our Newsletter: https://newsletter.iotforall.com Follow Us on Social: https://linktr.ee/iot4all

Manufacturing Hub
Ep. 184 - ICS Cybersecurity Explained Challenges, Best Practices, and Future Trends with Jason Waits

Manufacturing Hub

Play Episode Listen Later Nov 28, 2024 63:39


In this in-depth conversation, Jason Waits, Chief Information Security Officer (CISO) at Inductive Automation, provides a comprehensive exploration of Industrial Control System (ICS) cybersecurity. With decades of experience securing critical infrastructure and navigating the complexities of Operational Technology (OT) environments, Jason offers actionable insights into the current state and future of cybersecurity in industrial sectors like manufacturing, energy, and water treatment.The discussion begins with an overview of what makes ICS cybersecurity distinct from traditional IT security. Jason explains how OT systems prioritize availability and safety, presenting unique challenges compared to the confidentiality-driven focus of IT. The conversation highlights key vulnerabilities in ICS environments, such as legacy systems that lack modern security features, poorly designed protocols without encryption, and the risks posed by IT/OT convergence.Jason dives into common attack vectors, including social engineering (phishing), lateral movement from IT to OT networks, and physical access breaches. He explores real-world case studies like the Colonial Pipeline ransomware attack, the Oldsmar water treatment plant hack, and the Stuxnet worm, illustrating how these vulnerabilities have been exploited and the lessons they offer for building stronger defenses.The video also emphasizes the critical role of compliance and standards, such as ISA/IEC 62443, the NIST Cybersecurity Framework, and CIS Controls. Jason underscores the difference between compliance and real security, advocating for a "security first, compliance second" philosophy to ensure that organizations focus on mitigating actual risks rather than merely checking regulatory boxes.As the conversation unfolds, Jason discusses the role of vendors and OEMs in securing ICS environments, detailing how Inductive Automation uses proactive measures like Pwn2Own competitions, bug bounty programs, and detailed security hardening guides to improve the security of their products. He highlights the importance of collaboration between vendors and customers to address challenges like long equipment lifecycles and the growing adoption of cloud services.Emerging technologies also take center stage, with Jason exploring how artificial intelligence (AI) is transforming threat detection and response, while also enabling more sophisticated attacks like personalized phishing and adaptive malware. He addresses the implications of IT/OT convergence, emphasizing the need for collaboration between traditionally siloed teams and the importance of building shared security frameworks.For organizations looking to strengthen their cybersecurity posture, Jason offers practical steps, starting with foundational measures like asset management and configuration baselines. He explains how leveraging free resources, such as CIS Benchmarks, and creating a roadmap for cybersecurity maturity can help organizations of all sizes navigate these challenges, even with limited budgets.Timestamps0:00 – Introduction and Overview of ICS Cybersecurity3:15 – Meet Jason Waits: Background and Journey to CISO6:45 – What Is ICS Cybersecurity? Key Differences Between IT and OT10:30 – The Importance of Availability and Safety in OT Systems13:50 – Challenges of Legacy Systems and Long Equipment Lifecycles17:20 – Attack Vectors: Social Engineering, Lateral Movement, and Physical Access20:10 – Case Studies: Colonial Pipeline, Oldsmar Water Treatment Plant, and Stuxnet25:35 – Compliance vs. Security: Jason's “Security First, Compliance Second” Philosophy30:00 – The Role of Vendors and OEMs in Cybersecurity34:45 – Inductive Automation's Approach: Pwn2Own, Bug Bounties, and Security Hardening Guides40:00 – Emerging Technologies: AI in Threat Detection and the Risks of Sophisticated Phishing45:10 – The Growing Adoption of Cloud in ICS and Its Implications50:00 – IT/OT Convergence: Opportunities and Challenges55:15 – Practical Steps for Organizations: Asset Management and Roadmaps1:00:10 – Building a Security Culture: Collaboration Between IT and OT Teams1:05:30 – Future Outlook: Increasing Regulations, Ransomware Risks, and Innovation1:10:00 – Using Cybersecurity as a Competitive Advantage1:15:00 – Closing Thoughts: The Need for Continuous Learning and Proactive ActionAbout Manufacturing Hub:Manufacturing Hub Network is an educational show hosted by two longtime industrial practitioners Dave Griffith and Vladimir Romanov. Together they try to answer big questions in the industry while having fun conversations with other interesting people. Come join us weekly! ******Connect with UsVlad RomanovDave GriffithManufacturing HubSolisPLCJoltek

@BEERISAC: CPS/ICS Security Podcast Playlist
Enhancing OT Cybersecurity: From Legacy Systems to Cloud Solutions with Paul Shaver

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Nov 19, 2024 57:11


Podcast: PrOTect It All (LS 24 · TOP 10% what is this?)Episode: Enhancing OT Cybersecurity: From Legacy Systems to Cloud Solutions with Paul ShaverPub date: 2024-11-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Aaron is joined by Paul Shaver, an experienced OT security consultant from Mandiant, part of Google Cloud. Together, they navigate the nuanced landscape of operational technology (OT) cybersecurity.   The episode begins with Aaron recalling a critical incident at a power plant that underscores the potential pitfalls in OT environments. This sets the stage for a rich discussion on the evolution of OT technology, with Aaron and Paul reminiscing about primary domain controllers and early NT workstations.   The conversation shifts to the future of OT in the cloud, where Paul highlights the benefits of cloud solutions, including enhanced resiliency, security, and data optimization through AI. A compelling customer case study illustrates modern technology adoption with web-based HMIs and Chromeboxes.   Paul offers a detailed analysis of the current OT cybersecurity landscape, addressing the persistent legacy system challenges and the need for a cohesive IT-OT security strategy. He discusses the evolving threat landscape influenced by global geopolitical tensions and the rise of zero-day vulnerabilities.   Listeners will gain practical insights into foundational cybersecurity measures, such as network segmentation, asset inventory management, and robust access control..   Key Moments:    04:14 Connecting IT and OT optimizes processes securely. 09:54 Lost production severely impacts manufacturing revenue recovery. 14:06 Ensure network notifications; control access, separate credentials. 17:10 Engineers need secure access to adjust parameters. 21:55 Endpoint detection on older systems is critical. 28:47 Resilience is crucial in CrowdStrike incident response effectiveness. 32:11 Limited resources for global incident response efforts.= 39:22 Rebuilt domain controller caused authentication issues. 42:37 Focus on resiliency and cloud opportunities, leveraging multi-cloud. 44:59 Improve grid operations using cloud and hyper-converged technology. 48:38 Local cloud provides redundancy for remote sites. 51:15 Critical for acquisition process and problem-solving.   About the guest :  Paul Shaver has dedicated more than two decades to various roles in Operational Technology (OT), primarily within the oil and gas industry. His expertise spans OT architecture, design, and build, along with run and maintaining responsibilities as an asset owner.  Before transitioning into cybersecurity, Paul served as a Technology Director for an oil and gas company in California. Driven by a burgeoning interest in security, he joined Mandiant nearly five years ago. At Mandiant, now part of Google, Paul relishes the mission of enhancing security postures in OT and critical infrastructure, contributing to significant advancements in the field. How to connect Paul: https://www.linkedin.com/in/pbshaver/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.coThe podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

@BEERISAC: CPS/ICS Security Podcast Playlist
Hackers and the Holidays: Strengthening Industrial Cybersecurity

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Nov 15, 2024 25:00


Podcast: Industrial Cybersecurity InsiderEpisode: Hackers and the Holidays: Strengthening Industrial CybersecurityPub date: 2024-11-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAs the holidays approach, manufacturing and critical infrastructure organizations face unique cybersecurity challenges due to reduced staffing and associated increased vulnerabilities. This episode delves into practical strategies for senior leaders and plant managers to secure their operational technology (OT) environments without disrupting production. By adopting continuous monitoring, fostering cross-functional IT-OT collaboration, and engaging OT-specific vendors, organizations can reinforce their cyber resilience. Through real-life scenarios, the hosts discuss how proactive planning and structured security practices are vital to maintaining operational continuity and mitigating risks in complex industrial settings.Chapters:00:00:00 - Introduction to Cybersecurity Challenges During the Holiday Season00:00:52 - Cybersecurity Missteps Putting the C-Suite at Risk00:14:06 - Holidays & Hackers: Keeping Industrial Control Systems SafeLinks And Resources:Velta TechnologyDino Busalachi on LinkedInJim Cook on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Manufacturing Hub
Ep. 181 - Colby Clegg on Ignition 8.3, IT-OT Integration, and the Future of Industrial Automation

Manufacturing Hub

Play Episode Listen Later Nov 7, 2024 38:54


In this insightful episode, we sit down with Colby Clegg, CEO of Inductive Automation, to discuss the much-anticipated release of Ignition 8.3 and its transformative impact on industrial automation. From new capabilities like Perspective Offline Mode to powerful enhancements in data integration and source control, Colby shares how 8.3 builds upon Ignition's mission to be the most modern, user-friendly SCADA and HMI platform.Colby delves into the origins of Inductive Automation, highlighting the journey from a small integration tool to a global, open-platform solution that enables seamless IT-OT integration across diverse industries. He addresses the challenges of creating a platform flexible enough for applications in food & beverage, oil & gas, data centers, and even emerging fields like vertical farming—all while maintaining ease of use and cost-effectiveness.We also cover the unique culture at Inductive Automation, the importance of Inductive University and its open, collaborative approach, as well as the dynamic community surrounding the annual ICC event. If you're an integrator, engineer, or simply curious about the future of industrial technology, this episode offers a rare look inside the innovations shaping our connected world.Keywords:Ignition 8.3, Inductive Automation, Industrial Automation, SCADA, IT-OT Convergence, Industrial IoT, Manufacturing, Industry 4.0, Perspective Module, Colby Clegg, Ignition Platform, Data IntegrationReferences:Inductive University: https://inductiveuniversity.com/Ignition 8.3 Release Notes: https://inductiveautomation.com/downloads/releasenotes/8.1.33-SNAPSHOTPerspective Drawing Editor Discussion: https://forum.inductiveautomation.com/t/perspective-drawing-editor-in-8-3-not-in-8-1/64911Version Control and Future Versions of Ignition: https://forum.inductiveautomation.com/t/version-control-and-future-versions-of-ignition-8-3/74578Inductive Automation Blog on Ignition 8.1.38: https://inductiveautomation.com/blog/ignition-8138-gateway-network-diagram-updates-leased-license-session-flexibility-gateway-encryption-keysInductive Automation Training Resources: https://training.inductiveautomation.com/Inductive Automation Training Classes & Certification: https://inductiveautomation.com/training/classes-and-certificationInductive Automation Previews Upcoming Ignition 8.3 Release: https://inductiveautomation.com/news/inductive-automation-previews-upcoming-ignition-83-release-announces-2024-ignition-firebrand-award-w******Connect with UsVlad RomanovDave GriffithManufacturing HubSolisPLCJoltek

Manufacturing Hub
Ep. 180 - Manufacturing in Motion: Insights on Global Trends Challenges & New Technologies from ICC

Manufacturing Hub

Play Episode Listen Later Oct 31, 2024 65:51


In this engaging episode of Manufacturing Hub, hosts Dave Griffith and Vlad Romanov break down all the latest advancements, insights, and trends from the Ignition Community Conference (ICC) 2024. Known for its deep dives into cutting-edge industrial technology, the ICC gathers experts from around the world to discuss and collaborate on the future of manufacturing tech, and this episode brings those conversations directly to you.With key industry thought leaders like Esteban Nunez of NV Tech and Francisco Carreon from Inductive Automation Australia, Dave and Vlad explore the state of digital transformation, IT-OT convergence, and how innovative tools are reshaping manufacturing in industries like food and beverage, energy, and medical devices. This year's event saw record international attendance, with professionals representing six continents and sharing their unique perspectives on the challenges and opportunities they face in manufacturing technology.In a significant development, ICC 2024 unveiled Ignition 8.3, a major update with advanced features like offline data modes, integration of new scripting languages, and enhanced time-series and data processing tools—perfect for supporting digital transformation across enterprises of all sizes. Esteban and Francisco highlight how these innovations make it easier for integrators and end-users to tackle complex data challenges, facilitate interdepartmental collaboration, and even bridge the divide between traditional OT and advanced IT tools in manufacturing.The hosts also discuss the emerging role of Ignition on Board—where hardware and software integrate seamlessly—making it simpler for manufacturers to connect OT and IT systems. Other tools, like MQTT and LoRaWAN, are being increasingly adopted across the industry, adding flexibility and cost-effectiveness to data collection and transmission processes. With its open architecture, Ignition is uniquely positioned to enable manufacturers to scale up, leverage data from IoT and AI solutions, and drive efficiency through predictive analytics and enterprise-wide connectivity.Key Topics Covered:The launch of Ignition 8.3 and its new features tailored to enterprise digital transformation.Industry-specific challenges, from energy management and medical device manufacturing to food and beverage production.Real-world use cases of Ignition helping manufacturers overcome data silos and integrate with ERP systems.How Ignition Community Conference fosters knowledge sharing and global collaboration.Future trends in manufacturing, including the rising importance of data scientists and the potential of AI and ML in predictive analytics.Perfect for manufacturing professionals, integrators, and decision-makers, this episode offers a rare glimpse into the strategic vision and practical solutions shaping the future of digital transformation. Tune in to discover the insights, global trends, and next-generation technologies that are helping manufacturing move forward, one innovation at a time.******Connect with UsEsteban Núñez VarelaFrancisco CarriónVlad RomanovDave GriffithManufacturing HubSolisPLCJoltek

Unplugged: An IIoT Podcast
11 - Industrial Data Engineering Made Simple with Keiran Stokes

Unplugged: An IIoT Podcast

Play Episode Listen Later Oct 23, 2024 49:20


This week we welcome Keiran Stokes, Director and Head of Technology at Thred, all the way from New Zealand. Keiran shares his unique journey from being an industrial electrician to a control systems engineer and then co-founding Thred. Throughout this insightful discussion, you will gain a deeper understanding of the intricacies of industrial data engineering, the role of digital twins, and the importance of context in data analytics. Keiran sheds light on the challenges of integrating industrial systems, the shortage of data engineers in the sector, and Thred's revolutionary approach to bridging the gap between Industry 4.0 promises and current technology. This episode is perfect for anyone interested in the forefront of IIoT innovations and looking to understand the real-world applications and obstacles in the industry. About: Keiran Stokes is a leader in IT/OT integration and data strategy, renowned for his expertise in converging operational and information technologies to drive digital transformation. With a strong focus on supporting New Zealand's industrial sector, Keiran specialises in enterprise and data architecture, helping businesses unlock productivity through digital solutions. His passion for bridging the gap between the factory floor and the cloud has positioned him as a thought leader in operational data, as well as in the engineering and operations that transform that data into insights and actionable improvements. 00:00 Introduction to Unplugged: An IIoT Podcast 00:35 Introduction to Guest: Keiran Stokes 01:45 Keiran Stokes' Journey: From Electrician to IIoT Expert 05:12 Transition into Manufacturing Execution Systems (MES) Development 08:23 Founding of Thred: Mission and Goals 11:03 Differences Between Industrial and IT Systems 14:17 Challenges of Industrial Data Sharing 17:02 Importance of Domain Knowledge in Industrial Data Engineering 20:50 The Role of Knowledge Graphs in Data Contextualization 25:11 Insights on Large Language Models (LLMs) 28:44 Overview of Thred's New Tool: 3 Cloud 32:30 Concepts of Digital Twins and Real-time Cobot Replication 36:15 Industry Challenges and Solutions for Small Manufacturers 39:42 Data Engineering and DataOps in the Industrial Sector 42:15 Open Source Software in Industrial Applications 45:50 Final Thoughts: Closing Gaps in Industrial Data 48:37 Listener Takeaways on IIoT Innovations and Challenges 52:10 Episode Wrap-Up and Future Discussions Don't forget to subscribe for more insights and updates on the future of Industrial Internet of Things and automation! Connect with Keiran on LinkedIn: https://www.linkedin.com/in/keiran-stokes/ Connect with Phil on LinkedIn: https://www.linkedin.com/in/phil-seboa/ Connect with Ed on LinkedIn: https://www.linkedin.com/in/ed-fuentes-2046121a/ About Industry Sage Media: Industry Sage Media is your backstage pass to industry experts and the conversations that are shaping the future of the manufacturing industry. Learn more at: http://www.industrysagemedia.com

Embedded Executive
Embedded Executive: Deploying TSN, Mitsubishi

Embedded Executive

Play Episode Listen Later Oct 16, 2024 13:05


TSN is a standard that originated for video-streaming applications. But today, it's finding a home in industrial applications, and it's is now becoming irreplaceable. Hear why in this week's Embedded Executives podcast, where I spoke to Tom Burke, who is the Global Director of Industry Standards for Mitsubishi, as well as the Global Strategic Advisor for CC-Link Partner Association (CLPA), a high-speed, high-performance industrial network that supports the IIoT and IT/OT convergence.

Automation World Gets Your Questions Answered
What is Software-Defined Automation?

Automation World Gets Your Questions Answered

Play Episode Listen Later Oct 8, 2024 30:35


In this episode we connect with G Brooks-Zak of Outlier Automation to get insights on software-defined automation and how it can impact manufacturing, including what it means for IT/OT convergence, specific application benefits such as with predictive maintenance and AI, its current use in industry and cybersecurity.

@BEERISAC: CPS/ICS Security Podcast Playlist
204: OT Security Best Practices for Manufacturers with Fortinet's Rich Springer

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Oct 1, 2024 49:55


Podcast: Manufacturing Happy Hour (LS 43 · TOP 1.5% what is this?)Episode: 204: OT Security Best Practices for Manufacturers with Fortinet's Rich SpringerPub date: 2024-09-24Is your shop floor as secure as you think it is? Innovation in the manufacturing world has made IT-OT convergence much more commonplace today, but is the industry taking the potential risks seriously enough? In this episode, we hear from Fortinet's Director of Marketing for OT Solutions, Rich Springer, about the real threats facing manufacturers within OT networks, and why effective OT security is a non-negotiable today...Rich brings bags of experience to the table, from his early days in furniture and glass factories to his time as a Navy submarine officer and later as the global head of SCADA operations for a major wind turbine company. He shares how these experiences shaped his understanding of the unique cybersecurity challenges facing the manufacturing sector. Painting a picture of how an OT threat can bring production to a standstill, Rich recommends that manufacturers use tabletop exercises to assess risk points and their impact on the whole production line. Rich also explains that part of protecting your OT network is about getting IT and OT teams to work together, and he gives practical advice on how to bridge the gap.In this episode, find out:Rich explains Fortinet's position on OT network security We hear about Rich's diverse career background and how his previous roles prepared him for his role at Fortinet The current state of OT convergence and why companies are yet to take actionRich breaks the misconception that air gaps will protect manufacturers from digital threats Advice for better collaboration between IT and OT teams Rich explains why he's optimistic that manufacturers are paying attention to the right things in securityWhat the report says about manufacturers and their approach to OT systems todayWhat it takes for cybersecurity experts to get executives to pay attention to the threats facing OTHow to run a tabletop exercise to assess threat and impact on production What surprises Rich most about cybersecurity in manufacturing todayEnjoying the show? Please leave us a review here. Even one sentence helps. It's feedback from Manufacturing All-Stars like you that keeps us going!Tweetable Quotes:“The separation of duties should be decided on the tabletop exercise, not when the fire is burning.”“The technology has evolved. So therefore, it has made this air gap strategy a little less realistic over the years. And this is a common challenge.”“When the systems go down, they go to paper. So if the line hasn't stopped, what happens with our suppliers if we have to go paper? Take your tabletop exercise to that level.”Links & mentions:Advancing Digital Transformation in a Time of Unprecedented Cybersecurity Risk, a report on how digital transformation in manufacturing has driven a widespread need for cybersecurity awareness2024 State of Operational Technology and Cybersecurity Report, Fortinet's report on OT cybersecurity Make sure to visit http://manufacturinghappyhour.com for detailed show notes and a full list of resources mentioned in this episode. Stay Innovative, Stay Thirsty.The podcast and artwork embedded on this page are from Chris Luecke, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Manufacturing Happy Hour
204: OT Security Best Practices for Manufacturers with Fortinet's Rich Springer

Manufacturing Happy Hour

Play Episode Listen Later Sep 24, 2024 49:55


Is your shop floor as secure as you think it is? Innovation in the manufacturing world has made IT-OT convergence much more commonplace today, but is the industry taking the potential risks seriously enough? In this episode, we hear from Fortinet's Director of Marketing for OT Solutions, Rich Springer, about the real threats facing manufacturers within OT networks, and why effective OT security is a non-negotiable today...Rich brings bags of experience to the table, from his early days in furniture and glass factories to his time as a Navy submarine officer and later as the global head of SCADA operations for a major wind turbine company. He shares how these experiences shaped his understanding of the unique cybersecurity challenges facing the manufacturing sector. Painting a picture of how an OT threat can bring production to a standstill, Rich recommends that manufacturers use tabletop exercises to assess risk points and their impact on the whole production line. Rich also explains that part of protecting your OT network is about getting IT and OT teams to work together, and he gives practical advice on how to bridge the gap.In this episode, find out:Rich explains Fortinet's position on OT network security We hear about Rich's diverse career background and how his previous roles prepared him for his role at Fortinet The current state of OT convergence and why companies are yet to take actionRich breaks the misconception that air gaps will protect manufacturers from digital threats Advice for better collaboration between IT and OT teams Rich explains why he's optimistic that manufacturers are paying attention to the right things in securityWhat the report says about manufacturers and their approach to OT systems todayWhat it takes for cybersecurity experts to get executives to pay attention to the threats facing OTHow to run a tabletop exercise to assess threat and impact on production What surprises Rich most about cybersecurity in manufacturing todayEnjoying the show? Please leave us a review here. Even one sentence helps. It's feedback from Manufacturing All-Stars like you that keeps us going!Tweetable Quotes:“The separation of duties should be decided on the tabletop exercise, not when the fire is burning.”“The technology has evolved. So therefore, it has made this air gap strategy a little less realistic over the years. And this is a common challenge.”“When the systems go down, they go to paper. So if the line hasn't stopped, what happens with our suppliers if we have to go paper? Take your tabletop exercise to that level.”Links & mentions:Advancing Digital Transformation in a Time of Unprecedented Cybersecurity Risk, a report on how digital transformation in manufacturing has driven a widespread need for cybersecurity awareness2024 State of Operational Technology and Cybersecurity Report, Fortinet's report on OT cybersecurity Make sure to visit http://manufacturinghappyhour.com for detailed show notes and a full list of resources mentioned in this episode. Stay Innovative, Stay Thirsty.

@BEERISAC: CPS/ICS Security Podcast Playlist
Zero Day to Virtual Patching: Cybersecurity Solutions A-Z with TXOne Networks Revisited

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Sep 19, 2024 21:48


Podcast: Industrial Cybersecurity InsiderEpisode: Zero Day to Virtual Patching: Cybersecurity Solutions A-Z with TXOne Networks RevisitedPub date: 2024-09-17We revisit key insights from past conversations with Dave Purdy and Debbie Lay of TXOne Networks, who shared their expertise on the critical cybersecurity challenges facing industrial environments. The episode delves into innovative solutions such as virtual patching and deep packet inspection, which are vital for securing legacy systems without causing operational disruption. With a focus on mitigating zero-day vulnerabilities and ransomware threats, the discussions also emphasize the importance of bridging the IT/OT divide to create cohesive, secure environments. This episode provides actionable strategies for professionals responsible for managing the cybersecurity of critical infrastructure in sectors like energy, manufacturing, and utilities.Chapters00:00:00 – Introduction to Key Cybersecurity Challenges in Industrial Environments00:01:19 – Why Visibility is Critical for Securing Industrial Operations00:01:36 – TXOne Networks' Native Protocols and the Power of Deep Packet Inspection00:02:53 – Addressing Zero-Day Vulnerabilities through the Zero Day Initiative00:04:26 – Personal Insights and Fun Facts from Industry Experts00:05:23 – Overcoming Barriers to Industrial Cybersecurity Adoption00:06:35 – IT-OT Collaboration: A Must for Comprehensive Cybersecurity00:09:22 – Global Cybersecurity Trends and Adoption in Industrial Sectors00:10:54 – Virtual Patching: A Game-Changer for Securing OT Systems00:13:50 – Navigating IT-OT Convergence for Improved Security Outcomes00:19:30 – TXOne's Innovative Security Solutions for Industrial EnvironmentsLinks And Resources:Crowdstrike, Virtual Patching, and Industrial OT Environments with Debbie LayUnmasking Industrial Cybersecurity Threats and Solutions with Dave PurdyVelta TechnologyDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, YouTube, and Google Podcasts to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

@BEERISAC: CPS/ICS Security Podcast Playlist
How CISA Supports Cybersecurity from Critical Infrastructure to Elections

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Aug 28, 2024 24:40


Podcast: Industrial Cybersecurity InsiderEpisode: How CISA Supports Cybersecurity from Critical Infrastructure to ElectionsPub date: 2024-08-27Chris Cockburn, Cybersecurity Advisor at CISA, shares his insights on how CISA supports industrial cybersecurity from critical infrastructure to elections. We explore the impact of state-sponsored cyber threats, the importance of securing emerging technologies like AI through the "Secure by Design" initiative, and the role of government-private sector partnerships in building a resilient cybersecurity posture. He shares the free resources available to support industrial cybersecurity including Fusion Centers. Whether it's defending against sophisticated cyber attacks or ensuring the integrity of our election systems, this episode provides essential guidance for securing the future of critical infrastructure.Chapters:00:00:00 - Introduction to AI security concerns in critical infrastructure00:00:59 - Meet Chris Cockburn, cybersecurity expert from CISA00:01:10 - Chris Cockburn's journey from DoD to CISA00:02:21 - Overview of global industrial cybersecurity challenges00:03:35 - How CISA collaborates to strengthen cybersecurity00:04:52 - Regional cybersecurity support for critical sectors00:05:49 - Tackling resource challenges in cybersecurity00:08:03 - Continuous efforts to secure election systems00:09:26 - Navigating the complexities of IT/OT convergence00:12:36 - Making the most of cybersecurity insurance00:15:08 - Ensuring AI is secure by design00:19:06 - CISA's partnership with Idaho National Lab for cybersecurity training00:20:48 - Key strategies for building cyber resilience00:22:09 - Fusion Centers: Enhancing collaboration in cybersecurity00:23:53 - Final thoughts on the future of cybersecurityLinks And Resources:Chris Cockburn on LinkedInCISA Cybersecurity Resources and Tools Dino Busalachi on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, YouTube, and Google Podcasts to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Automation Chat
How to Maintain Business Continuity with IT/OT Synergies in Your Cybersecurity Strategy

Automation Chat

Play Episode Listen Later Jul 23, 2024 16:14


In this episode of our “Automation Chat” podcast from The Journal From Rockwell Automation and Our PartnerNetwork magazine, Executive Editor Theresa Houck chats with Brian Deken, North America Commercial Manager of Networks & Cybersecurity Services at Rockwell Automation. They talk about cybersecurity challenges and outcomes manufacturers are trying to achieve and how to attain them. Also learn why it's vital to do cybersecurity assessments in real time and why you can't integrate and optimize an IT tool for an OT environment. And see how Rockwell Automation provides IT/OT synergies through its partner ecosystem and uses the NIST-based approach to help manufacturers to focus resources for cybersecurity. And as always, get your family-friendly, silly Joke of the Day. Resources from this episode: Cybersecurity Preparedness Assessment. Rockwell Automation Industrial Cybersecurity Solutions. Blog: Improving Critical Infrastructure Cybersecurity (includes NIST explanation). Subscribe to The Journal's 4 print magazines (Feb., May, July and Oct.) by e-mailing Anna Hicks at ahicks@endeavorbusinessmedia.com. Subscribe to our 4 digital magazines at http://rok.auto/thejournal-subscribe. You can also watch their discussion on YouTube at https://youtu.be/8NtR7oHzhhY. Automation Chat is brought to you by The Journal From Rockwell Automation and Our PartnerNetwork magazine. Find us on LinkedIn. Find us on Facebook. Find us on X (Twitter). Please subscribe and give us a 5-star rating and a review. ** Named Best Podcast 2 Consecutive Years! 2022 & 2023 Apex Awards of Publication Excellence.

The Canadian Investor
The Best Ways to Convert CAD to USD and Investing at All-Time Highs

The Canadian Investor

Play Episode Listen Later Jul 4, 2024 57:52


In this episode of the Canadian Investor Podcast, we go over General Mills' Q4 results. Despite being a consumer staple company with brands like Cheerios, Betty Crocker, and Häagen-Dazs, the company is facing some challenges due to consumers opting for cheaper alternatives. Next, we turn our attention to Alimentation Couche-Tard. Reporting its second consecutive quarter of soft earnings, Couche-Tard saw revenue beat expectations but profits were below what bay street was expecting. We'll explore the factors contributing to their 32% year-over-year decline in earnings, including challenges in fuel margins and consumer behavior shifts in Canada. We also answer some listeners' questions about investing when markets are at all time highs, the best methods for currency conversion, and alternative fixed income investments.  Tickers of Stocks & ETF discussed: ATD.TO, GIS, XAW.TO, ITOT, DLR.TO, DLR-U.TO, HSAV.TO, CASH.TO, ZMMK.TO Check out our portfolio by going to Jointci.com Our Website Canadian Investor Podcast Network Twitter: @cdn_investing Simon's twitter: @Fiat_Iceberg Braden's twitter: @BradoCapital Dan's Twitter: @stocktrades_ca Want to learn more about Real Estate Investing? Check out the Canadian Real Estate Investor Podcast! Apple Podcast - The Canadian Real Estate Investor  Spotify - The Canadian Real Estate Investor  Web player - The Canadian Real Estate Investor Sign up for Finchat.io for free to get easy access to global stock coverage and powerful AI investing tools. Register for EQ Bank, the seamless digital banking experience with better rates and no nonsense.See omnystudio.com/listener for privacy information.

Augmented - the industry 4.0 podcast
Episode 139: How to Architect Your Digital Strategy with Jeff Kramer

Augmented - the industry 4.0 podcast

Play Episode Listen Later Jun 12, 2024 29:51


This week's guest is Jeff Kramer (https://www.linkedin.com/in/jeffrey-kramer-a367906/), VP Technology & Digital Factory at Kason Industries (https://www.kasonind.com/). Jeff discusses why manufacturers struggle to develop a cohesive digital strategy, and lays out best practices around governance, data architecture, and bridging the IT/OT divide. He also explains why it's critical for organizations to empower their frontline personnel by using technology to enable a citizen developer approach. Augmented Ops is a podcast for industrial leaders, shop floor operators, citizen developers, and anyone else that cares about what the future of frontline operations will look like across industries. This show is presented by Tulip (https://tulip.co/), the Frontline Operations Platform. You can find more from us at Tulip.co/podcast (https://tulip.co/podcast) or by following the show on LinkedIn (https://www.linkedin.com/company/augmentedpod/). Special Guest: Jeff Kramer.