POPULARITY
Hosted by nozomi networks
40 episodes with nozomi networks
20 episodes with nozomi networks
8 episodes with nozomi networks
3 episodes with nozomi networks
2 episodes with nozomi networks
2 episodes with nozomi networks
2 episodes with nozomi networks
2 episodes with nozomi networks
Podcast: Cyber Focus (LS 24 · TOP 10% what is this?)Episode: The One-Way Street of Digital Transformation: OT Cybersecurity with Nozomi's Edgard CapdeviellePub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this special RSA Conference edition of Cyber Focus, host Frank Cilluffo sits down with Edgard Capdevielle, President and CEO of Nozomi Networks, to unpack the evolving landscape of operational technology (OT) cybersecurity. Together, they explore how digital transformation and the convergence of IT and OT are reshaping the threat environment for critical infrastructure. Capdevielle outlines the three major phases of the OT security market, reflects on the role of AI and legacy systems, and explains why visibility remains foundational to cybersecurity. The conversation also highlights the growing risk from nation-state actors, the breakdown of air gap assumptions, and the tangible steps owner-operators must take to build resilience. Main Topics Covered: Defining the three phases of OT cybersecurity market maturity The impact of digital transformation and IT/OT convergence Why visibility remains the top concern for infrastructure operators The role of AI in passive detection and firmware profiling Nation-state threats, air gap fallacies, and Volt Typhoon's implications Practical steps for operators to improve risk visibility and resilience Key Quotes: “Digital transformation is a one-way street. We're only going to automate more — automate everything — and IT and OT are only going to converge more.” — Edgard Capdevielle “You cannot protect what you can't see. So having a layer of visibility is number one.” — Edgard Capdevielle “Air gapping has been our number one enemy because it's not real… It's brought a level of comfort that is not good for us.” — Edgard Capdevielle Relevant Links and Resources: Nozomi Networks Guest Bio: Edgard Capdevielle is President and CEO of Nozomi Networks, a global leader in OT and IoT cybersecurity. He has a background in computer science and more than two decades of experience in cybersecurity and enterprise technology. Prior to joining Nozomi in 2016, he held leadership roles at Imperva and EMC (including post-acquisition work with Data Domain) and has served as an investor and advisor to several successful startups in the security space.The podcast and artwork embedded on this page are from McCrary Institute, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: KBKAST (LS 31 · TOP 5% what is this?)Episode: Episode 286 Deep Dive: Dean Frye | IT, IoT And OT Security As A Business Continuity ProblemPub date: 2024-12-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, we sit down with Dean Frye, Solutions Architect at Nozomi Networks, as he discusses the complex landscape of IT, IoT, and OT security challenges. Dean delves into the critical importance of avoiding an “us vs. them” mentality between IT and OT teams, and how security interruptions can severely impact business continuity. We explore industry-specific vulnerabilities, such as those in factory chicken farming and Tasmanian salmon farming, and emphasize the necessity for executives to have a deeper technical understanding of cybersecurity. Dean also highlights the value of telemetry and real-time reporting, the evolving role of cloud solutions in OT environments, and the importance of a well-integrated, multidisciplinary team to effectively manage cyber risks. Dean Frye is a Solutions Architect for Nozomi Networks in Australia and New Zealand. Dean is an experienced security professional with a demonstrated history of providing compliance strategy, pragmatic risk mitigation, security project delivery, threat abatement and vendor interface solutions with a significant commercial background. Covering more than twenty years, his previous roles span consulting and senior leadership, including a stint at Armis as solutions architect, and another tenure at Cisco as director of security for the APJ region.The podcast and artwork embedded on this page are from KBI.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: The Security Sandbox | Hello 2025: How Al, Zero Trust & Proactive Defense Are Shaping Cybersecurity's FuturePub date: 2024-12-04Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of The Security Sandbox, hosts Vivek Ponnada and Sandeep Lota will dive into the top cybersecurity trends that shaped 2024 and discuss our predictions for 2025, including:▶️ The impact of emerging technologies like AI on cybersecurity▶️ The latest trends in threat actor tactics targeting operational technology▶️ How zero trust initiatives are changing industrial network architecture▶️ The growing role of Secure by Design principles▶️ Upcoming regulations driving cybersecurity enhancements across industries▶️ Why proactive defense in OT environments will be a key initiative in 2025Visit Our WebsiteFollow Us on LinkedInThe podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: The Security Sandbox at the ICS Cybersecurity ConferencePub date: 2024-11-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHosts Vivek Ponnada and Sandeep Lota share their insights on and exploring topics such as: ✅ Emerging threats to ICS over the next 12-18 months✅ Evolving strategies for integrating IT and OT cybersecurity✅ The future role of AI in ICS cybersecurity✅ Fostering collaboration between IT and OT teamsVisit Our WebsiteFollow Us on LinkedInThe podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: The Security Sandbox | Ensuring Operational Availability & Safety with Unified Cyber Threat IntelligencePub date: 2024-09-26Most cybersecurity threats begin in IT systems. But as the lines between IT and OT continue to blur, these same threats have more and more opportunities to move closer to critical control systems. Having both visibility and context into what assets are most at risk across your operational environments is crucial for maintaining the safety and availability of these systems.In this episode of the Security Sandbox, we'll cover the strategic use of cyber threat intelligence (CTI) to safeguard critical infrastructure and industrial environments.You'll learn about:Integrating OT/IoT threat intelligence with traditional IT threat intelligence for a complete picture of the attack surfaceUsing asset context when acting on threat intelligence in OT systemsReal-world examples of successful proactive threat responseVisit Our WebsiteFollow Us on LinkedInThe podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: The Security Sandbox | Modernizing Cyber Risk Management in OTPub date: 2024-08-28Over the past decade, operational technology (OT) systems have become increasingly digitized and more vulnerable to cyber threats, making effective cyber risk management more crucial than ever. This session will explore the concept of cyber risk, defined as the potential for loss or harm to digital infrastructure, and how you can proactively apply the latest tools, trends and techniques to reduce cyber risk and enhance the resilience of your OT systems.We'll cover:Different risk scoring approaches, like quantitative, qualitative, and hybrid models, which help organizations prioritize and address vulnerabilities. Emerging trends in cyber risk management, including the growing adoption of AI-driven analytics, automation, and integrated security frameworks. How technologies like artificial intelligence and advanced threat detection systems are reshaping how organizations mitigate risk in OT environments.The podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
In this episode of Control Intelligence, written by contributing editor Tobey Strauch, editor-in-chief Mike Bacidore discusses cybersecurity-enabled controllers.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: The Security Sandbox | Evolving Endpoint Security in OTPub date: 2024-07-31Traditionally, operational technology (OT) operators have shied away from active monitoring methods, driven largely by concerns over system disruption and OEM vendor validation expectations. However, the tide appears to be turning. Over the past few years, we've seen mindsets evolving from relying on a 100% passive approach to embracing more active monitoring methods to get deeper asset context, including configuration information, log files, user activity correlation, USB insertions, and even operational data from level 0 in a PLC.During this session, we'll delve into the advancements in OT-safe proactive monitoring and how you could apply some of these latest developments towards securing your critical infrastructure while ensuring operational continuity and compliance.The podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Mitigation continues on the global CrowdStrike outage. UK police arrest a suspected member of Scattered Spider. A scathing report from DHS says CISA ignored a directive to cut ties with a faulty contractor. Huntress finds SocGholish distributing AsyncRAT. Ransomware takes down the largest trial court in the U.S. A US regulator finds many major banks inadequately manage cyber risk. CISA adds three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Australian police forces combat SMS phishing attacks. Our guest Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, shares insights on the challenges of protecting the upcoming Summer Olympics. Rick Howard looks at Cyber Threat Intelligence. Appreciating the value of internships. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest The 2024 Summer Olympics start later this week in Paris. Our guest Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, discusses how, in addition to consumer issues, the actual events, games and facilities at the Olympics could be at risk of an attack. This week on CSO Perspectives This week on N2K Pro's CSO Perspectives podcast, host and N2K CSO Rick Howard focus on “The current state of Cyber Threat Intelligence.” Hear a bit about it from Rick and Dave. You can find the full episode here if you are an N2K Pro subscriber, otherwise check out an extended sample here. Selected Reading Special Report: IT Disruptions Continue as CrowdStrike Sees Crisis Receding (Metacurity) Suspected Scattered Spider Member Arrested in UK (SecurityWeek) DHS watchdog rebukes CISA and law enforcement training center for failing to protect data (The Record) SocGholish malware used to spread AsyncRAT malware (Security Affairs) California Officials Say Largest Trial Court in US Victim of Ransomware Attack (SecurityWeek) Finance: Secret Bank Ratings Show US Regulator's Concern on Handling Risk (Bloomberg) U.S. CISA adds Adobe Commerce and Magento, SolarWinds Serv-U, and VMware vCenter Server bugs to its Known Exploited Vulnerabilities catalog (Security Affairs) Australian police seize devices used to send over 318 million phishing texts - Security - Telco/ISP (iTnews) Internships can be a gold mine for cybersecurity hiring (CSO Online) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Podcast: Industrial Cybersecurity InsiderEpisode: Future Trends in Industrial Cybersecurity with Sandeep Lota of Nozomi NetworksPub date: 2024-07-16In this episode, cybersecurity expert Sandeep Lota, Nozomi Networks Field CTO, joins Dino Busalachi to discuss the challenges and innovations in OT cybersecurity. Key topics they explore include dealing with the evolution of OT security tools, the challenges with IT-OT convergence, and the increasing importance of continuous monitoring. Sandeep also talks about the role of OEM partnerships and the rising trend of managed services. Tune in to stay ahead of the curve!Chapters00:01:00 - Meet Sandeep Lota of Nozomi Networks00:02:00 - Cybersecurity Journey and Milestones00:03:00 - IT vs OT: The Convergence Challenge00:05:00 - OEM Partnerships in Security00:07:00 - Future Trends in OT Security00:10:00 - Why Continuous Monitoring Matters00:11:00 - The Boom in Managed Services00:18:00 - Nozomi Networks' Global Impact00:19:00 - Key Takeaways and Final ThoughtsLinks And Resources:Sandeep Lota on LinkedInNozomi NetworksVelta TechnologyDino Busalachi on LinkedInJim Cook on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, YouTube, and Google Podcasts to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: Smarter Homes & BuildingsEpisode: Utilize Native Functionality in Building Automation PLCs to Improve SecurityPub date: 2024-06-24In this episode of the ASHB Smarter Homes and Buildings Podcast, ASHB is joined by Vivek Ponnada from Nozomi Networks. Vivek, a Technology Solutions Director shares his expertise on programmable logic controllers (PLCs). ASHB and Vivek dive into the world of PLCs, discussing their role in building automation, from HVAC systems to lighting control. Vivek highlights the security concerns associated with PLCs and introduces the groundbreaking "Top 20 Secure PLC Coding Practices" project. This initiative aims to enhance the security of these crucial systems using native functionality and proposing best practices for engineers. Vivek also explores the project's future direction, including the expansion to the "Top 20 Secure PLC Environmental Practices" project. Learn about the importance of securing PLCs in building automation, the collaborative efforts driving this initiative, and how you can get involved. Visit plc-security.com for more information and to join the community.The podcast and artwork embedded on this page are from ASHB (Association for Smarter Homes & Buildings), which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: The Security Sandbox | AI to the Rescue: Protecting Critical Assets Using the CloudPub date: 2024-07-09Artificial intelligence (AI) is having a moment… a really long moment. It's been evolving for decades, but now it's everywhere all at once. AI-powered digital assistants like Siri and Alexa, as well as generative AI tools like ChatGPT, Gemini and Copilot, have put AI at everyone's fingertips, including cybercriminals.In cybersecurity, the race is on to outsmart bad actors who are already using new forms of AI to find vulnerabilities faster and launch more effective attacks. During this session, we'll delve into what AI really is, its applications for cybersecurity, and how critical infrastructure and industrial organizations are using it to stay ahead of cyber threats.The podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
In this week's episode, join us as we explore recent significant advancements in technology and sustainability. Discussions encompass the fortified cybersecurity partnership between Nozomi Networks and Yokogawa, and the substantial investment by the U.S. government in semiconductor production with TSMC. We also delve into the latest industrial efficiency technologies from L&T Technology Services and the introduction of ARM's Ethos-U85 neural processing unit, poised to elevate IoT applications.Furthermore, the episode talks about Mitsubishi Electric'sstrategic move to transfer its transformer division to Hitachi, focusing onenergy-efficient solutions, and Siemens' introduction of the SINEC SecurityGuard software, enhancing cybersecurity in industrial settings. Insights areprovided on GlobalLogic's new AI Platform-of-Platforms and the collaborationbetween Schneider Electric and IPConfigure to bolster security in urbanbuildings.Additionally, we discuss the green hydrogen initiative byVerdagy and Doral, along with Schneider Electric and Digital Realty's endeavorsto foster a circular economy in their Paris data center.Join us as we navigate through these developments, providinginformed perspectives on their implications for business operations andenvironmental sustainability. This episode offers a comprehensive examinationof cutting-edge innovations across various sectors, driving resilience andsustainability in today's corporate landscape.Tune in for a discerning exploration of this week's pivotalupdates in technology and sustainability.--------------------------------------------------------------------------Would you like to be a guest on our growing podcast? If you have an intriguing, thought provoking topic you'd like to discuss on our podcast, please contact our host Jim Frazer View all the episodes here: https://thesustainabilitypodcast.buzzsprout.com
Podcast: Made IT - Storie Italiane di Successo (LS 45 · TOP 1% what is this?)Episode: #132 Basta un Solo Sì: Lezione di Perseveranza con Andrea Carcano, Co-Founder Nozomi NetworksPub date: 2023-12-11Andrea Carcano è il co-fondatore di Nozomi Networks, un'azienda italiana di sicurezza informatica che non solo ha conquistato la Silicon Valley ma ha anche ridefinito il panorama internazionale della cyber security. Nozomi Networks è un'azienda specializzata nella cybersecurity per sistemi critici. Fondata a Varese con un investimento iniziale di 20mila euro, l'azienda si è rapidamente affermata nel settore come punto di riferimento. Ha raccolto oltre 150 milioni dollari di finanziamenti da fondi quali Planven, Lux Capital e GGV Capital e ha più di 250 dipendenti tra Europa e Stati Uniti. Andrea condivide con noi i suoi esordi, raccontandoci di come la sua curiosità per i computer lo abbia portato a costruirsi da solo, il suo primo computer pezzo per pezzo per poi divertirsi con quello che viene chiamato white hacking quindi entrare nei computer degli amici per fare banalmente degli scherzi. Ci racconta poi come decide di lasciare un lavoro nel team di cyber security da Eni per provare a costruire un suo prodotto che è convinto possa risolvere problemi enormi per società proprio come Eni. Ci soffermiamo sui sacrifici fatti nei primi anni da founder, la difficoltà di trovare il primo cliente, il primo test con Enel, la ricerca del primo investitore e la determinante decisione di trasferirsi nella Silicon Valley. Affronteremo insieme le sfide di crescere Nozomi, esplorando anche il significativo cambiamento culturale vissuto nella Silicon Valley. Ogni capitolo suo percorso è un'occasione per imparare preziose lezioni. Scopriremo come la sua determinazione, la capacità di superare le obiezioni e la fiducia nel proprio prodotto hanno reso Nozomi Networks un'icona di successo nel panorama della sicurezza informatica. Che siate appassionati di tecnologia o aspiranti imprenditori, questa intervista promette di ispirare e fornire preziose lezioni che potrebbero plasmare il vostro percorso imprenditoriale. SPONSORS Made IT è powered by Alchimia, società di investimento che opera principalmente nel settore del Venture Capital. Investono e co-investono in opportunità ad alto potenziale di crescita, offrendo capitale e risorse strategiche e operative dedicate. Barberino's è molto più di un semplice barbiere, ha infatti trasformato una semplice necessità come tagliarsi i capelli o radersi in un'esperienza goduriosissima. Barberino's ha deciso di regalare a tutti voi un fantastico omaggio! Con il codice MADEIT avete il 20% di sconto su www.barberinosworld.com fino al 24/12/23 su tutti i prodotti a marchio Barberino's, senza minimo di spesa. SOCIAL MEDIA Se vi piace il podcast, il modo migliore per dircelo o per darci un feedback (e quello che ci aiuta di più a farlo diffondere) è semplicemente lasciare una recensione a 5 stelle o un commento su Spotify o l'app di Apple Podcast. Ci ha aiuta davvero tantissimo, quindi non esitate :) Se volete farci delle domande o seguirci, potete farlo qui: Instagram @madeit.podcast LinkedIn @madeitpodcastThe podcast and artwork embedded on this page are from Inès Makula e Camilla Scassellati Sforzolini, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: Made IT - Storie Italiane di Successo (LS 46 · TOP 1% what is this?)Episode: #132 Basta un Solo Sì: Lezione di Perseveranza con Andrea Carcano, Co-Founder Nozomi NetworksPub date: 2023-12-11Andrea Carcano è il co-fondatore di Nozomi Networks, un'azienda italiana di sicurezza informatica che non solo ha conquistato la Silicon Valley ma ha anche ridefinito il panorama internazionale della cyber security. Nozomi Networks è un'azienda specializzata nella cybersecurity per sistemi critici. Fondata a Varese con un investimento iniziale di 20mila euro, l'azienda si è rapidamente affermata nel settore come punto di riferimento. Ha raccolto oltre 150 milioni dollari di finanziamenti da fondi quali Planven, Lux Capital e GGV Capital e ha più di 250 dipendenti tra Europa e Stati Uniti. Andrea condivide con noi i suoi esordi, raccontandoci di come la sua curiosità per i computer lo abbia portato a costruirsi da solo, il suo primo computer pezzo per pezzo per poi divertirsi con quello che viene chiamato white hacking quindi entrare nei computer degli amici per fare banalmente degli scherzi. Ci racconta poi come decide di lasciare un lavoro nel team di cyber security da Eni per provare a costruire un suo prodotto che è convinto possa risolvere problemi enormi per società proprio come Eni. Ci soffermiamo sui sacrifici fatti nei primi anni da founder, la difficoltà di trovare il primo cliente, il primo test con Enel, la ricerca del primo investitore e la determinante decisione di trasferirsi nella Silicon Valley. Affronteremo insieme le sfide di crescere Nozomi, esplorando anche il significativo cambiamento culturale vissuto nella Silicon Valley. Ogni capitolo suo percorso è un'occasione per imparare preziose lezioni. Scopriremo come la sua determinazione, la capacità di superare le obiezioni e la fiducia nel proprio prodotto hanno reso Nozomi Networks un'icona di successo nel panorama della sicurezza informatica. Che siate appassionati di tecnologia o aspiranti imprenditori, questa intervista promette di ispirare e fornire preziose lezioni che potrebbero plasmare il vostro percorso imprenditoriale. SPONSORS Made IT è powered by Alchimia, società di investimento che opera principalmente nel settore del Venture Capital. Investono e co-investono in opportunità ad alto potenziale di crescita, offrendo capitale e risorse strategiche e operative dedicate. Barberino's è molto più di un semplice barbiere, ha infatti trasformato una semplice necessità come tagliarsi i capelli o radersi in un'esperienza goduriosissima. Barberino's ha deciso di regalare a tutti voi un fantastico omaggio! Con il codice MADEIT avete il 20% di sconto su www.barberinosworld.com fino al 24/12/23 su tutti i prodotti a marchio Barberino's, senza minimo di spesa. SOCIAL MEDIA Se vi piace il podcast, il modo migliore per dircelo o per darci un feedback (e quello che ci aiuta di più a farlo diffondere) è semplicemente lasciare una recensione a 5 stelle o un commento su Spotify o l'app di Apple Podcast. Ci ha aiuta davvero tantissimo, quindi non esitate :) Se volete farci delle domande o seguirci, potete farlo qui: Instagram @madeit.podcast LinkedIn @madeitpodcastThe podcast and artwork embedded on this page are from Inès Makula e Camilla Scassellati Sforzolini, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Andrea Carcano è il co-fondatore di Nozomi Networks, un'azienda italiana di sicurezza informatica che non solo ha conquistato la Silicon Valley ma ha anche ridefinito il panorama internazionale della cyber security. Nozomi Networks è un'azienda specializzata nella cybersecurity per sistemi critici. Fondata a Varese con un investimento iniziale di 20mila euro, l'azienda si è rapidamente affermata nel settore come punto di riferimento. Ha raccolto oltre 150 milioni dollari di finanziamenti da fondi quali Planven, Lux Capital e GGV Capital e ha più di 250 dipendenti tra Europa e Stati Uniti. Andrea condivide con noi i suoi esordi, raccontandoci di come la sua curiosità per i computer lo abbia portato a costruirsi da solo, il suo primo computer pezzo per pezzo per poi divertirsi con quello che viene chiamato white hacking quindi entrare nei computer degli amici per fare banalmente degli scherzi. Ci racconta poi come decide di lasciare un lavoro nel team di cyber security da Eni per provare a costruire un suo prodotto che è convinto possa risolvere problemi enormi per società proprio come Eni. Ci soffermiamo sui sacrifici fatti nei primi anni da founder, la difficoltà di trovare il primo cliente, il primo test con Enel, la ricerca del primo investitore e la determinante decisione di trasferirsi nella Silicon Valley. Affronteremo insieme le sfide di crescere Nozomi, esplorando anche il significativo cambiamento culturale vissuto nella Silicon Valley. Ogni capitolo suo percorso è un'occasione per imparare preziose lezioni. Scopriremo come la sua determinazione, la capacità di superare le obiezioni e la fiducia nel proprio prodotto hanno reso Nozomi Networks un'icona di successo nel panorama della sicurezza informatica. Che siate appassionati di tecnologia o aspiranti imprenditori, questa intervista promette di ispirare e fornire preziose lezioni che potrebbero plasmare il vostro percorso imprenditoriale. SPONSORS Made IT è powered by Alchimia, società di investimento che opera principalmente nel settore del Venture Capital. Investono e co-investono in opportunità ad alto potenziale di crescita, offrendo capitale e risorse strategiche e operative dedicate. Barberino's è molto più di un semplice barbiere, ha infatti trasformato una semplice necessità come tagliarsi i capelli o radersi in un'esperienza goduriosissima. Barberino's ha deciso di regalare a tutti voi un fantastico omaggio! Con il codice MADEIT avete il 20% di sconto su www.barberinosworld.com fino al 24/12/23 su tutti i prodotti a marchio Barberino's, senza minimo di spesa. SOCIAL MEDIA Se vi piace il podcast, il modo migliore per dircelo o per darci un feedback (e quello che ci aiuta di più a farlo diffondere) è semplicemente lasciare una recensione a 5 stelle o un commento su Spotify o l'app di Apple Podcast. Ci ha aiuta davvero tantissimo, quindi non esitate :) Se volete farci delle domande o seguirci, potete farlo qui: Instagram @madeit.podcast LinkedIn @madeitpodcast
Podcast: IoT Security PodcastEpisode: The "Original Cyber-Physical System": Legacy Devices and Key Trends in OT CybersecurityPub date: 2023-11-21She's no slacker. Danielle Jablanski has been an "expert" — she hates that word — in nuclear policy analysis (the "original Cyber-Physical System"), energy research, and now Nozomi Networks, where she plays the crucial OT cybersecurity strategist role. John Vecchi and Brian Contos pick Danielle's brain on the ever- and never-changing trends and challenges, digging into the need for consequence-based security and collaboration between security professionals and OT engineers. The discussion also covers the growing concern about the security of IoT devices in OT environments, the importance of centralizing and managing security, addressing the issues surrounding legacy devices, and the evolving landscape of liability and insurance in cybersecurity.Key Topics Covered:1. Trends in cybersecurity and the importance of consequence-based security2. Concerns about the security of IoT devices in OT environments and the role of centralization and management3. Challenges with legacy devices in ICS and healthcare and the need for building controls and defense-in-depth4. Evolving conversations about liability and insurance in cybersecurityAfter tuning in to this episode, subscribe to the IoT Security Podcast, powered by Phosphorus, to stay informed about the latest trends and insights in IoT security. Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: IoT Security PodcastEpisode: The "Original Cyber-Physical System": Legacy Devices and Key Trends in OT CybersecurityPub date: 2023-11-21She's no slacker. Danielle Jablanski has been an "expert" — she hates that word — in nuclear policy analysis (the "original Cyber-Physical System"), energy research, and now Nozomi Networks, where she plays the crucial OT cybersecurity strategist role. John Vecchi and Brian Contos pick Danielle's brain on the ever- and never-changing trends and challenges, digging into the need for consequence-based security and collaboration between security professionals and OT engineers. The discussion also covers the growing concern about the security of IoT devices in OT environments, the importance of centralizing and managing security, addressing the issues surrounding legacy devices, and the evolving landscape of liability and insurance in cybersecurity.Key Topics Covered:1. Trends in cybersecurity and the importance of consequence-based security2. Concerns about the security of IoT devices in OT environments and the role of centralization and management3. Challenges with legacy devices in ICS and healthcare and the need for building controls and defense-in-depth4. Evolving conversations about liability and insurance in cybersecurityAfter tuning in to this episode, subscribe to the IoT Security Podcast, powered by Phosphorus, to stay informed about the latest trends and insights in IoT security. Let's get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
She's no slacker. Danielle Jablanski has been an "expert" — she hates that word — in nuclear policy analysis (the "original Cyber-Physical System"), energy research, and now Nozomi Networks, where she plays the crucial OT cybersecurity strategist role. John Vecchi and Brian Contos pick Danielle's brain on the ever- and never-changing trends and challenges, digging into the need for consequence-based security and collaboration between security professionals and OT engineers. The discussion also covers the growing concern about the security of IoT devices in OT environments, the importance of centralizing and managing security, addressing the issues surrounding legacy devices, and the evolving landscape of liability and insurance in cybersecurity.Key Topics Covered:1. Trends in cybersecurity and the importance of consequence-based security2. Concerns about the security of IoT devices in OT environments and the role of centralization and management3. Challenges with legacy devices in ICS and healthcare and the need for building controls and defense-in-depth4. Evolving conversations about liability and insurance in cybersecurityAfter tuning in to this episode, subscribe to the IoT Security Podcast, powered by Phosphorus, to stay informed about the latest trends and insights in IoT security. Let's get into Things on the IoT Security Podcast!Follow Brian Contos on LinkedIn at https://www.linkedin.com/in/briancontosAnd you can follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast
Podcast: Critical Assets PodcastEpisode: One Rule to Rule Them AllPub date: 2023-09-05Join Patrick Miller, CEO of Ampere Industrial Security and his guest Danielle Jablanski, OT Cybersecurity Strategist at Nozomi Networks as they continue their debate on the topic: "If you could have only one cybersecurity regulation, what should that be?" They cover everything from threat hunting, vulnerability management, attack surface management, incident response, breach notification, risk quantification, cybersecurity insurance, NIS2, NERC CIP, and what's best for corporate vs. public good.The podcast and artwork embedded on this page are from Patrick Miller, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: WE'RE IN! (LS 28 · TOP 10% what is this?)Episode: Demystifying OT Cybersecurity with Danielle JablanskiPub date: 2023-06-29The operational technology (OT) computer networks that support life as we know it are increasingly coming under threat. But despite the proliferation of malware aimed at critical infrastructure, Danielle Jablanski isn't running for the hills. As an OT cybersecurity strategist for Nozomi Networks, Danielle helps critical infrastructure organizations understand and prioritize digital risks, whether they stem from a lack of visibility into industrial environments or a sophisticated cyberattack from a foreign nation-state. Don't miss the latest episode of WE'RE IN! to hear Danielle's insights into industrial control systems (ICS) risk management, including the recently disclosed COSMICENERGY ICS-focused cyberthreat. ----------Listen to learn more about: * What makes the ICS security field “niche but not nebulous”* How Danielle's background in nuclear weapons policy informs her approach to cyber incident planning* Why so few critical infrastructure operators know where equipment with known vulnerabilities may exist on their networks* Hacking satellites in spaceThe podcast and artwork embedded on this page are from Synack, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
The operational technology (OT) computer networks that support life as we know it are increasingly coming under threat. But despite the proliferation of malware aimed at critical infrastructure, Danielle Jablanski isn't running for the hills. As an OT cybersecurity strategist for Nozomi Networks, Danielle helps critical infrastructure organizations understand and prioritize digital risks, whether they stem from a lack of visibility into industrial environments or a sophisticated cyberattack from a foreign nation-state. Don't miss the latest episode of WE'RE IN! to hear Danielle's insights into industrial control systems (ICS) risk management, including the recently disclosed COSMICENERGY ICS-focused cyberthreat. ----------Listen to learn more about: * What makes the ICS security field “niche but not nebulous”* How Danielle's background in nuclear weapons policy informs her approach to cyber incident planning* Why so few critical infrastructure operators know where equipment with known vulnerabilities may exist on their networks* Hacking satellites in space
Join the SURGe Team with a guest from the land down under, a recap of important news in the security landscape, a discussion on RSA, and a special interview with Danielle Jablanski of Nozomi Networks! You can watch the episode livestream here. This week Ryan Kovar, Audra Streetman, Mick Baccio, and Shannon Davis discussed CISA advisories about China state-sponsored threat actors and the data extortion group Karakurt plus an update on the Confluence and MSDT/Follina zero-days. Mick and Ryan competed in a 60 second charity challenge regarding Apple's plan to replace passwords with biometric authentication methods. The team also shared their takeaway from this year's RSA Conference in San Francisco. People's Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices (CISA) U.S. cybersecurity officials issue notice on Karakurt extortion group (CISA) SURGe Blog about Confluence Zero-Day SURGe Blog about Follina Zero-Day Apple Just Killed the Password—for Real This Time (WIRED)
Podcast: The PrOTect OT Cybersecurity Podcast (LS 28 · TOP 10% what is this?)Episode: Danielle Jablanski: Navigating the Multitude of OT Technologies Considering Interoperability, Reliability, and CentralizationPub date: 2023-06-08About Danielle Jablanski: Danielle Jablanski is an accomplished OT cybersecurity strategist at Nozomi Networks, where she spearheads global research on cybersecurity and drives awareness of operational technology (OT) and industrial control systems (ICS) cybersecurity throughout the industry. She is a nonresident fellow at the Cyber Statecraft Initiative within the Atlantic Council's Scowcroft Center for Strategy and Security, further establishing her expertise in the field. Jablanski's commitment to advancing cyber-physical standards development, education, certifications, and labeling authority is evident through her active roles as a staff and advisory board member of the nonprofit organization Building Cyber Security. With a passion for emerging technologies, Danielle has independently consulted for the US government and technology startups, exploring novel applications in military, defense, and commercial sectors. Prior to her current endeavors, she contributed significantly to the creation and development of the Stanford Cyber Policy Center, showcasing her dedication to cybersecurity and policy. In this episode, Aaron and Danielle Jablanski discuss:Challenges and false assumptions in cybersecurityManaging cybersecurity for operational technology (OT) with an overwhelming market of OT solutions to choose fromThe importance of transparency, accuracy, and precision in overcoming challenges of OT cybersecurityPrioritizing cybersecurity investments in a complex operational environment with limited resourcesKey Takeaways:The cybersecurity industry holds misconceptions and obstacles in the OT domain, requiring a change in perspective, modernizing systems, and reassessing market classifications to adequately tackle emerging threats and discover practical solutions.With the overwhelming amount of OT technologies and tools available in the marketplace, understanding interoperability, reliability, and centralization will help you select the most appropriate ones for addressing issues in your environment.The convergence of IT and OT cybersecurity requires a shift in mindset, prioritizing safety and business risk over technology, and addressing key challenges of interoperability, reliability, and centralization, while leveraging trusted advisors and independent consultants for effective solutions, especially for smaller organizations.Focus on practical steps tailored to your financial capacity, risk assessment, and the unique demands of your organization, rather than mindlessly spending on costly products or solutions that may not fulfill your security needs. "Collectively, cyber-physical security requires new strategic and tactical thinking to better inform decision-makers in cyber policy, planning, and preparedness." — Danielle Jablanski Resources Mentioned: Upcoming webinar by Nozomi Networks on The Next Generation of AI for OT Cybersecurity this June 14th: https://www.nozominetworks.com/webinars/the-next-generation-of-ai-for-ot-cybersecurity-launch-event/Critical infrastructure cybersecurity prioritization: A cross-sector methodology for ranking operational technology cyber scenarios and critical entities: https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/critical-infrastructure-cybersecurity-prioritization/Connect with Danielle Jablanski: Website: https://www.nozominetworks.com/ LinkedIn: https://www.linkedin.com/in/daniellejjablanski/ Twitter: https://twitter.com/CyberSnark Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
About Danielle Jablanski: Danielle Jablanski is an accomplished OT cybersecurity strategist at Nozomi Networks, where she spearheads global research on cybersecurity and drives awareness of operational technology (OT) and industrial control systems (ICS) cybersecurity throughout the industry. She is a nonresident fellow at the Cyber Statecraft Initiative within the Atlantic Council's Scowcroft Center for Strategy and Security, further establishing her expertise in the field. Jablanski's commitment to advancing cyber-physical standards development, education, certifications, and labeling authority is evident through her active roles as a staff and advisory board member of the nonprofit organization Building Cyber Security. With a passion for emerging technologies, Danielle has independently consulted for the US government and technology startups, exploring novel applications in military, defense, and commercial sectors. Prior to her current endeavors, she contributed significantly to the creation and development of the Stanford Cyber Policy Center, showcasing her dedication to cybersecurity and policy. In this episode, Aaron and Danielle Jablanski discuss:Challenges and false assumptions in cybersecurityManaging cybersecurity for operational technology (OT) with an overwhelming market of OT solutions to choose fromThe importance of transparency, accuracy, and precision in overcoming challenges of OT cybersecurityPrioritizing cybersecurity investments in a complex operational environment with limited resourcesKey Takeaways:The cybersecurity industry holds misconceptions and obstacles in the OT domain, requiring a change in perspective, modernizing systems, and reassessing market classifications to adequately tackle emerging threats and discover practical solutions.With the overwhelming amount of OT technologies and tools available in the marketplace, understanding interoperability, reliability, and centralization will help you select the most appropriate ones for addressing issues in your environment.The convergence of IT and OT cybersecurity requires a shift in mindset, prioritizing safety and business risk over technology, and addressing key challenges of interoperability, reliability, and centralization, while leveraging trusted advisors and independent consultants for effective solutions, especially for smaller organizations.Focus on practical steps tailored to your financial capacity, risk assessment, and the unique demands of your organization, rather than mindlessly spending on costly products or solutions that may not fulfill your security needs. "Collectively, cyber-physical security requires new strategic and tactical thinking to better inform decision-makers in cyber policy, planning, and preparedness." — Danielle Jablanski Resources Mentioned: Upcoming webinar by Nozomi Networks on The Next Generation of AI for OT Cybersecurity this June 14th: https://www.nozominetworks.com/webinars/the-next-generation-of-ai-for-ot-cybersecurity-launch-event/Critical infrastructure cybersecurity prioritization: A cross-sector methodology for ranking operational technology cyber scenarios and critical entities: https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/critical-infrastructure-cybersecurity-prioritization/Connect with Danielle Jablanski: Website: https://www.nozominetworks.com/ LinkedIn: https://www.linkedin.com/in/daniellejjablanski/ Twitter: https://twitter.com/CyberSnark Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
Podcast: Unsolicited Response (LS 33 · TOP 5% what is this?)Episode: Edgard from Nozomi (Part 2)Pub date: 2023-04-19The August 2021 Unsolicited Response episode with Edgard Capdevielle, CEO of Nozomi Networks, was a fan favorite. So Dale invited Edgard back, like the first time it was a wide ranging and fun conversation. His budget analogy of OT security and a new child in the family was Dale's favorite part. They cover a lot of ground including: the OT visibility and detection market growth in the last two years whether he stands by his 2021 view that a company that does "X, Y, Z and OT security" doesn't really do OT security how much of the back end (non-sensor) part of the market is moving to the cloud now and what will it be in three years. Plus some disagreements / discussion on architecture budget muscle and momentum what sort of metrics should an asset owner use to determine the value of these OT visibility and detection solutions how is the US Government affecting the market Enjoy! The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
The August 2021 Unsolicited Response episode with Edgard Capdevielle, CEO of Nozomi Networks, was a fan favorite. So Dale invited Edgard back, like the first time it was a wide ranging and fun conversation. His budget analogy of OT security and a new child in the family was Dale's favorite part. They cover a lot of ground including: the OT visibility and detection market growth in the last two years whether he stands by his 2021 view that a company that does "X, Y, Z and OT security" doesn't really do OT security how much of the back end (non-sensor) part of the market is moving to the cloud now and what will it be in three years. Plus some disagreements / discussion on architecture budget muscle and momentum what sort of metrics should an asset owner use to determine the value of these OT visibility and detection solutions how is the US Government affecting the market Enjoy!
Podcast: The PrOTect OT Cybersecurity Podcast (LS 28 · TOP 10% what is this?)Episode: Roya Gordon: Secure Connections - Why Human Interaction is Key to OT SecurityPub date: 2023-04-13About Roya Gordon: Roya Gordon is a trailblazing cybersecurity expert, inspiring young women and people of color to pursue their passions in technology. With an impressive background that includes serving as an intelligence specialist in the U.S. Navy and working at Idaho National Laboratory and Accenture, Roya now holds the position of OT/IoT Security Research Evangelist at Nozomi Networks. Roya is also the founder of Steps2STEM, a company that aims to help young women and people of color break into the cybersecurity industry. With a Masters in Global Affairs focused on cyberwarfare from Florida International University, Roya is committed to sharing her insights and experiences to help others succeed.In this episode, Aaron and Roya Gordon discuss:The power of working together to protect our economy and infrastructure in cybersecurityWhy knowing the differences between IT and OT environments matters for industrial safetyCollaborative strategies for securing critical infrastructure in complex industrial environmentsHopes and concerns around the mainstream adoption of OT networks and the impact of AI on the industry's workforceKey Takeaways:People with different roles in cybersecurity, such as vendors, consultants, and asset owners, cooperate to safeguard critical infrastructure by utilizing their diverse abilities and viewpoints, ensuring victory over cyber threats.It's not possible to combine IT products and OT environments due to various reasons, and this creates a risk for businesses, as demonstrated in the Colonial Pipeline incident.Collaboration between consultants and vendors is key to securing critical infrastructure, where consultants provide guidance and vendors offer integrated solutions to meet policy requirements.Roya believes that in the next five to 10 years, OT will become more mainstream, but worries about AI replacing human jobs in the industry, stressing the importance of adapting and continuously learning through emerging technologies to maintain relevance. "We talk about ChatGPT and how threat actors can use it for bad, but a lot of people are using it for good too. I just think it gets a little bit dangerous where we want to remove the human element out of things and just trust AI because everything has bugs." — Roya Gordon Connect with Roya Gordon: Website: https://www.nozominetworks.com/LinkedIn: https://www.linkedin.com/in/roya-gordon-16245437/Twitter: https://twitter.com/RoyaGordonThe Importance of Physical Access Endpoint Detection: https://www.nozominetworks.com/blog/importance-of-physical-access-endpoint-detection/2022 2H Security Report: https://www.nozominetworks.com/blog/nozomi-networks-researchers-take-a-deep-look-into-the-ics-threat-landscape/Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Danielle Jablanski from Nozomi Networks to joins Dave to discuss one year of Shields Up as it relates to the National Cyber Strategy and one year of the Ukraine conflict. Ben brings us the story of Immigration and Customs Enforcement using its authority to gather data from schools and medical clinics. Dave's got the story of ChatGPT's lies and the Biden administration's possible regulatory reaction. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. Links to stories: ICE Is Grabbing Data From Schools and Abortion Clinics ChatGPT invented a sexual harassment scandal and named a real law prof as the accused Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you.
About Roya Gordon: Roya Gordon is a trailblazing cybersecurity expert, inspiring young women and people of color to pursue their passions in technology. With an impressive background that includes serving as an intelligence specialist in the U.S. Navy and working at Idaho National Laboratory and Accenture, Roya now holds the position of OT/IoT Security Research Evangelist at Nozomi Networks. Roya is also the founder of Steps2STEM, a company that aims to help young women and people of color break into the cybersecurity industry. With a Masters in Global Affairs focused on cyberwarfare from Florida International University, Roya is committed to sharing her insights and experiences to help others succeed.In this episode, Aaron and Roya Gordon discuss:The power of working together to protect our economy and infrastructure in cybersecurityWhy knowing the differences between IT and OT environments matters for industrial safetyCollaborative strategies for securing critical infrastructure in complex industrial environmentsHopes and concerns around the mainstream adoption of OT networks and the impact of AI on the industry's workforceKey Takeaways:People with different roles in cybersecurity, such as vendors, consultants, and asset owners, cooperate to safeguard critical infrastructure by utilizing their diverse abilities and viewpoints, ensuring victory over cyber threats.It's not possible to combine IT products and OT environments due to various reasons, and this creates a risk for businesses, as demonstrated in the Colonial Pipeline incident.Collaboration between consultants and vendors is key to securing critical infrastructure, where consultants provide guidance and vendors offer integrated solutions to meet policy requirements.Roya believes that in the next five to 10 years, OT will become more mainstream, but worries about AI replacing human jobs in the industry, stressing the importance of adapting and continuously learning through emerging technologies to maintain relevance. "We talk about ChatGPT and how threat actors can use it for bad, but a lot of people are using it for good too. I just think it gets a little bit dangerous where we want to remove the human element out of things and just trust AI because everything has bugs." — Roya Gordon Connect with Roya Gordon: Website: https://www.nozominetworks.com/LinkedIn: https://www.linkedin.com/in/roya-gordon-16245437/Twitter: https://twitter.com/RoyaGordonThe Importance of Physical Access Endpoint Detection: https://www.nozominetworks.com/blog/importance-of-physical-access-endpoint-detection/2022 2H Security Report: https://www.nozominetworks.com/blog/nozomi-networks-researchers-take-a-deep-look-into-the-ics-threat-landscape/Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
The Biden-Harris 2023 National Cybersecurity Strategy breaks with Cold War thinking and offers a bold new approach to today's online offense and defense. Danielle Jablanski from Nozomi Networks breaks down the ambitious new policy which includes explicit mention of ICS and OT technologies for the first time.
CISA releases an ICS security advisory affecting a smart facility system. LockBit threatens to release Royal Mail data tomorrow. Cl0p ransomware expands to Linux-based systems. A vulnerability is identified in Toyota's GSPIMS. There's an ESXiArgs update: new trackers and mitigation tools are available. Russia is running two new cyberespionage campaigns against Ukraine. Our guest is Roya Gordon from Nozomi Networks discusses the ICS Threat Landscape. And The Washington Post's Tim Starks provides analysis on last night's State of the Union. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/26 Selected reading. CISA Releases One Industrial Control Systems Advisory (CISA) LockBit group threatens to publish stolen Royal Mail data tomorrow (Computing) Cl0p Ransomware Targets Linux Systems with Flawed Encryption | Decryptor Available (SentinelOne) Hacking into Toyota's global supplier management network (Eaton Works) Researcher breaches Toyota supplier portal with info on 14,000 partners (BleepingComputer) Vulnerability Provided Access to Toyota Supplier Management Network (SecurityWeek) CISA Releases ESXiArgs Ransomware Recovery Script (CISA) ESXiArgs Ransomware Campaign Targets VMWare ESXi Vulnerability (SecurityScorecard) Graphiron: New Russian Information Stealing Malware Deployed Against Ukraine (Symantec) Remcos software deployed in spying attempt on Ukraine's government, CERT says (The Record from Recorded Future News) The State of the Union was light on cybersecurity (Washington Post) Biden calls for action on privacy rights in State of the Union (CyberScoop)
Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are thirteen vulnerabilities that affect BMCs of Lanner devices based on the American Megatrends (AMI) MegaRAC SP-X. The research states "By abusing these vulnerabilities, an unauthenticated attacker may achieve Remote Code Execution (RCE) with root privileges on the BMC, completely compromising it and gaining control of the managed host." As well as mentioning what patches could be in the future to help fix these vulnerabilities. The research can be found here: Vulnerabilities in BMC Firmware Affect OT/IoT Device Security – Part 1
Roya Gordon from Nozomi Networks sits down with Dave to discuss their research on "Vulnerabilities in BMC Firmware Affect OT/IoT Device Security." Researchers at Nozomi Networks has revealed that there are thirteen vulnerabilities that affect BMCs of Lanner devices based on the American Megatrends (AMI) MegaRAC SP-X. The research states "By abusing these vulnerabilities, an unauthenticated attacker may achieve Remote Code Execution (RCE) with root privileges on the BMC, completely compromising it and gaining control of the managed host." As well as mentioning what patches could be in the future to help fix these vulnerabilities. The research can be found here: Vulnerabilities in BMC Firmware Affect OT/IoT Device Security – Part 1
Podcast: mnemonic security podcastEpisode: ICS in the CloudPub date: 2023-01-23Industrial Control Systems (ICS) in the cloudCan the cloud fundamentally revolutionise Operational Technology (OT) security?To help Robby understand some of the nuances of OT security and help connect the dots between IT and OT, we're joined by Vivek Ponnada from the OT, ICS & IoT security company Nozomi Networks.Vivek shares from his 24 years of experience working with ICS, and explains how much cloud is and is going to be utilised within OT in the years to come.He also shares what threats he is seeing in the OT space, as well as some examples of what's up-and-coming in OT securityThe podcast and artwork embedded on this page are from mnemonic, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Industrial Control Systems (ICS) in the cloudCan the cloud fundamentally revolutionise Operational Technology (OT) security?To help Robby understand some of the nuances of OT security and help connect the dots between IT and OT, we're joined by Vivek Ponnada from the OT, ICS & IoT security company Nozomi Networks.Vivek shares from his 24 years of experience working with ICS, and explains how much cloud is and is going to be utilised within OT in the years to come.He also shares what threats he is seeing in the OT space, as well as some examples of what's up-and-coming in OT security
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: What is Threat Detection? | Nozomi NetworksPub date: 2022-12-28Malware and ransomware are of course some of the biggest and most widely known threats that businesses face today. However, having a basic understanding of the bigger picture will enable you to prepare your business for a whole range of threats that you may come across, and secure your business further.Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Security Research Evangelist Roya Gordon.The podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: What is Incident Response? | Nozomi NetworksPub date: 2022-12-29Incident response is something we hope you don't have to deal with very often, but for those responsible for securing industrial and critical infrastructure, it's a critical component of their cybersecurity strategy. In fact it's key to ensuring that your business, systems and personnel are well prepared to act swiftly and efficiently when an incident does occur.Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and OT Cybersecurity Strategist Danielle Jablanski.The podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: What is Cyber Risk Management? | Nozomi NetworksPub date: 2022-12-28Cyber risk management involves identifying all the OT and IoT assets on your operational network, assessing their vulnerabilities, and outlining risk management processes to close security gaps.Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Technical Sales Director Shan Zhou.The podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: What is Zero Trust Security? I Nozomi NetworksPub date: 2022-12-28The rise of remote working, hybrid cloud environments and use of mobile and IoT devices has casued the security perimeter approach to become obsolete. It's quickly being replaced by the zero trust model which denies access to all applications and data by default. Zero trust is less a technology than it is a security policy objective and design approach.Learn more from Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Gary Kinghorn, Senior Director of Product Marketing.The podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: The Industrial Security Podcast (LS 35 · TOP 3% what is this?)Episode: Consequences Matter [The Industrial Security Podcast]Pub date: 2022-12-12Worst-case consequences of compromise determine government and societal policies, so consequences matter, especially for critical infrastructure security. Danielle Jablanski, OT Cybersecurity Strategist at Nozomi Networks joins us to look at threats, consequences and policies for critical infrastructure security.The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Worst-case consequences of compromise determine government and societal policies, so consequences matter, especially for critical infrastructure security. Danielle Jablanski, OT Cybersecurity Strategist at Nozomi Networks joins us to look at threats, consequences and policies for critical infrastructure security.
Worst-case consequences of compromise determine government and societal policies, so consequences matter, especially for critical infrastructure security. Danielle Jablanski, OT Cybersecurity Strategist at Nozomi Networks joins us to look at threats, consequences and policies for critical infrastructure security.
Roya Gordon from Nozomi Networks sits down with Dave to discuss their work "UWB Real Time Locating Systems: How Secure Radio Communications May Fail in Practice." Ultra-wideband (UWB) is a rapidly-growing radio technology that, according to the UWB Alliance, is forecasted to drive sales volumes exceeding one billion devices annually by 2025. In an effort to strengthen the security of devices utilizing UWB, Nozomi Networks Labs conducted a security assessment of two popular UWB RTLS solutions available on the market. Their research reveals 0-day vulnerabilities and other weaknesses that, if exploited, could allow an attacker to gain full access to all sensitive location data exchanged over-the-air. The research can be found here: UWB Real Time Locating Systems: How Secure Radio Communications May Fail in Practice
Roya Gordon from Nozomi Networks sits down with Dave to discuss their work "UWB Real Time Locating Systems: How Secure Radio Communications May Fail in Practice." Ultra-wideband (UWB) is a rapidly-growing radio technology that, according to the UWB Alliance, is forecasted to drive sales volumes exceeding one billion devices annually by 2025. In an effort to strengthen the security of devices utilizing UWB, Nozomi Networks Labs conducted a security assessment of two popular UWB RTLS solutions available on the market. Their research reveals 0-day vulnerabilities and other weaknesses that, if exploited, could allow an attacker to gain full access to all sensitive location data exchanged over-the-air. The research can be found here: UWB Real Time Locating Systems: How Secure Radio Communications May Fail in Practice
Roya Gordon, a Security Research Evangelist at ICS cybersecurity firm Nozomi Networks, started her career as an intelligence specialist in the U.S. Navy. After her time serving, Roya spent time as a Control Systems Cybersecurity Analyst at the Idaho National Laboratory and then took the role of Cyber Threat Intelligence Manager at Accenture. She shares her story after the NSA accepted her and then quickly diverted, creating a new path for Roya to follow. She shares the jobs she went after along the way, leading up to Nozomi Networks and how she wishes to be a trailblazer for young black women everywhere. She hopes to shape young women's minds on what the cybersecurity industry is actually like, in hopes that she can be a figure people look up to.
Roya Gordon, a Security Research Evangelist at ICS cybersecurity firm Nozomi Networks, started her career as an intelligence specialist in the U.S. Navy. After her time serving, Roya spent time as a Control Systems Cybersecurity Analyst at the Idaho National Laboratory and then took the role of Cyber Threat Intelligence Manager at Accenture. She shares her story after the NSA accepted her and then quickly diverted, creating a new path for Roya to follow. She shares the jobs she went after along the way, leading up to Nozomi Networks and how she wishes to be a trailblazer for young black women everywhere. She hopes to shape young women's minds on what the cybersecurity industry is actually like, in hopes that she can be a figure people look up to. We thank Roya for sharing her story.
Operational technology cybersecurity strategist from Nozomi Networks, Danielle Jablanski shares her story of building a target map to end up where she is today. She shares how she started in college and how different paths in life got her to be on the target of success where she is today. She says " you build out that kind of target of where you want to be, and understand that getting to that point might mean doing things you don't enjoy for a number of years, but figuring that out is another way to get to that target without having like a clear bullseye" She goes on to explain how this target map is helping her to create real change and ultimately makes an impact. We thank Danielle for sharing her story.
Operational technology cybersecurity strategist from Nozomi Networks, Danielle Jablanski shares her story of building a target map to end up where she is today. She shares how she started in college and how different paths in life got her to be on the target of success where she is today. She says " you build out that kind of target of where you want to be, and understand that getting to that point might mean doing things you don't enjoy for a number of years, but figuring that out is another way to get to that target without having like a clear bullseye" She goes on to explain how this target map is helping her to create real change and ultimately makes an impact. We thank Danielle for sharing her story.
At the Hack the Port 2022 event, the CyberWire held a CyberWire Live event. CyberWire Daily Podcast host Dave Bittner was joined by Roya Gordon, OT/IoT Security Research Evangelist at Nozomi Networks, and Christian Lees, CTO at Resecurity. During this fireside chat format session, Dave and our guests discussed ICS, OT cybersecurity, the role of security research and demos, supply chain compromise, and IT/OT security trends among other things. Thanks to the team at MISI/DreamPort for this opportunity.
© 2020-2025 Ivy Podcast Discovery LLC
