The PrOTect OT Cybersecurity Podcast (Aaron Crow)

About Josh Varghese: Josh Varghese, founder of Traceroute, is a seasoned industrial networking expert who has dedicated himself to serving the dynamic industrial/OT market. With nearly a decade of experience as a technical lead at Industrial Networking Solutions, where he established their technical support and application engineering department, Josh cultivated a deep understanding of the industry. He now leads Traceroute, offering a comprehensive suite of services including consulting, design, solution architecture, and more, while maintaining invaluable relationships with clients and vendors forged during his career.

In this episode, Aaron and Josh Varghese discuss:

• Navigating vendor dependence and networking complexity in industrial environments
• Overcoming resistance to technology advancements in industrial settings
• The challenges of IT-OT convergence and the importance of OT knowledge transfer
• The importance of empathy and collaboration in an SDN-driven future

Key Takeaways:

• In the world of industrial networking, the critical importance of bridging the gap between vendors, asset owners, and complex OT environments becomes glaringly evident, as a lack of expertise and responsibility often leads to network disasters and production outages, emphasizing the need for specialized support and education in this field.
• Getting burned by poorly configured solutions in the industrial technology realm has led to a reluctance to embrace advancements; however, with proper configuration and understanding, these advancements can be highly beneficial.
• Bridging the gap between IT and OT, and improving basic understanding of network concepts, is crucial for overcoming resistance to new technology adoption and ensuring operational resilience in a world where automation and physical processes intersect in every aspect of business.
• In the evolving landscape of IT and OT collaboration, the key to success lies in fostering understanding, empathy, and effective communication between the two sides, rather than imposing complexity or hierarchies, while emerging technologies like SDN offer promise but must address the challenge of simplifying network management in the OT space.

"So much of what has happened in the last five to ten years in our space has been around wanting to look at lateral traffic movement or visibility to more traffic. And it's all been very difficult to accomplish because the architecture and the technology available in traditional networking makes it so. You and I have talked about wanting to fast forward to a scenario with sensors in the switch, full visibility, and all this stuff. SDN gets us there like in the snap of a finger." — Josh Varghese

Connect with Josh Varghese:  

Website: www.traceroutellc.com

Email: josh@traceroutellc.com

LinkedIn: https://www.linkedin.com/in/varghesejm

Traceroute’s OT networking training in Dallas-Fort Worth on February 8-9, 2024:

https://www.traceroutellc.com/s/Traceroute-DFW-Training-Flyer.pdf

The best (or arguably “worst”) kept secret in OT networking is Software Defined Networking: https://www.linkedin.com/posts/varghesejm_industrialnetworking-otnetworking-otsdn-activity-6963503182421377024--52t/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Danielle Jablanski: Danielle Jablanski is an accomplished OT cybersecurity strategist at Nozomi Networks, where she spearheads global research on cybersecurity and drives awareness of operational technology (OT) and industrial control systems (ICS) cybersecurity throughout the industry. She is a nonresident fellow at the Cyber Statecraft Initiative within the Atlantic Council's Scowcroft Center for Strategy and Security, further establishing her expertise in the field. Jablanski's commitment to advancing cyber-physical standards development, education, certifications, and labeling authority is evident through her active roles as a staff and advisory board member of the nonprofit organization Building Cyber Security. With a passion for emerging technologies, Danielle has independently consulted for the US government and technology startups, exploring novel applications in military, defense, and commercial sectors. Prior to her current endeavors, she contributed significantly to the creation and development of the Stanford Cyber Policy Center, showcasing her dedication to cybersecurity and policy. 

In this episode, Aaron and Danielle Jablanski discuss:

• Challenges and false assumptions in cybersecurity
• Managing cybersecurity for operational technology (OT) with an overwhelming market of OT solutions to choose from
• The importance of transparency, accuracy, and precision in overcoming challenges of OT cybersecurity
• Prioritizing cybersecurity investments in a complex operational environment with limited resources

Key Takeaways:

• The cybersecurity industry holds misconceptions and obstacles in the OT domain, requiring a change in perspective, modernizing systems, and reassessing market classifications to adequately tackle emerging threats and discover practical solutions.
• With the overwhelming amount of OT technologies and tools available in the marketplace, understanding interoperability, reliability, and centralization will help you select the most appropriate ones for addressing issues in your environment.
• The convergence of IT and OT cybersecurity requires a shift in mindset, prioritizing safety and business risk over technology, and addressing key challenges of interoperability, reliability, and centralization, while leveraging trusted advisors and independent consultants for effective solutions, especially for smaller organizations.
• Focus on practical steps tailored to your financial capacity, risk assessment, and the unique demands of your organization, rather than mindlessly spending on costly products or solutions that may not fulfill your security needs. 

"Collectively, cyber-physical security requires new strategic and tactical thinking to better inform decision-makers in cyber policy, planning, and preparedness." — Danielle Jablanski

Resources Mentioned:  

Upcoming webinar by Nozomi Networks on The Next Generation of AI for OT Cybersecurity this June 14th: https://www.nozominetworks.com/webinars/the-next-generation-of-ai-for-ot-cybersecurity-launch-event/

Critical infrastructure cybersecurity prioritization: A cross-sector methodology for ranking operational technology cyber scenarios and critical entities: https://www.atlanticcouncil.org/in-depth-research-reports/issue-brief/critical-infrastructure-cybersecurity-prioritization/

Connect with Danielle Jablanski: 

Website: https://www.nozominetworks.com/ 

LinkedIn: https://www.linkedin.com/in/daniellejjablanski/ 

Twitter: https://twitter.com/CyberSnark 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Kurt Sanger: Kurt Sanger is a highly respected cybersecurity, national security, and information leader, known for his expertise in solving complex and high-stakes problems under demanding circumstances. With over two decades of experience serving in the U.S. Marine Corps, Kurt has a unique perspective on the responsibility of providing safety and security for American families. During his tenure, he served in a variety of roles, including as a cyber operations attorney, criminal defense counsel and prosecutor, and adviser to the Afghan National Army. Kurt is also a sought-after speaker, guest lecturer, and author and has worked with international, domestic, and local leaders in the private and public sectors. As the founder and director of Integrated Cybersecurity Partners, LLC, he continues to provide information technology and national security consultancy services. Kurt is also a cybersecurity board member and advisor for Cowbell Cyber Insurance and Batten Safe Corporation.

In this episode, Aaron and Kurt Sanger discuss:

• Understanding the challenges faced by attorneys in cyberspace within the Marine Corps
• The value of information sharing in cybersecurity to prevent future attacks and protect infrastructure
• Balancing cybersecurity regulations to protect against threats while managing costs.
• Tying cybersecurity incidents to business risks and justifying investments in cybersecurity resources from a legal perspective

Key Takeaways:

• As a cyber lawyer, Kurt finds it necessary to constantly think of fresh ways to safeguard people and assets while keeping cyberspace open, which implies approaching each scenario with a unique outlook
• Creating cybersecurity laws is challenging due to insufficient information on past attacks and how they were handled, which limits the industry's ability to learn from those experiences and prevent future attacks
• Insurance companies can assist small and medium-sized businesses in enhancing their cybersecurity, but regulations must consider the expenses of compliance and the limitations of government's expertise while prioritizing the need for improved security
• Reporting cyber incidents helps businesses understand risks and consequences, and tying it to a business risk with legal accountability elevates cybersecurity as a business issue, ensuring everyone in the organization understands the impact it can have 

"In the next five to 10 years, I hope we will see that the cybersecurity tools can be used to make the system, the greater system, more reliable. And that's what I'm working for right now, as I think we all are in this community." — Kurt Sanger

Connect with Kurt Sanger:  

LinkedIn: https://www.linkedin.com/in/kurt-sanger-311970115/

NSA’s Cybersecurity Collaboration Center: https://www.nsa.gov/About/Cybersecurity-Collaboration-Center/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Jonathan Tubb: Jonathan Tubb is a seasoned cybersecurity expert, renowned for his proficiency in crafting innovative solutions to address the most pressing security issues in the power generation sector. With a background in Computer Engineering from Ohio State University and a Professional Engineer (P.E.) license, he has over 15 years of hands-on experience. Currently serving as the Director of Industrial Cyber and Digital Security at Siemens Energy, Inc., Jonathan also imparts his knowledge as a lecturer for a master's course in Operational Technology Cyber Security at Duke University's Pratt School of Engineering.

In this episode, Aaron and Jonathan Tubb discuss:

• Navigating the evolving landscape of OT cybersecurity
• Implementing cybersecurity measures for small modular reactors in the energy industry
• Cross-disciplinary expertise in OT cybersecurity and the need for specialized training programs
• The future of IT-OT convergence

Key Takeaways:

• In the evolving landscape of industrial cybersecurity, the shift from minimal compliance to recognizing the real-world impact and the urgent need for cross-training in IT and OT is crucial to bridging the knowledge gap and securing critical infrastructure effectively.
• As the energy industry progresses with new technologies like small modular reactors, the existing regulatory frameworks and cybersecurity practices face challenges in adapting to these changes, highlighting the need for flexible and scalable cybersecurity solutions in critical infrastructure.
• In the complex world of OT cybersecurity, the key to success lies in having the right people with a deep understanding of both engineering and cybersecurity, bridging the gap between the two worlds to protect critical infrastructure and ensure reliability in an ever-evolving landscape.
• The future of IT/OT convergence holds both excitement and concern, as the integration of these systems could lead to unprecedented efficiencies and insights, but a heavy-handed approach may risk pulling the plug on progress, hindering the potential benefits for both cybersecurity and operations.

"I hope that the outcome of all this is positive for both sides of the industry, for practitioners, for the business side, like I see a destination where cybersecurity and operations are holding hands, skipping through a field." — Jonathan Tubb

Connect with Jonathan Tubb:  

Email: jonathan.tubb@gmail.com

LinkedIn: https://www.linkedin.com/in/jonathan-tubb

Hackers Teaching Hackers Event: https://www.hthackers.com

GridSecCon 2023: https://www.nerc.com/pa/CI/ESISAC/Pages/GridSecCon.aspx

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Dennis Murphy: Dennis is Lead OT Security Engineer at National Grid. He focuses on providing practical solutions to meet national critical infrastructure cyber security requirements. One of his main interests in OT cybersecurity is helping to bridge the gap between the information technology (IT) and operational technology (OT) domains. 

Control systems engineer turned cybersecurity leader, Dennis has decades of experience implementing OT cybersecurity strategies across a wide variety of industrial environments. This experience allows him to apply state-of-the-art cyber security solutions to national critical infrastructure asset owners while maintaining the continued reliable operation of OT networks.

In this episode, Aaron and Dennis Murphy discuss:

• The challenges with IT and OT convergence
• Achieving an accurate asset inventory around OT 
• The importance of having the right endpoint data
• The challenges of SBOM and scope 

Key Takeaways:

• In industrial security, there is still a need for IT and OT to collaborate more closely in order to standardize on effective programs. It is important to continue communication about OT-specific requirements and which IT practices should not be applied to operational environments and to drive agreement on standard practices and technologies across multiple sites.
• Getting accurate and complete asset inventory and details is critical in making decisions for OT security and operations.  While traditional IT approaches should not be used, there are effective ways now to get the visibility and endpoint data you need in OT environments. Giving analysts the complete picture of the device, its use, function, and configuration help to more quickly decide the course of action and remediations. 
• When it comes to SBOM, understanding the subcomponents is easier with new gear than it is with existing equipment. New systems can be pen tested as they come in. With existing systems, you need to consider when it makes sense to query, when that information might change, and what’s the scope of information needed.  

Connect with Dennis Murphy:  

LinkedIn: https://www.linkedin.com/in/dennis-murphy-ot-security/ 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Show notes by Podcastologist Melvin Romero

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Nick Tsamis: Nick currently serves as Department Chief Engineer within the Cybersecurity Infrastructure Protection Innovation Center (CIPIC) at The MITRE Corporation where he works to develop strategies for protection against emerging threats on critical infrastructure. Nick led the technical efforts for the first release of Caldera for OT. He holds degrees in computer science and aerospace engineering, and resides in Honolulu, HI.

In September, MITRE and CISA announced that MITRE Caldera™ for OT is now publicly available as an extension to the open-source Caldera platform, allowing security teams to run automated adversary emulation exercises that are specifically focused on threats to operational technology (OT).

Our nation’s critical infrastructure—including public transportation, commerce, clean water, and electricity—relies on operational technology, but that technology often has weak security spots. Caldera for OT empowers security teams with new tools to help ensure the safe and secure function of critical infrastructure, thus improving our nation’s resiliency posture.

Caldera for OT is now available on GitHub. As an open-source platform, Caldera for OT will continue expanding to new environments, protocols, and attacks. MITRE partnered with CISA through the HSSEDI (Homeland Security Systems Engineering and Development Institute) to develop the first set of modules and continues to work internally, with CISA, and other organizations to develop and release the next set of Caldera for OT open-source modules.

In this episode, Aaron and Nick Tsamis discuss:

• Creating a common vernacular and building risk-appropriate solutions
• Standardizing cybersecurity practices in OT environments
• Enhancing OT security through customized Red Team assessments and protocol familiarization
• Navigating the intersection of human expertise and machine learning in cybersecurity

Key Takeaways:

• In bridging the worlds of IT and OT cybersecurity, the key is establishing a common language, understanding the crucial emphasis on availability and safety, and developing tools like Caldera to operate within OT protocols, ultimately shifting towards a balanced risk appetite in the industrial control sector.
• The adoption of Caldera for OT marks a transformative shift in cybersecurity testing, enabling standardized, real-world simulations in operational environments, bridging the IT-OT gap, fostering collaborative language, and empowering organizations to take calculated, transparent steps toward robust cyber defense strategies.
• Effective communication, trust-building, and tailored red teaming activities in OT environments empower teams to ask critical questions, understand protocols deeply, and conduct standardized tests, enhancing detection and asset identification, reducing barriers, and strengthening internal security.
• In the evolving landscape of OT and cybersecurity, we must harness the power of machine learning to assist human operators while maintaining vigilance in verifying the trustworthiness of data to avoid misinformed actions.

"Misinformation is a real thing, and if we're not trusting the information that's being provided at real time, the actions that I'm taking from a cybersecurity perspective may potentially do more harm than good." — Nick Tsamis

Connect with Nick Tsamis:  

Mitre Blog: https://medium.com/@mitrecaldera

Mitre Email: OT@mitre.org

Website: https://www.mitre.org/

Email: slytle@mitre.org

LinkedIn: https://www.linkedin.com/in/nicktsamis/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Matthew Scott: Matthew Scott is a technical leader with over three decades of experience in industrial automation, specializing in the design, deployment, and maintenance of cutting-edge SCADA systems across critical infrastructure sectors such as transit, oil & gas, energy, and water/wastewater. His expertise spans a wide range of hardware and software platforms. A trailblazer in cybersecurity, Matthew's contributions extend beyond his role as an OT security professional, as he has authored peer-reviewed publications and presented at technical conferences. With a commitment to fostering innovation and promoting a "Fail Fast, Fail Forward" ethos, he leads cross-functional teams in the development of secure and resilient industrial control solutions that ensure the reliable delivery of essential services.

In this episode, Aaron and Matthew Scott discuss:

• Implementing security by design in legacy industrial control systems
• Enhancing OT cybersecurity through code quality and dynamic rule sets
• A step-by-step approach to improve cybersecurity and system resilience
• Balancing regulations and technological advancements in OT cybersecurity

Key Takeaways:

• The crucial strategy for securing OT involves a holistic approach, combining identification of exploits, rule creation, and integrated defensive programming within system design to counter malicious actions and ensure process reliability and security, moving beyond mere patching or hardware replacements.
• In the rapidly evolving landscape of OT cybersecurity, the fundamental importance of well-disciplined code and comprehensive input validation is resurfacing as a potent strategy, enabling organizations to proactively mitigate a substantial portion of vulnerabilities and exploits, with the potential for machine learning to dynamically adapt and reinforce security measures over time.
• Recent progress in system security has shifted from insecure designs to security-focused thinking, bolstering code against vulnerabilities in complex environments, yet the challenge remains in safeguarding legacy systems and maintaining uniform standards.
• Amidst the focus on looming threats, the key lies in addressing foundational cybersecurity concerns, highlighted by upcoming regulations for industrial control systems, while cautioning against prioritizing advanced tech over resolving core technical issues.

"I don't necessarily see that AI is gonna make malicious actors more prevalent and more powerful. But I think we're gonna see the emphasis move to that. So until we have a regulation that forces us to clean up our code and be disciplined, we're gonna see organizations go out and spend money." — Matthew Scott

Triton Malware Exploited Zero-Day in Schneider Electric Devices: https://www.securityweek.com/triton-malware-exploited-zero-day-schneider-electric-devices/

Connect with Matthew Scott:  

Learn how to protect your ICS with PLC defensive programming techniques! Join Matthew and his colleague Tyler Lentz at the INCOSE Western States Regional Conference: https://www.pnnl.gov/events/incose-western-states-regional-conference

Website: https://plc-security.com/

Email: mjs672@nau.edu

LinkedIn: https://www.linkedin.com/in/matthew-j-scott-mcit/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Debbie Gordon: Debbie Gordon is the founder and CEO of Cloud Range, the industry-leading cybersecurity simulation training solution that helps organizations reduce cyber risk. A globally recognized technology entrepreneur, Debbie founded Cloud Range on the premise that simulation training is as integral in cybersecurity as it is in other fields like medicine, aviation, or the military. The result was that Cloud Range led the development of a new category in cybersecurity. Only three years later, organizations around the globe are incorporating the company’s cyber readiness solution as a core element of their security programs.

A graduate of Vanderbilt University where she earned her degree in human and organizational development, Debbie has focused her work on businesses that improve people’s lives. Her career began in technical education and certification, and she has built and sold several companies in eCommerce, IT asset management, and training. She is currently on the board of directors of Entrepreneurs’ Organization - Nashville. Debbie is a frequent speaker on cybersecurity readiness, simulation training, and team effectiveness at conferences and seminars all around the world. She has also been featured in many podcasts, has authored many articles, and has been quoted in major publications including Fox News, Wall Street Journal and Forbes.

In this episode, Aaron and Debbie Gordon discuss:

• The three elements of learning 
• Cybersecurity awareness in the OT world 
• Practicing cybersecurity responses in a simulated environment
• Adapting the organization to cybersecurity 

Key Takeaways:

• When it comes to cybersecurity, knowledge and ability are great but may not be enough. The gap must be filled with experiential learning, which means they’ve got to practice their knowledge and skills in a simulated environment in order to be adequately prepared for real-world events. 
• An example of cybersecurity awareness in the IT world is telling people to be wary of phishing emails. In the OT world, cybersecurity awareness is all about letting people know that when things are going wrong and alarms are going off in machines and systems, it might be a cyber attack. 
• Nothing could prepare somebody more for a cyberattack than to experience it first hand in a simulated event. By practicing in a safe environment, they could test themselves, take risks that they otherwise wouldn’t in a real situation, and improve by making their solution more efficient and effective as they practice more and more. 
• Cybersecurity is the job of every member of an organization. Technology and processes have to be honed and trained, but there are fundamental organizational changes that must happen in order to create a safe 

"This is cybersafety. This isn't just about protecting data. This is protecting lives and our livelihoods." — Debbie Gordon

Connect with Debbie Gordon: 

Website: https://www.cloudrangecyber.com/ 

LinkedIn: https://www.linkedin.com/in/degordon/ 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Admiral TJ White: Vice Admiral TJ White is a retired 30-plus-year national security practitioner, strategist, and cyber operations expert. He has commanded at all levels within the Navy and on joint service, including as the commander of US Fleet Cyber Command, US Tenth Fleet, and US Navy Space Command, as well as the commander of the US Cyber National Mission Force of US Cyber Command. White is a former intelligence director for US Indo-Pacific Command and has served globally in various combat zones and conflict areas supporting competition dynamics. A nonresident senior fellow in the Forward Defense practice of the Atlantic Council's Scowcroft Center for Strategy and Security, White's consulting practice, OneNetworkConnection, LLC, leverages his technical acumen, operational horizon, and strategic vision to assess and manage current and future risk. He is an expert in talent management, risk assessment, and consequence management concerning cybersecurity, critical infrastructure, supply chain, technology policy, and trust relationships. His mission is to bridge the accelerating divide between a digital information technology ecosystem and the genuine impact on human organizational design and enterprise decision-making.

In this episode, Aaron and Admiral TJ White discuss:

• Exploring solutions to overcome challenges in navigating cybersecurity and critical infrastructure complexities.
• Managing ongoing threats and resources for effective cybersecurity in slow-moving industries.
• The importance of prioritizing OT to protect physical processes, human life, and national defense and sovereignty.
• Assessing the impact of vulnerabilities in an organization through the interplay of cybersecurity and organizational factors.

Key Takeaways:

• The biggest and most challenging step in understanding cyberspace is recognizing it as a strategic imperative, and ensuring that the C-suite and board members are invested in developing a comprehensive understanding of the company's mission, vulnerabilities, and exposure to cyber threats.
• Improving cybersecurity has been an ongoing journey for the US government, industries, and large companies since the Y2K era. This journey involves continuous adaptation to new threats through strong leadership and attention, with the Department of Defense being a successful example through their persistent engagement and defend forward strategies.
• The power industry, in particular, is a prime example of how technology can lead to increased efficiency, dependability, and performance.
• Cyberspace is not just technology, but a business risk that ties into the financials, safety, confidentiality, and overall business process. Understanding the vulnerabilities and their impact on the organization is valuable for making informed decisions on how to protect against them.

"I'm very confident that more and more as a leader, if you just demonstrate and display that you're cognizant that this is a real thing and that there is a place that it is impacting everything that you do. I think the people on your team will want to become knowledgeable about it." — Admiral TJ White 

Connect with Admiral TJ White:  

Email: tj@onenetworkconnectionllc.com

LinkedIn: https://www.linkedin.com/in/tjwhite01networkconnection/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Fred Gordy: Fred Gordy is a pioneering figure in the SmartBuilding industry, with two decades of expertise in developing and implementing secure control systems for Fortune 500 companies across the globe. A trailblazer in addressing the inherent cybersecurity risks posed by control system technology, he has authored over 100 articles on building control cybersecurity, with his insights featured in prominent publications like the Wall Street Journal, CNBC, and healthcare journals. Fred's extensive knowledge and commitment to the field have led him to develop cutting-edge control system cybersecurity assessment methodologies and tools, while also serving as a technical advisor on various industry boards and holding multiple certifications in control technology.

In this episode, Aaron and Fred Gordy discuss:

• The critical intersection of convenience and cybersecurity in modern infrastructure and control systems
• Building cybersecurity certifications and their impact on commercial real estate
• Overcoming cultural barriers in implementing cybersecurity measures for critical infrastructure
• The importance of people-centered approaches in business and cybersecurity

Key Takeaways:

• In the ever-evolving world of technology and cybersecurity, the importance of resilience and adaptability shines through, reminding us that regardless of the specifics, whether it's elevators, critical infrastructure, or complex IT systems, preparedness and proactive action matter most when unexpected challenges arise.
• Achieving bronze, silver, or gold certification levels is all about tailoring your security measures to the criticality of your building, ensuring that you're prepared to safeguard your occupants and assets accordingly, whether you're running a standard commercial office space or housing national security agencies.
• In building cybersecurity, addressing the foundational questions of what you have, how it's connected, and who has access is crucial to building trust and resilience, even if it means challenging established cultural norms and embracing new technologies.
• Embrace the power of compromise and understanding, for it's not about being right or wrong, but about collectively navigating the complex landscape to reach our desired destination, one step at a time, even as new technological challenges loom on the horizon.

"In the IT world, everything is CIA: confidentiality, integrity, and availability. In our world, you know, availability's number one. So confidentiality was never taken into account. So now you've got all of these systems being connected together as highly available as possible." — Fred Gordy

Connect with Fred Gordy:  

Website: https://mbakerintl.com/en/

Email: fred.gordy@mbakerintl.com

LinkedIn: https://www.linkedin.com/in/fredgordy/

Twitter: https://twitter.com/FGordy

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

About Raphael Arakelian: Raphael Arakelian is a distinguished figure in the field of cybersecurity, serving as a manager within PwC Canada's OT & IoT cybersecurity team. With a national leadership role, he directs PwC Canada's efforts in OT monitoring implementation services, overseeing proof-of-concept evaluations and implementations across diverse industries. Raphael's unwavering commitment to securing critical infrastructure and industrial systems against cyber threats showcases his profound passion for advancing OT monitoring technology and staying at the forefront of cybersecurity innovation.

In this episode, Aaron and Raphael Arakelian discuss:

• Evaluation OT security solutions beyond technological features
• Maturing implementation considering technical requirements, business requirements, and organizational factors
• Exploring the integration of active scanning in OT cybersecurity protocols
• Achieving comprehensive OT asset management and cybersecurity monitoring
• Bridging the gap between OT and cybersecurity
• The evolving role of OT cybersecurity

Key Takeaways:

• To build a robust OT cyber monitoring program, organizations must embrace a collective approach involving a combination of tools, people, active and passive methods, and meticulous asset inventory management to enhance their security posture in an evolving threat landscape.
• In the world of OT cybersecurity, it's not enough to simply have tools; success hinges on a meticulous understanding of assets, ongoing monitoring, and a proactive approach to vulnerabilities, even if achieving 100% coverage remains elusive.
• It's crucial to move beyond black-and-white thinking, embrace active scanning safely, involve vendors collaboratively, and establish hybrid roles to take ownership and advance visibility for more robust OT cybersecurity practices.
• In the next 5 to 10 years, we'll witness a pivotal shift towards more comprehensive and collaborative OT cybersecurity practices, embracing advanced monitoring technologies and the active involvement of OEMs, as the critical importance of safeguarding operational technology becomes increasingly evident.

"Most of the time, it's too much of a burden to be able to take care of the technology parts, but also influence on both sides the culture to be able to have a successful OT cyber program." — Raphael Arakelian

Connect with Raphael Arakelian:  

Email: raphael.arakelian@pwc.com

LinkedIn: https://www.linkedin.com/in/raphael-arakelian/

Raphael will be presenting a paper at S4 this March 2024 around active scanning of OT PLCs: https://s4xevents.com/page/4/?et_blog

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Thomas VanNorman: Thomas VanNorman, a seasoned professional with almost three decades of experience in OT, is currently leading the CyPhy Product group at GRIMM. His primary focus involves securing Industrial Control Systems and networking within this domain. Additionally, Tom is a co-founder of the ICS Village, a 501(c)(3) non-profit organization dedicated to Control System security and awareness, where he has volunteered for almost a decade. Tom retired from the Air National Guard after serving in Cyber Warfare Operations, capping off a diverse career that included working on airplane control systems for 12 years.

In this episode, Aaron and Thomas VanNorman discuss:

• Starting up The ICS Village
• Navigating the world of industrial control systems
• Addressing the unique challenges of OT security
• The chicken and egg dilemma in industrial cybersecurity
• Insights from recent SEC actions and the role of CISOs in risk acceptance

Key Takeaways:

• The ICS Village, founded eight years ago, focuses on educating and raising awareness about industrial control systems (ICS) and their security, using conferences, events, and roadshows to provide hands-on experiences, non-sales discussions, and tabletop exercises, with a mission to bridge knowledge gaps, address terminology variations, and emphasize the importance of both old and new threats in the ICS space.
• Addressing cybersecurity challenges in the OT space, particularly with aging technology, requires a unique approach due to potential impacts on production and safety, leading to the launch of a four-year apprenticeship program initially targeting veterans to bridge the skills gap.
• Navigating the challenges of cybersecurity in industrial settings requires a blend of technical expertise, an understanding of operational processes, and effective risk communication, as demonstrated by the importance of bridging the gap between IT and OT and addressing vulnerabilities in a context-specific manner.
• In the ever-evolving landscape of cybersecurity, the role of CISOs is becoming increasingly crucial, with recent legal actions targeting them personally; however, it's essential to recognize that CISOs often lack the executive power to make decisions, highlighting the need for a shift in organizational dynamics and a deeper understanding of the risks being accepted.

"Our role as technologists is to explain the facts: Why does this matter? What happens if you fix it? What happens if you don't fix it? It may cost millions of dollars to fix it. It might be for an air handler that operates the warehouse, which doesn't matter much. Or it could be an air handler for that warehouse that does matter because it has to be climate-controlled. Things go south quickly. It's the same piece of hardware, the same piece of technology, but with different applications." — Thomas VanNorman

Connect with Thomas VanNorman:  

Email: tom@icsvillage.com

Website: https://www.icsvillage.com/

LinkedIn: https://www.linkedin.com/in/thomasvannorman/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Ron Brash: Ron Brash, a renowned figure in ICS/OT cybersecurity and embedded vulnerability research, garnered acclaim as the recipient of the Top 40 under 40 award for Engineering Leaders 2020 from Plant Engineering. Serving as the VP of Technical Research & Integrations at aDolus Technology Inc., Ron aligns his passion for ICS/OT security by leveraging his extensive experience in advising major asset owners across industries such as oil & gas, manufacturing, energy, and aviation. His notable achievements include playing a pivotal role in creating datasets for the S4 ICS Detection Challenges, reflecting his commitment to advancing industry standards and fostering innovation in cybersecurity.

In this episode, Aaron and Ron Brash discuss:

• Understanding and managing vulnerabilities in OT systems
• Balancing risk, detection, and recovery
• Exploring the intersection of cybersecurity, business risk, and vendor collaboration
• Navigating challenges in industrial networks

Key Takeaways:

• In the complex world of industrial cybersecurity, understanding and managing vulnerabilities is like conducting a home inspection or maintaining a car—focus on what matters most, prioritize based on critical assets, and approach it with a measured, pragmatic strategy rather than panicking in the face of a long list of issues.
• Achieving zero incidents is an unrealistic goal, and the focus should shift towards proactive detection, deflection, and defense, along with a robust recovery plan, emphasizing the importance of people, processes, and technology, particularly in the context of evolving technologies and complex vendor landscapes.
• The key to cybersecurity success lies in translating technical intricacies into tangible business value, effectively correlating cyber and architectural considerations to business risk, as demonstrated by a strategic approach involving transparency, attestation, and collaboration with vendors, ultimately leading to improved security measures and operational efficiency.
• Navigating the challenges of aging industrial systems, transparency issues in software development, and evolving threat landscapes underscores the crucial importance of a collaborative community effort to ensure the resilience and security of critical infrastructure in the face of emerging threats.

"Some are very forward-leaning and some believe in the democratization of data, and some are more old school and don't want to share a thing. Within the realm of business, and to be truly fair, no business is homogenous. So, there are different business units that might be more modern and more open facing, and others that are like, don't touch this because you don't know what other industries we're working in." — Ron Brash

Connect with Ron Brash:  

Email: ron.brash@adolus.com

Website: www.adolus.com

LinkedIn: https://www.linkedin.com/company/adolus & https://www.linkedin.com/in/ronbrash/

Twitter: https://twitter.com/ron_brash

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Dan Gunter: Dan Gunter is an accomplished cybersecurity professional with a wealth of experience in the field. As the founder and CEO of Insane Forensics, he is committed to providing digital forensics and threat-hunting services to help organizations protect themselves from cyber threats. Dan's expertise was honed through years of service in the United States Air Force, including as an officer in the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams. He also served as Director of Research and Development for Dragos Inc, where he oversaw detection engineering and reverse engineering efforts to protect critical infrastructure sites. Dan is a highly-regarded speaker and has presented at numerous events, including Blackhat, Schmoocon, S4, and CS3STHLM, where he has shared his knowledge on incident response, threat hunting, consequence analysis, and security operations. 

In this episode, Aaron and Dan Gunter discuss:

• The differences and challenges of incident response in IT vs OT environments, particularly in protecting critical infrastructure in OT systems
• What a typical engagement looks like in an industrial environment for proactive and reactive security services
• How asset owners of SMBs can secure their assets when they don't have an OT group, and what resources are available to help them
• How different factors impact the response and success of a security incident in OT environments compared to IT environments

Key Takeaways:

• OT and IT systems are often built with similar hardware and software, but on the OT side, the consequences of a system going down can be much more severe, so it's important to understand both the technical level and how humans interact with it, to protect and help asset owners and preserve life and safety.
• Industrial sites can work with security consultants to prevent problems by taking proactive measures like threat assessments, network monitoring, and incident response retainers, but it's important to understand the environment and build trust to develop effective strategies.
• To keep your business safe from cyber threats, consult with equipment manufacturers and follow their security guidelines, implement network monitoring and testing, and take proactive and reactive measures without overthinking.
• Adapting IT and OT procedures to your organization's assets and requirements is crucial due to the significant variation across industries and sites, and a lack of accurate data sources and asset inventory can cause issues. 

"Our ability to consume, to process, to push technology forward continues to grow. Whether you look at smart city stuff, both for security and also for power management and others, or you look at other systems like 5g and other things, we're able to move data around a lot easier. This combination of us being able to get more data but also process the data, I think it's going to have huge implications on the security side." — Dan Gunter

Connect with Dan Gunter: 

Website: https://insaneforensics.com/ 

YouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPA

LinkedIn: https://www.linkedin.com/in/dan-gunter/ and https://www.linkedin.com/in/dan-gunter/

Twitter: https://twitter.com/insaneforensics

Cost of a Data Breach 2022 Report: https://www.ibm.com/reports/data-breach

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

Over three decades, Lucian has served in the White House, the Pentagon, and in Congress providing budget, policy, and management leadership for U.S. national security programs.  He served as an Assistant Secretary of Defense managing the world’s largest real property portfolio valued at a trillion dollars. Lucian was responsible for identifying and mitigating risk to national security programs, as well as improving energy and environmental resilience, in the construction, sustainment, and modernization of facilities and related infrastructure.  Lucian also served the Secretary of Defense as a strategic advisor for critical mission assurance and cybersecurity programs, as an Assistant Secretary of the Navy, and in the Office of Management and Budget at the White House overseeing national security, nuclear, and intelligence programs. 

From 2003 to 2014 he served on the professional staff of the United States Senate Committee on Armed Services responsible for legislative and budget oversight over a wide portfolio of national security programs.

Lucian founded The Niemeyer Group, LLC in 2014, providing public and private sector clients strategic advisory services for economic and business development. He also serves as a founding Principal Director for the non-profit organization, United Coalition for Advanced Nuclear Power to promote the use of clean, safe civilian nuclear power.

Lucian is an Air Force veteran with 21 years of active and Virginia Air National Guard service. He holds a Bachelor of Architecture, from the University of Notre Dame, a Master of Business Administration from The George Washington University, and a Master of National Security and Strategic Studies from the Naval War College. He was also appointed a Fellow in the Society of American Military Engineers.

In this episode, Aaron and Lucian Niemeyer discuss:

• Bringing cybersecurity to OT systems 
• Maintaining and improving cybersecurity 
• Why seeing vulnerabilities is important 
• Addressing cyber safety in society

Key Takeaways:

• In IT, systems are designed to be secure. A lot of OT systems have been around for 40 and 50 years, back when security wasn’t even a concept much less designed into the architecture. 
• Cybersecurity is not just a one time thing, it needs to be maintained and it needs to be upgraded and allowed to evolve. It’s like a fitness routine, you don’t get healthier or more fit by visiting the gym only once in your life. 
• Pointing out vulnerabilities in a building’s cybersecurity is a huge benefit to the owner. In the most dangerous scenario, somebody could get hurt and in other more probable scenarios, the news of a cyberattack on a building could significantly impact its value. 
• We as a society need to address cyber safety the way that we look at safety in other aspects of our culture. In some areas, safety isn’t an option and we should look at cyber safety the same way. 

"There are processes in place already in our society where we're rewarding good behavior. So the goal is how we can apply that to cyber safety within a building." — Lucian Niemeyer

Connect with Lucian Niemeyer: 

Website: https://buildingcybersecurity.org/ 

LinkedIn: https://www.linkedin.com/in/lucian-niemeyer-307aa65/ 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Joy Ditto:  Joy Ditto is a dynamic leader and influential figure in the energy sector. As the President and CEO of Joy Ditto Consulting, she advises companies on vital areas such as cyber and physical security, resilience, broadband, and clean energy development. With her strategic prowess, Joy helps organizations shape their engagement with the federal government and improve overall performance. Her exceptional track record includes being selected as part of a prestigious Blue-Ribbon Panel to assess the Tennessee Valley Authority's response to a major winter storm. Previously, as President and CEO of the American Public Power Association, Joy achieved remarkable milestones, including a substantial increase in revenue, tripled net worth, and securing a historic tax credit for clean energy development. Joy's expertise and media presence have garnered attention on crucial topics, and she has appeared in renowned outlets such as Bloomberg Radio and NPR. With a background encompassing Capitol Hill experience and influential roles in various organizations, Joy brings a wealth of knowledge and strategic insight to the energy sector.

In this episode, Aaron and Joy Ditto discuss:

• The evolution of NERC CIP and the inclusion of cybersecurity.
• Transformative progress of cybersecurity in the power utility industry.
• Educating policy makers on OT and IT distinctions.
• The impact of AI on policy and operations in the OT space.

Key Takeaways:

• The formation of NERC CIP and the development of reliability standards in the power industry were driven by the need to address integration challenges, ensure economic benefits, and mitigate the risks of cascading effects on the transmission grid, with cybersecurity considerations being added later during the implementation phase.
• The power utility industry has made significant progress in cybersecurity due to the implementation of NERC regulations, which have fostered an iterative and collaborative approach, enabling baseline maturity while allowing utilities to go above and beyond to protect critical assets.
• Recognizing the significance of clear communication and education in intricate domains such as cybersecurity, IT, and OT, it becomes vital to present policymakers and decision-makers with simplified yet precise information, empowering them to make well-informed choices while sidestepping unintended outcomes.
• Policy discussions surrounding AI in operational technology (OT) must carefully navigate its potential benefits in areas like cybersecurity and efficiency while addressing concerns about control, manipulation, and potential risks, emphasizing the importance of a balanced approach to its responsible implementation. 

"Even though we see danger in deploying AI and maybe cutting jobs out from people, maybe there's gonna be a positive there too, like professionals who come into play, right? We need a diversity of people in our industry to be able to manage these challenges." — Joy Ditto

Connect with Joy Ditto:  

Email: joy@joydittoconsulting.com

Phone: (703) 861-6361

LinkedIn: https://www.linkedin.com/in/joy-ditto-utc/

Twitter: https://twitter.com/joyditto?lang=en

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Emilio Salabarria: Emilio Salabarria is a highly accomplished expert in emergency management and cybersecurity. He's been serving as the Deputy Senior Executive Advisor at Cyber Florida since July 2022. Emilio brings a wealth of knowledge and expertise to the table when it comes to cybersecurity education, research, training and development, public policies, cybersecurity-related technologies, and critical infrastructure support. He's got some serious experience under his belt too - having previously worked at Tampa Electric Company, the Tampa Port Authority, and The Depository Trust and Clearing Corporation. Emilio's career began in 1985 as a firefighter, and he worked his way up to Division Fire Chief of Special Operations at Tampa Fire Rescue. During his time there, Emilio played a key role in the planning of major events such as the Gasparilla Parades, the 2012 Republican National Convention, and Super Bowl 43. Emilio's got a wealth of experience and education to draw on, and he's making a real impact in the fields of emergency management and cybersecurity.

In this episode, Aaron and Emilio Salabarria discuss:

• Risk assessment programs for securing Florida’s critical infrastructure 
• The importance of participating in cybersecurity risk assessments and having a plan for the implementation of recommendations
• Helping small counties prevent a cyber 9/11 by training and assessing them through tabletop exercises and the CSET tool
• The potential impact of a comprehensive cybersecurity assessment tool for improving organizational resilience and preparedness

Key Takeaways:

• Florida is assessing the cybersecurity risks of its public and private entities in 16 sectors to identify weaknesses and provide solutions to enhance preparedness against cyberattacks.
• Participating in cybersecurity risk assessments, such as CSET, is crucial for Florida's critical infrastructure to identify risks and develop effective cybersecurity strategies, and is a low-friction and easy process.
• Tabletop exercises are useful for cybersecurity training, but small counties with understaffed IT departments need more support to participate in them and prevent cyber attacks.
• Completing the CSET tool for cybersecurity assessments to at least 90% can lead to benefits for participating organizations, regardless of whether they answer all questions, and the results from the program in Florida could be applicable to other states and industries.

"What we're trying to do here at Cyber Florida, we're trying to prevent a cyber 9/11. That's what we want to avoid, and that's the reason for the risk assessment, the training, and the report to the state to see what they will do." — Emilio Salabarria

Connect with Emilio Salabarria: 

Website: https://cyberflorida.org/

Email: esalabarria@cyberflorida.org

LinkedIn: https://www.linkedin.com/in/emilio-f-salabarria-ms-cim-1816334/ and https://www.linkedin.com/company/cyberflorida/

Twitter: https://twitter.com/CyberSecurityFL

Instagram: https://www.instagram.com/cybersecurityfl/

CyberSecureFlorida Initiative: https://cyberflorida.org/cybersecureflorida/

Florida Cybersecurity Grant Program: https://digital.fl.gov/cybersecurity/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Bryson Bort: Bryson Bort is a skilled cybersecurity professional with an impressive background as an entrepreneur and former U.S. Army Officer. He founded SCYTHE, a platform for next-generation attack emulation, and GRIMM, a cybersecurity consulting firm. Additionally, he co-founded the ICS Village, a non-profit organization dedicated to raising awareness about industrial control system security. Bryson has received numerous awards and recognitions, including being named one of the Top 50 in Cyber by Business Insider and a Tech Titan in Washington DC. He also served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom during his military career. Bryson earned his Bachelor of Science in Computer Science with honors from the United States Military Academy at West Point and completed various professional education courses in tactical communications and information assurance. With his extensive experience in the cybersecurity industry, Bryson is a respected thought leader and advisor in the field.

In this episode, Aaron and Bryson Bort discuss:

• The challenges and cultural divide in addressing cybersecurity issues in OT, why IT security solutions don’t work for OT, and why OT security is lagging behind IT security
• Bridging the gap between OT and IT through education, but also listening and building trust.
• Vulnerability management and patching versus risk mitigation
• Ransomware in cars, geopolitical concerns, and positive developments in government efforts and regulation to support risk management in education and critical infrastructure's OT side.

Key Takeaways:

• OT cybersecurity requires a different approach than IT cybersecurity due to the complex technical environment and the potential safety risks involved, and tools alone cannot bridge the cultural and skillset divide between OT and IT professionals.
• When it comes to vulnerability management, IT emphasizes patching and is often compliance driven. In OT it’s important to recognize that systems in an operational environment often cannot be patched without disruption operations, so OT vulnerability management emphasizes risk mitigation, and putting safeguards around the vulnerability.
• Security is defined by the threat. Security is measured and validated against how well that threat is mitigated. So it’s important to understand the behavioral characteristics of threats in order to take the actions that improve your security posture. Contextualizing what the security threat means to you is important for prioritization. 
• Relatively speaking, the cybersecurity industry is still young, and the U.S. Government's cybersecurity programs are even younger. We will continue to see more development and improvements with regard to unified cybersecurity programs in the near future.

"I think a lot of people forget how young this industry is and also how young the government's attempts are at this industry." — Bryson Bort

Connect with Bryson Bort: 

Website: https://scythe.io/ and https://grimmcyber.com/

Show: https://podcasts.apple.com/us/podcast/hack-the-plant/id1528852909

LinkedIn: https://www.linkedin.com/in/brysonbort/

Twitter: https://twitter.com/brysonbort

Hack the Capitol 2023: https://www.icsvillage.com/hack-the-capitol-2023

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Todd Beebe: Todd Beebe, a cybersecurity veteran since the early 90s, commenced his journey by thwarting attempts to hack his BBS. His expertise led to pivotal roles with an international organization, securing remote access, fortifying websites, and pioneering firewall deployment. Later, at Ernst & Young, he spearheaded the Attack & Penetration practice in Houston, penetrating Fortune 500 clients and contributing to the precursor of the Hacking Exposed book series. Todd's entrepreneurial spirit thrived as he founded cybersecurity companies, notably inventing the telecom firewall 'TeleWall' and the web application firewall 'eServer Secure,' holding nine US patents. His career includes fortifying the White House and Pentagon against cyber threats and building cybersecurity programs for multiple Fortune 500 organizations.

In this episode, Aaron and Todd Beebe discuss:

• Their journeys into cybersecurity careers
• Navigating the convergence of IT and OT security
• Finding common ground and overcoming historical hurdles
• Shared labs for enhanced understanding and effective problem-solving
• Cybersecurity challenges in critical infrastructure

Key Takeaways:

• In addressing cybersecurity challenges, it's crucial for IT and OT teams to collaborate closely, recognizing that the threat landscape targets common denominators such as IP addresses, ports, and Windows systems, and adopting a unified approach to securing both environments is essential in the evolving landscape of cyber threats.
• In navigating the convergence of IT and OT, the key lies in recognizing the shared technological foundation, fostering collaboration to merge expertise, and dispelling the misconception of a takeover, ultimately shifting the focus from being adversaries to allies in the pursuit of a secure and efficient operational landscape.
• Fostering collaboration between IT and OT teams through shared advisory roles, regular communication, and the establishment of a collaborative lab environment not only enhances technical expertise but also builds trust, camaraderie, and a common language, ultimately contributing to a more resilient and stable organizational infrastructure.
• While Todd is excited about the increasing diversity of people entering the cybersecurity field, he expresses concern about the SEC's decision to hold CISOs accountable for breaches and emphasizes the challenge of training junior analysts to effectively identify and respond to cyber threats in the evolving landscape. 

"I'm ready to continue learning. I believe that's the most important part for anyone in cybersecurity. It's whether they have that mindset: it's not failure, it's learning. If we can get that into the mindsets of the next generation, I think then we've done what we needed to do." — Todd Beebe

Connect with Todd Beebe:  

Email: tvbeebe@freeportlng.com

LinkedIn: https://www.linkedin.com/in/toddbeebe/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

In this episode, Aaron Crow, Jay Williams, Alex Bagwell, and Gabe Authier discuss:

• Who is Industrial Defender? 
• What’s coming soon from Industrial Defender?
• Asset data as the foundation for security

Key Takeaways:

• Industrial Defender has built a reputation for being trusted by the largest industrial organizations and critical infrastructure operators in the world. Particularly as a leader in  NERC CIP compliance monitoring and reporting.
• However, Industrial Defender isn’t just NERC CIP. Their value extends beyond that today, as they’ve developed industry-leading capabilities for gathering and understanding OT asset data, driving better outcomes for the safety, availability and security of critical operations. 
• Industrial Defender is the leader in providing deeper-level asset data and vital endpoint information, which represents the core foundational aspects of most cybersecurity programs. While asset management and contextual data alone isn’t security, you can’t protect what you can’t see. 
• The focus of Industrial Defender is to be the single source of truth for all OT asset data, enabling goals around OT asset management, change and configuration management, vulnerability management, and policy compliance. It’s their mission to protect their customers’ reputations and competitive edge as the cyber-physical landscape evolves.

"If you have a lot of assets, you can't know and properly manage those assets without knowing their existence, and at least having some contextual data around them." —  Jay Williams 

Connect with Aaron (CTO)

LinkedIn: https://www.linkedin.com/in/aaronccrow

Connect with Jay (CEO)

LinkedIn: https://www.linkedin.com/in/jaywilliiams111/

Connect with Alex (CRO)

LinkedIn: https://www.linkedin.com/in/abagwell2/

Connect with Gabe (CPO)

LinkedIn: https://www.linkedin.com/in/gabeauthier/

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Michael Holcomb: Michael Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, a prominent engineering, procurement, and construction company. In his current role, he focuses on securing vast ICS/OT environments, ranging from power plants and commuter rail to manufacturing facilities and refineries. Currently pursuing his Master’s thesis on Programmable Logic Controllers' attack surface with the SANS Technology Institute, he holds multiple cyber security and ICS/OT certifications like CISSP, GRID, GICSP, GCIP, GPEN, GCIH, and ISA 62443. Beyond his professional endeavors, he founded the UpstateSC ISSA Chapter and BSides Greenville conference, and authored and taught cyber security courses at Greenville Technical College, earning him the CyberSC’s MG Lester D. Eisner Award for Cyber Excellence in Leadership for South Carolina in 2023.

In this episode, Aaron and Michael Holcomb discuss:

○    Closing the IT-OT skills gap in cybersecurity

○    Navigating the path to cybersecurity expertise

○    The intersection of OT cybersecurity and networking

○    The evolving landscape of OT cybersecurity

Key Takeaways:

○    Bridging the gap between IT professionals learning to think like engineers and OT specialists embracing cybersecurity not only enhances collaboration but also strengthens our ability to secure critical infrastructures, a journey that demands time, dedication, and a shared commitment to a safer digital future.

○    Embracing a multidisciplinary approach and fostering collaboration between IT and OT professionals, along with hands-on experience and continuous learning, is the key to breaking into the rapidly evolving field of cybersecurity, transforming passion and knowledge into practical expertise.

○    Mastering networking fundamentals is the key to bridging the gap between IT and engineering, enabling the design of resilient systems that prevent costly operational disruptions, and emphasizing the need for continuous learning and collaboration in this dynamic field.

○    The integration of IT technologies into OT without adequate expertise has led to vulnerabilities; expecting OT professionals to handle cybersecurity is akin to asking a plumber to do electrical work. While progress is being made, the industry must prepare for a potentially catastrophic event to truly acknowledge the importance of cybersecurity in OT.

"One of the things that's sad to me about the OT cybersecurity industry, and this even goes for folks that are new to the industry and even some of the old players that have been out there for 20, 30, maybe 40 years plus, is that there's still, in some respects, not a lot of concern around what it's going to take for people to take cybersecurity and OT seriously. And so there's going to be that event one day, where people are going to die, right? That is going to finally force people to take cybersecurity and OT seriously." — Michael Holcomb

Connect with Michael Holcomb: 

Email: michael.holcomb@fluor.com

Website: www.fluor.com

LinkedIn: www.linkedin.com/in/mikeholcomb

YouTube: https://www.youtube.com/@utilsec

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Duane Laflotte: Duane Laflotte is a renowned Chief Technology Officer (CTO) and technology expert, currently leading the charge at Pulsar Security. With a deep understanding of complex technical issues and a constant thirst for staying at the forefront of emerging technologies, Duane is known for his innovative and creative solutions to even the most complicated challenges. His expertise spans across a wide range of technical domains, including cryptography, exploit development, networking, programming, and enterprise data storage. He has worked with prestigious Fortune 500 companies, government agencies, and military organizations such as Disney, Bank of America, the FBI, SOCOM, DARPA, and the NHL, serving in various roles such as solutions architect, red team lead, and presales engineer. Duane's extensive credentials include expert-level certifications, showcasing his exceptional technical prowess. His passion for continuous learning and curiosity-driven approach has resulted in prolonged growth and innovative solutions in the field of technology.

In this episode, Aaron and Duane Laflotte discuss:

• Identifying cybersecurity vulnerabilities in businesses and organizations through personalized red team attacks
• The transformation of OT manufacturing from relying on vendor-specific hardware solutions to utilizing off-the-shelf software
• Ensuring security in remote work environments
• Recognizing the critical importance of cybersecurity for businesses

Key Takeaways:

• Red teaming often involves using personal information gathered from the internet to craft sophisticated attacks, highlighting the need for organizations to be vigilant about protecting their digital and personal information. 
• The move to off-the-shelf hardware and software in OT manufacturing has heightened vulnerabilities and supply chain risks, with customization prioritized over security, necessitating careful consideration and expertise for effective system management and security by organizations.
• The growing use of IoT devices, remote work, and the inherent complexity and security gaps in home networks create challenges for organizations to safeguard against cyber threats, emphasizing the need for enhanced cybersecurity measures in home and work settings. 
• Business owners need to prioritize cybersecurity by making informed decisions, holding vendors and internal teams accountable, and seeking expert advice, as waiting until a security incident occurs is not a viable strategy. 

"We cannot just keep throwing training and training and training at users, and they are going to get marginally better. But they are not going to get infinitely better." — Duane Laflotte

Connect with Duane Laflotte: 

Website: https://www.pulsarsecurity.com/

Email: duane@pulsarsecurity.com

Show: https://podcasts.apple.com/us/podcast/security-this-week/id1578265009

LinkedIn: https://www.linkedin.com/in/duanelaflotte/

Twitter: https://twitter.com/dlaflotte

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Ian Frist: Ian Frist is the Cybersecurity Compliance Program Director at Corning, boasting a MS in Cybersecurity. With a dynamic background spanning both private sector and government roles, Ian's expertise encompasses NIST, CIS, and CMMC frameworks. Currently leading Corning's compliance team within the cybersecurity group, Ian's journey ventured from accidental entry into ICS/OT through the National Guard, where even as a medic, he embraced the cyber realm. Transitioning into compliance and GRC, Ian's enduring passion for ICS/OT continues, evident through speaking engagements at prestigious events like SANS conferences, reflecting his commitment to both fields.

In this episode, Aaron and Ian Frist discuss:

• Navigating compliance and cybersecurity in the changing landscape of OT
• Building effective cybersecurity programs
• Integrating cybersecurity in OT
• Implementing effective asset management and inventory in manufacturing

Key Takeaways:

• Compliance is shifting from a mere checkbox exercise to a powerful lever that compels organizations, including manufacturing and utilities, to elevate their OT cybersecurity by setting a baseline of controls and risk management strategies, bridging the gap between different industries' cybersecurity maturity levels while emphasizing the imperative to safeguard critical operations and infrastructure.
• In the complex landscape of cybersecurity, building a comprehensive program that understands and manages the unique assets, risks, and impact of your organization's operations is paramount, transcending mere reliance on tools and instead emphasizing a holistic approach to preparedness and response.
• Building redundancy and preparedness into systems is common practice, but the often overlooked key is to integrate cybersecurity understanding, people, processes, and technology from the start to truly fortify against a wide range of potential incidents and ensure resilient operations.
• Navigating the complexities of asset management and inventory in manufacturing requires acknowledging the need for an initial manual effort, understanding the limitations of automation tools, setting realistic and adaptable goals that balance compliance and risk, and embracing the ongoing commitment required for effective governance. 

"Don't fall for a buzzword, build a program. I think we're going to have to keep watching out for that moving forward." — Ian Frist

Connect with Ian Frist: 

Website: https://www.corning.com/worldwide/en.html

Email: fristis@corning.com

LinkedIn: https://www.linkedin.com/in/ian-frist-ms-cybersecurity-cissp-cmmc-pa-pi-3028a9181/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

About Kayne McGladrey: Kayne McGladrey, CISSP, is a seasoned cybersecurity expert with over twenty-five years of experience and a senior member of the IEEE. As the field CISO for Hyperproof, he specializes in advising companies on upholding the implicit social contract to protect entrusted data. Kayne's transformative leadership has been instrumental in implementing robust security measures, disaster-recovery systems, and compliance standards, earning him recognition as a spokesperson for IEEE's Public Visibility Initiative and a prominent media presence. Additionally, his dedication to fostering diversity in cybersecurity has led him to develop educational programs and build effective teams, showcasing his commitment to expanding opportunities in the field.

In this episode, Aaron and Kayne McGladrey discuss:

• Strategic alignment of cybersecurity with business risk
• Navigating the changing landscape of cybersecurity
• Empowering CISOs in the evolving landscape of cybersecurity
• The challenges and opportunities of generative AI

Key Takeaways:

• The key to a successful cybersecurity strategy lies in reframing it as a business imperative, focusing on aligning security efforts with business risks, engaging with cross-functional teams, proactively obtaining certifications, and leveraging control design expertise, ensuring a competitive advantage and effective risk management beyond mere compliance and technology concerns.
• In today's dynamic cybersecurity landscape, CISOs must continually reassess their controls and their alignment with business risks, while also considering the personal liability they bear, making succession planning and strategic adaptability vital for maintaining effective security programs.
• The role of a CISO is crucial, yet often misunderstood; empowering and respecting CISOs' authority is essential to effectively manage cyber risks and avoid potential disasters, as generic approaches and AI-driven risk registers fall short of addressing the unique challenges faced by businesses.
• In a world where cybersecurity threats are inevitable, the key lies in fostering resiliency rather than aiming for an unattainable zero-risk goal; while a lot are excited about the potential of education and automation, the lack of regulatory control over generative AI poses a daunting challenge, risking societal upheaval and economic unrest.

"If we don't decide to manage the economic impacts of artificial intelligence, potentially a lot of industries could be at least partially automated. And that has the potential for a lot of social arm where people just don't have jobs. And when you get people who are automated out of a job, what are they going to go do? They're going to do something that everybody can do fine, but it doesn't pay well. Like you end up going and driving for a living or doing deliveries for a living. And you end up with a highly educated workforce that is unhappy. That's like a recipe right there for civil unrest." — Kayne McGladrey

Connect with Kayne McGladrey:  

Email: kayne@hyperproof.io

Website: https://hyperproof.io

LinkedIn: https://www.linkedin.com/in/kaynemcgladrey/

YouTube: https://www.youtube.com/@hyperproof

Twitter: https://twitter.com/kaynemcgladrey

Kayne will be speaking at the GPSEC Columbus next week: https://go.guidepointsecurity.com/2023_11_14_GPSEC_Columbus_NC_01-Registration-Page.html

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Terence Gill: Terence Gill is a seasoned professional with 26 years of experience in technical roles across various industries. With a background in Computer Science and Finance, he has successfully designed and developed critical systems for organizations like Lockheed Martin, the New York Metropolitan Transportation Authority, and BNY Mellon. Currently, as the Program Manager of the Texas Cybersecurity Outreach Program, he collaborates with Cybersecurity Specialist Roger Simmons and the Public Utility Commission of Texas to enhance cybersecurity posture among almost 60 utilities across the state, transforming the program from a legislative bill into a pivotal force safeguarding the Texas grid.

About Roger Simmons: Roger Simmons, CISSP, C|EH, is a highly experienced Cybersecurity Specialist at Paragon Systems, boasting an impressive career spanning over 18 years. With a diverse background in both public and private sector organizations, he has played pivotal roles in establishing and fortifying security and compliance programs. Notably, he contributed to shaping the U.S. Department of Defense's cyber workforce requirements and co-chaired Texas's Statewide Information Security Advisory Committee on Security Workforce Development.

In this episode, Aaron, Terence, and Roger discuss:

• Exploring the Texas Cybersecurity Outreach Program
• Collaborative efforts in strengthening cybersecurity for power utilities
• Asset management and its role in cyber resiliency for organizations
• The importance of personnel identification for cybersecurity in the Texas grid

Key Takeaways:

• The Texas Cybersecurity Outreach Program is a unique initiative bringing utilities together to cooperate on cybersecurity solutions, driven by government vision and legislative support, fostering a platform for knowledge exchange and mutual learning to bolster the security of electric utilities in Texas.
• In the power utility industry, a strong culture of sharing and collaboration drives significant advancements in safety and reliability, as organizations unite to tackle challenges and bolster the grid's resilience, ultimately benefiting the greater good of society.
• Asset management is the foundational key to enhancing cybersecurity resilience, understanding the true risks to the business, and building a more reliable system, and it requires continuous improvement and buy-in from the C-suite to ensure its effectiveness.
• Effective cybersecurity in the energy sector requires comprehensive asset management, including identifying critical personnel responsible for managing assets during a crisis and fostering communication and collaboration between utilities.

"Not enough utilities are talking to each other. That's really my main concern. Because, as we know, a lot of bad actors are out there, and they're working together. And they're doing whatever they can to penetrate our systems and to cause chaos and havoc… getting utilities to talk to one another, I think that's critical communication." — Terence Gill

 "The first piece of asset management is understanding what you have and trying to divide that into bite-sized pieces. So, regardless of the size of your organization, unless you're like a one person, one computer shop, you're going to have to divide and conquer." — Roger Simmons

Resources Mentioned:

Texas Utilities Cybersecurity Monitor Outreach Program: https://parasys.com/cybermonitor/

Critical Infrastructure Cybersecurity Summit: https://parasys.com/cybersummit/

Public Utility Commission of Texas: https://www.puc.texas.gov/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Eric Smith: Eric Smith is a dedicated Security Management Consultant and the founder of Business Karate, LLC, a Colorado-based company specializing in security planning and strategic development for organizations. With over a decade of experience in law enforcement, Eric is passionate about aligning security measures with business needs and has transitioned his expertise into healthcare security management, where he focuses on long-term strategic planning and enhancing workplace violence prevention programs. He is also an accomplished author, with his latest book titled "Workplace Security Essentials."

In this episode, Aaron and Eric Smith discuss:

• The complex landscape of physical security
• Navigating the intersection of physical and cybersecurity 
• The importance of organizational culture in promoting security and reporting incidents
• Integrating AI in physical security

Key Takeaways:

• Establishing robust security goes beyond physical barriers and gadgets; it's a holistic approach integrating people, processes, and technology, fostered by leadership support and a vigilant workforce, ensuring a proactive, not reactive, security culture.
• In implementing effective security measures, constant evaluation and willingness to challenge established norms are vital; experienced professionals bring a critical eye, noticing overlooked details like misplaced cameras or flawed staffing strategies, highlighting the need for continuous improvement and outside perspectives.
• A strong organizational culture, driven from the top down and bolstered by employees' confidence in their security team, is the key to encouraging timely reporting of security incidents, bridging the gap between physical and cyber security realms and ensuring comprehensive protection against potential threats.
• Empowering employees to be vigilant and proactive in security measures is crucial, as advancements in integrated technologies and AI bring both promising solutions and potential risks, shaping the future of physical and cyber security.

"I think people are really starting to be more aware of the risk of workplace violence. So I think we're going to start seeing more training around that and hopefully good training, not just the kind of pencil-whipping lip service that too often happens, but something that's really going to benefit people that might find themselves in a bad situation at work." — Eric Smith

Connect with Eric Smith:  

Email: eric@businesskarate.com

Website: www.businesskarate.com

LinkedIn: https://www.linkedin.com/in/ericsmithcpp/

Workplace Security Essentials: A Guide for Helping Organizations Create Safe Work Environments: https://www.amazon.com/Workplace-Security-Essentials-Organizations-Environments/dp/0124165575

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

About Ron Fabela: Ron Fabela, a seasoned cybersecurity professional with over 20 years of experience, specializes in safeguarding Industrial Control Systems (ICS) and Operations Technology (OT). Currently serving as the Field CTO at XONA, Ron leads initiatives to establish secure industrial access, ensuring safe operations for asset owners globally. With a background rooted in hands-on experience across diverse critical infrastructure sectors such as power generation, offshore oil, and refineries, he excels in overcoming industry-specific challenges and possesses a unique skill set to articulate technical and business concepts effectively to a broad audience.

In this episode, Aaron and Ron Fabela discuss:

• Adopting secure remote access in OT as an operational requirement
• The complex landscape of active scanning in ICS
• Building trust and bridging the gap between cybersecurity and OT
• Balancing innovation, risk, and security in a changing landscape

Key Takeaways:

• In the dynamic world of ICS, securing remote access is not just a cybersecurity necessity but a practical operational requirement, as witnessed through the evolution from air gaps to accepted industry practices, embracing the concept of zero trust while facilitating secure access is not only a cybersecurity feat but a collaborative effort aligning operational needs with stringent security measures.
• The shift from passive to active scanning is crucial for effective threat detection and asset visibility; while skepticism persists, bridging the gap between security and operations through trust-building and advocacy is essential to navigate the challenges and seize the opportunities in securing critical infrastructure.
• To establish trust and enhance cybersecurity in operational environments, genuine collaboration, understanding the challenges of control system engineers, and acknowledging small victories are crucial steps toward securing critical infrastructure and ensuring operational resilience.
• The future of industrial cybersecurity brings excitement and concern with the shift to advanced systems like cloud, edge, and virtualization, offering scalability but inheriting a substantial attack surface. This underscores the importance of a strategic security approach in this evolving landscape. 

"I appreciate where I'm at. That's why I stay in the community. I don't think I could ever go back to enterprise and have that same feeling of mission and importance without letting it get to you. Early on, a lot of us were like, "We're saving the world." It's like, "No, no, no. We're just trying to help people, and we're helping ourselves in the process." That's why I love the community." — Ron Fabela

Connect with Ron Fabela:  

Email: ron@fabela.co (unofficial business) & ron@xonasystems.com (official business)

LinkedIn: https://www.linkedin.com/in/ronniefabela/

Twitter: https://twitter.com/ron_fab

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

In this special episode, we are joined by Gabe Authier and Greg Valentine to introduce Industrial Defender's new product, Phoenix, an innovative OT security solution designed specifically for small to medium-sized businesses struggling with limited resources and budget. With the rise of attacks on operational technology and the crippling effects of cyber incidents on small businesses, Phoenix provides a cost-effective, all-in-one solution for industrial organizations to quickly and comprehensively view all their OT assets and associated cyber risks. 

Gabe Authier is an accomplished CPO with over 20 years of experience in product management and IT. His passion for customer-centric software development has led him to spearhead the launch of multiple industrial cybersecurity technologies and SaaS cloud products. As CPO at Industrial Defender, he continues to drive innovation and shape the future of OT cybersecurity solutions with his expertise in creating innovative solutions for the industrial space.

Greg Valentine is a seasoned cybersecurity professional with over 30 years of experience in the software industry, including 15 years in cybersecurity. As SVP of Solutions Engineering at Industrial Defender, he builds technical solutions to ensure clients get the most effective and efficient implementations of the company's software. With two certifications, ISC2 - CISSP and GIAC - GRID, Greg has held cybersecurity roles at major companies such as Lockheed Martin, Capgemini, and Winternals Software.

In this episode, Aaron, Gabe, and Greg discuss:

• Exploring the features and benefits of Industrial Defender's new solution for small to medium sized operations: Phoenix
• Understanding the scalability and implementation process of Phoenix and its ability to seamlessly migrate to the full suite of products for larger asset counts
• The versatility and practical applications of Phoenix for asset management and network monitoring in various industries
• Phoenix as a lightweight and easy-to-use cybersecurity product

Key Takeaways:

• Phoenix aims to provide basic-level asset visibility and management for smaller operations and customers who have not yet implemented cybersecurity on their industrial control system networks, while also offering an easy upgrade path for those who want to grow into the full suite of products.
• The Phoenix hardware platform can scale from a small industrial PC to a full production platform with easy onboarding for smaller organizations.
• Phoenix provides advanced capabilities, including passive monitoring of network traffic, IDS, asset management, and security events monitoring, to help water wastewater organizations and system integrators gain visibility into their plants and networks.
• Phoenix offers automatic, up-to-date cybersecurity health monitoring, easy asset management, and minimal maintenance, specifically targeting the 25 to 200 asset level range, and can be deployed across multiple sites. 

"The whole intent was to help smaller organizations – companies that have not really started, they may not have a cybersecurity person, let alone a cybersecurity team. So this is a fraction of somebody's job where the intent is to make this as easy, streamlined as possible." — Greg Valentine

Learn more about Phoenix: https://www.industrialdefender.com/phoenix

Connect with Gabe:  

Email: gauthier@industrialdefender.com

LinkedIn: https://www.linkedin.com/in/gabeauthier/

Connect with Greg:  

Email: gvalentine@industrialdefender.com

LinkedIn: https://www.linkedin.com/in/gvalentine/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the exp

About Michael Weigand: Michael Weigand is the visionary co-founder and Chief Growth Officer of Shift5, spearheading the realization of Shift5’s ambitious growth strategies. With a distinguished background, he spent eight years as an innovative leader in the U.S. Army, pioneering cyber operations and commanding specialized cyber units. Michael's pivotal contributions include shaping the Army's platform mission assurance program, pioneering expeditionary cyber forces, and fostering breakthrough projects in collaboration with the Defense Digital Service. He holds a BS in Computer Science from the United States Military Academy and possesses a unique ability to navigate both the digital realm and the skies, flying small airplanes into tight spaces.

In this episode, Aaron and Michael Weigand discuss:

• Enhancing operational reliability and security in modern vehicle fleets
• Securing critical infrastructure in the age of advanced technology
• Strategies for successful onboarding of new assets
• Enabling secure and adaptive OT for a changing landscape

Key Takeaways:

• Shift5 pioneers cybersecurity solutions for modern vehicles, equipping defense systems, aerospace, and rail with transformative hardware and software that not only safeguard against cyber threats, but also harness unique data for proactive optimization, revealing a compelling convergence of security and operational efficiency.
• In the intersection of physical systems and digital environments in OT, protecting assets like airplanes and power plants from vulnerabilities is crucial, demanding advanced anomaly detection and proactive responses to ensure security, safety, and operational stability amid rapid evolution.
• Navigating the complex journey of onboarding new assets involves multidisciplinary collaboration, early integration for efficiency gains, and a keen focus on quantifiable value to maximize returns and operational effectiveness.
• The future of cybersecurity holds exciting advancements in automated vulnerability identification and secure software development, but challenges lie in reconciling slow safety processes with the need for agile and rapid responses to emerging threats, as adversaries increasingly exploit AI-powered tactics.

"We encourage everybody to ensure they're tapping and monitoring everything, not only infrastructure but also those legacy and serial protocols that are quite obscure. We want everybody to ensure they can see themselves so they can defend their interests." — Michael Weigand

Connect with Michael Weigand: 

Website: shift5.io 

LinkedIn: https://www.linkedin.com/in/michael-weigand/ and https://www.linkedin.com/company/shift5/

Emails: andy.oare@shift5.io, mike@shift5.io, and jessica@shift5.io

YouTube: https://www.youtube.com/channel/UCNCrUBI5C0bWil1-uKJaXUg 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Don C. Weber: Don C. Weber is the Principal Consultant and Founder of Cutaway Security, LLC, an information security consulting firm based in Texas. With a master's degree in network security and a Certified Information Systems Security Professional (CISSP) certification, Don has a wealth of expertise gained over two decades. As a seasoned leader, he has spearheaded large-scale incident response efforts, overseen the certification and accreditation of classified federal and military systems, and managed distributed security teams safeguarding mission-critical Navy assets. A prolific contributor to open-source projects in the realm of information security and incident response, Don focuses his current efforts on assisting organizations in fortifying their critical infrastructure and operational technology environments through comprehensive vulnerability evaluations and strategic security solutions.

In this episode, Aaron and Don C. Weber discuss:

• Navigating the convergence of IT and OT in cybersecurity
• Addressing the gray area in OT and IT collaboration
• Enhancing cybersecurity in control systems
• Embracing cloud technology in ICS security

Key Takeaways:

• Understanding the distinct languages, processes, and incident response approaches between IT and OT is crucial for effective cybersecurity in the evolving landscape, requiring a collaborative baseline to ensure efficient communication and decision-making during critical incidents.
• The integration of OT and IT in cybersecurity strategies is crucial, and addressing the often overlooked gray area between these domains requires proactive collaboration, communication, and education to bridge the gap and ensure a comprehensive approach to security measures.
• The integration of cybersecurity measures in control systems requires a holistic approach, involving clear requirements, collaboration between IT and OT experts, and a shift from the traditional "we've always done it this way" mindset to address evolving challenges and ensure the resilience and safety of critical infrastructure.
• As industries rapidly transition to cloud-based solutions, failure to integrate IT and OT teams, train IT professionals about OT, and prepare for potential vulnerabilities in cloud services can lead to increased costs, heightened risks, and a competitive disadvantage in the evolving landscape of ICS security.

"Does the OT side understand anything about cloud? No, that's not their job. Whose job is it? It's the job, right now every company has an IT admin or an IT team, a full team for managing cloud within the corporate environment. If you don't accept, if you don't allow some leadership people from those teams in and start building out your cloud team, you're going to quickly fall behind the times, you're going to be deploying solutions that are vulnerable to remote attacks." — Don C. Weber

Additional Resources:

SANS Industrial Control Systems Security: https://www.sans.org/industrial-control-systems-security/

ICS Village: https://www.icsvillage.com/

Connect with Don C. Weber:  

Email: don@cutawaysecurity.com

Website: https://www.cutawaysecurity.com

LinkedIn: https://www.linkedin.com/in/cutaway/

GitHub: https://github.com/cutaway-security

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Roya Gordon: Roya Gordon is a trailblazing cybersecurity expert, inspiring young women and people of color to pursue their passions in technology. With an impressive background that includes serving as an intelligence specialist in the U.S. Navy and working at Idaho National Laboratory and Accenture, Roya now holds the position of OT/IoT Security Research Evangelist at Nozomi Networks. Roya is also the founder of Steps2STEM, a company that aims to help young women and people of color break into the cybersecurity industry. With a Masters in Global Affairs focused on cyberwarfare from Florida International University, Roya is committed to sharing her insights and experiences to help others succeed.

In this episode, Aaron and Roya Gordon discuss:

• The power of working together to protect our economy and infrastructure in cybersecurity
• Why knowing the differences between IT and OT environments matters for industrial safety
• Collaborative strategies for securing critical infrastructure in complex industrial environments
• Hopes and concerns around the mainstream adoption of OT networks and the impact of AI on the industry's workforce

Key Takeaways:

• People with different roles in cybersecurity, such as vendors, consultants, and asset owners, cooperate to safeguard critical infrastructure by utilizing their diverse abilities and viewpoints, ensuring victory over cyber threats.
• It's not possible to combine IT products and OT environments due to various reasons, and this creates a risk for businesses, as demonstrated in the Colonial Pipeline incident.
• Collaboration between consultants and vendors is key to securing critical infrastructure, where consultants provide guidance and vendors offer integrated solutions to meet policy requirements.
• Roya believes that in the next five to 10 years, OT will become more mainstream, but worries about AI replacing human jobs in the industry, stressing the importance of adapting and continuously learning through emerging technologies to maintain relevance. 

"We talk about ChatGPT and how threat actors can use it for bad, but a lot of people are using it for good too. I just think it gets a little bit dangerous where we want to remove the human element out of things and just trust AI because everything has bugs." — Roya Gordon

Connect with Roya Gordon: 

Website: https://www.nozominetworks.com/

LinkedIn: https://www.linkedin.com/in/roya-gordon-16245437/

Twitter: https://twitter.com/RoyaGordon

The Importance of Physical Access Endpoint Detection: https://www.nozominetworks.com/blog/importance-of-physical-access-endpoint-detection/

2022 2H Security Report: https://www.nozominetworks.com/blog/nozomi-networks-researchers-take-a-deep-look-into-the-ics-threat-landscape/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

About Pete Mauro: Pete Mauro is a highly accomplished serial entrepreneur with extensive experience and successful exits in the defense industry. With a background spanning startups, system integrators, procurement, and program management, Pete is the CEO and Founder of DTCUBED, a startup consulting firm specializing in cybersecurity, predictive analytics, and digitally transformative technologies for defense and critical infrastructure markets. Prior to founding DTCUBED, he served as the Chief Innovation Officer and Chief Cyber Technology Officer for Gryphon Technologies, leading the company's technical advancements and marketing efforts. Pete's expertise in bringing technology to the federal market and aligning it with program requirements has earned him a reputation as a trusted partner. With over 33 years in the industry, Pete's strategic insight and tactical implementation have been instrumental in driving innovation and achieving success in various applications.

In this episode, Aaron and Pete Mauro discuss:

• Cybersecurity in systems design and its parallels in critical infrastructure risk management
• Demonstrating operational value in critical infrastructure cybersecurity and addressing the shortage of skilled engineers
• Proactive and comprehensive conversations in cybersecurity for effective risk mitigation
• Building a pipeline for cybersecurity talent

Key Takeaways:

• The transition from traditional risk management to incorporating cybersecurity into systems design is a natural progression, as both share the common goal of ensuring availability and security, despite different terminology and attack vectors.
• Operational value in cybersecurity for critical infrastructure requires a shift from fear-based tactics to tangible benefits, integrating cybersecurity as part of the solution, and investing in specialized training for skilled engineers who understand the unique challenges of OT and critical infrastructure.
• Having open discussions about cybersecurity with all stakeholders during the early stages of system design and implementation is crucial, as is the necessity for a wide range of tools to successfully combat cybersecurity risks and safeguard critical infrastructure.
• A strong cybersecurity talent pipeline is vital for addressing expertise shortages and protecting critical infrastructure. Collaboration between universities, industry, and government is crucial, as is effective communication among stakeholders. 

"We have a shortage of talent, and I don't mean every engineer to be the cyber expert, but if we get every engineer coming out to try to understand security a little more, and then a pocket of those engineers become the expert." — Pete Mauro

Connect with Pete Mauro: 

Website: www.d-t3.com 

LinkedIn: linkedin.com/in/petergmauro

An Opportunity’s Knockin’, Inc. (A O.K.): www.AnOppKnock.org

Vert Properties, Inc.: www.vertproperties.com

Incutate Workplace: www.Incutate.com

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Matt Wyckhouse: Matt Wyckhouse is a renowned cybersecurity expert with over 15 years of experience in offensive and defensive cyber operations. He is the co-founder and CEO of Finite State, a cybersecurity startup that focuses on illuminating the vulnerabilities and threats within complex software supply chains to protect the devices that power our modern lives. Prior to founding Finite State, Matt spent most of his career at Battelle, where he was the technical founder and CTO of their Cyber Security Division. Matt oversaw dozens of intelligence and security programs supporting strategic global missions, many of which were focused on discovering vulnerabilities in IoT and other embedded devices. Through his work, he recognized the potential devastation of IoT device attacks, leading him to create Finite State. Matt holds a BS in Computer Science and Engineering from The Ohio State University.

In this episode, Aaron and Matt Wyckhouse discuss:

• The challenges of securing software in critical infrastructure.
• What is SBOM and how can it be used to manage the risk in the software supply chain?
• The importance of collaboration between asset owners and vendors to mitigate risk in industrial control systems.
• The value of integrating vulnerability management into a larger program and understanding the value of accurate asset inventories in OT networks.

Key Takeaways:

• Matt was motivated to create his cybersecurity startup because he saw a world where the most critical devices were also the most vulnerable, due to the shift from specific hardware functionality to general-purpose computers running software and operating systems inside of devices, making them easier to exploit.
• An SBOM (Software Bill of Materials) is like a nutrition label for software, allowing asset owners to know what third-party software is inside a product to manage their own personal risk, and it is best to request an SBOM when purchasing software to understand the risk posture and evaluate different products.
• Collaboration between asset owners and vendors is essential to mitigate risks associated with legacy equipment and ensure the safety of employees and customers, which can be achieved through standardization, approval, and testing of security solutions and a more open collaboration to mitigate risks.
• Managing cybersecurity risks requires a well-rounded program involving people, processes, and technology, without any one solution, but rather multiple factors that work together to decrease vulnerabilities and handle incidents. 

"I'm actually very optimistic about the security investments that vendors are making especially in the OT space. It might not feel like it today, but I can tell you, we work with a lot of vendors who are supplying OT equipment. And when we look at what's happened over the last few years, the amount of investment in this product security is going up a lot." — Matt Wyckhouse

Connect with Matt Wyckhouse: 

Website: https://finitestate.io/ 

LinkedIn: https://www.linkedin.com/in/mattwyckhouse/ 

Twitter: https://twitter.com/mattwyckhouse 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.

In this episode, Aaron and Dan Gunter discuss:

• Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant’s report on attacks in Ukraine
• Navigating the complexities, resource limitations, and timely application of threat intelligence
• Rethinking industrial cybersecurity
• The intersection of cybersecurity, AI, and OT

Key Takeaways:

• In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.
• The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.
• To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.
• In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions.

"I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter

Connect with Dan Gunter: 

Website: https://insaneforensics.com/ 

Email: dan@insaneforensics.com

YouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPA

LinkedIn: https://www.linkedin.com/in/dan-gunter/

Twitter: https://twitter.com/insaneforensics

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Greg Valentine: He has over 30 years of experience in the software industry. The past 15 of which have been focused on cyber security. Greg currently holds two certifications including an ISC2 – CISSP, and GIAC – GRID. Greg is responsible for building technical solutions for Industrial Defender so that our clients receive the most effective, and most efficient implementations of the Industrial Defender software. Prior to working at Industrial Defender, Greg held cybersecurity roles at Lockheed Martin, Capgemini, CoreTrace Software and Winternals Software (a sister company to Sysinternals, now owned by Microsoft).

In this episode, Aaron and Greg Valentine discuss:

• The challenge with proving compliance (e.g. NERC CIP)
• Gathering quality data without manual walk-downs
• Making the data useful, reportable and audit-friendly 

Key Takeaways:

• Proving compliance could be challenging. There’s a lot of manual work that goes into collecting data for the auditor. The data that you give has to be secure in a way where the data is unalterable, unmodifiable, or otherwise not possible to tamper with in order to ease the auditor’s peace of mind. 
• You need the right tool to gather the right data that you’ll need for your compliance report. When looking for a product, you need to find a company that’s credible. You need to minimize risk if you want to automate the process and have it run on a regular cadence to solve your compliance reporting problem. 
• The information that's collected for a PLC is very different from the information we collect from an HMI or firewall or switch but it's all critical. Once you have that data in a central repository. Now you can ask interesting questions to find that solution. There's a lot of benefit to aggregating all of this information into a single queryable location. 

"[Compliance] is a good first step, you're kind of being forced. And that's not nice. But it's a minimal level of cybersecurity posture to be in. Hopefully, you take that and run with it, you extend and improve from there. But this is your foundation level for cybersecurity. it doesn't matter whatever it happens to be, that you're complying with, that should be your base standing from which you can grow." — Greg Valentine

Connect with Greg Valentine: 

LinkedIn: https://www.linkedin.com/in/gvalentine/ 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Michael Welch: Michael Welch is the Director, GRCaaS within T&D Governance, Risk, Cybersecurity & Compliance group at Burns & McDonnell. He has over 25 years of professional experience in risk management, compliance, and critical infrastructure. Michael previously served as global chief information security officer for OSI Group, a privately-owned food processing holding company throughout 17 countries. In addition, he has worked with Duke Energy Corp and Florida Power & Light, among other companies.

In this episode, Aaron and Michael Welch discuss:

• Integrating compliance, cybersecurity posture, and risk management in governance
• Enhancing cybersecurity through asset inventory and collaborative communication for critical infrastructure protection
• Managing cross-industry compliance for resilient risk management in operational technology (OT) environments
• The importance of experience and knowledge in implementing large-scale programs and compliance for effective cybersecurity

Key Takeaways:

• To effectively manage risk and ensure the resilience and availability of critical systems, compliance and cybersecurity need to collaborate within a comprehensive governance, risk, and compliance program, fostering teamwork among engineers, cybersecurity experts, and OEM vendors, especially in complex and retrofitting environments.
• Building a strong rapport and fostering open dialogue between cybersecurity experts and operational personnel is crucial for safeguarding critical infrastructure, maintaining operational dependability, and harmonizing cybersecurity initiatives with business goals and operational needs.
• It is crucial to promote a strong culture of safety and prioritize cybersecurity in operational technology (OT) environments in order to protect lives, infrastructure, and ensure the smooth continuation of business, while effectively managing compliance through collaboration and effective leadership within the organization.
• Experienced professionals and organizations with knowledge in program implementations, compliance, audits, and regional variations can effectively manage risks, maintain compliance, and address cybersecurity challenges proactively to add value and stay ahead of evolving threats. 

"We do have to adapt to technologies continuously changing. We've talked about it a little earlier that years ago, everything was manual. When technology came in, it's now more automatic. Business wants information, wants data. So that's never going to change, right? So we always have to make sure we're staying continuous. We're continually improving the way we do things." — Michael Welch

Connect with Michael Welch: 

Email: mdwelch@burnsmcd.com 

Website: https://www.burnsmcd.com/ 

LinkedIn: https://www.linkedin.com/in/michael-welch-93375a4/ 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Daniel Bardenstein: Daniel Bardenstein is the driving force behind Manifest, a pioneering software supply chain company revolutionizing how organizations manage SBOM lifecycles. As CTO and co-founder, he empowers enterprises to automate and streamline their processes. Daniel's remarkable journey includes pivotal roles such as Chief of Tech Strategy at CISA, where he orchestrated technology modernization and shaped critical cyber strategies. Notably, he spearheaded cybersecurity initiatives across the Department of Defense, safeguarding vital assets including COVID-19 vaccines. His expertise extends beyond tech, as he co-presides over Foresight Partners, providing essential cybersecurity aid to political campaigns. 

In this episode, Aaron and Daniel Bardenstein discuss:

• The importance of software bill of materials (SBOMs) in OT security
• Leveraging SBOMs, VEX, and contextual data in OT
• Transforming compliance checkboxes into actionable data insights
• Exploring the shifting burden of cybersecurity

Key Takeaways:

• SBOM is crucial for both IT and OT sectors, especially in OT where equipment longevity and reliability are paramount, enabling asset owners to proactively understand, manage, and respond to the intricate software dependencies, vulnerabilities, and risks within their critical systems, thereby enhancing security and operational continuity.
• In the realm of OT and cybersecurity, embracing transparency through SBOMs, automating vulnerability data exchange (VEX), and utilizing contextual information can empower organizations to make well-informed decisions to safeguard their critical systems and maximize their cybersecurity efforts.
• Harnessing the power of SBOMs as a transformative data asset, rather than a mere compliance checkbox, enables businesses to proactively manage vulnerabilities, enhance security, and streamline operations through informed decision-making and targeted action.
• The shift towards proactive security through comprehensive asset management and transparency in the software supply chain promises a safer future, while the looming concern of cyberattacks transcending into the physical realm necessitates urgent preparation and action.

"Asset owners should feel fully empowered to push the responsibility for transparency onto their vendors. You buy cereal at the grocery store with no ingredients, well, you have to tell us what's in Raisin Bran and tell us if there's anything poisonous in it, right? It should be the responsibility of your vendors to tell you what's in the stuff that you're going to buy from them." — Daniel Bardenstein

Connect with Daniel Bardenstein: 

Website: www.manifestcyber.com

LinkedIn: https://www.linkedin.com/company/manifestcyber/ and https://www.linkedin.com/in/bardenstein/

Twitter: https://twitter.com/manifestcyber and https://twitter.com/bardenstein

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

About Clint Bodungen: Clint Bodungen is a distinguished industrial cybersecurity expert, celebrated public speaker, accomplished author, and a trailblazer in the realm of cybersecurity gamification. With over 25 years of experience in the field, he has left an indelible mark as the Founder, CEO & Chairman of ThreatGEN® Red vs. Blue. A veteran of the United States Air Force, Clint is renowned for his expertise in industrial control systems and operational technology cybersecurity. Notably, he authored the influential book "Hacking Exposed: Industrial Control Systems" and the forthcoming "ChatGPT for Cybersecurity Cookbook." He envisions transforming cybersecurity education through gamification, as showcased in his groundbreaking product, the world’s first online multiplayer cybersecurity game, ThreatGEN® Red vs. Blue, aimed at imparting practical cybersecurity skills. 

In this episode, Aaron and Clint Bodungen discuss:

• Integrating gaming AI and machine learning for predictive risk management in cybersecurity simulations
• Advancing cybersecurity through game theory, predictive analysis, and AI-driven risk mitigation
• Building a living risk assessment system for OT cybersecurity
• Large language models, quantum computing, and training for a superhuman future

Key Takeaways:

• Using a powerful combination of gaming AI and machine learning, ThreatGEN's platform creates a dynamic, strategic cyber range that not only simulates realistic attack scenarios but also empowers users to predict and mitigate the most probable attack vectors, ultimately transforming cybersecurity into a proactive, AI-driven risk management endeavor.
• Unlocking the potential of game theory and machine learning, cyber security enters a new era of real-time risk analysis, predictive modeling, and realistic training, paving the way for effective decision-making, optimal resource allocation, and proactive defense strategies.
• Leveraging specialized large language models and AI can revolutionize cybersecurity in OT environments, enabling dynamic risk assessment, active change management, and predictive analysis, creating a living risk profile for informed decision-making and enhanced security.
• The convergence of large language models and quantum computing holds both exciting potential for solving complex problems like diseases and understanding the universe, as well as concerning implications for accelerating cyber threats and destructive capabilities. 

"We're nearing the ability to solve every disease, find the secrets of the universe, and finally determine whether or not we're living in a simulation or not. But, at the same time, I guess that also brings with it terrible destruction, right? We are also accelerating the ability of nutcases out there that want to destroy the world, you know, the accessibility and the speed at which they can develop something purely devastating." — Clint Bodungen

Connect with Clint Bodungen:  

ThreatGEN® Red vs. Blue: https://threatgen.com

CyberSuperhuman.AI Courses: https://cybersuperhuman.ai

Get 50% off on Clint's courses by using the code AARONCROW23

Email: clint@threatgen.com

Book: https://www.amazon.com/Hacking-Exposed-Industrial-Control-Systems/dp/1259589714

YouTube: https://www.youtube.com/@CyberSuperhuman

LinkedIn: https://www.linkedin.com/in/clintb/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Tony Sager: Tony Sager is a renowned cybersecurity expert who has a distinguished career in both the government and private sectors. He started his professional journey as a mathematical cryptographer and software vulnerability analyst at the National Security Agency (NSA) where he held various leadership positions and received multiple awards for his technical and mission excellence. After retiring from NSA, Sager became the Senior Vice President and Chief Evangelist for the Center for Internet Security (CIS) where he leads the development of the CIS Critical Security Controls and is an active volunteer in numerous community service activities. With a background in mathematics and computer science, Tony sees himself as a "community organizer" in the cybersecurity industry, working with talented individuals to keep the world safe.

In this episode, Aaron and Tony Sager discuss:

• Cybersecurity in the context of national security
• Taking into account the importance of cyber risks in business decision-making and resource allocation
• The role that the Center for Internet Security (CIS) plays among a myriad of several cybersecurity frameworks
• The complexities and implications of building resilient systems
• How security and compliance go hand in hand

Key Takeaways:

• One of the best ways to help the economy defend itself from cyber threats is to teach help people make good security decisions when they don't have the expertise to do so
• With so many cybersecurity frameworks out there, the security industry has a responsibility to make security standards simpler and more accessible. The CIS controls aims to be very actionable and connect the dots across different frameworks.
• While a checklist mentality is not enough for security, compliance is vital for managing risk, and checklists can be an effective starting point to ensure basic coverage and capture past mistakes.
• It's important to strike a balance between preventing attacks and maintaining the system, without bankrupting the company by striving for a 100% success rate. Military generals understand that a decision doesn't need to be perfect to be effective, and this principle can apply to cybersecurity as well. 

"Great people have gone on to take on some of the nation's and the economy's toughest challenges. I look around at that, and I go, ‘Wow,  we could do this.’ I really believe, and I see the next generation, folks like you coming up, and I just go, man, if we can't make progress with all the great people, momentum, and opportunity in front of us, then that's on us." — Tony Sager

Connect with Tony Sager: 

Website: https://www.sagercyber.org/

Email: tony@sagercyber.org

LinkedIn: https://www.linkedin.com/in/tony-sager-56371043/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Eric Olden: Eric Olden is a serial entrepreneur who has made a career out of simplifying and securing enterprise identity management. He is widely respected as a thought leader in identity management and has pioneered three major paradigm shifts in the field. Eric founded, scaled, and successfully exited both Securant/ClearTrust and Symplified, where he architected and led the development of one of the first cloud identity management solutions. He also served as SVP and GM at Oracle, where he ran the identity and security business worldwide. Eric is a co-author of the SAML standard and the visionary behind the Identity Fabric. He recently founded Strata, the first distributed identity platform that solves the problem of fragmentation through a no-code software solution. Eric is obsessed with simplifying the way the industry works and has written a new identity standard called Identity Query Language (IDQL) that provides a common language for policy management in a multi-cloud world. He builds great products by getting deep into the pains of the market and loves customer development. Eric is also passionate about building great teams, finding smart people laser-focused on solving the right problems, and having fun doing it.

In this episode, Aaron and Eric Olden discuss:

• Managing identity and security in a distributed and fragmented multi-cloud environment
• The benefits and challenges of managing identities across multi-cloud environments
• The significance of distributed architecture and open standards for resiliency and scalability
• The importance of avoiding cloud lock-in and implementing a multi-cloud strategy in large-scale projects

Key Takeaways:

• Managing identity in a multi-cloud environment is a complex and critical task, requiring a shift in thinking from an "or" mindset to an "and" mindset, and a focus on users, applications, and data, as well as a distributed information management approach.
• Using multiple clouds for migration allows for flexibility and options, but it's important to not become too reliant on one specific vendor and to carefully consider data warehousing.
• Migrating important OT systems to the cloud can be done without replacing or rebuilding applications, through identity management and a middleman layer, which allows businesses to benefit from cloud capabilities while keeping their systems safe and available, even in distributed and scaled environments.
• Investing in multi-cloud strategies upfront may take more time and thought, but it can save organizations from being locked in to one cloud provider and prevent costly and time-consuming re-architecting down the road.

"When you think about tapping what the AI can do when you train it on the right dataset, I'm really excited about training AI for detecting fraud and finding nefarious actors." — Eric Olden

Submit your most painful IAM challenge at strata.io/podcast to win a set of AirPods Pro and get their IAM problem solved by one of our identity experts.

Connect with Eric Olden: 

Website: https://www.strata.io/ 

Forbes: https://councils.forbes.com/profile/Eric-Olden-CEO-Strata-Identity/8ad54102-5ad6-4f90-b0dd-7fd211624498 

Show: strata.io/podcast 

LinkedIn: https://www.linkedin.com/in/boughtnotsold/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Slade Griffin: Slade Griffin is a highly experienced cybersecurity expert with a career spanning more than two decades. He currently serves as the Director of Security Assessments at Contextual Security Solutions, overseeing the company's cybersecurity assessment and penetration testing practice. His expertise in vulnerability assessments, penetration testing, risk assessment, security program development, forensic analysis, and incident response is matched only by his passion for the field. Besides, he is an enthusiastic cybersecurity professional who regularly shares his expertise on emerging threats and attack vectors through various forums, including conferences, training courses, and universities. Before joining Contextual Security Solutions, Slade has worked in multiple positions within the information security field and served in the United States Navy for six years.

In this episode, Aaron and Slade Griffin discuss:

• Exploring the challenges and differences on the IT and OT sides of business operations
• Emphasizing the need for a practical and strategic approach in conducting cybersecurity assessments for OT environments
• Building trust and communication between technology experts and non-experts, particularly with non-technical decision-makers in government and industry
• Highlighting the significance of defense in depth and compartmentalization in cybersecurity, as evidenced by recent security breaches, such as the LastPass hack

Key Takeaways:

• To succeed in industrial environments, it's helpful for consultants and blue teamers to collaborate with engineering experts, develop precise methodologies, and understand the unique challenges of working with industrial control systems, where any minor mistake can have catastrophic consequences.
• Besides patching and updating systems, other measures like adding security layers, monitoring logins, whitelisting rules, and hiring cybersecurity personnel are also important to maintain cybersecurity as solely relying on tools isn't enough.
• In unregulated environments, segmented networking is seldom done and can be compromised by weak links, such as individuals having weak passwords, making it important to understand the purpose and have the necessary security measures in place.
• When creating software, it's crucial to prioritize safety and security while minimizing user burden to avoid any problems and ensure smooth functioning with constant monitoring and security measures.

"There are bad folks out there who want to do bad things, but there are more good folks who want to learn and do good things and defend things the right way." — Slade Griffin

Connect with Slade Griffin: 

Website: https://contextualsecurity.com/

LinkedIn: https://www.linkedin.com/in/sladegriffin/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About John Cusimano: John Cusimano is a seasoned business and thought leader, boasting over 30 years of expertise in process control, functional safety, and operational technology (OT) and industrial control systems (ICS) cybersecurity. With a track record of conducting numerous OT cybersecurity vulnerability assessments, he has played a pivotal role in establishing cybersecurity programs for numerous companies. As a prominent member of the ISA 99 cybersecurity standards committee, he chaired the subcommittee responsible for crafting the ISA/IEC 62443-3-2:2020 standard and developed multiple training courses on OT cybersecurity, showcasing his extensive knowledge and influence in the field.

In this episode, Aaron and John Cusimano discuss:

• The challenges of quantifying risk in OT environments
• Prioritizing cybersecurity risks and cybersecurity measures in industrial control systems
• Identifying critical operational risks and mitigation strategies in industrial environments
• Navigating risks and embracing opportunities in the face of technological advancements

Key Takeaways:

• Understanding the complex interplay between physical and cyber risks is crucial; utilizing structured frameworks like the ISA 62443 Standard not only provides a starting point for overwhelmed organizations but also emphasizes the importance of tailoring security measures to the specific, high-impact vulnerabilities unique to each facility.
• Prioritizing industrial cybersecurity involves breaking down complex systems, evaluating specific vulnerabilities, and engaging in focused discussions between experts and business stakeholders to identify critical risks, ensuring an effective security strategy.
• In cybersecurity assessments, identifying and prioritizing risks is crucial; often, seemingly small oversights, like unsecured backups, flawed file transfer mechanisms, or unchecked permissions in asset management systems, can lead to significant vulnerabilities, emphasizing the need for comprehensive evaluation and proactive measures in securing critical infrastructure.
• In the rapidly evolving world of control systems and cybersecurity, the key is to understand and manage risk rather than striving for absolute security, while also embracing technological advancements with caution and vigilance.

"The other approach that a lot of people take is just piling on every security control out there. And that's also not tenable either long term. Sometimes it's actually counterproductive to security because every tool you put in has access." — John Cusimano

Connect with John Cusimano:  

Email: john.cusimano@armexa.com

Website: www.armexa.com

LinkedIn: https://www.linkedin.com/in/john-cusimano-icssec/ & https://www.linkedin.com/company/armexa

John will be speaking at the 18th Annual API Cybersecurity Conference for the Oil and Natural Gas Industry next week: https://events.api.org/18th-annual-api-cybersecurity-conference-for-the-oil-and-natural-gas-industry

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Chris Bihary: Chris Bihary is the CEO and Co-Founder of Garland Technology, a leading USA-based manufacturer specializing in Network TAPs, Network Packet Brokers, Hardware Data Diodes, and Inline Bypass solutions. With a rich background spanning over 30 years in IT and OT cybersecurity, Chris has fostered collaborative partnerships with tech firms to guarantee robust network performance and security across various industries. His entrepreneurial journey began by owning an IT reseller focused on constructing 9-1-1 call center network infrastructure, sparking his lifelong commitment to ensuring the resilience of all networks.

In this episode, Aaron and Chris Bihary discuss:

• Leveraging TAPs for independent, reliable, and unintrusive network monitoring
• Optimizing network security and operational efficiency
• Exploring the importance of data diodes in critical infrastructure environments
• Challenges and exciting developments in OT environments

Key Takeaways:

• Implementing TAPs in OT networks offers a secure, independent, and foolproof method of monitoring critical assets, ensuring 100% packet capture and reducing the risks associated with relying solely on traditional methods like SPAN ports, making it essential for robust and reliable network security.
• In navigating the complexities of network security, the key lies in strategically deploying purpose-built tools like data diodes and aggregators, ensuring comprehensive packet inspection without overwhelming IT staff; finding the delicate balance between data capture and streamlined management is the linchpin to effective and efficient cybersecurity.
• Building a secure network foundation, tapping into live data, ensuring compliance without vulnerabilities, and centralizing access are vital for successful tech implementation in critical infrastructures, fostering adaptability and innovation in today's rapidly changing tech landscape.
• Simplicity and ease of implementation are not just preferences, they're essential requirements; in an industry where awareness is growing, skilled personnel are scarce, and regulations are tightening, the ability to deploy robust, effective solutions quickly and efficiently is the linchpin to securing critical infrastructures worldwide.

"Some really good high tech companies that were never in OT are coming into OT and they're getting their folks trained up. They're educating them and this is super positive for our space. So I'm excited that the awareness is there and more and more people know they have to move forward. More people are getting involved in this space and I'm just looking forward to being part of it and seeing how we can help companies get their network secure, resilient, and reliable, and work with great companies." — Chris Bihary

Connect with Chris Bihary:  

Website: www.garlandtechnology.com

Email: chris.bihary@garlandtechnology.com

LinkedIn: https://www.linkedin.com/company/garland-technology-llc/ and https://www.linkedin.com/in/chrisbihary/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

About Mollie Breen: Mollie Breen is the dynamic CEO and Co-founder of Perygee, a groundbreaking IoT/OT security platform that has garnered significant funding. With a strong background as an Applied Research Mathematician at esteemed organizations such as the Department of Defense and the National Security Agency, Mollie is a recognized expert in network exploitation and machine learning. Her passion for improving IoT device security and her involvement in shaping medical IoT standards through the IEEE Clinical IoT Data and Device working group reflect her dedication to making a lasting impact in the field. Through Perygee, Mollie is empowering security teams with an innovative solution that consolidates and streamlines data, enabling informed decision-making and enhanced cybersecurity measures.

In this episode, Aaron and Mollie Breen discuss:

• Comprehensive security solutions for OT environments
• Incremental automation and value-driven OT asset management in small organizations
• Enhancing collaboration and efficiency in OT security
• Breaking down information silos and fostering collaboration between IT and OT in organizations

Key Takeaways:

• In the era of increasing connectivity and automation, the importance of comprehensive security solutions for OT environments cannot be overstated, addressing challenges such as visibility, contextual asset management, and automation based on accurate and integrated data to ensure security, resilience, and business continuity.
• Implementing a comprehensive and incremental automation process in operational technology (OT) environments can provide immediate value, increase trust in automation, and alleviate the burden of manual processes, enabling organizations to enhance their security, reliability, and efficiency.
• Computers excel in code analysis by swiftly identifying differences and patterns, enabling organizations to save time, enhance efficiency, reduce costs, and bridge the security and operations gap through collaborative knowledge sharing for improved OT security.
• Facilitating collaboration between IT and OT in organizations is vital to boost efficiency, exchange valuable data securely, and implement gradual security measures that safeguard operations without jeopardizing proprietary information. 

"I would wish upon everyone to have some awareness about cyber and an appreciation for not just what it's protecting against, but what it's also able to accelerate. I think we forget a lot about where security can help things move more quickly and help us embrace innovation more quickly." — Mollie Breen

Connect with Mollie Breen: 

Website: https://perygee.com/ 

Email: mollie@perygee.com 

LinkedIn: https://www.linkedin.com/in/mollie-caroline-breen/ 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

Despite the growing attention on industrial cybersecurity, there is still much work to be done to keep pace with the increasing risks. To mature and comprehensively protect against cyber threats to operational technology (OT), it will take collaboration among key players from various sectors and industries.

The PrOTect OT Cybersecurity podcast brings together experts in the field of cybersecurity for critical infrastructure and industrial organizations. Join Aaron Crow, the Chief Technology Officer at Industrial Defender, and the OT security community as they explore the latest developments and challenges unique to protecting operational environments

Whether you want to learn the best practices and strategies for protecting power plants, water treatment facilities, food and beverage plants or automotive factories, this podcast is for you.

About Patrick Miller: Patrick Miller is a renowned expert in the critical infrastructure protection and cybersecurity industries. With over 35 years of experience, he currently leads Ampere Industrial Security as CEO, offering independent security and regulatory advice for industrial control systems across the globe. He is an active volunteer, public speaker, and member of several critical infrastructure security working groups and has received numerous awards for his work. With deep roots in telecommunications, Patrick has held key positions in regulatory agencies, private consulting firms, and commercial organizations. Today, he is also an instructor for the ICS456 NERC CIP course offered by the SANS Institute.

In this episode, Aaron and Patrick Miller discuss:

• The implications of each company having its own interpretation and implementation of compliance and how the latest FERC directive to update NERC-CIP relates to this
• The challenges around writing  technology-agnostic and long-lasting standards
• How companies should think about investing in and managing resources for compliance programs
• How developments in operational technology is like a new phase of the Industrial Revolution

Key Takeaways:

• Compliance policies vary significantly among companies, consultants, and regions, leaving many gray areas for auditors to navigate.
• Implementing new compliance standards is challenging due to the constantly evolving technology landscape and the difficulty in writing a technology-agnostic and flexible standard. Organizations must find a successful and auditable compliant approach that satisfies the minimum standards and can adapt over time.
• To ensure your network is secure, visible, and user-friendly, it's essential to have a platform that balances these factors with proper licenses, trained personnel to handle these, and professional services. This will take time to set up, but the effort will pay off in operational benefits and reduced resource waste.
• Integrating new technologies, such as digital twins, artificial intelligence, and machine learning, into the power system transforms every component of the generation process to the end user.

"I am excited about all the interesting new technologies we're introducing into power systems. There is a lot of really cool, interesting stuff happening, not just in the distribution space but even upwards into the transmission and generation space. Our ability to understand our equipment and prevent maintenance issues and problems is going to go through the roof. Just our ability to see all of this, we will call it another layer of the industrial revolution. Because it will give us a way to interact and use and build our machines in ways that we have never been able to do before." — Patrick Miller

Connect with Patrick Miller: 

Website: https://www.amperesec.com

Email: pmiller@amperesec.com

YouTube: https://www.youtube.com/channel/UCPpxHyyVzgJUjlHGAzkkuMw 

LinkedIn: https://www.linkedin.com/in/millerpatrickc/ 

Twitter: https://twitter.com/PatrickCMiller 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

About Sean Plankey: Sean Plankey currently serves as the Chief Architect for BedRock Systems, leading efforts to utilize BedRock’s formal methods proven software isolation secure platform to solve the most pressing cybersecurity problems across industry and government. Prior to BedRock Systems Sean served as the Public Sector CTO at DataRobot, a Silicon Valley Artificial Intelligence Platform. In government, Sean served as the Principal Deputy Assistant Secretary for Cybersecurity, Energy Security, and Emergency Response at the Department of Energy. In this role he led the design and implementation of DOE’s cybersecurity supply chain program CyTRICS. 

Mr. Plankey also served on the National Security Council as the Director for Maritime and Pacific Cybersecurity Policy, where he co-authored the National Maritime Cybersecurity Plan and multiple Presidential Directives on offensive cyberspace operations. He has also served as the Global Cyber Intelligence Advisor for BP plc, and as the Deputy Chief Information Officer for U.S. Navy Intelligence. He is a 2003 graduate of the United States Coast Guard Academy and a 2008 graduate of the University of Pennsylvania.

In this episode, Aaron and Sean Plankey discuss:

• How do we protect critical infrastructure? 
• The potential risk of public EV charging stations 
• What kind of technology might people invest in? 
• Understanding our supply chains and economic dependencies

Key Takeaways:

• The majority of the critical infrastructure in the U.S. is owned by the private selector. Therefore, cyber security in critical infrastructures is semi-regulated. Meaning, any changes made will need the collaboration of both government and the private sector.
• The installation of public EV charging stations along roads requires careful consideration of cybersecurity concerns. The connection between the charging stations, electric vehicles, computers, networks, and physical grid creates potential risks, such as fire hazard, reliability issues with the grid and other issues. 
• When facing a limited budget, the decision between investing in efficiency optimization versus cybersecurity often results in a focus on efficiency. Unfortunately, cybersecurity is often perceived as a cost and its benefits may not be as tangible or easily understood.
• Currently, the U.S. is granting adversary space in our digital terrain. It poses a lot of risk for us to be the customer of an adversary. We have to know our customers and look more into our economic dependencies. 

"Now you have access and you have a myriad of connectivity. And you're doing that analysis in the fog. Asset management is very difficult and that's where we need to bring that security. We'll continue to see that increasing IT/OT convergence in the fog. And that's where we protect. " — Sean Plankey

Connect with Sean Plankey:

LinkedIn: https://www.linkedin.com/in/sean-plankey/ 

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.