@BEERISAC: OT/ICS Security Podcast Playlist

We revisit key insights from past conversations with Dave Purdy and Debbie Lay of TXOne Networks, who shared their expertise on the critical cybersecurity challenges facing industrial environments.

The episode delves into innovative solutions such as virtual patching and deep packet inspection, which are vital for securing legacy systems without causing operational disruption.

With a focus on mitigating zero-day vulnerabilities and ransomware threats, the discussions also emphasize the importance of bridging the IT/OT divide to create cohesive, secure environments.

This episode provides actionable strategies for professionals responsible for managing the cybersecurity of critical infrastructure in sectors like energy, manufacturing, and utilities.

Chapters

• 00:00:00 – Introduction to Key Cybersecurity Challenges in Industrial Environments
• 00:01:19 – Why Visibility is Critical for Securing Industrial Operations
• 00:01:36 – TXOne Networks' Native Protocols and the Power of Deep Packet Inspection
• 00:02:53 – Addressing Zero-Day Vulnerabilities through the Zero Day Initiative
• 00:04:26 – Personal Insights and Fun Facts from Industry Experts
• 00:05:23 – Overcoming Barriers to Industrial Cybersecurity Adoption
• 00:06:35 – IT-OT Collaboration: A Must for Comprehensive Cybersecurity
• 00:09:22 – Global Cybersecurity Trends and Adoption in Industrial Sectors
• 00:10:54 – Virtual Patching: A Game-Changer for Securing OT Systems
• 00:13:50 – Navigating IT-OT Convergence for Improved Security Outcomes
• 00:19:30 – TXOne's Innovative Security Solutions for Industrial Environments

Links And Resources:

• Crowdstrike, Virtual Patching, and Industrial OT Environments with Debbie Lay
• Unmasking Industrial Cybersecurity Threats and Solutions with Dave Purdy
• Velta Technology
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, YouTube, and Google Podcasts to leave us a review!

In this episode of Protect It All, host Aaron Crow is joined by Christopher Stein from Royal Caribbean Group to delve into the fascinating evolution of maritime technology. This discussion explores the dramatic journey ships have taken from their analog origins to becoming digitally advanced behemoths of the seas, emphasizing the critical importance of safety and redundancy.

Listeners will understand how automation has revolutionized ship operations, allowing for reduced crew workload and increased efficiency. The episode also highlights the intricate management behind running a fleet of 68 ships, each functioning as an autonomous mobile city with numerous interconnected systems.

Christopher Stein provides an insider’s perspective on the maritime industry's latest cybersecurity challenges and compliance requirements. He discusses the careful processes of ensuring all onboard systems run smoothly and safely, from cybersecurity assessments to integrating digital sensors and control mechanisms.

This episode offers a deep dive into the complexities of maritime operations, emphasizing the behind-the-scenes efforts that keep voyages safe and efficient. 

Through engaging storytelling and expert insights, Protect It All takes listeners on a journey through the melding of technology and tradition in the maritime world. Tune in to discover how these advancements are shaping the future of safe sea travel!

Key Moments: 

00:10 OT systems require constant uptime; no outage windows.

05:06 OT and IT convergence misunderstood; safety risk emphasized.

08:18 Testing must ensure safety, operational integrity, and collaboration.

10:25 Cybersecurity must integrate with overall system design.

14:21 No pool, casino, water slides, roller coasters.

17:29 Systems affect availability, reliability, safety, and billing.

21:24 Managing vast logistics for seamless vacation experiences.

25:14 Royal Caribbean's efficient logistics and management impress.

27:28 Family surprised internet works during power outage.

33:26 Apollo 13 movie: interconnected digital procedures, limited power.

36:20 All systems have manual control for safety.

37:55 Operator rounds involved manual inspection of equipment.

41:27 Early immigrants faced harsh, uncertain voyages to America.

45:32 Technology makes formerly unattainable achievements accessible today.

49:08 Internet outage impacts due to maritime dependency.

About the guest : 

Christopher Stein is a proficient maritime systems specialist who ensures the operational safety of onboard systems. Recognizing the potential dangers of propulsion loss, Christopher meticulously coordinates maintenance tasks while vessels are docked. He emphasizes precise timing and a clear understanding of assessment objectives to execute system tests and shutdowns safely. His expertise ensures voyages proceed without incidents, reflecting his commitment to maritime safety and system reliability.

Connect With Aaron Crow:

Learn more about PrOTect IT All:

To be a guest or suggest a guest/episode, please email us at [email protected]

In this episode, Robby speaks with Jens Christian Vedersø, Head of Cyber Risk Management at Vestas, one of the world’s largest wind turbine manufacturers.

Jens is a former Navy and intelligence officer and recovering regulator. Before managing cyber risk in the renewable energy sector, Jens helped develop energy sector legislation and cyber preparedness at the Danish Energy Agency, and served as a subject matter expert for SCADA, OT, ICS and IoT at the Danish Center for Cyber Security.

In the discussion Jens shares his unique perspective on how security acts as both an enabler and a potential barrier in the transition towards renewable energy transition, and how the industry needs to move from a reactive, compliance-driven approach towards a more proactive, risk-based model. Jens also shares insights into the threat landscape, potential motivations of state actors, and how Vestas is working to quantify cyber risk and empower customers to better understand and control their own cyber risks.

In this episode of the Bites and Bytes Podcast, host Kristin Demoranville welcomes George Kamide, co-host of the Bare Knuckles & Brass Tacks podcast, Head of Community at The CISO Society, and Co-Founder of Mind Over Cyber.  George brings his expertise in both cybersecurity and anthropology to the conversation, discussing the cultural, human, and technological factors shaping the global food supply chain.  Together, they examine how cybersecurity intersects with agriculture, the vulnerabilities within our food systems, and the importance of protecting this critical infrastructure.

If you're interested in the connections between cybersecurity, food security, and technology, this episode is packed with valuable insights into securing the systems that sustain us.

_______________________________________________

🏆 Vote for Bites and Bytes Podcast for Women in Podcasting Award

https://womeninpodcasting.net/bites-and-bytes-podcast/

THANK YOU!  🤩 🎉

_______________________________________________

George’s Information:

LinkedIn:  https://www.linkedin.com/in/george-kamide/

The CISO Society:  https://www.linkedin.com/company/the-ciso-society/posts/?feedView=all

Mind Over Cyber:  https://www.linkedin.com/company/mind-over-cyber/posts/?feedView=all

_______________________________________________

Bare Knuckles and Brass Tacks Podcast Information:

LinkedIn:  https://www.linkedin.com/company/bare-knuckles-brass-tacks/posts/?feedView=all

Listen here: https://open.spotify.com/show/1be0fUg0zTS6nfdUFlNDOt?si=97ff77d647294ff8

Secure World Denver October 10, 2024

[Closing Keynote] Radical Transparency Needed to Build Trust

https://events.secureworld.io/agenda/denver-co-2024/

_______________________________________________

Show Notes:

Brazil's innovation and technology in ag-tech:

https://www.spglobal.com/commodityinsights/en/ci/research-analysis/innovation-technology-brazil-emerges-dominant-agribusiness.html

Development of Brazilian Agriculture:

https://agricultureandfoodsecurity.biomedcentral.com/articles/10.1186/2048-7010-1-4

SMART FARMING IN BRAZIL: AN OVERVIEW OF TECHNOLOGY,

ADOPTION AND FARMER PERCEPTION:

https://www.rbgdr.net/revista/index.php/rbgdr/article/download/6040/1250/15857

"50% of croplands are used for human food; 38% is for livestock feed; and 12% is for non-food uses."

https://ourworldindata.org/global-land-for-agriculture#:~:text=Poore%20and%20Nemecek%20estimate%20that,of%20the%20paper's%20Supplementary%20Information.

Food Insecurity in Ukraine:

https://www.wfp.org/stories/war-ukraine-how-humanitarian-tragedy-fed-global-hunger-crisis

Global Starvation because of Russia's War on Ukraine:

https://www.nytimes.com/2023/01/02/us/politics/russia-ukraine-food-crisis.html

Ukraine's war damage to agriculture:

https://resoilfoundation.org/en/agricultural-industry/ukraine-war-pollution-soil/

Ukraine's state of soil as impacted by war:

https://www.agroberichtenbuitenland.nl/documenten/publicaties/2024/03/28/ukrainian-soil

H5 Avian Flu in cows:

https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections

https://www.cidrap.umn.edu/avian-influenza-bird-flu/officials-await-testing-clues-missouri-h5-avian-flu-case-michigan-reports

H5N1 Bird Flue Reponse CDC:

https://www.cdc.gov/bird-flu/spotlights/h5n1-response-09132024.html#:~:text=Since%20April%202024%2C%2014%20human,H5N1)%20virus%2Dinfected%20poultry

How Food Gets Contaminated:  The Food Production Chain:

https://www.cdc.gov/foodborne-outbreaks/foodproductionchain/index.html

_______________________________________________

News Break:

Boar's Head

https://www.food-safety.com/articles/9740-following-outbreak-boars-head-forms-food-safety-council-of-top-experts-closes-facility-discontinues-liverwurst

https://www.food-safety.com/articles/9724-inspection-reports-show-mold-insects-meat-residues-and-more-at-boars-head-facility-responsible-for-listeria-outbreak

https://www.food-safety.com/articles/9636-boars-head-rte-deli-meats-recalled-after-two-listeriosis-deaths

https://www.fsis.usda.gov/sites/default/files/media_file/documents/Non-Compliance_Reports_112022-To-812024.pdf

Avian Influenza

https://www.aphis.usda.gov/livestock-poultry-disease/avian/avian-influenza/hpai-detections

https://www.cdc.gov/bird-flu/spotlights/h5n1-response-09132024.html#:~:text=Since%20April%202024%2C%2014%20human,H5N1)%20virus%2Dinfected%20poultry

_______________________________________________

Episode Key Highlights:

00:00 - Introduction

02:15 - Cultural Significance of Food

10:30 - Global Food Supply Chains and Technology

18:45 - Vulnerabilities in the Food Supply System

26:00 - Communication Skills in Cybersecurity

33:20 - Resilience in Supply Chains

41:10 - Future of Cybersecurity

_______________________________________________

Bites and Bytes Podcast Info:

TikTok

Website:  Explore all our episodes, articles, and more on our official website.  Visit Now

Merch Shop:  Show your support with some awesome Bites and Bytes gear! 🧢👕 Shop Now

Blog:  Stay updated with the latest insights and stories from the world of cybersecurity in the food industry.  Read Our Blog

Audience Survey:  We value your feedback!  Help us make the podcast even better.  Take the Survey

Schedule a Call with Kristin:  Want to share your thoughts? Schedule a meeting with Kristin!  Schedule Now

In this week's episode, Craig Duckworth and LuRae Lumpkin dive into the critical need for translating high-level cybersecurity solutions and priorities into clear, succinct communication across the industrial cybersecurity industry.

They focus on bridging the communication gap between IT and OT teams, discussing how a unified approach from both leadership and operations can strengthen security efforts.

The episode highlights evolving strategies for addressing breaches, improving risk management, and safeguarding critical infrastructure.

Key takeaways include the importance of tailoring cybersecurity communication to different audiences, implementing proactive measures, and fostering a consistent, organization-wide message that integrates cybersecurity into the core culture regardless of the organization.

Chapters:

• 00:00:00 - Setting the Stage: Why Cybersecurity Communication Matters
• 00:00:54 - LuRae Lumpkin's Proven Expertise in Industrial Cybersecurity
• 00:01:34 - How Cybersecurity Messaging Has Evolved Across IT and OT
• 00:04:49 - Lessons from Major Cyber Breaches: What You Need to Know
• 00:06:47 - Why Being Proactive is Crucial in Cybersecurity Communication
• 00:08:41 - Building a Cybersecurity-Driven Culture from the Top Down
• 00:10:44 - Simplifying Complex Cybersecurity Issues for Maximum Impact
• 00:12:30 - Making Cybersecurity a Company-Wide Priority
• 00:14:15 - Bridging the Communication Gap Between IT and OT
• 00:16:00 - Creating a Unified Language Across Teams
• 00:18:45 - The Role of External Vendors in Cybersecurity Communication
• 00:20:27 - Practical Advice to Strengthen Your Organization's Cybersecurity
• 00:24:39 - Final Insights on Fostering a Cyber-Aware Organization

Links And Resources:

• LuRae Lumpkin on LinkedIn
• Velta Technology
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, YouTube, and leave us a review!

U.S. manufacturing is on a roll right now. And organizations like MxD – The Digital Manufacturing and Cybersecurity Institute are on a mission to help manufacturers build the things they need to build in the modern digital world.

In this episode, we sit down with Berardino Baratta, CEO of MxD, to explore the evolution of digital transformation in manufacturing and its impact on the industry. First, Berardino shares his career story, which takes us from healthcare AI to operating a café during a sabbatical to now helping manufacturers thrive in a digital world.

As MxD celebrates its 10th anniversary, Berardino shares insights on how the organization has evolved over the years as new technology progresses. We dig into the challenges faced by small businesses, the importance of cybersecurity in the digital age, and how MxD is shaping the future of American manufacturing. Berardino shares his perspective on how manufacturing is changing for the better, including a more collaborative approach to improving supply chains and the democratization of data and insights.

In this episode, find out:

• Berardino explains what MxD does to help manufacturers and how its scope has evolved as new technology advances
• Some backstory on Berardino’s varied career from being the CEO of an AI healthcare company to now working as the CEO of the U.S.’s leading digital manufacturing innovation center
• What Berardino learned during his long sabbatical about modernizing operations at a café and how he applied that to his work in manufacturing
• Berardino takes us through MxD’s project history, including working with the Department of Defense and Manufacturing USA
• How modern manufacturing companies feel about creating something that will be democratized vs. maintaining competitive advantages
• Why the industry has become more collaborative over making supply chain improvements
• How manufacturing has changed in the past ten years in line with technological innovations
• What’s working when it comes to fortifying the strength of U.S. manufacturing
• Improvements the industry needs to make when it comes to adopting digital assets

Enjoying the show? Please leave us a review here. Even one sentence helps. It’s feedback from Manufacturing All-Stars like you that keeps us going!

Tweetable Quotes:

• “We quickly realized cybersecurity is critical. We went from being the Digital Manufacturing Institute to the Digital Manufacturing and Cybersecurity Institute. Two sides of the same coin, right? If you're going to adopt digital, it better be secure.”
• “98% of U.S. manufacturing companies are small and medium. 75% have less than 20 employees. What's starting to work is that those small and medium businesses are starting to adopt digital to improve their operations.”
• “With the café, we modernized their entire operations. Right from production in the back house through building their front of the house. We modernized it with technology, not that dissimilar to a digital transformation of a manufacturer.”

Links & mentions:

• MxD, the digital manufacturing and cybersecurity institute; MxD advances economic prosperity and national security by strengthening U.S. manufacturing competitiveness through technology innovation, workforce development, and cybersecurity preparedness; in partnership with the Department of Defense
• Manufacturing USA, a network of regional institutes, each with a specialized technology focus; Manufacturing USA institutes like MxD convene business competitors, academic institutions, and other stakeholders to test applications of new technology, create new products, reduce cost and risk, and enable the manufacturing workforce with the skills of the future
• Chicago Cut Steakhouse, a stylish modern steakhouse with a patio overlooking the Chicago River where Berardino and Chris have both dined before
• Hardware Sustainable Gastropub and Brewery, avant-garde haunt in Aurora, IL with seasonal, creative entrées, whiskeys from around the world, and outdoor seating

Make sure to visit http://manufacturinghappyhour.com for detailed show notes and a full list of resources mentioned in this episode. Stay Innovative, Stay Thirsty.

We have an exciting and crucial topic: the Cyber Resilience Act. With us are two guests who are experts in their fields: Guillaume Crinon, Director of IoT Business Strategy at Keyfactor, and Romain Tesniere, Business Development Manager at Avnet Silica. Guillaume and Romain bring a wealth of knowledge and experience in IoT security and business strategy, making them the perfect guides to help us navigate this important legislation.

The Cyber Resilience Act aims to enhance the security of connected devices, but what does that mean for businesses, developers, and end-users? We'll explore the benefits, challenges, and impacts of this Act and practical steps for ensuring IoT security.

#iot #security #cra #wetalkiot

Summary of this week's episode:

01:42 Understanding the Cyber Resilience Act

02:04 Keyfactor's Role in IoT Security

03:37 Avnet Silica's Approach to Security

05:19 Exploring the Cyber Resilience Act

10:42 Challenges and Risk Assessments

19:05 Practical Implementations and Examples

23:15 Collaboration and Future Prospects

24:44 Balancing Innovation and Security

Show notes:

Guillaume Crinon: https://www.linkedin.com/in/guillaumecrinon/

Romain Tesniere: https://www.linkedin.com/in/romain-tesniere-26698b80/

About Keyfactor: https://www.keyfactor.com

Deep dive into the Cyber Resilience Act:

https://my.avnet.com/silica/solutions/iot/secure-device-management-provisioning/

https://www.keyfactor.com/resources/content/eight-steps-to-iot-security?lx=6IfNm7

https://www.brighttalk.com/webcast/17778/604186

About Avnet Silica:

This podcast is brought to you by Avnet Silica—the Engineers of Evolution.

You can connect with us on LinkedIn: https://www.linkedin.com/company/silica-an-avnet-company/. Or find us at www.avnet-silica.com.

In this episode, Steve Plumb, Editor-in-Chief, sits down with Jeremy Dodson, Chief Information Security Officer, and Jay Korpi, Principal Cybersecurity Specialist, from NextLink Labs to discuss cybersecurity in the manufacturing industry. They highlight the convergence of IT and OT and the need for understanding the differences between the two.  They also talk about common breaches, such as social engineering attacks and misconfigurations, and the need for comprehensive risk assessments and training programs.