The Security Detail

Ep. 2: Water with CISA's Amy Thomas, cyber risk analyst and Noah Powers, RVA program lead, penetration testing capabilities

Listen Later

Water treatment facilities are part of the critical infrastructure that supports essential services. A cyberattack on these facilities could disrupt the supply of clean water, leading to severe consequences for public health, safety, and the economy. In this episode, two representatives from the US Cybersecurity and Infrastructure Security Agency, or CISA, share strategies to defend the water sector from cyberattacks. They also provide an update on CISA's investigation into an Iranian-linked campaign targeting Israeli-made Programmable Logic Controllers (PLCs) at a number of US water utilities.

Resources: 
  • CISA Risk and Vulnerability Assessments program
  • CISA Security Advisors
  • Top Ten Cybersecurity Misconfigurations (NSA and CISA Advisory)
  • IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities (CISA Advisory)
  • CISA and Partners Release Joint Advisory on IRGC-Affiliated Cyber Actors Exploiting PLCs (CISA Alert)
  • CISA Secure by Design Alert Urges Manufacturers to Eliminate Default Passwords (CISA Alert)
  • States and Congress wrestle with cybersecurity after Iran attacks small town water utilities (Associated Press)
  • CVE-2023-6448 (NIST NVD)
  • CISA's Known Exploited Vulnerabilities Catalog 
  • Report a cyber issue to CISA
  • Water and Wastewater Cybersecurity toolkit (CISA)
  • China’s cyber army is invading critical U.S. services (Washington Post)
  • Volt Typhoon targets US critical infrastructure with living-off-the-land techniques (Microsoft)
  • Stop Ransomware website (CISA)
  • The Dragos Community Defense Program Helps Secure Industrial Infrastructure for Small Utilities (Dragos)
  • Cybersecurity for Rural Water Systems Act
  • Energy Circuit Riders Act
    • ...more
    View all episodesView all episodes
    Download on the App Store
    The Security DetailBy Audra Streetman and Madeleine Tauber
    • 5
    • 5
    • 5
    • 5
    • 5

    5

    14 ratings

    More shows like The Security Detail

    View all
    Security Now (Audio) by TWiT

    Security Now (Audio)

    1,966 Listeners

    Risky Business by Patrick Gray

    Risky Business

    359 Listeners

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

    SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

    628 Listeners

    Hacked by Hacked

    Hacked

    180 Listeners

    CyberWire Daily by N2K Networks

    CyberWire Daily

    1,014 Listeners

    AWS Podcast by Amazon Web Services

    AWS Podcast

    201 Listeners

    Smashing Security by Graham Cluley & Carole Theriault

    Smashing Security

    312 Listeners

    Click Here by Recorded Future News

    Click Here

    394 Listeners

    Malicious Life by Malicious Life

    Malicious Life

    928 Listeners

    Darknet Diaries by Jack Rhysider

    Darknet Diaries

    7,849 Listeners

    Cybersecurity Today by Jim Love

    Cybersecurity Today

    167 Listeners

    Hacking Humans by N2K Networks

    Hacking Humans

    314 Listeners

    Cyber Security Headlines by CISO Series

    Cyber Security Headlines

    117 Listeners

    Risky Bulletin by risky.biz

    Risky Bulletin

    33 Listeners

    Hacker And The Fed by Chris Tarbell & Hector Monsegur

    Hacker And The Fed

    158 Listeners