In this episode, host Aaron Crowe speaks to Dan Ricci, founder of the ICS Advisory Project, to delve into OT cybersecurity. Dan brings a wealth of experience from his time in the Navy, transitioning through various cybersecurity roles, and finally taking the leap to establish a platform that addresses the complex needs of critical infrastructure sectors. 

In this conversation, they explore the genesis of the ICS Advisory Project, a tool designed to streamline vulnerability management for small to medium-sized organizations. Aaron and Dan also discuss the challenges of transitioning from military service to civilian cybersecurity roles, emphasizing the importance of mentorship, risk-taking, and continual self-improvement. 

This episode offers valuable insights for anyone in the cybersecurity community and those looking to bridge the gap between IT and OT spheres. Join us as we explore strategies to enhance resilience and share lessons from the field.

Key Moments: 

09:17 Building Dashboards with Google Studio

14:41 Cybersecurity: Secondary Concern for Operators

20:48 Supporting Small Supply Chain Contributors

23:23  OT Cybersecurity Impact and Mentorship

27:48 Bridging Cybersecurity and Critical Sectors

34:16 Opportunities to Share Project Insights

38:24 Adapting Skills for Career Growth

45:58 Cyber Career Evolution and Growth

56:14 Leadership vs. Management Distinction

01:00:56 Relentless Daily Self-Improvement

About the guest : 

With over 28 years of Cybersecurity experience, Dan is the Senior Cybersecurity Consultant at

Ampyx Cyber, leading engagements with Rural Cooperatives and Utilities to improve their

Cybersecurity programs and protect critical infrastructure. In 2023, he founded Industrial Data Works to provide independent consulting and vulnerability intelligence API subscription services.

He is also the founder of the ICS Advisory Project, an open-source initiative to help small and medium-sized ICS asset owners across the 16 critical infrastructure sectors prioritize vulnerabilities and plan mitigation for their ICS/OT environments. He aims to provide free and accessible resources to secure critical infrastructure and protect the public.

Link to Industrial Data Works:

https://www.industrialdataworks.com/ics-advisory-project-api

Links to ICS Advisory Project:

https://www.icsadvisoryproject.com/

ICS Advisory Project Github Repository:

https://github.com/icsadvprj/ICS-Advisory-Project

Receive ICS Advisory Project Weekly Summary Slides and Other CERT & Vendor Advisory Summaries in your email every Monday:

https://docs.google.com/forms/d/e/1FAIpQLSfC490BHoCR4gHekZcMLBgbHMhUQZr7ZVYZG1OkaWdKGwH73g/viewform

Connect With Aaron Crow:

Learn more about PrOTect IT All:

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4