Bryson Bort sits down with Adam Robbie, Head of OT Threat Research at Palo Alto Networks, to pull back the curtain on OT threat research. With a background in electrical engineering, Adam’s first job in cybersecurity was at an IT help desk. He now leads a team dedicated to identifying, analyzing, and mitigating cyber threats targeting Operational Technology (OT) environments.

What are the top threats Adam is seeing in OT attacks? Why is manufacturing such a vulnerable sector? And if he could wave a magic, non-Internet connected wand, what would he change? 

“I really would love to have more experts in OT,” Adam said. “The more knowledge…and the more experts we have, it will fasten this process [of innovation].” 

Join us for this and more on this episode of Hack the Plan[e]t. 

The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. 

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Bryson Bort welcomes Sarah Powazek, Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity, to discuss the organization’s work providing cybersecurity resources for the public, and CyberCAN, a project to connect cities and nonprofits providing critical services.  

How can cities play a larger role in protecting their communities? What are the biggest cybersecurity challenges facing nonprofits? What innovative solutions are being developed to address the cybersecurity resource gap? 

“It's never going to be enough to have one federal agency help every single organization in a country. We're just too large,” Sarah said. “I think the solution is to create more infrastructure at the state, local, and regional level.”

Join us for this and more on this episode of Hack the Plan[e]t. 

Hack the Plan[e]t is brought to you by ICS Village and the Institute for Security and Technology.

Welcome to season 5! Our host Bryson Bort sits down with Institute for Security and Technology (IST) Executive in Residence for Public Safety & Security Josh Corman. Josh previously joined us on season 1, episode 2 to discuss his experience founding I Am The Cavalry, a grassroots organization focused on the intersection of digital security, public safety, and human life. 

Today, Josh walks us through his Cyber Civil Defense initiative UnDisruptable27 and his work to bolster the resilience of local critical infrastructure systems. 

What role can you play in making our communities more resilient? What risks do we face from a hybrid conflict? How can we better prepare for disruptions to critical infrastructure? 

“You inform, influence, inspire. You make sure people aren't blindsided, and even if they can't stop the natural disaster, they can at least prepare for it and make informed decisions and innovate locally,” Josh said. “And unlike natural disasters, where we only have a couple hurricanes a year, we may have concurrent unnatural disasters on plural U.S. infrastructure sites across the country with finite resources to respond and recover.”

Join us for this and more on this episode of Hack the Plan[e]t. 

Hack the Plan[e]t is brought to you by ICS Village and the Institute for Security and Technology.

For the final episode of the season, our host Bryson Bort reflects on four years and forty episodes of Hack the Plan[e]t, and picks a few favorites. 

Episode 8, DoD and Critical Infrastructure: https://hack-the-plant.simplecast.com/episodes/dod-and-critical-infrastructure

Episode 10, The Congressman, The Commission and Our Critical Infrastructure: https://hack-the-plant.simplecast.com/episodes/the-congressman-the-commission-and-our-critical-infrastructure

Episode 27, Managing Incident Responses to Critical Infrastructure Attacks: https://hack-the-plant.simplecast.com/episodes/managing-incident-responses-to-critical-infrastructure-attacks

Episode 28, Cyber Threat Intelligence Over the Past 25 Years: https://hack-the-plant.simplecast.com/episodes/cyber-threat-intelligence-over-the-past-25-years

Episode 36, Supporting Ukrainian Electrical Grid Resilience in Wartime: https://hack-the-plant.simplecast.com/episodes/supporting-ukrainian-electrical-grid-resilience-in-wartime-mxxhn2g3

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Bryson is joined by Carter Manucy, Director of Cybersecurity at the National Rural Electric Cooperative Association to discuss rural electric cooperatives, the importance of collaboration, and the state of cybersecurity in the energy sector. With over two decades of experience in the sector, Carter was recently awarded E-ISAC’s prestigious Michael J. Assante Award for his leadership on initiatives to protect the grid and electric co-ops. 

How are cooperatives fostering a stronger cybersecurity culture? What are the unique challenges faced by rural electric cooperatives in the cybersecurity landscape? And what does Carter see in his crystal ball for the future of cybersecurity in the energy sector?

“I think as a country, we’ve really got to pull together or else we're going to be behind the eight ball in a few years, and that could really look bad for everybody...power runs all of our lives,” Carter said. “If I had that magic wand, I think I would get rid of a lot of the politics that are there so that we can focus on getting funding to help in the areas that it really is needed, and move that needle forward.” 

Join us for this and more on this episode of Hack the Plan[e]t. 

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Bryson is joined by Sara Patrick, President and CEO at the Midwest Reliability Organization (MRO) to discuss cyber threats, mitigation strategies, and the United States energy infrastructure system. A lawyer by training, Sara led MRO’s enforcement group and compliance monitoring team for 16 years before stepping into her position as CEO. 

What risks does AI pose to maintaining a reliable grid? How does MRO build resilience into the Northeast bulk power grid? What do smaller organizations need to be able to mitigate threats? 

“When we think about operations, we're a lot of times focused on the bigger organizations. But from a cyber perspective, it really doesn't matter the size of your organization. You're all susceptible,” Sara explained. 

Join us for this and more on this episode of Hack the Plan[e]t. 

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.

In this episode, Bryson sits down with MITRE EMB3D co-founder Niyo Little Thunder Pearson. For nearly 20 years, Niyo has been at the forefront of protecting critical infrastructure systems. He previously led incident response for American Express, directing the company’s Security Operations Center during the LulzSec and Anonymous attacks, and worked to develop an adversarial cyber defense program for the nation’s third largest gas utility at ONE Gas Oklahoma. Now, Niyo has co-founded MITRE EMB3D, a groundbreaking global threat network aimed at enhancing the security of embedded devices. 

What is MITRE EMB3D? Who is the intended audience? What problems is it trying to solve? 

“There is such a gap that exists today on what we understand and how risk averse these [embedded] devices are. They do well and they operate well. They're built for what they're doing in a safety context, but the security was never brought forward with it,” Niyo said. 

Join us for this and more on this episode of Hack the Plan[e]t. 

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

In this episode, Bryson sits down with Mark Montgomery, Senior Director at the Foundation for Defense of Democracies. For three years, Mark served as Executive Director of the Cyberspace Solarium Commission, created by congressional mandate to develop strategic approaches to defending against cyber attacks. Now, he directs CSC 2.0, an initiative that works to implement the recommendations of the Commission. 

What were the key recommendations of the Cyberspace Solarium Commission? What are the politics of cybersecurity? How do we ensure that our international partners have the same level of resiliency and recovery that we have domestically? 

“We'd like to fight our adversaries overseas. That means we have to fight with and through our allies and partners. So they have to have strong critical infrastructure as our forces arrive and execute their missions,” Mark said. 

Join us for this and more on this episode of Hack the Plan[e]t. 

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Joe Marshall is a Senior IoT Security Strategist at Cisco Talos Intelligence Group. When Russia invaded Ukraine in 2022, Joe helped coordinate a multinational, multi-company coalition of volunteers and experts to find a technological solution. 

Bryson and Joe sat down to discuss his efforts in Ukraine, how he got the go-ahead from Cisco leadership, and more. 

“They were like, yeah, we can't even get accurate timing to work on our transmission grid because of jamming that is interrupting GPS communications,” Joe explains. “A week later I was sitting in my office and I went, ‘I wonder if we have something inside of Cisco that can actually help with this.’” 

Join us for this and more on this episode of Hack the Plan[e]t. 

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.

In this episode, Bryson Bort is joined by Paul Shaver, Global OT Security Practice Lead at Mandiant / Google Cloud to discuss the cyber threat landscape. How did Paul’s military background play a role in his decision to start working with control systems? What is the difference between an advanced persistent threat and a regular threat? What does Paul think is the best way to protect against documented threats from nation-state actors?

“I think if we're not doing a better job of protecting critical infrastructure, protecting our assets, any one of the nation state actors could cause that level of mass scale outage or destruction of capability. It comes down to being better prepared to protect these environments,” Paul said. 

Join us for this and more on this episode of Hack the Plant. 

Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.