In this episode, host Aaron Crow converses with Lesley Carhart, Technical Director at Dragos, who brings over 15 years of experience in incident response and forensics within critical infrastructure sectors.

The episode dives deep into the standard practices in industrial settings, such as operators shutting down power plants for safety and the lack of forensic investigation into equipment failures. Lesley emphasizes the importance of integrating cybersecurity into these environments, pointing out that many failures are due to maintenance or human error, though a notable portion does involve cyber threats.

Listeners will learn about the challenges and necessary collaborations between operational technology (OT) and information technology (IT) teams. The discussion addresses cultural and trust barriers that hinder effective cybersecurity measures and advises on how organizations can improve their defenses regardless of size and resources.

Lesley also highlights the evolving landscape of cyber threats, including the increasing sophistication of adversaries and the vulnerabilities caused by standardizations in industrial systems. Real-world examples underscore the complexity of securing these environments, emphasizing the need for proactive and informed cybersecurity practices, such as "cyber-informed engineering."

Tune in to better understand the critical intersections of cybersecurity and industrial operations, and learn practical strategies to safeguard essential services.

Key Moments: 

05:00 IT-OT miscommunication leads to cybersecurity risks.

09:23 IT processes are too slow; bypassing is required for solutions.

11:36 Leaving an outdated system may pose less risk.

15:09 Slow changes in OT due to unforeseen impacts.

19:17 Include cybersecurity in root cause analysis discussions.

20:31 Nation-states analyze and bypass industrial control systems.

25:40 Cybersecurity is essential to combat potential system threats.

29:27 Communication, champions, and leadership crucial for cybersecurity.

31:37 Cybersecurity struggle due to resources community helps.

35:03 OT vs. IT language differences affect incident classification.

38:08 Empowered safety culture prevents accidents and retribution.

40:22 Few people have diverse cybersecurity skills and experience.

45:05 Experience across all 17 critical infrastructure verticals.

48:29 Evading detection in the nuclear enrichment process.

51:25 Identify industrial devices, build security program.

About the guest : 

Lesley Carhart is a renowned cybersecurity expert specializing in industrial control systems (ICS) security. With a keen understanding of the convergence between traditional IT and operational technology (OT), Lesley has been at the forefront of safeguarding critical infrastructures. Her work emphasizes the vulnerabilities of human-machine interfaces (HMIs) and programming devices, which are increasingly resembling typical computers and thus becoming prime targets for malware and ransomware attacks. Lesley's insights highlight the significant risks posed by these hybrid systems, underscoring the importance of robust cybersecurity measures in protecting essential processes. Lesley is honored to be retired from the United States Air Force Reserves, and to have received recognition such as “DEF CON Hacker of the Year”, “SANS Difference Maker”, and “Power Player” from SC Magazine.

How to connect Lesley: 

Instagram : https://www.instagram.com/hacks4pancakes/

Blog: https://tisiphone.ne

Mastodon : https://infosec.exchange/@hacks4pancakes

Linkedin : https://www.linkedin.com/in/lcarhart/

Connect With Aaron Crow:

Learn more about PrOTect IT All:

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4