State Of NERC CIP, European Update and OT Security Community

Podcast: Casos de Ciberseguridad IndustrialEpisode: 4/4. Desenlace del caso Cómo proteger las cajas negras en un entorno OTPub date: 2024-05-05En este episodio se muestran consideraciones una vez implementadas soluciones para proteger las cajas negrasThe podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The OG of OTEpisode: ShipmentPub date: 2024-05-03In this episode of the OG of OT podcast, a young woman “Clara” (not her real name) is reunited with this dude “Harvey” (also not his real name). She was duped into taking part in a supply chain attack. He kinda remembers the equipment refresh and rumors of infected firmware. Decades later, they meet. Coincidence?The podcast and artwork embedded on this page are from The OG of OT, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Unsolicited Response (LS 34 · TOP 5% what is this?)Episode: 2024 Threat Report – OT Cyber Attacks with Physical ConsequencesPub date: 2024-05-03Waterfall Security Solutions and ICSSTRIVE put out an annual threat report that Dale Peterson believes is the best in OT. Why? It only includes incidents that had physical consequences on systems monitored and controlled by OT.  Dale and Andrew discuss: What is in and out of scope for the report. The breakdown of the 68 incidents that occurred in 2023 by industry sector, cause, threat actor and more. The impact reporting requirements may have on these numbers in the future. What percentage of OT cyber incidents with physical consequences are made public. Ransomware on IT causing physical consequences, exfil v. encryption, and what asset owners should do given this represents 80% of the known incidents in the report. And more. Links: 2024 Threat Report: https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/2024-threat-report-ot-cyberattacks-with-physical-consequences/  ICSSTRIVE: https://icsstrive.com S4 Events YouTube Channel: https://youtube.com/s4events The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Control Loop: The OT Cybersecurity Podcast (LS 33 · TOP 5% what is this?)Episode: Critical infrastructure: Pending legislation and risks and rewards from AI.Pub date: 2024-05-01Mandiant ties OT attacks to Sandworm. Russia-linked hackers target Texas water utilities. Belarusian hacktivists hit fertilizer company. CISA issues eight ICS advisories. Dave Bittner's Caveat podcast co host Ben Yelin joins him to discuss pending legislation with potential to affect critical infrastructure, as well as the Department of Energy’s assessment of the potential risks and rewards from AI. The Learning Lab is on a hiatus this episode, and will be returning soon!Control Loop News Brief.Mandiant ties OT attacks to Sandworm.Unearthing APT44: Russia’s Notorious Cyber Sabotage Unit Sandworm (Mandiant)Russia-linked hackers target Texas water facilities.Rural Texas Towns Report Cyberattacks That Caused One Water System to Overflow (SecurityWeek)Russia-linked hacking group suspected of carrying out cyberattack on Texas water facility, cybersecurity firm says (CNN)Belarusian hacktivists hit fertilizer company.Belarusian hackers claim to breach fertilizer plant in retaliation for support of Lukashenko regime (The Record)CISA issues eight ICS advisories.CISA Releases Eight Industrial Control Systems Advisories (CISA)Control Loop Interview.Host Dave Bittner and his co host from the Caveat podcast on the N2K CyberWire network, Ben Yelin, share some discussion about pending legislation with potential to affect critical infrastructure, and Department of Energy’s assessment of the potential risks and rewards from AI. Links to articles:  Crawford puts forward bill on cybersecurity risks to water systems (The Arkansas Democrat-Gazette) US DOE rolls out initial assessment report on AI benefits and risks for critical energy infrastructure (Industrial Cyber)  Control Loop Learning Lab.The Learning Lab is on a break and will be back soon. Stay tuned. Control Loop Audience Survey.Please take a moment to fill out our super quick survey. It’s only 5 short questions. Thanks!Control Loop OT Cybersecurity Briefing.A companion monthly newsletter is available through free subscription and on N2K Networks website.The podcast and artwork embedded on this page are from N2K Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Tehilla Shwartz Altshuler Senior Fellow @Israel Democracy Institute on “Phygital” cyber risksPub date: 2024-04-30פרק מיוחד בשיתוף עם הפודקסט למה סייבר?! דנית ליבוביץ-שטי ונחשון פינקו מארחים את תהילה שוורץ אלטשולר, עמית בכירה במכון הישראלי לדמוקרטיה וראש תכנית דמוקרטיה בעידן המידע, בשיחה על עולם ה"פיגיטלי" החדש (פיזי פלוס דיגיטלי) וסיכוני הסייבר שבו. מדוע ישראל עומדת מאחורי מדינות המערב עם היעדר רגולציות סייבר ופרטיות? ועוד A special co-created episode with Why Cyber?! Podcast Danit Leybovich-Shati and Nachshon Pincu host Tehilla Shwartz Altshuler, a Senior Fellow at Israel Democracy Institute and head of the Democracy in the Information Age program, In a conversation about the new “Phygital” (physical plus digital) world and its cyber risks. Why is Israel behind the Western countries with a lack of cyber regulations? And MoreThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Acciones del caso Cómo proteger las cajas negras en un entorno OTPub date: 2024-04-29En este episodio se presentan las estrategias o soluciones que se están considerando actualmente para proteger las cajas negras y recomendaciones.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Abel Archundia on Complexity in Critical InfrastructurePub date: 2024-04-29Abel Archundia, chief technology officer and global head of advisory for Istari, joins the Claroty Nexus podcast to discuss the nature of complexity, technical debt, and regulation, and how it influences risk decisions in critical infrastructure environments. He explains the challenges complexity brings to manufacturing, pharmaceuticals, and other CI sectors, and how owners and operators may feel outmatched by technical debt. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Bites & Bytes PodcastEpisode: AI and Cyber Resilience in the Food Industry with Stuart KingPub date: 2024-04-25In this captivating podcast episode, host Kristin and her guest and fiancée, Stuart King, explore their rich experiences in cybersecurity, specifically focusing on the food industry.  They discuss the transformative impact of AI and machine learning on security practices within this sector.  The episode begins with personal stories that connect their professional paths to memorable food experiences, illustrating how these moments deeply intertwine with their work. Stuart recounts his extensive career, starting with his initial experiences in the Royal Air Force and moving into significant roles in cybersecurity, particularly emphasizing his contributions to safeguarding food production systems.  The conversation then shifts to their joint venture, “AnzenOT,” a tool they co-developed to simplify and democratize risk assessments for small to mid-size enterprises in the food industry.  They discuss how AI enhances this process through improved analytics to give context to risk, which is essential for food manufacturers aiming to fortify their defenses against cyber threats. The duo highlights the crucial need to understand the human side of cybersecurity in food manufacturing, advocating for solutions that address the daily challenges employees face on production floors.  They discuss how AnzenOT uses AI to simulate realistic threat scenarios and offer practical, actionable insights, helping companies navigate the complex landscape of food safety and cybersecurity. Throughout the episode, Kristin’s cat, Kai, also makes a charming presence, adding a touch of warmth as she quietly joins in, much to the amusement of both hosts. As the episode wraps up, Kristin and Stuart invite listeners to join them at upcoming industry conferences, including RSA, where they will discuss cybersecurity and operational technology in the food industry.  They encourage a broader dialogue about enhancing security measures to protect the vital processes that feed nations and maintain public health. ___________________________________________ Episode Key Highlights: (02:52 - 03:53) Unforgettable Food Adventures in Japan (06:13 - 08:23) Career Evolution and Shared Experiences (13:44 - 15:56) Critical Infrastructure Vulnerabilities in Production (17:56 - 20:09) Importance of Understanding Environment in Cybersecurity (24:04 - 26:00) Risk Management and AI in Industry (29:27 - 31:18) AnzenOT Tool Benefits and Features (34:08 - 35:40) Value for Money and Risk Assessment (37:45 - 38:41) Network Security Vulnerabilities From Unknown Applications ___________________________________________ How to connect with Stuart King:  LinkedIn and Email Our talk on the S4 Main Stage, “Factories Are Families: How Does Security Join The Family?” Panel at IC3 Games 2023 on protecting critical infrastructure. ___________________________________________ If you want to learn more about AnzenOT, please check the website or reach out on LinkedIn. Also, if you would like to schedule a demo of AnzenOT or have a chat, please use this link to schedule a meeting. ___________________________________________ Additional Show notes and information are on the Bites and Bytes Website. If you would like to schedule a meeting with Kristin to discuss the Bites and Bytes Podcast, please use this link.  Audience Survey can be found here. Bites and Bytes Podcast Merch Shop!!  (click here)  The podcast and artwork embedded on this page are from AnzenSage, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made Simple PodcastEpisode: OT Security Made Simple | Hatte der Energiesektor bei Cyberangriffen bisher nur Glück?Pub date: 2024-04-25OT Security Made Simple Host Klaus Mochalski spricht mit Stefan Grützmacher, der in den letzten Jahrzehnten mehrere Energieversorger geleitet hat. Für Stefan wird die OT-Sicherheit bei den Kritischen Infrastrukturen noch immer viel zu stiefmütterlich behandelt. Er stellt als Branchenkenner aber auch klare Anforderungen an Lösungen für den KRITIS-Sektor.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Secure Insights with NDK CyberEpisode: Rails & Resilience: Navigating Cybersecurity in Rail Travel with RazorSecure CEO, Alex CowanPub date: 2024-04-25In this episode, we welcome Alex Cowan, CEO of RazorSecure, where we discuss the intricate world of rail cybersecurity.  From legacy systems to cutting-edge digital infrastructures, Alex shares his wealth of knowledge gained from over a decade in the field. Additionally, we'll explore the impact of new NIST regulations on this dynamic sector.Join us for another informative episode of Secure Insights!The podcast and artwork embedded on this page are from NDK Cyber, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.