The Critical Assets Podcast covers important OT and ICS security topics with an eye toward standards and regulation to keep you ahead of your adversaries... and...
Critical Conversations: IR, Forensics, and Regulation in OT
In this episode, we sit down with Lesley Carhart (@hacks4pancakes), a renowned expert in OT/ICS incident response and forensics, to explore the unique challenges of defending critical infrastructure against cyber threats. Lesley shares insights into how internal OT teams can better support external IR teams, evaluates global and sector-specific preparedness, and discusses the impact of regulations on effective incident response. We delve into the complexities of defining and reporting incidents, the potential for improved approaches, and actionable advice for those looking to enhance their IR and forensics skills. Lesley also gives a glimpse into the future of their work and their continued mission to strengthen cybersecurity in critical infrastructure.Show Links:https://www.linkedin.com/in/lcarhart/https://www.threads.net/@hacks4pancakeshttps://bsky.app/profile/hacks4pancakes.comhttps://infosec.exchange/@hacks4pancakes
--------
44:32
Energizing Cybersecurity Careers: Workforce Development in OT/ICS
Join us for a discussion on Energizing Cybersecurity Careers: Workforce Development in the OT/ICS Community. Guests Cynthia Hsu and Erin Owens dive into the cybersecurity challenges facing Industrial Control Systems and Operational Technology asset owners. Through open conversations, we explore everything from skill gaps and career pathways to diversity, continuous learning, and the impact of new technologies. This session aims to provide insights into developing a skilled, diverse cybersecurity workforce – starting from the ground up – with a focus on practical strategies for professionals, educators, and anyone interested in the future of ICS/OT security.Show links:Cynthia Hsu LinkedIn profile https://www.linkedin.com/in/cynthiahsu33/Erin Owens LinkedIn profile https://www.linkedin.com/in/erinowens/DOE CESER Cybersecurity Training for the Utility Workforce, free 3-day ICS Cybersecurity training for electric and ONG utility staff. Next training event: Buffalo, NY, April 23-25, Register at: Eventleaf | Event Registration Software and Mobile Event Apps DOE CESER CyberStrikeTM professional cybersecurity training for operational technology environments: https://inl.gov/cyberstrike/· LIGHTS OUT – focus on Ukraine attacks· NEMESIS – focus on nation-state TTPs· STORMCLOUD – focus on renewable energy DOE CESER CyberForce® workforce development program for college students focused on building a pipeline of cyber professional candidates in operational technology cybersecurity: https://cyberforce.energy.gov/ Sandia National LaboratoryTracer FIRE (Forensic Incident Response Exercise): https://github.com/sandialabs/Tracer-FIRECenter for Cyber Defenders: https://www.sandia.gov/careers/career-possibilities/students-and-postdocs/internships-co-ops/institute-programs/titans-technical-internships-to-advance-national-security/titans-cyber/ Cyber Defense Center https://www.cyberdefensecenter.org/
--------
1:08:23
CIE: Architecting Infrastructure Immunity
In this episode, we take a deep dive into the world of Cyber Informed Engineering (CIE), joined by Ginger Wright, Program Manager at Idaho National Laboratory. This episode unpacks CIE's strategic efforts to integrate cybersecurity into the very fabric of engineering critical infrastructure. We discuss the evolution of CIE and how it's transforming the approach to system design. We cover the synergy between engineers and cybersecurity experts and the implementation of engineering-based mitigations. Get insights on building resilience into critical systems from the ground up.
--------
53:39
One Rule to Rule Them All
Join Patrick Miller, CEO of Ampere Industrial Security and his guest Danielle Jablanski, OT Cybersecurity Strategist at Nozomi Networks as they continue their debate on the topic: "If you could have only one cybersecurity regulation, what should that be?" They cover everything from threat hunting, vulnerability management, attack surface management, incident response, breach notification, risk quantification, cybersecurity insurance, NIS2, NERC CIP, and what's best for corporate vs. public good.
--------
59:18
Ghost in the Machine: a Future Look at AI and OT
Join Patrick Miller, CEO of Ampere Industrial Security and his guest Amanda Freick, CRO of Altruistic as they discuss the need for collaboration and breaking down cultural barriers to effectively utilize data and drive innovation in the energy sector with AI/ML. We also touch upon the importance of approaching generative AI and language models like GPT with a strategic mindset, understanding the specific needs and goals of the organization before implementation. Additionally, we talk about the importance of recognizing and leveraging the untapped skills and potential within an organization to drive transformation and democratize access to meaningful work.Show Links:Amanda Freick LinkedIn - https://www.linkedin.com/in/amandafreick/Altruistic Video Case Study - https://vimeo.com/733720685Tony Robbins Book, Life Force - https://amzn.to/3qTXRfj
--------
43:54
Flere Teknologi podcasts
Trendige Teknologi podcasts
Om Critical Assets Podcast
The Critical Assets Podcast covers important OT and ICS security topics with an eye toward standards and regulation to keep you ahead of your adversaries... and your auditors. Ampyx Cyber. Securing your world. See our other content such as blogs, cybersecurity news and more at www.ampyxcyber.com