A curated playlist of ICS Security podcasts [any language] by ICS Security enthusiasts. Contact @shipulin_anton on Twitter if something is missing, or you want to contribute to this playlist on a regular basis!
The landscape of maritime cybersecurity has evolved significantly, driven by current events, increasing digitization and the adoption of emerging technologies. These changes enhance operational capabilities, but also introduce vulnerabilities. Regulation and standards introductions have been pivotal in guiding the integration of cyber risk management into safety management systems onboard ships. However, a primary concern in maritime cybersecurity is OT systems, which are vital for the control and operation of physical shipboard processes.
Panelists:
Sean Plankey, Global Head of Cybersecurity Software, Willis Towers Watson
Michael DeVolld, Senior Principal Consultant, American Bureau of Shipping
Kevin Duffy, CEO, Maritime Imperative
Marco Ayala, President, Infragard Houston
וובינר בנושא ניהול משבר במגזר התעשייתי בהנחייתו של יוגב נחום מחברת קוד בלו משתתפים:
חגית איסר - מנכ"לית דגש פ.ק
יסמין טל בדש - מנהלת סיכוני סייבר עולמי של טכנולוגיה תפעולית וחדשנות באי.סי.אל לשעבר כימיקלים לישראל
יוסי שביט - ראש יחידת סייבר בתעשייה המשרד להגנת הסביבה
נחשון פינקו - סייבר אוונגליסט וסמנכ"ל בכיר ליעוץ ניאטק סייבר סקיורטי בע"מ
Chris Hughes and Nikki Robinson recently wrote the book Effective Vulnerability Management. Dale and Chris discuss the topic and book including:
The definition and scope of vulnerabilities. It’s much more than coding errors that need patches.
Are ICS protocols lacking authentication “vulnerabilities”
The reality that most organizations have 100’s of thousands of unpatched vulnerabilities. Some statistics and will this change.
Ways to prioritize what vulnerabilities you address.
The SSVC decision tree approach that was introduced at S4 as Never, Next, Now
Tooling … vulnerability management, software configuration, ticketing, remediation.
And much more.
Links:
Effective Vulnerability Management, https://www.amazon.com/Effective-Vulnerability-Management-Vulnerable-Ecosystem/dp/1394221207/
Dale’s ICS-Patch Decision Tree, https://dale-peterson.com/wp-content/uploads/2020/10/ICS-Patch-0_1.pdf
US Defense Department warns of Russian hacktivists targeting OT devices. The US government establishes safety and security board to advise the deployment of AI in critical infrastructure sectors. Vulnerabilities affect CyberPower UPS management software. US congressmen put forward water system cybersecurity bill. Encore guest Garrett Bladow, Distinguished Engineer at Dragos, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Garrett discusses active visibility into OT systems. The Learning Lab is currently on a hiatus this episode.
Urgent Warning from Multiple Cybersecurity Organizations on Current Threat to OT Systems (NSA)
DHS launches safety and security board focused on AI and critical infrastructure (FedScoop)
Uninterrupted Power Supply (UPS): A Silent Threat to Critical Infrastructure Resilience (Cyble)
Crawford puts forward bill on cybersecurity risks to water systems (Arkansas Democrat-Gazette)
Guest is Garrett Bladow, Distinguished Engineer at Dragos, discussing active visibility into OT systems.
The Learning Lab is on a break. Stay tuned.
A companion monthly newsletter is available through free subscription and on the N2K CyberWire website.
Join host Kristin Demoranville for this insightful Bites and Bytes Podcast episode featuring special guests Tia Glave and Jill Stuber. The discussion will bridge the worlds of food safety, quality, and transformative leadership within the food industry.
Tia Glave, a trained chemical engineer and a seasoned food safety and quality professional, brings extensive experience working across diverse food sectors. In this episode, Tia discusses her approach to integrating leadership principles with technical strategies to enhance food safety programs, reflecting her passion for supporting talent in the food industry.
Jill Stuber, with her comprehensive background in Food Safety & Quality (FSQ) and her roles in various multi-million-dollar food organizations, shares her journey and the joy she finds in coaching and positively impacting the food safety sector. With a Master of Science in both Food Science and Quality Management, Jill’s professional coaching certification and leadership skills shine through as she discusses the importance of integrating leadership skills with technical expertise to foster better outcomes in food safety.
Together, they explore the evolving landscape of food industry leadership, the integration of technology, and the critical role of empathy and effective communication in cultivating a safe and innovative food environment. This episode explores their journeys and highlights their unique perspectives on the future of food safety and intentional leadership’s pivotal role in navigating modern food systems’ challenges.
In this episode, we also focus on the critical intersection of cybersecurity with food safety. As digital transformations sweep through the food industry, understanding the cyber aspects becomes increasingly vital. Kristin, Tia, and Jill discuss how enhancing cybersecurity measures is integral to safeguarding food production processes. They emphasize the need for leaders to be proficient not only in traditional food safety roles but also in combating potential cyber threats that could impact food integrity and safety. This conversation highlights the importance of a holistic approach to food safety, including robust cybersecurity practices, ensuring that the food industry can effectively face modern challenges.
Don’t miss this engaging conversation that connects the dots between creating efficient, safe food practices and nurturing the next generation of food industry leaders.
___________________________________________
Episode Key Highlights:
(00:50 - 02:58) Food Safety Leadership Development and Coaching
(13:29 - 14:48) The Importance of Catalyst in Industry
(16:45 - 17:34) Diverse Roles in Food Industry Leadership
(25:11 - 26:06) Personal Development and Self-Reflection
(28:37 - 29:26) Cybersecurity and Food Safety Discussions
(32:25 - 33:57) Consumer Education in the Food Industry
(43:29 - 46:02) Leadership and Empathy in Food Industry
(51:14 - 52:42) Navigating Uncertainty Together
(54:59 - 56:12) Future of Hybrid Food Safety Roles
___________________________________________
To learn more about Tia & Jill’s company, please check out their website Catalyst LLC and LinkedIn
Catalyst is a comprehensive and holistic coaching program for creating transformational change within people and organizations toward the ultimate food safety and quality culture.
You can find Tia Glave on LinkedIn and also find Jill Stuber on LinkedIn.
Catalyst Youtube: Ever wonder why food safety culture seems so challenging? or why technical experts aren’t, by default, technical leaders? Join us each week as we explore these topics and more!
___________________________________________
Bites and Bytes Podcast website for additional show notes, blog, and more!
We are delighted to have Chase Richardson, the VP of Consulting at Bridewell, back on the show today.
Bridewell boasts a rich history in industrials, offering comprehensive cybersecurity services across the entire cybersecurity spectrum, including operating technology.
Recently, Bridewell came up with an insightful report on cybersecurity within the US critical infrastructure. In this episode, Chase dives into the current state of cybersecurity regulations in critical infrastructure and shares the details and origin of the upcoming Bridewell report, which falls squarely within the interest of CSAI.
Tune in to learn more about this exciting project.
Show highlights:
Links and resources:
Derek Harp on LinkedIn
Chase Richardson on LinkedIn
A story about satellites, electronic warfare, and a team of America techies who MacGyver-ed a way to keep the power flowing in Ukraine.
A first-of-its-kind 2016 cyberattack on Ukraine’s power grid was a wake-up call for countries around the world to shore up protection of vulnerable energy resources. Mara Winn, Deputy Director for Preparedness, Policy, and Risk Analysis at the Department of Energy's Office of Cybersecurity, Energy Security, and Emergency Response (CESAR), is in charge of acting on just that. From securing electric vehicles to safeguarding electric substations, Mara and her team help to ensure the resilience of the energy sector against cyber, physical and climate-based disruptions.
Mara takes a holistic approach to risk management, considering both physical and cyber threats. In the latest episode of WE’RE IN!, she cautions against focusing too much on the "flashy object of the day" and describes why she imbues diversity in risk management for the best outcomes.
Listen to hear more about:
Cybersecurity pioneer Mikko Hypponen joins the Claroty Nexus live at the RSA Conference to discuss a decade of ransomware attacks against corporate networks. Hypponen is Chief Research Officer at WithSecure, the former F-Secure for Business. He has observed and analyzed malware from its infancy when it was a merely a means of disruption and attention-seeking to today's enormously profitable ransomware services and gangs .
Your feedback is valuable to us. Should you encounter any bugs, glitches, lack of functionality or other problems, please email us on [email protected] or join Moon.FM Telegram Group where you can talk directly to the dev team who are happy to answer any queries.