merry christmas – Waterfall Security Solutions https://waterfall-security.com Unbreachable OT security, unlimited OT connectivity Mon, 21 Jul 2025 13:32:39 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.2 https://waterfall-security.com/wp-content/uploads/2023/09/cropped-favicon2-2-32x32.png merry christmas – Waterfall Security Solutions https://waterfall-security.com 32 32 Andrew Ginter’s Top 3 Webinars of 2024 https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/andrew-ginters-top-3-webinars-of-2024/ Tue, 17 Dec 2024 11:38:14 +0000 https://waterfall-security.com/?p=29379 Get up to speed on key trends and strategies in industrial security with Andrew Ginter’s favorite webinars of 2024,

The post Andrew Ginter’s Top 3 Webinars of 2024 appeared first on Waterfall Security Solutions.

]]>
OT Insights CenterOT security standardsAndrew Ginter’s Top 3 Webinars of 2024

Andrew Ginter’s Top 3 Webinars of 2024

Discover Andrew Ginter’s top picks for the most insightful and engaging webinars of 2024, covering key trends and strategies in industrial security.
Picture of Andrew Ginter

Andrew Ginter

As 2024 comes to a close, it’s traditional to reflect on the and maybe catch up on bits of reading and events that we missed throughout the year because of our busy schedules. To this end, I recommend to you three of this year’s Waterfall webinars, each an overview of Waterfall or other authors’ reports that read faster when we’ve seen an overview, so each of us can skip faster to the material we find most potentially useful.

My Top Three Webinars of 2024:

1) Cyber Attacks with Physical Consequences – 2024 Threat Report

By the numbers –Waterfall & ICS Strive produce the world’s most conservative and most credible OT / industrial security threat report. In this webinar the authors review the numbers – public disclosures of attacks with physical consequences. And we look at what the numbers mean for the practice and future of industrial cybersecurity.

To read further, the threat report is available here.

2) IEC 62443 for Power Generation

The IEC 62443 standards are cross industry, somewhat out of date, and deliberately vague in many areas – and so need to be interpreted to apply them successfully. In this webinar, Dr. Jesus Molina provides an overview of his report that shows how to interpret and apply the standards to conventional electric power plants.

To read further, the IEC 62443 for Power Generation report is available here.

3) Evolving Global OT Cyber Guidelines

This webinar is a favorite of mine because of big turnout and the thoughtful questions and comments from the audience. In this webinar, we explore the latest developments in OT cybersecurity regulations, standards and guidance worldwide and what these developments mean for industries navigating this complex landscape.

If you would like to read more, I recommend the brand new, multi-national Principles of OT Security – it’s good, and with only 9 pages of payload, it’s an easy read over the holidays.

These are my top 3. If you would like to see even more of our videos, I encourage you to subscribe to the Waterfall Youtube channel where we upload new videos regularly.

Share

Trending posts

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

The post Andrew Ginter’s Top 3 Webinars of 2024 appeared first on Waterfall Security Solutions.

]]> Andrew Ginter’s Top 3 Podcast Episodes of 2024 https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/andrew-ginters-top-3-podcast-episodes-of-2024/ Mon, 16 Dec 2024 15:12:04 +0000 https://waterfall-security.com/?p=29337 Sit back and enjoy Andrew Ginter's top 3 picks from 2024's Industrial Security Podcast series.

The post Andrew Ginter’s Top 3 Podcast Episodes of 2024 appeared first on Waterfall Security Solutions.

]]>
OT Insights CenterOT security standardsAndrew Ginter’s Top 3 Podcast Episodes of 2024

Andrew Ginter’s Top 3 Podcast Episodes of 2024

As 2024 winds down, kick back and enjoy some of Andrew Ginter's best podcast picks

Andrew GinterOver the past 12 months, it has been a pleasure and a privilege to co-host the Industrial Security Podcast. When I started the podcast 5-ish years ago, bluntly, I did not know if there was enough industrial security content in the world for more than a year or two of episodes. It turns out the OT security space is much broader and deeper than I knew, and I’ve both learned something in every episode and become aware of how much more that I don’t know that every one of my guests do know and give us a few insights based on that knowledge in every episode.

Choosing three from this year’s episodes was hard, but here are three that stood out for me. If you ask me for a theme for these episodes, I’d have to say all three provide insights into high-consequence attacks, risk blind spots, and of course defenses against these attacks. This is all consistent with the perspective of the Cyber-Informed Engineering initiative and with the themes I explore in my latest book, Engineering-Grade OT Security: A Manager’s Guide.

I hope you enjoy listening to these podcasts as much as I enjoyed the interviews and discussions. And stay tuned, we are working on many more guests and discussions in 2025!

My Top Three Episodes of 2024:

Episode #134: Insights into Nation State Threats with Joseph Price

In this episode, Joseph Price nation-state threats and attacks. Nation states are often held up as “bogeymen,” able to do anything to anyone for reasons that are opaque to mere mortals. Joseph peels back a couple layers for us, explaining how to interpret the data is available in the public domain. He walks us through what to expect in terms of attack capabilities, how the world’s superpowers routinely test each other’s defenses, responses and capabilities in both physical and cyber domains, and looks at what this means for both small and large infrastructure sites and defensive programs.

Episode #123: Tractors to Table Industrial Security in the Industry of Human Consumables with Marc Sachs

In this episode, Marc Sachs, Senior Vice President and Chief Engineer at the Center for internet Security, Chief Security Officer for Pattern Computer, and a former White House National Security Council Presidential Appointee, takes a deep dive into the cybersecurity challenges facing the food production industry.

He examines the industry’s growing reliance on automation, from farmers leveraging GPS, drones and self-driving equipment to large-scale food production facilities dependent on interconnected systems. While these advancements have dramatically improved efficiency and productivity, automation has also created important new vulnerabilities. Marc walks us through real-world examples of cyber threats targeting this critical industry, the potential consequences of a future attacks, and practical measures that organizations can take to bolster their defenses.

This episode provides an eye-opening look at how completely automated the high end of agriculture and food production has become, and how this is a problem as more and more operations deploy this kind of automation.

Episode #131: Hitting Tens of Thousands of Vehicles At Once with Matt MacKinnon

In this episode, Matt MacKinnon, Head of Global Strategic Alliances at Upstream Security, looks at a cybersecurity niche in the automotive industry that I did not know existed: protecting the cloud systems that vehicle manufacturers rely on to manage and interact with the vehicles they produce. From passenger cars to 18-wheelers and massive mining equipment, connected vehicles enable everything from diagnostics and updates to real-time remote control.

Matt explains how digital transformation and the pervasive use of cloud systems in automotive and heavy equipment industries has introduced new attack opportunities, with potential consequences ranging from unauthorized manipulation of vehicular systems, data breaches, and potential threats to safe and reliable operations.

How to manage these risks and protect cloud systems connected to vehicles? Matt walks us through protective technology and how it works – technology I did not know existed.

Share

Trending posts

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

The post Andrew Ginter’s Top 3 Podcast Episodes of 2024 appeared first on Waterfall Security Solutions.

]]> All Time Favorite Podcast Episodes: Andrew Ginter’s Top Picks https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/andrews-favorite-podcasts/ Tue, 26 Dec 2023 14:13:34 +0000 https://waterfall-security.com/?p=14973 Andrew Ginter shares with us his top 5 favorite podcast episodes from the Industrial Security Podcast that he co-hosts

The post All Time Favorite Podcast Episodes: Andrew Ginter’s Top Picks appeared first on Waterfall Security Solutions.

]]>
OT Insights CenterOT security standardsAll Time Favorite Podcast Episodes: Andrew Ginter’s Top Picks

All Time Favorite Podcast Episodes: Andrew Ginter’s Top Picks

Five of Andrew's favorite podcasts to enjoy as 2023 comes to an end, and 2024 begins.
Picture of Waterfall team

Waterfall team

Top 5 Podcast Episode - Happy Holidays

I was asked to put a few words together about my favorite Industrial Security Podcast episodes of all time. I scanned the complete list at https://waterfall-security.com/podcast and came up with these five. The first four were episodes that contributed materially my thinking & the formation of sections and chapters in my latest “gold” book Engineering-Grade OT Security: A manager’s guide.

The fifth didn’t really fit the gold book, but I’m mulling the episode over for possible inclusion in my next book, if there is one. The gold book was all about risk in the context of individual organizations. For the future, I’m wondering if the world needs a bigger picture book of where OT cyber risk fits into the context of “all risks” that modern societies face, from nuclear war and EMPs to massive solar storms and global warming. I dunno for sure, please let me know what you think. 

“If you have time over the Christmas break and are looking for a podcast or five to make you think – full of ideas that will challenge your current understanding of the OT/industrial security space – these are the episodes I recommend.”

Get your complimentary copy now

My top five episodes:

Episode #28: Unhackable Safeguards with James McGlone

James is a co-author of Security PHA Reviewa brilliantly-written book on using Process Hazard Analysis / HAZOP spreadsheets & concepts to improve cybersecurity with unhackable / engineering-grade mitigations.

 

 

 

Episode #68: Capabilities vs. Probabilities with Mark Fabro
Mark explains capabilities-based risk vs. older and murkier likelihood-based models, and uses capabilities to introduce cyber Design-Basis Threat (cDBT) – a way to eliminate “risk-based” hand waving.

 

Episode #85: Cyber Insurance is Changing Fast with Georgina Williams

Georgina walks us through changes in the insurance industry triggered by NotPetya and the $1.4 billion USD Merck Pharma payout. For many, OT cyber insurance is not the “one stop” solution it once was.

 

Episode #100: Engineering-Grade Security in the CIE Strategy with Cheri Caddy
Cheri led the US DOE / INL Cyber-Informed Engineering Strategy. Feedback I’ve heard from practitioners suggests the CIE Strategy might just be the single best thing to happen to OT cybersecurity, ever.

Episode #96: Consequences Matter with Danielle Jablanski
Danielle walks us through the very big picture. It is not just worst-case consequences that determine government policy & regulations, but also society’s ability to respond to different kinds of worst-case attacks.

 

If you have time over the holidays and are looking for a podcast (or five) to make you think – full of ideas that will challenge your current understanding of the OT/industrial security space – these are the episodes I recommend.

Get your complimentary copy now
Share

Trending posts

Stay up to date

Subscribe to our blog and receive insights straight to your inbox

Tags

The post All Time Favorite Podcast Episodes: Andrew Ginter’s Top Picks appeared first on Waterfall Security Solutions.

]]>