Tag: ot security

We know there are problems in our security systems, but we can’t and shouldn’t fix everything. What do we fix? Who decides? How do we explain what’s reasonable to people who do decide? Kayne McGladrey, CEO In Residence at Hyperproof, joins us to explore risk, communication, and a surprising role for insurance.

Yes the device has to be safe to use on patients, and yes it has to produce its results reliably, but patient / data confidentiality is also really important. Naomi Schwartz of Medcrypt joins us to explore the multi-faceted world of medical device cybersecurity – from MRI’s to blood sugar testers.

If you can touch it, you can hack it, usually. And having hacked it, you can often more easily find exploitable vulnerabilities. Marcel Rick-Cen of Foxgrid walks us through the basics of hacking industrial hardware and software systems.

How can we USE this information to make useful decisions about next steps to address cyber risk? Vivek Ponada of Frenos joins us to explore a new kind of OT / industrial digital twin – grab all that data and work it to draw useful conclusions.

Tim McCreight of TaleCraft Security in his (coming soon) book “I don’t sign s**t” uses story-telling to argue that front line security leaders should not be accepting multi-billion dollar risks on behalf of the business. We need to escalate those decisions – with often surprising results when we do.

NIS2 legislation is late in many EU countries, and the new CRA applies to most suppliers of industrial / OT computerized and software products to the EU. Christina Kieffer, attorney at reuschlaw, walks us through what’s new and what it means for vendors, as well as for owner / operators.

Hundreds of subsystems with the same IP addresses? Thousands of legacy devices with no modern encryption or other security? Constant, acquisitions of facilities “all over the place” network-wise and security-wise? What most of us need is “network duct tape”. Tom Sego of Blastwave shows us how their “duct tape” works.