hosted by Andrew Ginter & Nate Nelson
A cyber security podcast deep-diving into the most pressing emerging issues in SCADA technologies today. But don’t just take our word for it. Each new episode features a leading voice in the world of industrial control systems security. You’ll hear from executives, engineers, researchers and more. Each guest brings their own unique take on what’s wrong with how we do things today, and how to fix it.
SSVC is a new standard decision process for deciding what to do about new vulnerabilities and patches. Thomas Schmidt of the German BSI joins us to look at how SSVC decision trees work, and where and why to use them.
Different kinds of organizations in different stages of their cybersecurity evolution need to look for different kinds of people to contribute to their industrial security programs. Jason Rivera a Director at Security Risk Advisors joins us to look at workforce capability gaps and different approaches needed to fill those gaps in different scenarios.
The new US Department of Energy Cyber Informed Engineering Strategy includes unhackable safeties, manual operations, and other engineering-grade protections, in addition to traditional cybersecurity. Join Cheri Caddy, USA Deputy Assistant Cyber Director as we look at a strategy to develop a discipline of security engineering.
Windows and Linux operating systems provide a lot of detail as to what software & versions of the operating system, applications & libraries are installed. Most firmware provides almost nothing – a single firmware version number. Thomas Pace, Co-Founder and CEO of NetRise joins us to look at gaining visibility into industrial device firmware and vulnerabilities.
Industrial network monitoring and intrusion detection tend to start at the highest level networks – the ones closest to the IT network. Ron Fabella, CTO and Co-Founder of Synsaber joins us to look at the problem the other way around – at how important and how useful it is to monitor our lowest level networks – the edge networks closest to the physical process.
How does secure software development work for industrial products (SDLC) and what is a zero-trust supply chain? Gonda Lamberink of Fortress Information Security leads us on a deep dive of what’s new in secure software development, and especially how supply chain security is impacting that lifecycle
Worst-case consequences of compromise determine government and societal policies, so consequences matter, especially for critical infrastructure security. Danielle Jablanski, OT Cybersecurity Strategist at Nozomi Networks joins us to look at threats, consequences and policies for critical infrastructure security.
Supply chain security is bigger than one standard or one approach. Supply chain has fingers into remote access and cloud services and many other things beyond SBOMs and vendor questionnaires. Pedro Fernandes of Accenture joins us to look at the big picture and at what it takes to really commit to supply chain security.
Cybersecurity investments, like safety investments, involve ROI calculations. But unlike safety, security ROI is not baked into engineering practice. Wally Magda – a senior standards and security instructor, advisor and former NERC CIP auditor joins us to look at today’s ROI problems and what to do about them.
Complex networks “drift” over time – maintaining an original security vision is hard. Robin Berthier, CEO and Co-Founder of Network Perception joins us to look at a new technology for understanding what’s happening to our networks.
Forescout’s recent Icefall report documents 56 new OT vulnerabilities, many in certified “secure” industrial equipment. Daniel Dos Santos, Head of Security Research, joins us to look at the vulnerabilities and at what they mean for industrial security.
The big picture of industrial security programs is why we do security, who does what, and to what standards or risk tolerances. Darren Conway of Capula joins us to look at documenting industrial security policies and programs, not just technology.
English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ
