The IEC 62443 security standards are evolving. Eric Cosman, co-chair of the ISA SP-99 committee that creates the 62443 standards joins us in this episode. Eric looks at how experience using the 62443 standards is driving change in a number of key areas.
“Lenses” are preconceived notions that limit our ability to evaluate and accept solutions. Dr. Art Conklin from the University of Houston joins us to look at lenses in industrial security and what to do about them.
Change is a risk in industrial operations, but at least on the security side of things, rapid change is the order of the day when connecting an acquisition to a new owner’s infrastructures. Anthony Morrone and Marianne Swarter of Level5Cyber join us to look at issues and solutions for mergers, acquisitions and divestitures of industrial operations.
Vulnerability handling costs a lot of time and effort – finding the announcements, evaluating them, comparing to our systems, planning & managing deployment and more. Jens Wiesner of the German BSI joins us to explore a new standard that promises to automate much of this task – the Common Security Advisory Framework.
Ernie Hayden joins us to walk through the big picture of risk assessment as documented in his new book – Critical Infrastructure Risk Assessment. The book is a “how-to” for assessing risks ranging from hurricanes to safety systems to cyber attacks.
OT / industrial cyber risk is tricky. Ask questions about probabilities like we did 10 years ago and you get answers that just don’t work well. Mark Fabro, President & Chief Security Scientist at Lofty Perch joins the podcast to look at the modern way to model risk.
Maritime systems are unique in some senses – eg: both having safety critical aspects and being reliant on wireless satellite communications. But these systems are familiar too – PLCs, HMIs and remote access. Marco Ayala, Director of ICS Security at 1898 & Company walks us through the space.
No one person has all the answers. Bill Lawrence, CSO at SecurityGate.io joins us to look at industrial risk assessments in modern, complex environments.
EnergySec is working with colleges & others on the world’s first industrial security apprenticeship program. Join Steve Parker, president of EnergySec to see why electric utilities cannot hire the people they need, and what’s being done to fix that.
A tool for more secure layer 1 devices is available – The Top 20 Secure PLC Coding Practices. Sarah Fluchs and Vivek Ponnada, two leaders of the initiative, join us to talk about the practices and how to use them.
The Industrial Security podcast features guests with a wide range of perspectives. This play list collects a handful of episodes on the theme of OT security monitoring
Explore how to work with boards of directors on industrial security issues with Level5Cyber industry veterans Anthony Morrone (former CISO at DuPont) and Michael Piccalo (former Director at Forescout)
English
Français
Español
עברית
Deutsch
日本語
한국어
中文
اَلْعَرَبِيَّةُ
