PrOTect It All

• [email protected]

  In this episode, host Aaron Crow is joined by Peter Jackson, a seasoned expert from New Zealand with a robust background in industrial automation and cybersecurity. Together, they unravel the intricacies of balancing security with reliable operations and explore the evolving landscape of OT cybersecurity in critical infrastructure. Listen in as they discuss everything from the importance of safe operations and risk management to the nuances of vulnerability management in diverse industrial environments.  Whether you're an OT professional or an IT practitioner, this episode is packed with insights that cater to both ends of the spectrum, all shared with a passion for protecting the future of our interconnected systems.    Key Moments:  05:22 Bridging IT and OT Silos 14:53 Business Risk Beyond Cyber Concerns 17:46 "OT Security Risks in Business" 25:46 Simplifying Complex OT Management 30:10 Cybersecurity Misunderstandings in Safety Systems 36:58 Prioritizing Systems and Security Integration 39:51 Improving Business Trust Tolerance Journey 44:42 Hesitancy and Future of OT Cloud 52:07 Operational Resilience and Risk Reduction 55:26 "Assessing System Security Strategies" 58:59 Network Security Maturity Strategies 01:05:00 "Improving IT Resilience and Preparedness" 01:13:43 "Towards Improved System Security Awareness" 01:15:03 Continuous Security Improvement Basics 01:20:00 Safety First: A Unique Culture About the guest :  Peter Jackson is a passionate and dedicated professional in the field of Operational Technology (OT) security. As a long-time admirer of the work done by Tails, Peter has cultivated a deep connection with fellow enthusiasts, sharing a common bond and commitment to the industry. Emphasizing the importance of collaboration and personal interaction, he has valued opportunities to gather around the table, exchange ideas, and strengthen the sense of community among peers. Despite the challenges posed by the pandemic, Peter adapted to remote work but now relishes the return to in-person engagements, where he can once again partake in the vibrant exchange of knowledge and camaraderie that is integral to his professional identity. Feel free to follow Peter on LinkedIn: https://www.linkedin.com/in/peterjnz/ If you’re interested in the NZ ICS/OT cyber community: https://icscyber.org.nz If you’re interested in the work that he does with the SGS team: https://www.sgs.com/en/services/operational-technology-cyber-safety  or email [email protected] Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn:

  --------  

  1:24:02
• The Intersection of IT and OT: Highlights from S4 Conference with Jori VanAntwerp

  In this episode, Aaron is joined by Jori VanAntwerp live from the s4 conference. Together, they unpack the intricacies of networking at industry events, the challenges and opportunities in OT cybersecurity, and the evolving technologies and strategies that are reshaping the field.  From the significance of understanding asset owner needs to the promising future of AI and blockchain in cybersecurity, Aaron and Jori cover it all. Whether you're a seasoned professional or new to the field, this episode is packed with insights that will keep you informed and ahead in the ever-evolving cybersecurity landscape.  So, tune in and get ready to explore the essential strategies for protecting it all. Key moments:  04:38 Asset Owner's Conference Dilemma 08:14 "Business at Speed of Trust" 10:45 Career Transition Acceptance 16:09 Limited Solution Compatibility Issues 18:41 Exploring Blockchain for Data Integration 20:47 Adapting to Imperfection with Technology 25:12 Dynamic Detection in Modern Substations 28:28 Rethinking Staffing for Power Utilities 31:45 Retiree Saves Power Plant Upgrade 35:37 Ford F-150 Taillights Theft Spike 39:08 Modular Redundancy in OT Security 42:20 "Advocating for Chipset Optimization" 45:32 "Call for Advanced PLC Monitoring Chip" 48:12 Complicated Security Measures Challenge Efficiency 49:28 Balancing Security and Operational Needs 52:57 IT Policy Disrupts Control Room Ops 56:43 Bridging OT and IT Teams About the guest :  For nearly two decades, Jori has enabled industrial and IT organizations to be successful in reducing risk, increasing compliance, and their overall security efforts. Jori has the ability to quickly evaluate situations and determine innovative solutions and possible pitfalls due to his diverse background in security, technology, partnering and client-facing experience. Approaching situations with intuitive insight and methodology, leveraging his deep understanding of business and technology, ranging from silicon to the cloud. He had the pleasure of working with such great companies as Gravwell, Dragos, CrowdStrike, FireEye, McAfee, and is now Founder and Chief Executive Officer at EmberOT, a cybersecurity startup focused on making security a reality. How to connect Jori :  Website : https://emberot.com/ Linkedin : https://www.linkedin.com/in/jvanantwerp/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn:

  --------  

  59:40
• The Intersection of AI, OT, and Cybersecurity with Sulaiman Alhasawi

  In this episode, host Aaron Crow is joined by Sulaiman Alhasawi, a cybersecurity expert based in Kuwait. Sulaiman shares his journey into OT security, beginning with his PhD research in Liverpool and leading to his creation of ICSrank.com, a search engine for OT devices.    The discussion gets into individuals' unique cybersecurity paths, emphasizing the importance of learning from diverse experiences. They explore the challenges asset owners face in understanding vulnerabilities, the role of AI in cybersecurity, and the international perspective on OT security.    Throughout the episode, Aaron and Sulaiman highlight the significance of community, knowledge sharing, and taking actionable steps to improve cybersecurity posture in critical infrastructure. Whether you’re an industry veteran or a newcomer, this episode is packed with insights and practical advice to help you protect it all.   Key Moments:  01:10 Sharing Diverse Experiences 05:44 Simplifying Asset Management Challenges 08:15 Action Transforms Ideas to Value 11:44 Unexpected Targets in Cyber Attacks 13:20 "Obscurity Isn't Security" 16:50 Simplifying Cybersecurity Communication 21:12 Unintended Internet Exposure Risks 24:49 Podcasting for Community Impact 28:53 OT's Vital Role in Hospitals 32:26 Diverse Experiences in Power Plants 35:54 OT Data Integration Priorities 36:55 Prioritizing Safety Over Immediate Updates 42:10 Global Business Resource Allocation Challenges 46:08 Finding Our Podcast & Resources 47:25 Global Unity in Shared Struggles   About The Guest :    Sulaiman Alhasawi is an active researcher  in ICS/OT cybersecurity, with a PhD specializing in securing critical infrastructure. He is the founder of ICSrank.com, a platform dedicated to discovering and assessing security risks in Industrial Control Systems (ICS), Operational Technology (OT), and Industrial IoT. As the host of the ICS Arabia Podcast, Sulaiman brings together global experts to discuss cutting-edge topics in OT security, bridging the gap between research, industry, and real-world cyber threats. His latest research, "How to Find Water Systems on the Internet", was featured in SecurityWeek magazine, shedding light on OSINT techniques used to uncover vulnerable water infrastructure. (Read it here: https://zerontek.com/zt/2024/09/30/how-to-find-water-systems-on-the-internet-a-guide-to-ics-ot-osint/) Follow Sulaiman for insights on ICS/OT security, threat intelligence, and ethical hacking:   ICSrank Website: ICSrank.com IC...

  --------  

  48:48
• Encryption Dilemmas: When Government Access May Threaten Individual Security

  In this episode of Protect It All, host Aaron Crow gets into pressing cybersecurity issues currently making headlines. Listeners are invited to explore the complex challenges governments face to ensure accountability without compromising security.  Aaron examines the implications of global policies that could force tech companies to undermine encryption. Steering clear of political discourse, he focuses on real cybersecurity risks, from untracked government spending to potential backdoors in personal devices and broader national security concerns.  Aaron provides critical insights into how these issues impact businesses, private citizens, and infrastructure, raising questions about privacy and data protection in today's digital age.  Whether you're a cybersecurity expert, a business leader, or someone who values privacy, this episode offers valuable perspectives and strategies to navigate the intricate IT and OT cybersecurity landscape. Join Aaron as he tackles these pressing topics and discusses how to maintain transparency and security for everyone. Key Moments 00:00 Demanding Oversight for Sensitive Expenditures 05:42 Fragmented Infrastructure and Cybersecurity Challenges 09:19 Suing for Backdoors in Secure Communication 11:35 Phone Security and Privacy Concerns 13:40 Cybersecurity Risks of Government Backdoors 16:54 Encryption Backdoors: Security vs. Privacy? Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it...

  --------  

  19:54
• From Navy to Consulting - Dan Ricci's Unique Perspective on Bridging Security Gaps

  In this episode, host Aaron Crowe speaks to Dan Ricci, founder of the ICS Advisory Project, to delve into OT cybersecurity. Dan brings a wealth of experience from his time in the Navy, transitioning through various cybersecurity roles, and finally taking the leap to establish a platform that addresses the complex needs of critical infrastructure sectors.  In this conversation, they explore the genesis of the ICS Advisory Project, a tool designed to streamline vulnerability management for small to medium-sized organizations. Aaron and Dan also discuss the challenges of transitioning from military service to civilian cybersecurity roles, emphasizing the importance of mentorship, risk-taking, and continual self-improvement.  This episode offers valuable insights for anyone in the cybersecurity community and those looking to bridge the gap between IT and OT spheres. Join us as we explore strategies to enhance resilience and share lessons from the field. Key Moments:  09:17 Building Dashboards with Google Studio 14:41 Cybersecurity: Secondary Concern for Operators 20:48 Supporting Small Supply Chain Contributors 23:23  OT Cybersecurity Impact and Mentorship 27:48 Bridging Cybersecurity and Critical Sectors 34:16 Opportunities to Share Project Insights 38:24 Adapting Skills for Career Growth 45:58 Cyber Career Evolution and Growth 56:14 Leadership vs. Management Distinction 01:00:56 Relentless Daily Self-Improvement About the guest :  With over 28 years of Cybersecurity experience, Dan is the Senior Cybersecurity Consultant at Ampyx Cyber, leading engagements with Rural Cooperatives and Utilities to improve their Cybersecurity programs and protect critical infrastructure. In 2023, he founded Industrial Data Works to provide independent consulting and vulnerability intelligence API subscription services.   He is also the founder of the ICS Advisory Project, an open-source initiative to help small and medium-sized ICS asset owners across the 16 critical infrastructure sectors prioritize vulnerabilities and plan mitigation for their ICS/OT environments. He aims to provide free and accessible resources to secure critical infrastructure and protect the public.   Link to Industrial Data Works: https://www.industrialdataworks.com/ics-advisory-project-api   Links to ICS Advisory Project: https://www.icsadvisoryproject.com/   ICS Advisory Project Github Repository: https://github.com/icsadvprj/ICS-Advisory-Project   Receive ICS Advisory Project Weekly Summary Slides and Other CERT & Vendor Advisory Summaries in your email every Monday: https://docs.goo...

  --------  

  1:12:29

More Technology podcasts

Trending Technology podcasts

About PrOTect It All