Spotlight Podcast: OT Is Under Attack. Now What?

EXPLORE

Society & Culture

Health & Fitness

© 2024 PodJoint

https://is1-ssl.mzstatic.com/image/thumb/Podcasts122/v4/ba/d8/2e/bad82e93-4808-378e-51db-7998969753df/mza_14911023975293012637.png/600x600bb.jpg

The Security Ledger Podcasts

The Security Ledger

9 episodes

8 months ago

In this, our 70th episode of The Security Ledger podcast, we speak withXu Zou of the Internet of Things security startup Zingbox about the challenges of securing medical devices and clinical networks from cyber attack. Also: we take a look at the turmoil that has erupted around the OWASP Top 10, a list of common application security foibles. And finally: open source management vendor Black Duck Software announced that it was being acquired for more than half a billion dollars. We sit down with Black Duck CEO Lou Shipley to talk about the software supply chain and to hear what's next for his company.

Show more...

Society & Culture,

All content for The Security Ledger Podcasts is the property of The Security Ledger and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

In this, our 70th episode of The Security Ledger podcast, we speak withXu Zou of the Internet of Things security startup Zingbox about the challenges of securing medical devices and clinical networks from cyber attack. Also: we take a look at the turmoil that has erupted around the OWASP Top 10, a list of common application security foibles. And finally: open source management vendor Black Duck Software announced that it was being acquired for more than half a billion dollars. We sit down with Black Duck CEO Lou Shipley to talk about the software supply chain and to hear what's next for his company.

Show more...

Society & Culture,

https://is1-ssl.mzstatic.com/image/thumb/Podcasts122/v4/ba/d8/2e/bad82e93-4808-378e-51db-7998969753df/mza_14911023975293012637.png/600x600bb.jpg

Spotlight Podcast: OT Is Under Attack. Now What?

The Security Ledger Podcasts

1 year ago

Spotlight Podcast: OT Is Under Attack. Now What?

In this Spotlight episode of the Security Ledger podcast, I interview Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT). Chris and I talk about how industry is responding – including the growing role of government, ISACs and managed security services providers (MSSPs) in helping shore up the security of critical infrastructure.

[Video Podcast] | [MP3] | [Transcript]

There is no question that critical infrastructure and the operational technologies that are used to support that infrastructure are in the cross hairs of state actors and – in many cases – under active attack. The question is: what to do about it.

Chris Walcutt is the Chief Security Officer at DirectDefense.

Volt Typhoon: Is The Coming Storm Already Here?

In March, for example, CISA the US Cybersecurity and Infrastructure Security Agency warned the heads of critical infrastructure organizations about the ongoing activities of “Volt Typhoon” and advanced persistent threat (APT) group linked to China’s military. An advisory from February issued by CISA, the NSA and FBI asserted that People’s Republic of China (PRC) state-sponsored cyber actors are positioning themselves on IT networks and maintaining persistent access in anticipation of launching “disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict” with the U.S.

Critical Infrastructure And Digital Transformation: A Risky Combination

Campaigns like that aren’t new. Warnings about state sponsored actors sniffing around U.S. critical infrastructure go back more than a decade. What has changed is the exposure of industrial firms to cyber attacks, as “digital transformation” and the explosion of remote work have resulted in organizations that own and operate critical infrastructure being far more vulnerable to attacks and compromises.

Add to that the high social and economic impacts of critical infrastructure attacks; the varied nature of OT systems (and risks); endemic shortages of cybersecurity talent; and – in many sectors – inadequate budgeting to support cyber operations and you have a recipe for disaster.

Securing OT Systems: Help Is On The Way

But all is not lost. In our latest Spotlight podcast, recorded on the sidelines of the RSA Conference in San Francisco last month, I sat down with Chris Walcutt, the Chief Security Officer at DirectDefense.

Chris and I talked about the rapidly changing threat landscape that critical infrastructure owners and operators inhabit, and how savvy firms are managing OT risks – in part by tapping managed security services firms with expertise managing and securing OT systems and environments.

In our conversation, Chris elaborates on the distinction between OT (Operational Technology) and IT, emphasizing the unique challenges in securing OT systems like those in critical infrastructure,