Podcasts by The Industrial Security Podcast

Making the Move into OT Security [The Industrial Security Podcast] from 2023-12-12T14:00:02

Moving from IT or engineering roles into OT security is harder than it should be. Mike Holcomb of Fluor has written eBooks & provides a newsletter to help people with that transition. In this e...

Building Trust to Cooperate - at the EE-ISAC [The Industrial Security Podcast] from 2023-11-30T14:46:29

Our enemies cooperate, and so must we. Aurelio Blanquet walks us through the activities of the European Energy ISAC, with a focus on building the trust that is essential to enabling the cooperation...

Failures of Imagination - from 9-11 to the Aurora test [The Industrial Security Podcast] from 2023-11-14T14:00:02

The industrial security initiative was triggered by the 9/11 attack on the World Trade Center. Aaron Turner, on the faculty at IANS Research, helped investigate laptop computers used by 9/11 attack...

Safety, Security and IEC 62443 in Building Automation [The Industrial Security Podcast] from 2023-10-30T14:00:02

Cybersecurity and IEC 62443 are increasingly relevant to building automation. Parking garages contain safety-critical CO2 sensors that control fans, the MGM breach is in the news and standards bodi...

Physical Security Supports Cybersecurity [The Industrial Security Podcast] from 2023-10-18T13:19:33

Adversaries who can physically touch a target have a huge advantage when it comes to compromising that target. Mike Almeyda of Force5 joins us to look at tools for physical security that support cy...

Cybersecurity for Rail Systems - Harder than it sounds [The Industrial Security Podcast] from 2023-10-03T13:00:02

From aging equipment to regulators who must approve every patch, securing safety-critical rail systems is hard, but has to be done. Miki Shifman, CTO and Co-Founder at Cylus, joins us to talk about...

Demystifying Cyber Jobs - In the Energy Sector [The Industrial Security Podcast] from 2023-09-18T13:00:02

Job seekers say there are no OT security job postings. Hiring managers say nobody is applying to their posts. Amanda Theel and Eddy Mullins of Argonne National Labs walk us through recruiting issue...

Large Data Centers - more than just protecting information [The Industrial Security Podcast] from 2023-09-04T13:00:03

Data centers are critical information infrastructures, with a lot of associated physical infrastructure. Vlad-Gabriel Anghel of Data Center Dynamics Academy walks us through these very recent addit...

Active Defense in OT - how to make it work [The Industrial Security Podcast] from 2023-08-01T13:00:02

Active defense or "intrusion prevention" deep into industrial networks has long been thought of as not workable. Youssef Jad - CTO at CyVault - joins us to talk about a new approach to OT active de...

Risk in Context - When to Patch, When to Let It Ride [The Industrial Security Podcast] from 2023-07-05T13:00:02

Patching is hard in many industrial / OT systems - the risk the new code poses to operations is comparable to the risk of a cyber attack. But - the vulnerability does not go away just because patch...

Hacking the CANbus [The Industrial Security Podcast] from 2023-06-19T13:00:02

Modern automobiles contain hundreds of CPUs and a CANbus network or three connecting these devices. Thieves are hacking the CANbus to steal cars. Worse is possible. Ken Tindell, CTO at Canis joins ...

Saving money and effort automating compliance [The Industrial Security Podcast] from 2023-05-31T12:45:14

NERC CIP, the new TSA pipeline and rail directives and other regulations can be very expensive - to comply with and to prove to an auditor that you comply. Kathryn Wagner of Assurx joins us to look...

How cyber fits into big-picture risk [The Industrial Security Podcast] from 2023-05-17T14:27:11

All physical processes involve risk - sometimes very big risk. Dr. Janaka Ruwanpura from the University of Calgary joins us to look at where cyber risks fit into the big picture of risk at industri...

Six steps to integrating IT&OT in mining [The Industrial Security Podcast] from 2023-05-02T13:00:02

OT systems are critical to mining safety. Rob Labbe, the chair of the Metals and Mining ISAC joins us to look at six steps to integrating IT & OT networks and security programs in this very sen...

Experience Using IEC 62443 Risk Assessments [The Industrial Security Podcast] from 2023-04-17T13:00:02

Risk assessments are a staple of industrial security programs. Paul Piotrowski, a Principal OT Cybersecurity Engineer at Shell, walks us through a deep dive into his experience using IEC 62443-3-2 ...

Shining a Light into the Dark [The Industrial Security Podcast] from 2023-04-03T13:00:02

Getting an industrial site started on the cybersecurity road can be hard. Matthew Malone of Yokogawa joins us to look at strategies to shake loose funding, trigger conditions that can jump-start in...

Stakeholder-Specific Vulnerability Categorization (SSVC) [The Industrial Security Podcast] from 2023-03-20T14:00:01

SSVC is a new standard decision process for deciding what to do about new vulnerabilities and patches. Thomas Schmidt of the German BSI joins us to look at how SSVC decision trees work, and where a...

Bridging industrial Cybersecurity Workforce Gaps [The Industrial Security Podcast] from 2023-03-06T04:00:03

Different kinds of organizations in different stages of their cybersecurity evolution need to look for different kinds of people to contribute to their industrial security programs. Jason Rivera a ...

#100 Engineering-Grade security in the US DOE Cyber Informed Engineering Strategy [The Industrial Security Podcast] from 2023-02-20T14:00:01

The new US Department of Energy Cyber Informed Engineering Strategy includes unhackable safeties, manual operations, and other engineering-grade protections, in addition to traditional cybersecurit...

IIoT Firmware Visibility - Under the Hood [The Industrial Security Podcast] from 2023-02-01T14:00:02

Windows and Linux operating systems provide a lot of detail as to what software & versions of the operating system, applications & libraries are installed. Most firmware provides almost not...

Living at the Edge - Visibility into Edge Devices [The Industrial Security Podcast] from 2023-01-16T14:00:02

Industrial network monitoring and intrusion detection tend to start at the highest level networks - the ones closest to the IT network. Ron Fabella, CTO and Co-Founder of Synsaber joins us to look ...

Secure Software Development and a Zero Trust Supply Chain [The Industrial Security Podcast] from 2023-01-02T14:00:01

How does secure software development work for industrial products (SDLC) and what is a zero-trust supply chain? Gonda Lamberink of Fortress Information Security leads us on a deep dive of what's ne...

Consequences Matter [The Industrial Security Podcast] from 2022-12-12T14:00:02

Worst-case consequences of compromise determine government and societal policies, so consequences matter, especially for critical infrastructure security. Danielle Jablanski, OT Cybersecurity Strat...

Really Committing to Supply Chain Security [The Industrial Security Podcast] from 2022-11-14T11:00:01

Supply chain security is bigger than one standard or one approach. Supply chain has fingers into remote access and cloud services and many other things beyond SBOMs and vendor questionnaires. Pedro...

ROI Mistakes for Cybersecurity Investments [The Industrial Security Podcast] from 2022-10-31T11:00:02

Cybersecurity investments, like safety investments, involve ROI calculations. But unlike safety, security ROI is not baked into engineering practice. Wally Magda - a senior standards and security i...

Set and Forget - is not cyber resiliency [The Industrial Security Podcast] from 2022-10-17T13:00:02

Complex networks "drift" over time - maintaining an original security vision is hard. Robin Berthier, CEO and Co-Founder of Network Perception joins us to look at a new technology for understanding...

56 OT Vulnerabilities - do they matter? [The Industrial Security Podcast] from 2022-10-03T15:03:08

Forescout's recent Icefall report documents 56 new OT vulnerabilities, many in certified "secure" industrial equipment. Daniel Dos Santos, Head of Security Research, joins us to look at the vulner...

Why and Who - Not Just How [The Industrial Security Podcast] from 2022-09-20T15:28:24

The big picture of industrial security programs is why we do security, who does what, and to what standards or risk tolerances. Darren Conway of Capula joins us to look at documenting industrial se...

Moving Target Defence [The Industrial Security Podcast] from 2022-09-07T07:55

Moving target defence is increasingly used for remote access systems and other high risk connections between and into systems. Ian Schmertzler, President and Co-Founder of Dispel joins us to dig in...

DNP3 Crypto - Harder Than It Looks [The Industrial Security Podcast] from 2022-08-24T12:21:21

Many people ask "why can't we just encrypt all those industrial protocols?" It turns out it's harder than it looks. Andrew West of Subnet Solutions and the Technical Chair of the DNP User group loo...

Relationships, Not Creepiness - Marketing Industrial Security [The Industrial Security Podcast] from 2022-08-08T07:20:02

Relationships, humour and a complete lack of creepiness - Laura Torres and Sarah Jennings of FoxGuard join us to look at the art of marketing industrial security solutions.

Like industrial security a decade ago [The Industrial Security Podcast] from 2022-07-11T08:32:06

Building automation cybersecurity is starting to happen, but most buildings are way back of their industrial peers. Mirel Sehic, Cyber Practice GM for Honeywell Building Technology, joins us to loo...

Legislation demands state of the art [The Industrial Security Podcast] from 2022-06-27T09:00:03

Jens Wiesner of the German BSI joins us - new German critical infrastructure laws demand immediate reporting and certified state-of-the-art attack detection.

OT Cyber insurance is changing fast [The Industrial Security Podcast] from 2022-06-14T13:47:24

"Silent" cyber coverage has vanished in most insurance policies, and you can't get cyber insurance any more without cyber security. Georgina Williams, Senior Cyber Underwriter at Murich RE joins us...

Common mistakes in OT visibility deployments [The Industrial Security Podcast] from 2022-05-30T09:38:17

A lot can go wrong - Enrique Martinez Technical Solutions Architect for OT Security at WWT joins us to look at common mistakes when deploying OT asset inventory, IDS and other visibility solutions ...

Just the tricky bits [The Industrial Security Podcast] from 2022-05-16T13:26:36

Industrial security programs have to touch all the bases. Alexandru Suditu of the Enevo Group joins us to look at - not everything - just the tricky bits.

Exploding demand [The Industrial Security Podcast] from 2022-05-02T13:01:20

Demand for skilled industrial / OT security people has increased dramatically over the last couple of years. Join Meg Duba, Senior Technical Recruiter at Idaho National Labs for an update on the ma...

Industrial cyber attacks, consequences&trends [The Industrial Security Podcast] from 2022-04-19T08:23:54

Greg Hale - Editor and Founder of ISSSource and ICSStrive joins us to look at his new OT / industrial incident repository, and a new report using the data in the repository, analyzing industrial cy...

Standardization and other risks - experience using CCE [The Industrial Security Podcast] from 2022-03-29T06:10:41

Standardization and consolidation increase the consequences of cyber attacks - these are unexpected insights from applying the CCE methodology. Jodi Jensen, President of Secure SCADA Solutions join...

Risk-based Security Levels - updating ISA/IEC 62443-3-3 [The Industrial Security Podcast] from 2022-03-15T12:37:52

The widely-used 62443-3-3 standard is being updated. One big change is making security levels risk-based. Join Alex Nicoll, co-chair of the ISA committee updating the standard, to look at what this...

Complete Rewrite - API 1164 Rev 3 [The Industrial Security Podcast] from 2022-02-22T12:36:32

Functional vs operational safety, profiles, deep connections to IEC 62443 and more. Tom Aubuchon, Principal Consultant at Ethosecure Consulting and Suzanne Lemieux, Director Operations Security and...

Security vs Compliance&other NERC CIP insights [The Industrial Security Podcast] from 2022-02-07T07:00:03

Which is better - security or compliance? Suzanne Black of Network Security Technologies brings a new perspective to this old question and covers a lot of other ground in the latest NERC CIP standa...

Architecting Next Gen OT Security [The Industrial Security Podcast] from 2022-01-24T08:00:02

Safety, insiders, external attacks, remote access, zero trust and more. Serkan Yusuf at Applied Risk explores a new report based on a survey of over 1000 industrial security practitioners.

2021 Attacks&Predictions for 2022 [The Industrial Security Podcast] from 2022-01-10T07:34:52

A special episode where Nate and Andrew look back at what we can learn from cyber attacks on industrial sites in 2021 and what we should expect to come at us in 2022 and 2023.

We Were Always Connected [The Industrial Security Podcast] from 2021-12-20T13:25:53

Graham Speake (semi-retired) reflects on a career in industrial security. He points out industrial networks were always connected and observes that we should all get more credit for material improv...

Stronger&Faster - ISA/IEC 62443 [The Industrial Security Podcast] from 2021-12-01T14:56:46

The IEC 62443 security standards are evolving. Eric Cosman, co-chair of the ISA SP-99 committee that creates the 62443 standards joins us in this episode. Eric looks at how experience using the 624...

How Lenses Blind Us [The Industrial Security Podcast] from 2021-11-17T12:08:31

"Lenses" are preconceived notions that limit our ability to evaluate and accept solutions. Dr. Art Conklin from the University of Houston joins us to look at lenses in industrial security and what ...

Mergers&Acquisitions - Rapid Change [The Industrial Security Podcast] from 2021-10-31T07:43:37

Change is a risk in industrial operations, but at least on the security side of things, rapid change is the order of the day when connecting an acquisition to a new owner's infrastructures. Anthony...

Automating Vulnerability Handling - a Promising New Standard: CSAF [The Industrial Security Podcast] from 2021-10-12T11:37:26

Vulnerability handling costs a lot of time and effort - finding the announcements, evaluating them, comparing to our systems, planning & managing deployment and more. Jens Wiesner of the German BSI...

Big Picture Risk - A How-To [The Industrial Security Podcast] from 2021-09-29T14:06:12

Ernie Hayden joins us to walk through the big picture of risk assessment as documented in his new book - Critical Infrastructure Risk Assessment. The book is a "how-to" for assessing risks ranging ...

Capabilities vs Probabilities: Ask Different Questions&you get Different Answers [The Industrial Security Podcast] from 2021-09-14T06:52:32

OT / industrial cyber risk is tricky. Ask questions about probabilities like we did 10 years ago and you get answers that just don't work well. Mark Fabro, President & Chief Security Scientist at L...

Maritime Systems: Incidents, Issues and What to do About Them [The Industrial Security Podcast] from 2021-09-02T07:25:31

Maritime systems are unique in some senses - eg: both having safety critical aspects and being reliant on wireless satellite communications. But these systems are familiar too - PLCs, HMIs and rem...

Kill the Spreadsheet [The Industrial Security Podcast] from 2021-08-18T14:38:47

No one person has all the answers. Bill Lawrence, CSO at SecurityGate.io joins us to look at industrial risk assessments in modern, complex environments.

Building Your Own Workforce [The Industrial Security Podcast] from 2021-08-04T08:10:41

EnergySec is working with colleges & others on the world's first industrial security apprenticeship program. Join Steve Parker, president of EnergySec to see why electric utilities cannot hire the ...

Secure PLC Coding Practices [The Industrial Security Podcast] from 2021-07-20T07:41:09

A tool for more secure layer 1 devices is available - The Top 20 Secure PLC Coding Practices. Sarah Fluchs and Vivek Ponnada, two leaders of the initiative, join us to talk about the practices and ...

It's All About Risk - Working With the Board [The Industrial Security Podcast] from 2021-07-07T19:37:07

''Repost (sound problems repaired) Explore how to work with boards of directors on industrial security issues with Level5Cyber industry veterans Anthony Morrone (former CISO @ DuPont) and Michael P...

Petrochemical Manufacturing Cybersecurity [The Industrial Security Podcast] from 2021-06-21T07:45:17

Commodity vs specialty chemical manufacturing is different in kind, not just quantity. Sameer Koranne, Global OT Lead for IBMs X-Force incident response team talks about manufacturing, safety and s...

Training the Organization, not the Individual [The Industrial Security Podcast] from 2021-06-07T08:15:41

In boxing, amateurs get hit and go down. Professionals get hit and keep fighting. Join us as Ofir Hason of CyberGym explores how to turn entire organizations from amateurs into professionals when i...

The World's Strongest HazMat Cyber Rules [The Industrial Security Podcast] from 2021-05-24T09:50

The new cyber rules for sites in Israel handling hazardous materials are the strongest in the world. Join Yosi Shavit, Head of the ICS Cybersecurity Department in Israel's Ministry of Environmental...

In the Trenches - Cryptosystems&Connectivity [The Industrial Security Podcast] from 2021-05-03T08:29

Encryption is everywhere, but making it work in industrial settings is harder than it looks. Join Sam Elsner, Senior Manager for the Kepware-focused applications engineering team at PTC to do the d...

Managing Future Cost for Security [The Industrial Security Podcast] from 2021-04-19T08:19

Measuring future security costs is easier than measuring today's security benefits. Donovan Tindill, Senior Cybersecurity Strategist at Honeywell Connected Enterprise joins us to explore how to man...

Cybersecurity In A Harsh Environment [The Industrial Security Podcast] from 2021-04-05T13:31

Yosi Shneck, long, time CSO at Israel Electric Company, talks about his experience leading cybersecurity efforts in a very difficult threat environment, and about Israel Electric's new initiative t...

CCE: Changing How People Think About Cybersecurity [The Industrial Security Podcast] from 2021-03-22T08:47

Sarah Freeman at Idaho National Laboratories and co-author of the new book Countering Cyber Sabotage joins us to discuss the CCE methodology, attacker requirements and "unhackable" mitigations.

Safety and Security in Mining [The Industrial Security Podcast] from 2021-03-08T14:48

So very much about mining and about automation in mining is about safety. Greg Jones, an industrial security specialist at PPLTEK takes us through some unique physical processes and security challe...

Learnings from the SolarWinds Breach [The Industrial Security Podcast] from 2021-02-22T07:36

The SolarWinds supply chain breach is arguably the biggest hack in history. OSIsoft's Security Architect, Bryan Owen, joins us to explore the breach and what it means for industrial security.

[The Industrial Security Podcast] The Science of Security from 2021-02-08T13:04

Like civil engineers building bridges, security engineers should have quantitative goals: How secure must the system be when commissioned? (How much load must the bridge carry?) How long must the s...

[The Industrial Security Podcast] Addressing "Weak Link" Vendors in the Power Grid from 2021-01-25T10:28

CIP-013 is intended to reduce supply chain risks. What are the rules? What are they costing? Are they working? Dr. Joseph Baugh, Managing Consultant at Guidehouse joins us to explore CIP-013, the e...

[The Industrial Security Podcast] The Enterprise Perspective on OT Security from 2021-01-12T14:08

Ed Amoroso of Tag Cyber, former CSO of AT&T talks about the IT perspective & approach for OT security - where to start and what to watch for.

[The Industrial Security Podcast] Industrial Cloud Security from 2020-12-21T10:07

There are those who say that "Industrial" and "Cloud" and "Security" really don't fit together - but is this really true? Our guest today is Andrea Carcano from Nozomi Networks explaining how cloud...

[The Industrial Security Podcast] Security Monitoring&Management at Airbus from 2020-12-07T07:15

Markus Braendle, head of Airbus Cybersecurity, and Falk Lindner, lead architect for Industrial Cybersecurity at Airbus Manufacturing join us to talk about industrial security monitoring and managem...

[The Industrial Security Podcast] 20000 CPUs In An Average SkyScraper from 2020-11-16T13:41

Breaking into tenant enterprise networks via building automation networks, say from a public coffee shop: Barry Coflan, a Strategy Consultant at Tower Hill Analytics, provides a perspective on the ...

[The Industrial Security Podcast] 20000 CPUs In An Average SkyScraper from 2020-11-16T13:41

Breaking into tenant enterprise networks via building automation networks, say from a public coffee shop: Barry Coflan, a Strategy Consultant at Tower Hill Analytics, provides a perspective on the ...

[The Industrial Security Podcast] 83 Cyber Laws In The Pipe from 2020-11-02T09:42

Patrick Coyle - long-time blogger at Chemical Facility Security News explores the state of CFATS regulations, new cybersecurity spending bills in the pipe, and his new blog: Future ICS Security New...

[The Industrial Security Podcast] A Thousand People Panicking In Tunnels from 2020-10-19T13:59

Cybersecurity for rolling stock (trains) is trickier and even more safety critical than we imagine. Join Shannon Ramsaywak, Managing Partner at Nathanial Rand as we explore automation, security and...

[The Industrial Security Podcast] Destroyed A 300 Ton Chiller from 2020-10-01T10:26

Join us to explore building automation for skyscrapers, cybersecurity, and attack examples with Fred Gordy of Intelligent Buildings.

[The Industrial Security Podcast] Geopolitics: If You Want A Friend, Get A Dog from 2020-09-22T11:40

A timely and insightful exploration of supply chain security issues with Spencer Wilcox, the CSO and Executive Director of Technology at PNM Resources.

[The Industrial Security Podcast] Connection Not Integration from 2020-09-07T13:41

Daniel Ehrenreich joins us to explore practitioner experience of IT/OT Integration, 62443 training and the ICS CyberSec conference every year in Israel.

[The Industrial Security Podcast] Closing the Gap - P&I Diagrams For Security Engineering from 2020-08-20T13:27

P&I diagrams connect process engineering to control engineering. Sarah Fluchs of Admeritia explains what we need to connect control engineers with security engineers.

[The Industrial Security Podcast] Hospitals Upping Their Games from 2020-08-05T12:31

[The Industrial Security Podcast] Ransomware Goes Nuclear from 2020-07-23T09:28

Ransomware continues to evolve and sophisticated phishing attacks are the most popular attack vector. James McQuiggan of KnowBe4 explores ransomware, phishing and what we can do about it.

️

[The Industrial Security Podcast] IIoT for Distributed Energy Resources from 2020-07-09T12:03

Internet communications are creeping into electric distribution systems. James McCarthy and Don Faatz join us from the NIST NCCoE to talk about this project & others where they provide detailed “ho...

[The Industrial Security Podcast] Beer ISAC Beer ISAC podcast and other initiatives Kaspersky supports from 2020-06-28T10:47

Learn about the Beer ISAC movement, the Beer ISAC Podcast, the Russian industrial security community and other initiatives with Anton Shipulin and Vladimir Dashchenko of Kaspersky

️

[The Industrial Security Podcast] Targeted Ransomware At A Pharma Plant from 2020-06-11T07:22

Explore a targeted ransomware attack at a pharmaceuticals plant, the incident response and how hard it is to just "restore from backup" with Ofer Shaked, Co-Founder & Chief Technology Officer at SC...

[The Industrial Security Podcast] People have been hurt believing just one gauge from 2020-05-27T08:41

Author, researcher and industrial security pioneer Jake Brodsky explores the security and operational benefits of configuring self-consistency checks into industrial control systems. He argues that...

[The Industrial Security Podcast] Connecting with your local gurus from 2020-05-14T09:20

Derek Harp, CEO and Co-Founder of CS2AI and Founder of The Cyber List speaks to the history and future of CS2AI, and provides some insights into cyber security training for non-cyber-savvy audiences.

[The Industrial Security Podcast] Blockchains for Industrial Security from 2020-04-30T15:12

Roman Arutyunov, Co-Founder of Xage Security, explores intrinsically-distributed, authority-based blockchains for industrial security in the form of the Xage Security Fabric

️

[The Industrial Security Podcast] Safety protects the man from the machine, security the reverse from 2020-04-16T12:41

Marco Blume, Product Manager for Embedded at WIBU Systems introduces discrete manufacturing and explores how intellectual property protection, safety and cybersecurity work in that vertical and oth...

[The Industrial Security Podcast] 1800 sites: air gaps, Windows XP and evolving due diligence from 2020-04-02T05:39

Phil Neray, VP Industrial Security of CyberX reviews findings, remediations and C-level responses for security assessments at 1800 industrial sites

️

[The Industrial Security Podcast] Industrial Defender Returns from 2020-03-19T08:50

Industrial Defender was a pioneer of Industrial Security, but the brand dropped off the radar for several years. As of January though, Industrial Defender has returned. Phil Dunbar, CTO of the new ...

[The Industrial Security Podcast] We can handle disruption - Not destruction from 2020-03-05T10:50

Andy Bochman of Idaho National labs describes CCE, a new methodology for industrial security with a focus on mission assurance, which means different things in different industries

️

[The Industrial Security Podcast] Canadian Initiatives for Industrial Security from 2020-02-20T08:03

Robert Pitcher of Public Safety Canada explores Canadian industrial security, including very popular attack training/awareness sessions and the annual industrial security symposium.

[The Industrial Security Podcast] Unhackable Safeguards from 2020-02-06T09:54

Security PHA Review - a new methodology for protecting safe operations. Join our discussion with one of the authors of the new ISA book describing a robust connection between safety and cybersecurity.

[The Industrial Security Podcast] Board-Level Security Governance – Paul Feldman from 2020-01-30T10:54

Paul Feldman joins us to explore cybersecurity governance topics for boards of directors in the North American electric sector. Paul is a former director of WECC and MISO, among many other roles. H...

[The Industrial Security Podcast] IIoT Security with Sven Schrecker from 2020-01-30T10:07

Sven Shrecker is not just an expert in the internet of things—he's a well-versed, experienced public speaker. A Chief Architect at IBM, Sven is not only at the cutting-edge of IoT security, but som...

[The Industrial Security Podcast] OSIsoft and the EPRI Methodology with Harry Paul from 2020-01-30T10:04

Harry Paul's product is, well, complicated. His company produces what are called “data sheets”, addressing threat assessment and vulnerability mitigation for industrial cyber systems…and that's jus...

[The Industrial Security Podcast] ICS Penetration Testing with Jonathan Pollet from 2020-01-30T09:54

Jonathan Pollet, CEO of Red Tiger Security, walks us through how his crew does control system penetration testing, often with live, running systems as a target, with examples of findings and how cu...

[The Industrial Security Podcast] German Initiatives and Progress in Cybersecurity from 2020-01-30T09:47

We caught Jens Weisner at S4 and he talks about cybersecurity in Germany – progress, challenges and a little comparing of the German approach to what he sees happening in North America.
This p...

[The Industrial Security Podcast] Critical Infrastructure Security In Israel – Buki Carmeli from 2020-01-30T09:27

Buki Carmeli walks us through the evolution of government programs and legislation for securing Israel's critical infrastructure.
This podcast is produced by P.I. Media for Waterfall Security ...

[The Industrial Security Podcast] Classifying Control Systems, Consequences and Criticality from 2020-01-30T09:23

Marty Edwards discusses the need for a standard way to classify the criticality of industrial control systems – eg: safety-critical vs. equipment-critical vs. reliability-critical systems, and what...

[The Industrial Security Podcast] IT vs OT – Challenges and Opportunities from 2020-01-30T09:11

The differences between IT and OT teams and approaches both make life difficult and represent opportunities to improve industrial operations.
This podcast is produced by P.I. Media for Waterfa...

[The Industrial Security Podcast] Israeli Cybersecurity – Dr. Gabi Siboni from 2020-01-30T07:25

Gabi Siboni joins us to talk about standards, challenges and current initiatives in Israel – perhaps most thoroughly-cyber-protected nation on the planet.
This podcast is produced by P.I. Medi...

[The Industrial Security Podcast] Running with Scissors – with Patrick Miller from 2020-01-29T17:16

Patrick Miller discusses how technology advances in Industrial Control Systems are out-pacing existing industrial cybersecurity and business risk management programs and what needs to change to kee...

[The Industrial Security Podcast] Water Services Security at the City of Calgary from 2020-01-29T17:01

Industrial security insights regarding risks, programs, budgets and technology at the City of Calgary Water Services, with Darrol Weiss.
This podcast is produced by P.I. Media for Waterfall Se...

[The Industrial Security Podcast] Efficiency Through Security - Greg Hale from 2020-01-29T16:55

A wide-ranging conversation with Greg Hale, Editor and Founder of Industrial Safety and Security Source (ISSSource), about where we are today, how security relates to safety, how to sell security a...

[The Industrial Security Podcast] Munich Airport – Security Challenges and Information Security Hub from 2020-01-29T16:51

Mark Lindike explores industrial systems and security challenges at the Munich International Airport, as well as how the new Munich ISH training facility is helping the airport and others.
Thi...

[The Industrial Security Podcast] Tips for Recruiting and being Recruited into Industrial Security Positions from 2020-01-29T16:10

Meg Duba, a recruiter at Idaho National Labs talks about techniques, tips and challenges for industrial security recruitment and job hunting.
Guest: Meg Duba, Recruiter, Idaho National Laborat...

[The Industrial Security Podcast] We can only secure what we know we have – Rick Kaun from 2020-01-29T12:35

Asset inventory is the foundation of industrial security, which is essential to IT/OT convergence. Rick Kaun talks about asset inventory concepts and the Verve Industrial technology for inventory.<...

[The Industrial Security Podcast] Starting From Zero – Lyndon Hall of Iron Spear from 2020-01-29T12:14

Lyndon is routinely called on for the first-ever security assessment at industrial sites. He explains how he does that and what he finds.
This podcast is produced by P.I. Media for Waterfall S...

[The Industrial Security Podcast] Be Brave When Assessing Risks – Mark Fabro from 2020-01-29T12:07

Mark Fabro explores how robust cyber/physical risk assessments help "stay left of boom" at industrial sites.
Guest: Mark Fabro, President and Chief Security Scientist at Lofty Perch
This ...

[The Industrial Security Podcast] Where Do Your Bits Really Come From? – Eric Byres from 2020-01-29T12:01

Industrial security pioneer Eric Byres speaks to software supply chain trust issues and some of the technology his new venture Adolus Inc. is developing to help.
Guest: Eric Byres – CEO of Ado...

[The Industrial Security Podcast] Layer Zero Anomaly Detection from 2020-01-29T11:40

Explore out of band security and operational anomaly detection with Ilan Gendelman and Hadas Levine of SIGA OT Solutions.

[The Industrial Security Podcast] Three Networks – IT, OT&Engineering from 2020-01-29T11:03

Industrial security pioneer Joe Weiss explains how there are 3 networks, not two – IT, OT and Engineering, with examples from the 2007 aurora test.
This podcast is produced by P.I. Media for W...

[The Industrial Security Podcast] Build, Break&Secure from 2020-01-29T10:33

Build, break & secure with a 1000-lb portable lab – Matthew Luallen of Cybati explores modern industrial security training.
This podcast is produced by P.I. Media for Waterfall Security Soluti...

[The Industrial Security Podcast] Malcolm – A New (Free, INL) Tool for Network Visibility from 2020-01-29T10:25

Jens Wiesner of the German BSI explores Malcolm, a new (free, open source) tool for OT network visibility, brought to us by the U.S. Idaho National Labs (INL).
This podcast is produced by P.I....

[The Industrial Security Podcast] When Numbers Are Scarce from 2020-01-29T10:03

How do we estimate the probability of an attack that has never happened? Ron Brash of Verve Industrial explains.
This podcast is produced by P.I. Media for Waterfall Security Solutions.
T...

[The Industrial Security Podcast] Cyber and industrial focus at US CISA from 2020-01-29T09:08

Rick Driggers of CISA describes cyber, physical and industrial security priorities at the new US DHS CISA agency.
This podcast is produced by P.I. Media for Waterfall Security Solutions.
...

[The Industrial Security Podcast] Product Security at GE from 2020-01-29T08:55

Pointing fingers at vendors is easy. Creating "secure" products is a real challenge, supply chain is a big part of that challenge, and vendors cannot solve the problem in isolation. Kenneth Crowthe...

[The Industrial Security Podcast] Your Human Supply Chain from 2020-01-23T12:15

How education differs from training, with examples from Dr. Art Conklin at the University of Houston.

[The Industrial Security Podcast] Know more about your system than attackers do from 2020-01-12T08:55

And other topics such as analog control systems, IIoT at nuclear sites and control system product "labeling" for security. Join Matt Gibson from the Electric Power Research Institute (EPRI) to expl...