loader from loading.io

ICS Threat Intel with Sergio Caltagirone

Unsolicited Response Podcast

Release Date: 03/23/2020

S4x20 Closing Panel show art S4x20 Closing Panel

Unsolicited Response Podcast

Ralph Langner of Langner, Inc. and Zach Tudor of INL join me on the S4x20 Closing Panel. This is always one of the most fun and highly rated session at S4.

info_outline
Interview with Inventor & Legend Ed Schweitzer show art Interview with Inventor & Legend Ed Schweitzer

Unsolicited Response Podcast

This podcast is the audio from my S4x20 Main Stage interview with electric sector and ICS legend Ed Schweitzer. He was the perfect person to interview related to the event theme: Create The Future in OT and ICS security. It's a wide ranging and fun interview. (Ed has a great sense of humor).

info_outline
Interview with Bryan Owen of OSIsoft show art Interview with Bryan Owen of OSIsoft

Unsolicited Response Podcast

Bryan and I were scheduled to go skiing prior to ICSJWG in Park City. With that squashed we decided to record a podcast instead. Bryan and I begin with what winning the Michael J. Assante Lifetime Achievement award meant to him. Then we discuss the challenge and methods in which an ICS product vendor tries to develop and deploy a secure solution.

info_outline
Tenable's OT Strategy with Marty Edwards show art Tenable's OT Strategy with Marty Edwards

Unsolicited Response Podcast

Marty Edwards has worked for an ICS asset owner, INL, DHS, ISA and late last year he made the move to a security product vendor, Tenable. This happened at the same time that Tenable acquired Indegy for $78M, indicating they are serious about OT security space. I talk with Marty a bit about his past career and then focus on why he moved to Tenable and what Tenable's strategy is for the OT space.

info_outline
Board of Directors Role in ICS Security with Thomas Parenty show art Board of Directors Role in ICS Security with Thomas Parenty

Unsolicited Response Podcast

A big challenge facing any team trying to deal with OT and ICS cyber risk is getting executive leadership and the Board of Directors support and leadership on this issue. The problems that arise tend to be related to communication styles, understanding of what is truly important to the company, and reducing business risk as determined by the executives and Board.

info_outline
ICS Threat Intel with Sergio Caltagirone show art ICS Threat Intel with Sergio Caltagirone

Unsolicited Response Podcast

Sergio began his career doing threat intelligence in the US Government's NSA and now is the VP of Threat Intel at Dragos. We focus in this episode on where the data for threat intel is obtained, how the threat intel product is created, and how it should be used by an ICS asset owner.

info_outline
An Interview with Andy Greenberg - Author of Sandworm show art An Interview with Andy Greenberg - Author of Sandworm

Unsolicited Response Podcast

In this episode Dale Peterson interviews Sandworm author and Wired Senior Writer Andy Greenberg on the S4x20 Main Stage. They focus on the ICS issues in the story. Who is Sandworm? What did Sandworm do? How was the West's response to these attacks? and much more.

info_outline
Kelly Jackson Higgins Interviews Dale show art Kelly Jackson Higgins Interviews Dale

Unsolicited Response Podcast

The tables are turned in this episode of the Unsolicited Response podcast with Kelly Jackson Higgins of Dark Reading interviewing Dale in the S4x20 Green Room. Kelly has been coming to S4 and covering the ICS security space for over seven years, and this experience lets her write and edit articles with important information and minimal hype.

info_outline
The Cabana Sessions show art The Cabana Sessions

Unsolicited Response Podcast

I spoke with two Digital Bond alumni and Lord Remorin at the S4x20 Cabana Sessions about a wide ranging set of technical topics. First Reid Wightman and I speak about CTFs, Pwn2Own, and his basement. Then I talk with Stephen Hilt and Lord Remorin about their ICS Factory Honeynet. How they built it and what they saw.

info_outline
Megan Samford on ICS4ICS show art Megan Samford on ICS4ICS

Unsolicited Response Podcast

Dale Peterson interviews Megan Samford of Rockwell Automation in the S4x20 Green Room.

info_outline
 
More Episodes

Sergio began his career doing threat intelligence in the US Government's NSA and now is the VP of Threat Intel at Dragos. We focus in this episode on where the data for threat intel is obtained, how the threat intel product is created, and how it should be used by an ICS asset owner.

  • Where are the data 'mines' where the raw data is available and how to find the nuggets?
  • What is a typical threat intel product / set of information?
  • Does threat intel include attribution (who is the threat actor(s))? What is the difference between a threat actor and what Sergio calls an activity group? Is this important for the asset owner to know?
  • How do you determine when you have enough completeness and accuracy to write and deliver threat intel product?
  • How do you define the accuracy of a threat intel report or specific findings in a report?
  • How would an asset owner use threat intel? Is it actually providing new recommendations that a good ICS security program wouldn't already prioritize.
  • Customers should drive threat intel through their questions so they can make better business decisions.