loader from loading.io

Cyber Hygiene?

Unsolicited Response Podcast

Release Date: 05/15/2018

ICS Security - Q3 In Review show art ICS Security - Q3 In Review

Unsolicited Response Podcast

Patrick Miller of Ampere Industrial Security joins Dale to discuss the three big stories of the quarter and give their win, fail and prediction. Stories US National Cybersecurity Strategy Implementation Plan + CISA 2024-2026 Strategic Plan The cybersecurity / OT cybersecurity vendor market news. We just had Cisco buy Splunk, plus the Dragos "extension", and SCADAfence selling to Honeywell. Seems like some tough times. Ransomware again … Port of Nagoya, Clorox, hospitals, CISA Ransomware Vulnerability Notification Service Links  

info_outline
Dale Peterson On The Sunspace Alliance Webinar show art Dale Peterson On The Sunspace Alliance Webinar

Unsolicited Response Podcast

Dale Peterson was recently interviewed by Jay Johnson of Sandia and Tom Tansy of the as part of their distributed energy resources (DER) Sunspec webinar series. We covered a lot of issues and Dale was not shy in throwing out some analysis and opinions. After 5 minutes discussing the S4x24 ticket process, the topics discussed:   How DER will deal with the complex, large number of users and stakeholders PKI environment. The Sunspec device security specification and the benefits of a limited, key set of security controls. What is the role of government regulation to solve DER security...

info_outline
Cyber-Physical Attacks with Marina Krotofil show art Cyber-Physical Attacks with Marina Krotofil

Unsolicited Response Podcast

Marina Krotofil recently published the paper which is a detailed paper on cyber attacks that cause a physical impact on the system being monitored and controlled. It took Marina 1.5 years to write this paper, which is more accurately described as a short book. We discuss: the work she is doing to help Ukrainian critical infrastructure security during wartime what got Marina interested in cyber-physical security 10+ years ago the current understanding of cyber-physical in the OT security community Chapter 2: Engineering Foundations as a great intro for those in IT to understand basic...

info_outline
SBOMs & CycloneDX with Steve Springett show art SBOMs & CycloneDX with Steve Springett

Unsolicited Response Podcast

Steve Springett is the Chair of the OWASP CycloneDX Core Working Group. CycloneDX is one of the two main machine readable formats that SBOMs are being created in, although CycloneDX can capture all sorts of BOMs. In this episode we assume listeners know what a SBOM is and why it might be desired by a vendor and asset owner. The beginning of the show we cover some basics of CycloneDX If you know the basics, skip to 14:24 where we get into the details Statistics on who is generating and using CycloneDX SBOMs, and the impact of governement regulations on the use. Steve's view of the NTIA Minimum...

info_outline
The OT Cybersecurity / Climate Nexus with Andy Bochman show art The OT Cybersecurity / Climate Nexus with Andy Bochman

Unsolicited Response Podcast

At S4x23 Andy Bochman gave a Main Stage performance on the OT Cybersecurity / Climate Nexus. It's a new idea and Dale wanted to dig into it and understand it better. The discussion looks at where there is a nexus/connection/overlap and where there may be parallel efforts where each side might learn from the other. Links

info_outline
Water Sector Cyber Risk with Gus Serino show art Water Sector Cyber Risk with Gus Serino

Unsolicited Response Podcast

Gus Serino worked at a large water utility before joining Dragos in 2019. We're talking water sector so it's obligatory to start with Oldsmar (2:20), but we don't talk cyber. Instead we go through the physical portion of the water system assuming the attacker is able to issue the command to the pump to dump a lot of sodium hydroxide into the water system and what would likely happen. Importantly Gus identifies the simple, unhackable solution to this threat. A hard wired PH sensor that will shut off the pump regardless of the commands from the ICS. After Oldsmar Dale and Gus discuss: how small...

info_outline
One-Way, SAIDI & S4x24 CFP show art One-Way, SAIDI & S4x24 CFP

Unsolicited Response Podcast

This is a solo-sode where Dale reviews two articles from July with comments on comments and additional thoughts. The final section is a must listen if you are going to submit to speak on the S4x24 Stage. The times below are so you can skip to what you are interested in. 1:29 One-Way Data Diodes and School Zones 10:15 SAIDI: What Cyber Incidents Should Be Excluded From Metrics 16:05 Do's and Don'ts For Your S4x24 CFP Submission Links

info_outline
Interview with HD Moore show art Interview with HD Moore

Unsolicited Response Podcast

HD Moore is most famous for his creation of the Metasploit penetration testing framework. It began in 2003 and hit the OT world in 2011. HD is now the Founder and CTO of RunZero, another cybersecurity startup that is starting to play in the OT Space.   In this episode we spend the first third of the show talking about Metasploit ... early reaction, OT modules, is Metasploit still necessary and useful today.   We then shift to creating asset inventories in IT and OT, which is what RunZero does. Why HD decided to run back into the cybersecurity startup world? How it started as a...

info_outline
US Dept of Energy's OT Defender Fellowship Program show art US Dept of Energy's OT Defender Fellowship Program

Unsolicited Response Podcast

Dale is often critical of the US Government's efforts and programs to address OT cyber risk. So it's a pleasure to highlight a program that is working. Samantha Ravich, Chair of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies, joins Dale to discuss the US Department of Energy's OT Defender Fellowship Program. They begin by describing the program, its goals, what are ideal candidates for the program, and the early results from the first few cohorts. Then Timothy Pospisil of Nebraska Public Power District and part of the 2022 OT Defender Fellowship...

info_outline
Eric Cosman On Dow, Open Automation, 62443 & More show art Eric Cosman On Dow, Open Automation, 62443 & More

Unsolicited Response Podcast

Eric Cosman had a 38 year career at Dow Chemical, was on the ISA 99 committee its inception, and then he retired. After retirement Eric joined ARC Advisory Group as a Contributing Consultant and got even more active with ISA. He is a long time co-chair of ISA99 and was President of ISA in 2020. Eric and Dale discuss: Dow's in house developed DCS and SIS: MOD Eric's top trend from 2022: The value of open automation and the Open Process Automation Forum ISA/IEC 62433 Eric's view they are "primarily engineering standards" What Eric thinks about the safety / security analogies His...

info_outline
 
More Episodes

The buzzwords "cyber hygiene" is being said and written by many of the guru's in the ICS security community. It's hard to argue that basic hygiene is bad, but what is and isn't cyber hygiene?

I recorded a 3-person pod with Marty Edwards of the Automation Federation and Michael Toecker of Context Industrial Security. They were selected because they used the term, and all three of us had different views on what cyber hygiene means and the usefulness of the term. For example is applying security patches cyber hygiene? Is there a difference between cyber hygiene and cyber maintenance.

Amazingly, for three experienced and opinionated people, we all ended up changing our viewpoint and reached a basic agreement. Take a listen and see if you agree with where we ended up.

----

This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation.

Check out the CyberX Global ICS and IIoT Risk Report and my podcast from last year on the report with Phil Neray.