loader from loading.io

US Dept of Energy's OT Defender Fellowship Program

Unsolicited Response Podcast

Release Date: 07/19/2023

Joel Langill On His New OT Security Training Class And More show art Joel Langill On His New OT Security Training Class And More

Unsolicited Response Podcast

Dale Peterson speaks with Joel Langill, the SCADAHacker, about his new training course entitled Conducting Threat, Vulnerability, and Risk Assessments For ICS. .  Of course Dale and Joel jump around a bit on training, the workforce and other items. Take a listen.

info_outline
S4x24 Main Stage Interview With Stewart Baker show art S4x24 Main Stage Interview With Stewart Baker

Unsolicited Response Podcast

Stewart Baker is one of the preeminent lawyers on topics of cyber law with an impressive career in and out of government. Stewart also hosts the Cyberlaw podcast. The Biden administration is contending that vendors should be held liable for security deficiencies in their products.  Assuming this is turned into law and/or executive orders, what does it mean? What can we learn from other liability law to inform us what would be required for a vendor to be held liable for a security issue? How would the judgment / damages be determined.  Dale's note: We talk about the SEC charges...

info_outline
S4x24 Main Stage Interview With Rob Lee show art S4x24 Main Stage Interview With Rob Lee

Unsolicited Response Podcast

Dale Peterson interviews Rob Lee on the S4 Main Stage. They cover a lot of ground and Rob is never shy about sharing his opinions and analysis. They discuss: Rob’s first S4 PIPEDREAM deployed v. employed distinction … and why 2 years later is it still the most dangerous ICS malware? Are we really more homogenous? What makes a group something that Rob/Dragos tracks as an ICS focused attacker? If the answer to intel is do the basics, do I need intel? What ICS specific data was VOLTZITE exfiltrating? What countries are targeting critical infrastructure? Is it realistic to expect any country...

info_outline
Chris Hughes, Author of Effective Vulnerability Management show art Chris Hughes, Author of Effective Vulnerability Management

Unsolicited Response Podcast

Chris Hughes and Nikki Robinson recently wrote the book Effective Vulnerability Management. Dale and Chris discuss the topic and book including: The definition and scope of vulnerabilities. It’s much more than coding errors that need patches. Are ICS protocols lacking authentication “vulnerabilities” The reality that most organizations have 100’s of thousands of unpatched vulnerabilities. Some statistics and will this change. Ways to prioritize what vulnerabilities you address. The SSVC decision tree approach that was introduced at S4 as Never, Next, Now Tooling …...

info_outline
2024 Threat Report – OT Cyber Attacks with Physical Consequences show art 2024 Threat Report – OT Cyber Attacks with Physical Consequences

Unsolicited Response Podcast

Waterfall Security Solutions and ICSSTRIVE put out an annual threat report that Dale Peterson believes is the best in OT. Why? It only includes incidents that had physical consequences on systems monitored and controlled by OT.  Dale and Andrew discuss: What is in and out of scope for the report. The breakdown of the 68 incidents that occurred in 2023 by industry sector, cause, threat actor and more. The impact reporting requirements may have on these numbers in the future. What percentage of OT cyber incidents with physical consequences are made public. Ransomware on IT causing...

info_outline
State Of NERC CIP, European Update and OT Security Community show art State Of NERC CIP, European Update and OT Security Community

Unsolicited Response Podcast

Patrick Miller has OT cybersecurity experience as an asset owner, PacificCorp. As a regulator and one of the first NERC CIP auditors with WECC. As a community organizer creating and leading EnergySec and the BeerISAC. And as an entrepreneur creating and leading a number of consulting practices. He is currently the Founder of Ampyx Cyber.   In this episode Patrick and Dale discuss: Why Patrick changed the company name and selected Talinn as the location for the new European office. The major differences in approaches to OT cybersecurity and risk management between Europe and the US....

info_outline
Book Interview: Introduction To SBOM And VEX show art Book Interview: Introduction To SBOM And VEX

Unsolicited Response Podcast

info_outline
S4x24 Closing Panel show art S4x24 Closing Panel

Unsolicited Response Podcast

info_outline
Q1: ICS Security In Review show art Q1: ICS Security In Review

Unsolicited Response Podcast

Emma Stewart joins Dale to discuss the 3 big OT & ICS security stories from the first quarter. They end by giving their win, fail and prediction for Q1.

info_outline
S4x24 Preview show art S4x24 Preview

Unsolicited Response Podcast

info_outline
 
More Episodes

Dale is often critical of the US Government's efforts and programs to address OT cyber risk. So it's a pleasure to highlight a program that is working.

Samantha Ravich, Chair of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies, joins Dale to discuss the US Department of Energy's OT Defender Fellowship Program.

They begin by describing the program, its goals, what are ideal candidates for the program, and the early results from the first few cohorts. Then Timothy Pospisil of Nebraska Public Power District and part of the 2022 OT Defender Fellowship cohort joins the show to discuss his experience in the program.

At the end we discuss how this could be expanded to address water, critical manufacturing and other sectors.

Link

OT Defender Fellowship Program