Control Loop: The OT Cybersecurity Podcast

Don't take energy for granted.

Redfly cyberespionage targets a national grid. DHS Threat Assessment looks at critical infrastructure threats. A look at the ICS threat landscape. DoE grants for research into distributed energy cybersecurity. CISA offers free vulnerability scanning for water infrastructure. CISA issues ICS advisories. Guest Michael Toecker, Cyber Security Advisor at the United States Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, discusses community defense. On the Learning Lab, Mark Urban is joined by Alex Baretta, a senior solution architect at Dragos, for part one of their discussion about secure remote access.

Transcript

Intelligence services within the convergence of OT and IT.

Crude "cyberattack" on rail control systems stops Polish trains. Energy One discloses cyberattack against its corporate systems. NIAC calls for a National Water Strategy. Department of Energy holds contest to provide cybersecurity funding for rural utilities. Researchers aim to secure US military’s power grids. A technical issue grounds the UK’s air traffic control system’s automated features. Guest Mark Ryland, Director of the Office of the CISO at Amazon Web Services, joining us as part of a Dragos webinar, Securing Digital Transformation: OT Cybersecurity Innovation and Resilience. On the Learning Lab, Mark Urban is joined by Dragos Vice President of Product Management Kimberly Graham in part three of their discussion on the convergence of OT and IT.

Transcript

Real world stories of incident response and threat intelligence.

Radiation sensor reports from Chernobyl may have been manipulated. South African power generator hit with malware. APT31 linked to attacks on industrial systems in Eastern Europe. Environmental regulation and increased maritime cyber risk. CISA Director warns of Chinese infrastructure attack staging. Threats to the power grid. CODESYS vulnerabilities. Today's guest is Dragos’ Lesley Carhart, sharing their RSAC 2023 talk on real world stories of incident response and threat intelligence. The Learning Lab continues the conversation between Dragos’ Mark Urban and Kimberly Graham about the convergence.

Transcript

Mentorship, internships, and apprenticeships in OT security.

The Five Eyes outline the top exploited vulnerabilities. The Brunswick Corporation loses millions to cyberattack. Ransomware in the industrial space. The US Transportation Security Administration (TSA) updates security rules for oil and natural gas pipeline operators. Our guest is Mea Clift of Woodard & Curran sharing her perspective on mentorship, internships, and apprenticeships with an eye on OT security. The Learning Lab has the first part of a discussion about the convergence of OT and IT with Dragos’ Mark Urban and Kimberly Graham, Dragos’ VP of Product Management.

Compliance with an eye on OT security.

An unnamed APT has a remote code execution exploit for Rockwell Automation ControlLogix communications modules. Court temporarily blocks water system cybersecurity mandate. Industrial controller vulnerabilities pose a risk to critical infrastructure. US Federal government issues voluntary IoT security guidelines. Our guest is Mea Clift of Woodard & Curran discussing how compliance should not be a checkbox activity with an eye on OT security and shares her experience in securing the water/utilities space. On the Learning Lab, Mark Urban is joined by Dragos Vulnerability Analyst Logan Carpenter in final part of three segments focused on vulnerabilities in the OT world.

Transcript