Control Loop: The OT Cybersecurity Podcast

Building automation systems and maritime cyber regulations.

GRU's Sandworm implicated in campaign against Danish electrical power providers. Paris wastewater agency hit by cyberattack. LockBit hits Boeing. Bletchley Declaration represents a consensus starting point for AI governance. The US Executive Order on artificial intelligence is out. Guest Austin Reid of ABS Group discusses Ship and Shore challenges for security and the current and emerging regulatory landscape. On the Learning Lab, Dragos Mark Urban part 1 of 3 discussing building automation systems with Dragos' Daniel Gaeta and Zach Spencer.

Port disruption and a discussion of maritime and OT.

A cyber incident disrupts Australian ports. Sandworm and Ukraine's power grid: 2022 attacks. Department of Energy hosts simulated cyberattack competition. CISA, FEMA, and Shields Ready. Cyber and electronic threats to space systems. Four cyber phases of a hybrid war. Guest Austin Reid of ABS Group discusses cyber risk and threats to Maritime Transportation Systems (MTS). On the Learning Lab, catch an encore of Dragos CEO Robert M. Lee and Mark Urban about the five critical controls for ICS.

Transcript

Active visibility into OT systems.

Rockwell Stratix routers vulnerable to Cisco zero-day. SecurityWeek’s ICS Cyber Security Conference. Malware attacks against IoT devices increase by 400%. Nuclear power plant operator cited over cybersecurity plan. CISA’s ICS advisories. Guest Garrett Bladow, Distinguished Engineer at Dragos, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Garrett discusses active visibility into OT systems. On the Learning Lab, Mark Urban shares the second part of his conversation about cyber threat intelligence with Paul Lukoskie, who is Dragos’ Director of Intelligence Services.

Transcript

A look at a Whole-of-State cybersecurity strategy.

Microsoft on the state of OT security. Israeli and Palestinian hacktivists target ICS. Coinmining as an (alleged, potential) front for espionage or stage for sabotage. EPA withdraws water system cybersecurity memorandum. Colonial Pipeline says new ransomware claims are due to unrelated third-party breach. Most organizations are struggling with IoT security. CISA views China as the top threat to US critical infrastructure. Improving security for open-source ICS software. CISA ICS advisories. Guest Kuldip Mohanty, CIO of North Dakota, joins us from the CyberCon 2023 event in Bismarck, North Dakota. Kuldip shares how critical infrastructure is treated within the "Whole-of-State” cybersecurity strategy his team implements in North Dakota. On the Learning Lab, Mark Urban shares the first part of his conversation about cyber threat intelligence with Paul Lukoskie, who is Dragos’ Director of Intelligence Services.

Transcript

When IT infrastructure translates into OT.

Johnson Controls sustains cyberattack. Nearly 100,000 ICS services exposed to the Internet. FBI anticipates an increase in Chinese and Russian targeting of the energy sector. Joint advisory warns of Beijing’s “BlackTech” threat activity. CISA's push for hardware bills of materials. Cybersecurity in the US industrial base. Guest Michael Toecker, Cyber Security Advisor at the United States Department of Energy’s Office of Cybersecurity, Energy Security, and Emergency Response, continues his discussion of community defense and Neighborhood Keeper. On the Learning Lab, Mark Urban is joined by Alex Baretta, a senior solution architect at Dragos, for part two of their discussion about secure remote access.

Transcript