エピソード

  • Managing Risk with Digital Twins - What Do We Do Next? [the industrial security podcast]

    Managing Risk with Digital Twins - What Do We Do Next? [the industrial security podcast]
    2025/09/08
    Asset inventory, networks and router / firewall configurations, device criticality - a lot of information. How can we USE this information to make useful decisions about next steps to address cyber risk? Vivek Ponada of Frenos joins us to explore a new kind of OT / industrial digital twin - grab all that data and work it to draw useful conclusions.
    続きを読む 一部表示
    46 分
  • I don't sign s**t [The Industrial Security Podcast]

    I don't sign s**t [The Industrial Security Podcast]
    2025/08/11
    We don't have budget to fix the problem, so we accept the risk? Tim McCreight of TaleCraft Security in his (coming soon) book "I don't sign s**t" uses story-telling to argue that front line security leaders should not be accepting multi-billion dollar risks on behalf of the business. We need to escalate those decisions - with often surprising results when we do.
    続きを読む 一部表示
    50 分
  • NIS2 and the Cyber Resilience Act (CRA) [The Industrial Security Podcast]

    NIS2 and the Cyber Resilience Act (CRA) [The Industrial Security Podcast]
    2025/07/28
    NIS2 legislation is late in many EU countries, and the new CRA applies to most suppliers of industrial / OT computerized and software products to the EU. Christina Kiefer, attorney at reuschlaw, walks us through what's new and what it means for vendors, as well as for owner / operators.
    続きを読む 一部表示
    54 分
  • Network Duct Tape [The Industrial Security Podcast]

    Network Duct Tape [The Industrial Security Podcast]
    2025/07/11
    Hundreds of subsystems with the same IP addresses? Thousands of legacy devices with no modern encryption or other security? Constant, acquisitions of facilities "all over the place" network-wise and security-wise? What most of us need is "network duct tape". Tom Sego of Blastwave shows us how their "duct tape" works.
    続きを読む 一部表示
    1 時間 4 分
  • Credibility, not Likelihood [The Industrial Security Podcast]

    Credibility, not Likelihood [The Industrial Security Podcast]
    2025/06/17
    Safety defines cybersecurity - Kenneth Titlestad of Omny joins us to explore safety, risk, likelihood, credibility, and deterministic / unhackable cyber defenses - a lot of it in the context of Norwegian offshore platforms.
    続きを読む 一部表示
    53 分
  • Lessons Learned From Incident Response [The Industrial Security Podcast]

    Lessons Learned From Incident Response [The Industrial Security Podcast]
    2025/05/20
    How did they get in? How did we find them when they got in? What can we do in future to clean up the mess faster? Chris Sistrunk reflects on a decades' industrial cyber incident response experience at Mandiant (Google).
    続きを読む 一部表示
    51 分
  • Experience & Challenges Using Asset Inventory Tools [The Industrial Security Podcast]

    Experience & Challenges Using Asset Inventory Tools [The Industrial Security Podcast]
    2025/04/21
    Asset inventory tools have become almost ubiquitous as main offerings or add-ons to OT security solutions. In this episode, Brian Derrico of Trident Cyber Partners walks us through what it's like to use these tools - different kinds of tools in different environments.
    続きを読む 一部表示
    36 分
  • Needles in Haystacks - Recruiting OT Incident Responders [The Industrial Security Podcast]

    Needles in Haystacks - Recruiting OT Incident Responders [The Industrial Security Podcast]
    2025/03/17
    Industrial incidents can be cyber attacks, or equipment failures, or physical equipment leaking product because of metal fatigue or incorrect welds. OT incident responders need to know a lot. Doug Leece of Enbridge explores what is OT incident response and what you look for recruiting people into that role.
    続きを読む 一部表示
    56 分