Avsnitt

  • Join us for a discussion on Energizing Cybersecurity Careers: Workforce Development in the OT/ICS Community. Guests Cynthia Hsu and Erin Owens dive into the cybersecurity challenges facing Industrial Control Systems and Operational Technology asset owners. Through open conversations, we explore everything from skill gaps and career pathways to diversity, continuous learning, and the impact of new technologies. This session aims to provide insights into developing a skilled, diverse cybersecurity workforce – starting from the ground up – with a focus on practical strategies for professionals, educators, and anyone interested in the future of ICS/OT security.

    Show links:

    Cynthia Hsu LinkedIn profile https://www.linkedin.com/in/cynthiahsu33/

    Erin Owens LinkedIn profile https://www.linkedin.com/in/erinowens/DOE CESER Cybersecurity Training for the Utility Workforce, free 3-day ICS Cybersecurity training for electric and ONG utility staff.  Next training event: Buffalo, NY, April 23-25,  Register at: Eventleaf | Event Registration Software and Mobile Event Apps

     

    DOE CESER CyberStrikeTM professional cybersecurity training for operational technology environments: https://inl.gov/cyberstrike/

    ·       LIGHTS OUT – focus on Ukraine attacks

    ·       NEMESIS – focus on nation-state TTPs

    ·       STORMCLOUD – focus on renewable energy  

     

    DOE CESER CyberForce® workforce development program for college students focused on building a pipeline of cyber professional candidates in operational technology cybersecurity:  https://cyberforce.energy.gov/

     

    Sandia National Laboratory

    Tracer FIRE (Forensic Incident Response Exercise): https://github.com/sandialabs/Tracer-FIRECenter for Cyber Defenders:  https://www.sandia.gov/careers/career-possibilities/students-and-postdocs/internships-co-ops/institute-programs/titans-technical-internships-to-advance-national-security/titans-cyber/

     

    Cyber Defense Center https://www.cyberdefensecenter.org/

  • In this episode, we take a deep dive into the world of Cyber Informed Engineering (CIE), joined by Ginger Wright, Program Manager at Idaho National Laboratory. This episode unpacks CIE's strategic efforts to integrate cybersecurity into the very fabric of engineering critical infrastructure. We discuss the evolution of CIE and how it's transforming the approach to system design. We cover the synergy between engineers and cybersecurity experts and the implementation of engineering-based mitigations. Get insights on building resilience into critical systems from the ground up.

  • Join Patrick Miller, CEO of Ampere Industrial Security and his guest Danielle Jablanski, OT Cybersecurity Strategist at Nozomi Networks as they continue their debate on the topic: "If you could have only one cybersecurity regulation, what should that be?" They cover everything from threat hunting, vulnerability management, attack surface management, incident response, breach notification, risk quantification, cybersecurity insurance, NIS2, NERC CIP, and what's best for corporate vs. public good.

  • Join Patrick Miller, CEO of Ampere Industrial Security and his guest Amanda Freick, CRO of Altruistic as they discuss the need for collaboration and breaking down cultural barriers to effectively utilize data and drive innovation in the energy sector with AI/ML. We also touch upon the importance of approaching generative AI and language models like GPT with a strategic mindset, understanding the specific needs and goals of the organization before implementation. Additionally, we talk about the importance of recognizing and leveraging the untapped skills and potential within an organization to drive transformation and democratize access to meaningful work.

    Show Links:

    Amanda Freick LinkedIn - https://www.linkedin.com/in/amandafreick/

    Altruistic Video Case Study - https://vimeo.com/733720685

    Tony Robbins Book, Life Force - https://amzn.to/3qTXRfj

  • Hear from an experienced ICS/OT Security Manager, Gabe Agboruche, on how to enter or upskill into the ICS/OT cybersecurity field. He answers questions such as… What training is available? What are the biggest obstacles? What are some common job roles? What are the best paying job roles? We also cover the asset owner’s perspective on how they can obtain and retain new cybersecurity professionals.SHOW LINKS:Gabe Agboruche LinkedIn ProfileGabe’s YouTube channel - Struggle SecurityMalware Traffic AnalysisFree Network EmulatorsICSVillageICS Village Youtube ChannelSans ICS Free ResourcesSANS ICS ConceptsDNP3 SimulatorsScapyCompTIA (Security+ and Network+ certifications)

  • Getting started with ICS and OT security metrics can be hard. What do you measure? How do you represent it? Do you even have the data? In this podcast, we talk with Erin Torruella to share her experience from building and managing metrics for multiple different sectors. She provides great advice on where to start and how to get the effort going in the right direction.

    ChatGPT response was…

    Operational Technology (OT) and Industrial Control Systems (ICS) are crucial components of critical infrastructure, and their security is essential for ensuring the safety, reliability, and availability of essential services. To measure the success or failure of an OT/ICS security program, several metrics can be considered, such as:

    1. Vulnerability Management Metrics: This metric measures the number of vulnerabilities identified, the number of vulnerabilities remediated, and the time it takes to remediate the vulnerabilities.

    2. Incident Response Metrics: This metric measures the effectiveness of the incident response process. It includes the time it takes to detect, contain, and resolve an incident, as well as the number and severity of incidents.

    3. Compliance Metrics: This metric measures compliance with relevant security standards, regulations, and policies. It includes the number of audits conducted, the number of non-compliances identified, and the time it takes to remediate non-compliances.

    4. Risk Management Metrics: This metric measures the effectiveness of the risk management program. It includes the number and severity of risks identified, the number of risks mitigated, and the time it takes to mitigate the risks.

    5. Awareness Metrics: This metric measures the effectiveness of the security awareness program. It includes the number of training sessions conducted, the number of employees trained, and the level of understanding demonstrated by employees.

    6. Asset Management Metrics: This metric measures the effectiveness of the asset management program. It includes the number and types of assets identified, the level of asset classification, and the accuracy of the asset inventory.

    7. Performance Metrics: This metric measures the performance of the OT/ICS infrastructure. It includes uptime, availability, and response time.

    Thanks for listening!

    Show links:

    Erin Torruella...

    LinkedIn - https://www.linkedin.com/in/erin-torruella/

    Twitter - https://twitter.com/LadySqrrl

    Mastodon - https://infosec.exchange/@ladysqrrl

    JD Christopher SANS talk on ICS Security Metrics - https://www.youtube.com/watch?v=gIsLP_Dtv7M

    JD Christopher SANS blog post on ICS Security Metrics -https://www.sans.org/blog/mature-ics-security-with-metrics/

    S.M.A.R.T. Methodology - https://en.wikipedia.org/wiki/SMART_criteria

    DHS CISA Cross-Sector Cyber Performance Goals - https://www.cisa.gov/cross-sector-cybersecurity-performance-goals

  • FERC has issued Order 887, directing NERC to create new Critical Infrastructure Protection (CIP) cybersecurity standards for Internal Network Monitoring Systems (INSM). In this episode, Patrick Miller, CEO of Ampere Industrial Security talks with Carter Manucy, IT/OT Cybersecurity Director for Florida Municipal Power Authority (FMPA). Hear from a real electric utility asset owner, on what this Order means for the industry and what you should do next.

    Show links:

    Carter Manucy LinkedIn Profile - https://www.linkedin.com/in/cmanucy/

    FERC Order 887 - https://www.ferc.gov/media/e-1-rm22-3-000

    FERC INSM NOPR - https://www.federalregister.gov/documents/2022/01/27/2022-01537/internal-network-security-monitoring-for-high-and-medium-impact-bulk-electric-system-cyber-systems

    National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems - https://www.amperesec.com/blog/industry-brief-national-security-memorandum-on-improving-cybersecurity-for-critical-infrastructure-control-systems

    NERC INSM Practice Guide - https://www.nerc.com/pa/comp/guidance/CMEPPracticeGuidesDL/CMEP%20Practice%20Guide%20-%20Network%20Monitoring%20Sensors.pdf

    Corresponding Ampere Blog post - https://www.amperesec.com/blog/what-to-do-about-fercs-new-insm-order-887