Show cover of The OT and IoT Security Podcast

The OT and IoT Security Podcast

Nozomi Networks security experts discuss topics that are important to the OT and IoT security community. This includes current cybersecurity threat intelligence, trends, news, and challenges. If you work in security or operations, or if you are a researcher, you’ll find episodes of interest.

Tracks

A Day in the Life of an OT Responder
Response time refers to the amount of time that takes place between when we perceive something to when we respond to it. It is the ability to detect, process, and respond to a situation. In this case, we look at what a typical day an Operational Technology (OT) responder must endure and why this role is crucial within critical infrastructure and industrial control networks.
61:55 06/09/2022
Cyber and Operational Resilience for Smart Factories
Find out how increased cyber risk, threat of downtime, legacy equipment and IoT proliferation are contributing to the resilience challenge.
60:32 05/18/2022
OT Network Security Challenges in Enterprise Environments
Learn how the Ukraine Russia conflict has enlivened nation sponsored and cyber terrorism events and what defines their motivation. 
62:40 05/12/2022
Monitoring & Protecting Assets in Critical Infrastructure
Join our esteemed panel of experts who cover ways to advance cyber security strategies for critical infrastructure by monitoring and protecting your assets.
63:05 03/08/2022
In a World of Unsecure IoT - Is Privacy Dead?
Will the rapidly expanding use of IoT devices, advent of smart cities and creation of an uber-connected world hasten the demise of privacy? In such a world, just how important is privacy, data security and protecting our IoT infrastructure? Learn about the complex issues of privacy and privilege in this episode. 
62:04 11/19/2021
Understanding the Risks to Operational Technology (OT)
 Operational technology (OT) and Information Technology (IT) have traditionally been managed separately. With the emergence of Internet of Things (IoT) and the changing threat and risk landscape, industrial, manufacturing and critical infrastructure companies are bringing together their OT, IT and IoT networks to achieve a combined cyber and risk plan to prevent future cyberattacks.  The incoming Critical Infrastructure Bill is aimed at driving action in this direction and organizations must start to prepare now to secure their IT as well their OT / IoT infrastructure.  These combined capabilities not only achieve significant improvements in cybersecurity but bring remarkable improvements in the efficiency of managing and securing your diverse assets.  In this episode, learn more about: Threats to OTUnified visibility and security Eliminating OT and IT silos Reducing risks to OT, IT and IoT
60:26 10/09/2021
Defending Smart Cities from Cyber Threats
Join us as we embark upon a journey to secure our digital cities, including foundational technologies as CCTV’s. CCTV’s are used in local government, utilities, transportation systems, healthcare… the list goes on. 
60:59 08/20/2021
Threat Actors Never Sleep – And They’re Creating Nightmares For the Security Community
PrintNightmare and the Kaseya ransomware attack are two recent cyber incidents making waves in the news about the escalating threat environment.  Nozomi Networks Labs security researcher Ivan Speziale shares his insights into what went wrong in these attacks, and what can be done to mitigate their impact. 
18:38 07/08/2021
How to Build an Effective OT/IoT Cybersecurity Risk & Compliance Program
U.S. regulators are looking into how business operators maintain effective cybersecurity. The incoming Security of Critical Infrastructure legislative amendments will no doubt lead to an increased security compliance regime for any country. Companies everywhere should proactively develop a robust cybersecurity compliance program – not because of legislation but because it’s good security hygiene and practice. How can you prepare for that now? Join with us as we explore:The steps involved in building out a Risk & Compliance Program Effective design, implementation and response componentsBuilding a quality ecosystem that supports identifying, managing and mitigating risksGathering intelligence for making evidence-based decisions Ensuring your time and effort leads to a quality outcome
61:05 05/28/2021
The Verkada IoT Security Camera Attack – How Did Hackers Get In?
IoT security camera provider Verkada was the target of a recent attack. Hackers gained access to the live video feeds of 150,000 surveillance cameras used by their customers. The attack showed the risks involved in leveraging IoT devices within business operations. In this short episode, find out what happened during the recent security breach, and what common practices can open the door to attacks like this. 
05:58 04/14/2021
Improving Transportation System Operational Visibility and Security
The number of devices used in Intelligent Transportation Systems (ITSs) is exploding. Unfortunately, this high level of connectivity and network complexity has created an expanded attack surface with many vulnerabilities. Join us to learn about security challenges faced by metro systems, maritime transportation and logistics, and how to gain deeper operational visibility, prevent downtime and detect cyber threats. 
56:58 03/17/2021
Insights on the Top OT/IoT Security Threats – How to Protect Your Operations
To help you address accelerating OT/IoT security issues, the Nozomi Networks Labs team shares their new research findings on the top threats targeting critical infrastructure and industrial operations. Join us for a discussion on the current OT/IoT threat landscape, supply chain threats to OT and IoT environments, ransomware risks, and how to protect your critical OT/IoT networks.
54:36 03/16/2021
Dissecting the Security Implications of the Australian Critical Infrastructure Act
What makes the Australian Critical Infrastructure Act one of the most important pieces of security legislation to come out in the last decade? Join Bill Hagestad II, Jonathan Rusch, Brian Hay and Nozomi Networks’ Diego Betancur for a discussion about the Act's impact upon the Australian industrial landscape. This episode explores the motivations behind targeting critical infrastructure, and covers the fundamental steps toward cybersecurity resilience. 
59:03 03/04/2021
From Oil Rig to Boardroom – Drilling Into the Importance of Cybersecurity
Cybersecurity in the oil & gas industry has become a boardroom issue, as high-profile attacks and targeted threats like TRITON raise awareness about risks to energy sector safety and productivity. Learn how real-world energy leaders manage cyber risks, minimize disruptions and ensure safety. Special guest Jim Guinn, Global Managing Director with Accenture Security, joins the discussion to share his experiences that span time on the rig to board-level cybersecurity planning.Here are links to the security resources mentioned during the session: Accenture Security: ICS Cyber RangeWhitepaper: Midstream Oil and Gas Industry - Improving ICS Visibility Boosts Operations and Cyber SecurityWebpage: Securing OT & IoT in Oil & GasCase Study: Oil & Gas Producer Deploys Global ICS Security ProgramCase Study: National Gas Distributor Achieves Pipeline VisibilityExecutive Brief: The Cost of OT Cybersecurity Incidents and How to Reduce RiskWebpage: Preventing Unplanned Downtime Due to Equipment FailureBlog: Massive IoT Disruption Coming to an OT Network Near You
50:01 12/04/2020
Serious Workplace Accidents and Their Connection to Cybersecurity
An increase in cyberthreats across IT, OT and IoT networks, combined with new labor safety laws designed to hold executive leadership or executive leadership teams accountable, is raising the stakes for corporations, boards and senior executives. In this episode, learn about corporate cyber risk and workplace safety laws from experts in cyber espionage and workplace and risk management. Find out what you can do to strengthen your security posture. 
59:42 12/01/2020
Rich Armour - Where the Rubber Hits the Road: How Digital Transformation is Creating Connected and Protected Cars
Former General Motors CISO Rich Armour reflects on how digital transformation and cybersecurity are driving the next generation of smart, connected and protected vehicles. General Motors’ 1977 Oldsmobile Toronado was the first production car to incorporate embedded software. Today, automotive manufacturing is one of the most widely automated industries in the world. Learn more about how smart devices are used for everything from in-vehicle diagnostics to autonomous control.To learn more about Rich and his role as a Nozomi Networks advisor, visit: https://www.nozominetworks.com/company/leadership/
26:02 11/10/2020
Ngoc Phan – Managing Business During Times of Turmoil
Businesses have faced extremely difficult times during the COVID-19 pandemic. Hear what Nozomi Networks Vice President of Finance Ngoc Phan is doing to address the uncertainty and volatility, and how he’s helped the company pull together to launch a new SaaS solution (Vantage), and find new ways to support customers, employees, and partners.To learn more about Ngoc, visit: https://www.nozominetworks.com/company/leadership/
15:42 11/05/2020
P2P Botnets: Following the Network Trail
To increase botnet resiliency, threat actors are now using a P2P hybrid network topology that allows the botnet to survive a takedown of nodes with specialized roles, and reorganize itself accordingly. Though it can be challenging to disrupt the malicious activities of P2P botnets, you can follow proven strategies when a specific network has been affected. Listen to the podcast learn what can be done. Here are links to the security resources mentioned during the session: Blog: Overcoming the Challenges of Detecting P2P Botnets on Your NetworkWebpage: Nozomi Networks Labs (Threat Advisories, Community Tools and more)Research Report: OT/IoT Security Report 2020 1HBlog: Your Guide to the MITRE ATT&CK Framework for ICSWebinar: How to Use the MITRE ATT&CK Framework for ICSData Sheet: Threat Intelligence – Detect Emerging OT and IoT Threats and Vulnerabilities
34:37 11/04/2020
Stephen Driggers – How the Customer Experience Leads to a Better OT Security Solution
Learn why Stephen, Nozomi Networks’ Chief Revenue Officer, believes in creating an amazing customer experience at every touch point. He shares how listening closely to customer feedback and responding quickly to their requests leads to a much better OT/IoT security solution. To learn more about Stephen, visit: https://www.nozominetworks.com/company/leadership/
13:48 10/21/2020
Fireside Chat: Accelerating Digital Transformation Drives Innovation in Industrial Cybersecurity
In this episode, learn how digital transformation has been fuelled by a global pandemic that forced many of us to work from home. Security visionaries from Schneider Electric and Nozomi Networks discuss the latest trends in industrial cybersecurity that have developed from the need for secure remote access, and cover a use case for an innovative security solution. Here are links to the security resources mentioned during the session: Marketplace: Schneider Electric ExchangePress Release: Nozomi Networks Delivers OT & IoT Cybersecurity Via the Schneider Electric ExchangeWebpage: Nozomi Networks Guardian - Solution for EcoStruxure™ CyberSecurity ServicesSolution Brief: Nozomi Networks Guardian – The Leading Solution for OT and IoT SecurityData Sheet: Guardian – Industrial Strength OT and IoT Security and Visibility
43:37 10/14/2020
Data Centers Are Migrating To the Cloud – Is Your OT Security Infrastructure Ready?
As you move some or all of your data and applications from on-prem to the cloud, you may need to rethink your security strategy. This episode covers cloud options – private, public, and SaaS – to help you determine which is the right one for you. Panelists also discuss the risks of failing to ensure that your security infrastructure is ready before migrating. Here are links to the security resources mentioned during the session: Webpage: Closing the IoT Security GapResearch Report: OT/IoT Security Report 2020 1HWebpage: Nozomi Networks Labs – Threat Advisories, Tools, Research ReportsData Sheet: Guardian – Industrial Strength OT and IoT Security and VisibilityData Sheet: Threat Intelligence – Detect Emerging OT and IoT Threats and VulnerabilitiesData Sheet: Asset Intelligence – Focus on the OT and IoT Incidents That MatterMicrosoft Azure Marketplace: Nozomi Networks Guardian, Central Management Console
36:05 10/06/2020
Edgard Capdevielle – From Startup to Industry Leader
Hear from Nozomi Networks’ President and CEO Edgard Capdevielle how the company transformed from a startup of seven people in the U.S. and Switzerland into a global OT and IoT security leader in less than seven years.  To learn more about Edgard and Nozomi Networks' path to success, visit: https://www.nozominetworks.com/company/leadership
18:30 09/29/2020
Moreno Carullo – Using Artificial Intelligence and Machine Learning in Cybersecurity
Learn why Moreno Carullo launched Nozomi Networks with university-mate Andrea Carcano in 2013, and how artificial intelligence and machine learning are being used to drive OT security automation and increase the effectiveness of small cybersecurity teams. Moreno also discusses how Nozomi Networks uses these two technologies to provide up-to-date threat and asset intelligence. 
19:15 09/16/2020
Cyber Crime Migration to Critical Infrastructure
In this episode, find out what every critical infrastructure and industrial operation should know to keep operations safe. Learn about cyber espionage, and how the lines are blurring between organized cybercrime and nation-sponsored efforts. Nozomi Networks’ Phillip Page is joined by Chinese Cyber Espionage Expert Retired Lt Colonel Bill Hagestad II, and former Federal Prosecutor US Department of Justice Jonathan Rusch, with the episode facilitated by Brian Hay, former Operational Commander of Fraud and Cybercrime for the Queensland Police. 
58:48 09/10/2020
How to Use the MITRE ATT&CK Framework
Security teams can use the MITRE ATT&CK Framework for ICS to enhance their organization’s security strategies and policies. The framework uses threat modelling to classify malicious cybersecurity events against an OT environment, and to create a knowledge base of potential threat actor behaviors. Find out more about the differences between MITRE for IT and MITRE for ICS. Here are links to the security resources mentioned during the session: Webpage: Using the MITRE ATT&CK Framework to Accelerate & Simplify OT/IOT Threat ResponseBlog: Your Guide to the MITRE ATT&CK Framework for ICSResearch Report: OT/IoT Security Report 2020 1HBlog: NSA and CISA Call for Action to Lower OT/IoT Cybersecurity ExposureWebpage: Nozomi Networks Labs – Threat Advisories, Tools, Research Reports
42:55 09/09/2020
Top 10 Pitfalls to Avoid When Choosing a Cybersecurity Solution
Learn about the pitfalls typically encountered when choosing an OT/IoT cybersecurity solution. From evaluation to selection, purchase, and deployment, this podcast covers the most important questions to ask the vendors you’re considering, and ways to successfully navigate past the key hazards. Join Nozomi Networks host Chris Grove and CMO Kim Legelis as they address this important process. Here are links to the free resources mentioned during the webinar: Solution Brief: Real-time Cybersecurity and Visibility for Industrial Control NetworksLearning Guide: The IT Pro’s Guide to OT/IoT SecurityExecutive Brief: Integrating OT into IT/OT SOCsExecutive Brief: The Cost of OT Cybersecurity Incidents and How to Reduce RiskResearch Report: OT/IoT Security Report 2020 1HWebpage: Customer Reviews – Gartner Peer Insights on OT Security
35:34 08/27/2020
Alessandro Di Pinto – A Day in the Life of a Threat Analyst
Learn about Alessandro’s path from pen tester to threat analyst, and what a threat analyst does day-to-day. Find out more about the activities that Alessandro and his security research team are involved in: looking for new threats reported by the security community, gathering samples, analyzing their behavior and creating efficient signatures to precisely detect threats and help industrial and other OT/IoT organizations keep their networks secure.To find out more about Nozomi Networks Labs, visit: https://www.nozominetworks.com/labs/
32:12 08/18/2020
Alan Berusch - The Role of Culture in Company Success
This episode covers the most active threats seen in the first six months of 2020, including IoT malware, ransomware, and COVID-19-themed malware. Gain insight into their tactics, techniques and procedures, as well as recommendations for securing your OT/IoT networks. You’ll also learn about the top ICS vulnerabilities of 2020, and their ongoing impact on risk from Nozomi Networks security researchers.    Here are links to the free resources and security tools mentioned during the webinar: ·      Research Report: OT/IoT Security Report 2020 1H·      Blog: What IT Needs to Know about OT/IoT Security Threats in 2020·      Learning Guide: The IT Pro’s Guide to OT/IoT Security·      Executive Brief: Integrating OT into IT/OT SOCs·      Executive Brief: The Cost of OT Cybersecurity Incidents and How to Reduce Risk·      Solution Brief: Real-time Cybersecurity and Visibility for Industrial Control Networks
16:30 08/12/2020
OT/IoT Security Report 2020
This episode covers the most active threats seen in the first six months of 2020, including IoT malware, ransomware, and COVID-19-themed malware. Gain insight into their tactics, techniques and procedures, as well as recommendations for securing your OT/IoT networks. You’ll also learn about the top ICS vulnerabilities of 2020, and their ongoing impact on risk from Nozomi Networks security researchers.    Here are links to the free resources and security tools mentioned during the webinar: Research Report: OT/IoT Security Report 2020 1HBlog: What IT Needs to Know about OT/IoT Security Threats in 2020Learning Guide: The IT Pro’s Guide to OT/IoT SecurityExecutive Brief: Integrating OT into IT/OT SOCsExecutive Brief: The Cost of OT Cybersecurity Incidents and How to Reduce RiskSolution Brief: Real-time Cybersecurity and Visibility for Industrial Control Networks 
51:45 08/06/2020
Chet Namboodri – The Power of Partnerships: Taking OT Cybersecurity to the Next Level
As Nozomi Networks VP of Worldwide Business Development and Channel Sales, Chet Namboodri knows the value of partnerships. Learn how partnering between security providers creates better solutions, and what type of partners Nozomi Networks looks for. Also, find out what changes Chet sees in the future, as the partnership landscape evolves to address emerging threats.To learn more about Chet, visit: https://www.nozominetworks.com/company/leadership/
22:47 07/27/2020