Security Breach

How a greater focus on new and legacy OT connections could alter the cybersecurity battlefield.Everything old … is new again. While that might seem like a natural lead-in for discussing hacker tactics, that same mantra rings true when discussing OT technology. Mordor Intelligence recently reported that U.S. manufacturing spent over $307 billion on digital transformation technologies last year, and nearly every research and consulting outlet around the world is predicting that those numbers will rise in 2024. All this new software, connectivity, automation and equipment creates a familiar challenge when it comes to OT cybersecurity. This meshing of the old and new is something our guest for this episode is all too familiar with, and he’s here to break down everything associated with bringing legacy and next-gen together. Listen as Josh Williams, Strategic Account Manager at IriusRisk, offers his thoughts on secure-by-design, as well as:How the industrial sector gets a C- when it comes to securely integrating new technology into the OT landscape.Why the onus for secure-by-design concepts resides with the buyer.How monitoring became a critical vulnerability.The double-edged sword of connectivity.How state-sponsored hackers are a threat to more than just political targets.Why industrial OT is the front line in the cyber war.Why he doesn't want to be the "old man yelling at the clouds.".How supply chains have become manufacturing's biggest cyber concerns.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The good, the bad and the ugly of mobile device security in the expanding OT attack landscape.Included in the challenges associated with securing an ever-expanding OT attack surface is the role played by the increasing use of mobile devices – at both the enterprise and individual level. In fact, according to a recent report from Imprivata, only 46 percent of manufacturing organizations have the ability to maintain control over who has access to such devices and when, and 61 percent are using shared pin numbers to secure these devices. Additionally, an average of 16 percent of these devices are lost each year, costing organizations over $5M annually, not to mention the collateral damage from a security perspective.  This translates to an opportunity for hackers to unleash catastrophic damage by leveraging any vulnerabilities in areas like remote monitoring, and potentially new ways to worm into the networks associated with controlling your machines and systems.Watch/listen as Joel Burleson-Davis, SVP of Cyber Engineering at Imprivata, returns to Security Breach to discuss OT mobile device security, as well as:The journey the industrial sector has made from devices that were never intended to be connected, to what Joel describes as OT "super connectivity".Why OT continues to be an easy target for hackers.The evolution of hacking groups.How we might be over-doing all the connectivity.The double-edged sword that is mobile use in the industrial sector.Avoiding 'mobile defeatism'.Combatting the growing number of dwelling or living-off-the-land attacks.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

It's not always about the ransom, data theft or denial of service.Many cheered with the recent crackdowns  on groups like LockBit, and rightfully so. However, the harsh reality is that most of these victories are short-lived. For example, after law enforcement seized control of multiple LockBit websites and stolen data, the group was back to running extortion campaigns within a week.And the same can be said for many other high-profile busts of groups like Hive and Volt Typhoon. These groups re-build or re-brand, as was the case with the Conti Group offshoot Black Basta. After Conti disbanded, Black Basta reformed from the ashes and tallied over $100 million in ransomware payments last year. My point is not to belittle the incredible work that global agencies are performing, but to illustrate that while the industrial sector continues to make tremendous gains - the war continues. And as we evolve and improve, so will the bad guys. And perhaps no one knows this better than our guest for this episode - Rod Locke. He’s the director of project management at Fortinet, a leading provider of OT cybersecurity solutions. Watch/listen as Rod shares his thoughts on:The growing influence of state-sponsored hacker groups.The rise of dwelling or live-off-the-land attacks and how some hackers are more focused on learning about their victims than harming them.Why OT can't always place the blame on IT, and the value in understanding both environments.How some regulatory efforts might have "swung too far."How to attract more "unique individuals" to cybersecurity.An anticipated rise in cloud infrastructure and the ways it will impact data security.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How we're failing to properly support and train our most important cybersecurity asset.According to Nozomi Networks February 2024 OT-IoT Security Report, manufacturing was exposed to more common vulnerabilities and exposures, or CVEs, than any other sector - realizing a 230 percent year-over-year increase in this area. Addressing even a fraction of these CVEs would be daunting, which is why understanding your assets is so basic, but so vital in establishing priorities and implementing approaches best suited to your security needs. To discuss these topics, and more, we welcome Jeff Nathan, Director of Detection Engineering at Netography, a leading provider of network security solutions, to the show. Watch/listen as he discusses:How social engineering tactics play a key role in manipulating emotional responses that trigger certain actions.The phishable weaknesses of MFA, and how its workflow might not be strengthening your security posture.Limiting your blast radius.The potential of encrypting endpoint data.Why cybersecurity needs to take a more scientific approach to defensive tactics.The industry's biggest miss on AI.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Threat intelligence is important, but why manufacturers should focus on risk factors first.When it comes to the industrial sector’s ongoing cybersecurity challenges, we all know that there's more to defend, but what is most concerning is that we’re not responding quickly enough to the expanding threat landscape. In case you needed proof, here are some of the recent stats from Dragos 2023 Year in Review Report. It found that:80 percent of industrial sector vulnerabilities reside deep within the ICS network, making them difficult to see and harder to kick out.53 percent of the advisories Dragos analyzed could cause both a loss of visibility and control.Ransomware attacks against industrial organizations increased by 50 percent last year, and Dragos tracked 28 percent more ransomware groups focused on the ICS/OT environment.Attacks were confirmed in 33 unique manufacturing sectors.74 percent of all vulnerability advisories had no mitigation strategy.I’m not going to promise solutions for all of these challenges, but we’ve definitely found a guy interested in trying. Scott Sarris is an Information Security, Compliance and Privacy Solutions Advisor at Aprio, a leading advisory and business consulting firm. Watch/listen as we discuss:Why OT could affectionately be known as "Old Tech".The political factors impacting IT/OT divisiveness in the industrial sector, but why Scott is optimistic about the progress being made in bringing the two segments together.Why cybersecurity planning and investments needs to start with assessing and prioritizing risk.How slowing down can help ramp up security efforts.Why dwelling or living-off-the-land attacks will escalate.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The sector's (forced) cyber awakening needs to focus on making it harder to be a hacker.Regardless of how complex the attack, how organized the hacker, or how advanced the tools and tactics, security solutions usually lie in very fundamental practices. So, while you might think you already know enough about segmentation strategies, framework development, asset visibility or enhanced access controls, it’s these things that get overlooked and then exploited by hackers. It’s the evolution of these little things that our guest for today’s show likes to emphasize in helping to keep the OT environment secure. Watch/listen as Brian Deken, Commercial Manager of Cybersecurity Services at Rockwell Automation offers perspective on topics that include:How increased coverage and awareness of industrial cybersecurity has helped improve OT visibility, and incited more manufacturers to take real action.Why constantly evolving simple cyber strategies, like frameworks, segmentation and access hygiene are essential.What video gamers can teach us about finding OT security expertise.The status of IT-OT convergence.The attack from which some manufacturers will never recover.The positive impacts of supply chain vulnerabilities.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How thinking like a hacker can lead to better cybersecurity ROI and avoid the dreaded "hope" strategy.Regardless of what you might hear from some, ransomware in the industrial sector is at an all-time high in terms of frequency and cost. Zero day and day one vulnerabilities are being discovered at a historic level and patching continues to be a challenge.Asset visualization and endpoint security have become more daunting thanks to technology-driven expansions of the industrial attack surface. And then there’s AI, SBOMs and botnets all waiting to wreak havoc on the ICS.All of these factors, along with the growing complexity of the hacker community, means that industrial cybersecurity is no longer just about white and black hats. In fact, some would argue that perhaps the most important player in the cybersecurity arena now wears red.Joining us to discuss his approach to "red teams on steroids" is Guy Bejerano, CEO of SafeBreach, a leading provider of Breach and Attack Simulation tools and services. Listen as we discuss:What it means to think like a hacker, but defend like a CISO.Developing security with a focus on running a business.Connecting the dots between the technical aspects of an attack and the impact of it on the business.Improving cybersecurity ROI by demonstrating the value of closing "gaps."Focusing on known attacks, as opposed to the "ghost" vulnerabilities.The growth of collaboration between IT and OT.Why manufacturing is still susceptible to legacy attacks.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Creating an OT vision, and why hackers are "like water."With hackers repeatedly demonstrating that that they play no favorites in terms of the sector of manufacturing, its location, or the size of the enterprise, detection and response strategies can be universally dissected in addressing ransomware, phishing or any number of social engineering approaches. And this data, along with the potential solutions it fuels, can be made available to the industry as a whole – not just the largest or most well-known entities. Universal problems typically generate the most response. And what I’m seeing is a much more aggressive response from big players throughout the industry – including the employer of today’s guest, Alexandre Peixoto, Cybersecurity Business Director at Emerson Automation Solutions.Listen/watch as we discuss:Why recent cybersecurity developments are less about how the hackers have changed and much more about attack surface evolution.How, why and when to bring IT into the cybersecurity conversation.How OT can learn from IT in developing a vision for ongoing cybersecurity needs.The importance of going through the cybersecurity journey, similar to digital transformation, in order to really understand needs and priorities.Why OT cybersecurity often forgets about the basics.How "hackers are like water."Tackling the legacy dynamics of SBOMs.The future role of over-the-air (OTA) software updates, and how they could impact security priorities.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Hacker insight and vulnerability updates are great, but that's only half the battle.An ever-expanding attack surface has created a number of complexities when it comes to combining the benefits of new automation technologies with the challenges of securing the OT environment and supply chain. This led Cybersixgill to predict that in 2024, more companies will adopt Threat Exposure Management, a holistic, proactive approach to cybersecurity where cyber threat intelligence is a foundational component.To discuss this perspective, and more, we sat down with Gabi Reish, Global Head of Product Development at Cybersixgill , a leading provider of industrial cybersecurity solutions. Listen as we discuss:How data breaches have grown to average $4.7M per attack in manufacturing - which is $300K more than other industries.Why the biggest benefit of threat intelligence might be gaining a better understanding of how to position cyber assets.The latest SEC regs and how disclosing incidents makes the industry better.The potential impact of virtual patching.Why some OT specialists are being asked to "predict the weather without any forecasting tools."How and why ransomware attacks are getting more complicated."Human nature is a problem."How AI is allowing hackers to "seem more human" and why that's a huge problem.We need more technology that works like a guardrail.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

The tech that's helping social engineers expand current exploits, including credential harvesting.In this episode, we welcome Kory Daniels, CISO of Trustwave, a leading provider of industrial cyber risk solutions, to the show. The conversation spanned a number of topics, including:The double-edged sword of credential harvesting hacks.How data theft is providing greater visibility of an organization's supply chain and partners in helping cybercriminals accumulate more potential targets.The challenges of implementing and sustaining data hygiene practices.Using AI to to fill cybersecurity jobs.How new technology, like AI, is helping cybercriminals lower their operating costs.Understanding that you can't defend what you don't know or understand about your internal landscape.Embracing the benefits of IIoT, but understanding the security risks it carries.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How prioritizing the wrong data and assets is leading to more cyber risk.When it comes to OT security, the cruel reality is that the bad guys are doing what most predators do over time – they continue to hunt and evolve. This evolution allows hackers to constantly adjust to new security protocols and more rapidly react to common vulnerabilities – often days, weeks or months before a suitable patch or solution can be put in place. It’s the black hat’s constant drive to enhance their attacks that led us to this episode's discussion and guest. I recently sat down with Rick Kaun, VP of Solutions at Verve Industrial Protection. Verve is a leading provider of endpoint security, vulnerability testing and network segmentation strategies.Join us as Rick discusses:What 'done' looks like.Why nobody wants to be a CISO right now.The opportunities represented by former military personnel coming into cybersecurity.Why there's too much attention around SBOMs ... right now.The best ways to use AI.How identifying the "crown jewels" is the most important step to protecting them, and why this is consistently overlooked.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

How the legacy of OT innovation contributes to cyber challenges.Vulnerabilities across the cybersecurity landscape are obviously trending in an upward direction. Perhaps most concerning, however, is the number of zero and one-day vulnerabilities being uncovered in key industrial control systems by many of the sector’s leading providers of software, automation and system integration services.These vulnerabilities not only open the door for potential attacks, but lend credence to other cybersecurity challenges, such as patching, proper segmentation strategies and trying to accommodate the potential downtime associated with identifying and rectifying these embedded problems. Constantine Antoniou, Cybersecurity Business Consultant in Schneider Electric's Global Cybersecurity Solutions and Services business, promises to offer a unique perspective on these challenges and potential solutions.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Two recent vulnerabilities, one traditional and one frighteningly unique, could reshape industrial cybersecurity.In this episode, we’re going to dive into two recently detected vulnerabilities that could have a significant impact on the industrial sector, as they involve two companies with wide-reaching influence on manufacturers of all sizes. One involves the Siemens Automation License Manager, and the potential threats a vulnerability poses to industrial control system data security for its users.The second stems from a unique source – a Bosch assembly tool. More specifically, we’re talking about a very popular nutrunner/pneumatic torque wrench that could potentially be exploited by hackers to create extortion campaigns. We discuss these security challenges with Andrea Palanca, a security researcher at Nozomi Networks, and Eran Jacob from OTORIO.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Elevated social engineering, more connections and growing extortion amounts will drive attack growth.Late last year we discussed Lockbit’s ransomware attack on Boeing, and the ensuing “cyber incident” that resulted in a large quantity of the aerospace giant’s data being stolen. One of the experts we tapped into in breaking down the attack, and its fallout, was Tony Pietrocola.In addition to serving as the president of AgileBlue, he also heads the Northern Ohio chapter of InfraGard, which works directly with the FBI on cybercrime.You can check that Boeing episode out in our archives.In addition to his extensive knowledge on threat actors like Lockbit, Tony also has a tremendous amount of insight on ways to improve attack surface visibility, especially as hackers are beginning to utilize next-gen tools like AI.For more information on the work AgileBlue does, you can check them out at agileblue.comTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Coordinating patches, covering the basics and not falling for 'pinky promises.'Late last year we discussed Lockbit’s ransomware attack on Boeing, and the ensuing “cyber incident” that resulted. One of the experts we tapped into in breaking down the attack, and its fallout, was KnowBe4’s Erich Kron.You can check that episode out in our archives. In addition to his extensive knowledge on threat actors like Lockbit, Erich also has a tremendous amount of insight on a number of cybersecurity challenges that continue to plaque the industrial sector, including the human elements. His knowledge seems especially timely given that one of the most significant vulnerabilities uncovered in the last month stems from a hacktivist group using unchanged default passwords to access PLCs in water treatment facilities and manufacturing plants. Just like Colonial Pipeline and numerous other attacks, this global vulnerability started with the actions, or inactions, of a human being. This episode offers some additional insight from Erich Kron at KnowBe4. To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

A former black hat offers insight on defending against hackers that "go for the throat every time."One of the mindsets shared by hackers and their corporate victims is the desire to put a successful bow on the calendar year. For you this could mean hitting a collection of shipping dates, production quantities or equipment implementations. What many are beginning to realize is that the black hat community has a number of year-end targets to hit as well. The focus on closing out orders, dealing with holiday-related slowdowns and potentially fewer employees on the plant floor often leave doors open to hackers. It’s no surprise that these dynamics often result in the last quarter of the year producing large spikes in ransomware, DDoS and credential harvesting attacks.Our guest, Matthew Wolfe, Director of Cybersecurity Operations at Impero, offers insight on these attacks and how some of his previous experiences have given him a unique take on the bad guy's tactics.We’re also excited to announce that Palo Alto Networks is sponsoring this episode. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com. To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Accidental advancements by state-sponsored hackers are impacting ICS security, and elevating network visibility needs.Amongst the traditional threats to manufacturing enterprises and industrial control systems are the escalating roles of state-sponsored hacker groups. Refined through recent hostilities in the Ukraine and Gaza Strip, more and more cyber attacks against critical infrastructure around the world has cybersecurity experts looking beyond independent RaaS groups and malware drops.What makes these organizations so concerning is that they are more focused on stealing data and manipulating operations than extorting funds. This means the challenges associated with dwell time and asset visibility now take on even greater prominence.That’s why we’ve invited Paul Ernst to the show. Paul will call upon his military experience, as well as his current role, to help us better understand these nation-state threats and vital ICS vulnerabilities.We’re also excited to announce that Palo Alto Networks is sponsoring this episode. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-securityTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

MITRE’s ATT&CK knowledgebase, and the intrusion patterns, hacker tactics and response data it provides.While there are a number of indicators showing the positive direction in which industrial cybersecurity is heading, it's still worth taking a look at some of the more alarming facts impacting our current situation. For example, Fortinet is reporting that:Three-fourths of industrial enterprises reported at least one OT intrusion in the last year.Nearly one-third of all ransomware attacks continue to target the industrial sector, with a nearly 10 percent uptick in attacks going undetected until the extortion or blackmail note arrives.Intrusions from malware and phishing attacks have increased by one-third.But there is good news. Fortinet reports that 98 percent of organizations now include its OT cybersecurity posture in briefings with executive leadership. We also know more about the bad guys today, then we ever have before, with some of this progress attributed to the work being done by today’s guests - Adam Pennington and Jake Steele from MITRE’s ATT&CK knowledge database.We’re excited to announce that Palo Alto Networks is sponsoring this episode. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com. To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Balancing resources to keep the bad guys out, improve real-time visibility, and develop quicker responses to new attacks.In what might be legendary singer Johnny Cash's most famous song, he speaks of keeping his eyes wide open all the time, and those tasked with OT security responsibilities are finding that they too need to walk the line. In the cybersecurity world this means balancing between the priorities of different operational environments, selecting tools and technologies that best match these priorities, and then understanding how all these investments can be intertwined to carry out your strategy. Unfortunately, this makes it bit more difficult to stay true to original plans. Navigating that line also entails an understanding that keeping the bad guys out is not the sole function of cyber defense, because the evolution of threats and an expanding OT attack surface has created an incredibly complex environment – a fact that is as obvious as night is dark and day is light. So, to keep us walking that line in understanding how to adapt our tools and strategies, we welcome Stephen Tutterow, a team lead at Pentera, to the show. Pentera is a leading provider of automated security validation solutions.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com. To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Industry experts assess the ransomware attack, the attacker, and critical takeaways for manufacturers of all sizes.Recently, one of the most high-profile manufacturers in the world – Boeing – suffered what they’re describing as a “cyber incident”, which resulted in a large, but unknown quantity of data being stolen and held for ransom by the notorious Russian RaaS group, Lockbit.Lockbit, which is highly recognized as one of the most prolific threat actors targeting the industrial sector, obtained what is currently assessed as Citrix cloud files, security controls, email backups and corporate emails. The leak is potentially tied to a parts distribution company, Aviall, that Boeing purchased in 2006. What remains to be seen, despite Boeing’s claims, is just how damage this leak could cause, what the ramifications might be moving forward, how Boeing might respond and what the industrial sector can learn from this incident.We’ve assembled two leading industry experts to break down the attack - KnowBe4’s Erich Kron and Tony Pietrocola, president of AgileBlue and the Northern Ohio chapter of InfraGard.We’re also excited to announce that this episode is being sponsored by Palo Alto Networks. Protect your OT assets, networks and remote operations with Zero Trust OT Security from Palo Alto Networks. It’s powered by AI and machine learning while offering comprehensive visibility, zero trust security for all OT environments, and simplified operations. For more information on zero trust security for all OT environments and simplified operations, go to www.paloaltonetworks.com/network-security.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.