Cyber Brews - Trust No One, Verify Everything (Zero Trust)
Series 2 – Episode 4!Cyber Brews: Trust No One, Verify Everything (Zero Trust)This month’s brew dives into a game-changing security model that’s making waves in both IT and OT: Zero Trust. Forget the old perimeter mindset — in this episode, we explore why trust is no longer a security strategy, especially when it comes to protecting critical industrial systems.We kick off with a breakdown of what Zero Trust actually means, where it came from, and why it’s become essential in the world of Operational Technology. As OT and IT networks continue to converge, the traditional “trust but verify” approach just doesn’t cut it anymore.Key topics on the table include:Why OT environments need Zero Trust now more than ever.How to apply Role-Based Access Control, Network Segmentation, MFA, and Continuous Monitoring in industrial settings.The real-world benefits of Zero Trust: from reduced insider threats to better compliance and resilience.Common challenges and how to start making progress, even in complex legacy environments.So grab your favourite brew and join us as we unravel how Zero Trust could secure the future of OT — one segment, one policy, one verified connection at a time.
--------
41:08
--------
41:08
Cyber Brews - CEOs meet Cyber
Series 2 - Episode 3!Cyber Brews: CEOs meet CyberThis time, we’re flipping the script and taking cybersecurity straight to the top. That’s right — we’re talking senior management and the critical questions they need to be asking when it comes to protecting Operational Technology (OT).In this episode, we unpack the essential governance-level questions that help leaders understand their organization's cyber risk posture. From assessing the cyber threat landscape to defining roles and responsibilities the various teams, we dive into the high-level decisions that can make or break your organization’s resilience.We will cover topics like:Understanding your threat surface and who’s targeting your systemsThe importance of a complete asset inventory and dealing with obsolete equipmentHow to evaluate your risk management and incident response plansWhy clarity in responsibilities (especially between IT and OT) is non-negotiableUsing frameworks like IEC 62443 to guide your cybersecurity governanceSo grab your favourite brew and join us as we arm the boardroom with the right questions to protect the control room.
--------
38:03
--------
38:03
Cyber Brews - Lets Get Physical
Series 2 - Episode 2!Lets get Physical, Physical. I wanna get Physical...In this episode, we delve into the critical interplay between physical security and cyber security within Operational Technology (OT) environments. In this months episode we discuss the importance of well-defined physical security policies, robust perimeter controls, and effective access management to protect sensitive areas and critical assets. Key topics include establishing security perimeters, entry controls, and physical segmentation, along with the roles and responsibilities of personnel in maintaining these security measures.We discus the need for a unified approach that integrates physical and cyber security strategies, ensuring that both realms work in harmony to protect against threats from all angles. So as always grab your favourite brew and join us for another episode of Cyber Brews!
--------
45:29
--------
45:29
Cyber Brews - From Hacks to Heroes: 2024 in OT Cyber security
Welcome everybody to Series 2 of Cyber Brews the series that tries to make OT Cyber–Security Interesting!!
In this episode of Cyber Brews, we take a deep dive into the biggest cybersecurity stories we covered in 2024.
From shocking insider threat statistics to the evolving tactics of ransomware groups like Ransomhub, we break down the key trends shaping the cyber landscape.
We also revisit wild stories like the Dieselgate scandal, hackers targeting air-gapped systems, and even how lava lamps and internal door pass-codes played a role in security breaches.
Plus, we explore the unexpected collaboration between Western hackers and Russian organised crime groups.
So grab your brew and join us for a recap you won’t want to miss!
--------
53:53
--------
53:53
Cyber Brews - Securing the Death Star of Change
Welcome to the Final Episode of the Year—Episode Six!
In this closing episode of 2024, we dive into the critical topic of management of change (MoC) in the context of OT cybersecurity.
We kick things off with a look at the iconic failure of the Empire's Death Star and explore how its downfall can teach us valuable lessons for managing change in operational technology environments.
In this Episode we cover:
The Death Star Example: A discussion of one of the most iconic and catastrophic management of change (MoC) failures, analysing how overlooked risks and gaps in planning led to its downfall—and what lessons we can apply to cyber security today.
MoC Assessment Basics: Exploring the foundational elements of a robust MoC process, including conducting thorough risk assessments, maintaining accurate and up-to-date documentation, and identifying critical records essential to cyber security.
Supply Chain Risk: Understanding the risks posed by vendor-supplied default configurations—do you really know what’s in them? Examining how changes in the supply chain may impact current physical security controls and whether those changes could alter the criticality of your operations.
Employee Training: Highlighting the importance of employee education and preparedness in the MoC process. How do training programs ensure staff adapt to and manage changes effectively while maintaining a strong security posture?
Join us as we uncover the complex layers of OT cybersecurity, the importance of thorough risk assessments, and the real-world impacts of implementing robust change management strategies.
Thank you for tuning in throughout 2024. We wish you a Merry Christmas and look forward to bringing you Series 2 of the Cyber Brews Podcast in 2025, with even more exciting episodes planned!
À propos de Cyber Brews - The Operational Technologies Podcast
Cyber Brews looks to take the topic of cyber security in the ICS and Operational technologies domain and break it down into sizable chunks.
Each episode we will look to talk about a new topic of interest in the ongoing cyber world. Looking into to areas such as Ransomware, cyber culture and more!
The podcast is not funded and just our passion to talk about cyber security so please come join us in adventuring into the OT world.
Check us out on YouTube: https://www.youtube.com/watch?v=gyXdfRW4UYg
France