Schneider Electric Vice President of Supply Chain Security Cassie Crossley joins the Nexus Podcast to discuss the nuances of hardware security and the growing need for hardware bills of materials (HBOMs) within critical infrastructure.Cassie covers the use cases and features that matter most within an HBOM, some of the threats and weaknesses they can illuminate for users, and how they can change the current status quo for CI sectors that have concerns about the provenance of hardware components and the threats they pose. Cassie is an experienced cybersecurity technology executive in information technology and product development and author of “Software Supply Chain Security: Securing the End-to-End Supply Chain for Software, Firmware, and Hardware.”Listen and subscribe to the Nexus Podcast here.
--------
28:20
Christiaan Beek on Ransomware's Evolution and Economics
Rapid7 Senior Director of Threat Analytics Christiaan Beek joins the Nexus Podcast to discuss the technical evolution and economic models that maintain ransomware's viability among threat actors. Ransomware became a for-profit threat more than a decade ago and has progressed into the No. 1 threat facing many critical infrastructure organizations. In this episode, Beek covers extortion characteristics, the stealthiness of some attacks, and how the future may include hardware-based ransomware that maintains indefinite persistence. Follow and subscribe to the Nexus Podcast.
--------
30:05
Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity Standard
Florence Hudson, working group chair of the IEEE/UL 2933 standard and framework for Clinical IOT Data and Device Interoperability with TIPPSS, joins the Nexus Podcast. Published last September, the standard establishes a framework for secure data exchanges between clinical IoT and medical devices and systems. The frameworks is based on TIPPSS principles (trust, identity, privacy, protection, safety, and security) clinical IoT such as in-hospital devices, wearable devices, investigational devices.Follow and subscribe to the Nexus Podcast.
--------
40:39
Mike Holcomb on Starting and Succeeding in OT Cybersecurity
Mike Holcomb, global lead for ICS and OT cybersecurity at Fluor, joins the Nexus Podcast to discuss his advocacy and efforts to educate engineers and IT cybersecurity professionals in the nuances of protecting operational technology and industrial control systems. Mike produces and hosts a learning series available for free on YouTube called "Getting Started in ICS/OT Cyber Security" where he explains the fundamentals of this unique cybersecurity discipline On the podcast, he discusses his experience with those in IT now responsible for OT, how to best assess and mitigate risk within OT, and some of the practical threats that matter most to practitioners. Follow the Nexus Podcast here.
--------
42:40
Ron Fabela on Low-Skilled OT and ICS Threat Actors
Ron Fabela of ABS Consulting joins the Nexus Podcast to dispel some of the myths surrounding threat actors targeting operational technology and industrial control systems. Groups such as the Russian Cyber Army, UserSec, and the CyberAv3ngers have different ideological motivations, and have decidedly carried out low-impact attacks on OT. Fabela covers some of their tactics, whether they're better marketers than hackers, and reminds users that their exploits still merit investigation and remediation. Listen to every episode of the Nexus Podcast here.
Nexus is a cybersecurity podcast hosted by Claroty Editorial Director Mike Mimoso. Nexus will feature discussions with cybersecurity leaders, researchers, innovators, and influencers, discussing the topics affecting cybersecurity professionals in OT, IoT, and IoMT environments. Nexus is formerly known as Aperture.
France