The Industrial Security Podcast
PI Media
Your lights are on, your car runs, because industrial systems work 24/7 to keep our lives ticking. But what happens when those systems—the very pillars of modern society—are threatened?Hosted by Nate Nelson and Andrew Ginter, The Industrial Security Podcast takes a deep-dive into the most pressing emerging issues in SCADA technologies today. But don't just take our word for it: each new episode of the show features a leading voice in the world of industrial control systems security. You'll hear from executives, engineers, researchers and more, each with their own unique take on what's wrong with how we do things today, and how to fix it.ICS security is complicated. Here is where it all comes together.
Episodes
Mentioned books
Jun 19, 2023 • 53min
Hacking the CANbus [The Industrial Security Podcast]
Modern automobiles contain hundreds of CPUs and a CANbus network or three connecting these devices. Thieves are hacking the CANbus to steal cars. Worse is possible. Ken Tindell, CTO at Canis joins us to look at the problem and at what the automobile industry is doing about these embedded control systems.
May 31, 2023 • 33min
Saving money and effort automating compliance [The Industrial Security Podcast]
NERC CIP, the new TSA pipeline and rail directives and other regulations can be very expensive - to comply with and to prove to an auditor that you comply. Kathryn Wagner of Assurx joins us to look at what and how we can automate this process to save time and money.
May 17, 2023 • 47min
How cyber fits into big-picture risk [The Industrial Security Podcast]
All physical processes involve risk - sometimes very big risk. Dr. Janaka Ruwanpura from the University of Calgary joins us to look at where cyber risks fit into the big picture of risk at industrial organizations, and at roles and responsibilities for managing risk throughout an organization.
May 2, 2023 • 47min
Six steps to integrating IT & OT in mining [The Industrial Security Podcast]
OT systems are critical to mining safety. Rob Labbe, the chair of the Metals and Mining ISAC joins us to look at six steps to integrating IT & OT networks and security programs in this very sensitive environment.
Apr 17, 2023 • 55min
Experience Using IEC 62443 Risk Assessments [The Industrial Security Podcast]
Risk assessments are a staple of industrial security programs. Paul Piotrowski, a Principal OT Cybersecurity Engineer at Shell, walks us through a deep dive into his experience using IEC 62443-3-2 risk assessments and the lessons he's learned, with lots of examples.
Apr 3, 2023 • 47min
Shining a Light into the Dark [The Industrial Security Podcast]
Getting an industrial site started on the cybersecurity road can be hard. Matthew Malone of Yokogawa joins us to look at strategies to shake loose funding, trigger conditions that can jump-start investments, and stumbling blocks and how to address them.
Mar 20, 2023 • 45min
Stakeholder-Specific Vulnerability Categorization (SSVC) [The Industrial Security Podcast]
SSVC is a new standard decision process for deciding what to do about new vulnerabilities and patches. Thomas Schmidt of the German BSI joins us to look at how SSVC decision trees work, and where and why to use them.
Mar 6, 2023 • 35min
Bridging industrial Cybersecurity Workforce Gaps [The Industrial Security Podcast]
Different kinds of organizations in different stages of their cybersecurity evolution need to look for different kinds of people to contribute to their industrial security programs. Jason Rivera a Director at Security Risk Advisors joins us to look at workforce capability gaps and different approaches needed to fill those gaps in different scenarios.
Feb 20, 2023 • 49min
#100 Engineering-Grade security in the US DOE Cyber Informed Engineering Strategy [The Industrial Security Podcast]
The new US Department of Energy Cyber Informed Engineering Strategy includes unhackable safeties, manual operations, and other engineering-grade protections, in addition to traditional cybersecurity. Join Cheri Caddy, USA Deputy Assistant Cyber Director as we look at a strategy to develop a discipline of security engineering.
Feb 1, 2023 • 48min
IIoT Firmware Visibility - Under the Hood [The Industrial Security Podcast]
Windows and Linux operating systems provide a lot of detail as to what software & versions of the operating system, applications & libraries are installed. Most firmware provides almost nothing - only a single firmware version number. Thomas Pace, Co-Founder and CEO of Netrise joins us to look at gaining visibility into industrial device firmware and vulnerabilities.
