Skip to content
NGTEdu Logo

NGTEdu

A PRODUCT OF NGTECH.CO.IN

NGTEdu Logo

NGTEdu

  • Home
  • Cyber Attacks
  • Malware
  • Vulnerabilities
  • Data Breach
  • Home
  • Data Breach
  • Podcast Episode 8: Industrial Cybersecurity – From HVAC Systems to Conveyor Belts
  • Data Breach
  • Vulnerabilities

Podcast Episode 8: Industrial Cybersecurity – From HVAC Systems to Conveyor Belts

6 years ago Ray Lapena
Podcast Episode 8: Industrial Cybersecurity – From HVAC Systems to Conveyor Belts

Tripwire’s General Manager of Industrial Cybersecurity, Kristen Poulos, discusses the risks that come with the increasing number of connected devices operating on the plant floor and throughout facilities. In this episode, Kristen shares how IT can partner with OT to protect the safety, productivity, and quality of operations.

Spotify: https://open.spotify.com/episode/5wXKv9DiQjfsZNf6heXg67
Stitcher: https://www.stitcher.com/podcast/the-tripwire-cybersecurity-podcast
RSS: https://tripwire.libsyn.com/rss
YouTube: https://www.youtube.com/playlist?list=PLgTfY3TXF9YKE9pUKp57pGSTaapTLpvC3

The following is an edited excerpt from a recent episode of Tripwire’s Cybersecurity Podcast.

Tim Erlin: Welcome everyone to the Tripwire Cybersecurity Podcast. I’m Tim Erlin, vice president of product management and strategy at Tripwire. And today I am joined by Kristen Poulos, who is our GM of industrial cybersecurity. We’re here to talk about industrial cybersecurity. Why are we having this conversation now?

Kristen Poulos: Yeah, it’s relevant now because there’s risk now. I’m sure most of the followers of this topic now understand that this so-called air gap between the industrial world and the outside world has been eliminated. But I also think it’s important to understand why this has happened. So the “next industrial revolution” might be used to describe this theme of increasingly connected devices on the plant floor. And these devices speak traditional IT, not OT protocols. And many can communicate with the outside world.

This is a great thing. But it means that significantly more data while being made available can help users make better decisions. It also means that this door has been opened for malicious outsiders. So with all the promise of the efficiencies of industry 4.0, cybersecurity maturity has to increase in accordance. And that’s why it’s important to talk about industrial cybersecurity right now.

Who’s Responsible for OT Security?

TE: OT and ICS environments have really been separate from enterprise IT and as such haven’t really been a part of enterprise cybersecurity, either. So, who do we see today as responsible or having that responsibility for securing the OT assets an organization has?

KP: Yeah, and there’s been a lot of migration and movement here with who holds this responsibility.

So, you know, physical security, that’s always going to be an OT owner’s responsibility, but cybersecurity is a different realm. The threat landscape is very different. And because like we mentioned, technologies are converging because attacks can begin in an enterprise environment and migrate to the industrial space. And because events can impact every single person in the company. Whether that cyber event impacts a brand reputation, production downtime or is maybe even a safety incident responsibility for OT, cybersecurity is increasingly becoming the responsibility of someone in the C suite. And this is likely a CIO or a CSO. All that said, though, some of the most successful organizations that I’ve seen have implemented OT cybersecurity controls with a very strong partnership between IT and OT and sometimes even created new roles to help bridge the gap and translate each stakeholder’s requirements to the other. So yes, the ownership is shifting to the CIO, but real successful deployments are going to be executed with that solid partnership.

Crossing the IT-OT Divide

 TE: The IT security community and the OT engineering community both have a shared responsibility for the operational state of these assets, and they don’t always get along. What do you think the IT security practitioners should know about OT engineers in the environment that they work in?

KP: So first of all, while this promise of IT-OT convergence is a very promising theme, I think an IT practitioner absolutely needs to know that not all OT technologies have converged. So it’s going to be first of all important that they learn a bit about industrial protocols. And it’s important when they think about implementing security controls that they think about tools and processes where they’re able to communicate in both traditional IT and OT protocols.

Second, the technology refresh cycles are completely different in OT. Now OT refresh cycles I think are shortening. But there shouldn’t be any expectation from the IT folks that they’re going to be as short as the technology refresh cycles that are seen on the IT side. And so they need to be thinking more long-term. And as they’re implementing new controls, because you can’t have downtime once a year when you’re doing your cybersecurity refresh, your plant managers and your controls guys are not going to be happy with that.

Finally, I think maybe the last thing to remember is that some OT networks are older than the security practitioners who are now assigned to protecting them. So they were designed before cyberattacks were even possible. So when you get in there and you start learning about the network, you’re now in charge of it. It’s not uncommon at all to see a flat network. And what will seem to be a daunting task to secure. So it’s important to have a roadmap towards maturity and certainly not think about securing your OT environment with some single big bang project. It really is going to be a continuous effort.

TE: So does that mean that the security controls that we’re deploying on the IT side now don’t apply to the OT environments?

KP: Well, it’s a hybrid, so some of them absolutely do apply, and you’re going to use some of the same practices and controls. But they will be modified for an industrial context.

TE: So then there’s the flip side of it. Right? So if that’s what IT should know about the OT environment, what should OT engineers know when they start engaging with IT security folks?

KP: I think it’s important for them to have an appreciation and a nuance for the complexity of IT security. You know, where these folks are really coming from. IT security’s a lot more mature, and the threats are extremely sophisticated. So I’ve heard IT folks think, “Oh, IT guys, they overcomplicate things or they don’t understand the OT world.” And I think what’s important here is really finding a balance. And again, this is why I’m a huge proponent of creating that security role to bridge the gaps and bring the teams together.

You know, there’s this all familiar CIA triad, right? We, we’ve talked about this a lot. Confidentiality, integrity and availability. These are the three pillars of it. Cybersecurity and IT’s in a very specific and meaningful order. But when OT cybersecurity emerged, we flipped that and it was AIC to put availability first. Uptime has everything. And so that’s some of the source of that riff. I anticipate the more IT and OT converges, the more IT folks and OT folks have to interact, the less we’re going to think about this triad in any specific order but rather as three key security priorities of equal importance that both teams need to work together to resolve.

Developing a Plan for Securing OT Assets

TE: So we’re in this situation where IT and OT are starting to converge. That means that you have IT security folks who are finding themselves increasingly responsible for environments that contain OT assets. Where should they start? If I’m an IT security engineer and I suddenly have this new responsibility, what’s the first thing I should do or be concerned about?

KP: Know what you have. And again, this goes back to finding a tool that communicates in both those IT and OT languages so you can discover assets that are communicating across the OT network. And I mentioned passive technologies earlier. I think it’s important to find a balance and blend between both passive and active technologies.

TE: And once you have that visibility, what’s the roadmap look like?

KP: You know, you’ve got these flat networks now. You might want to start thinking about how you’re going to segment them. You can start monitoring log activity, you can start assessing devices that have identified vulnerabilities. So it’s not uncommon at this stage after you’ve achieved visibility to start doing things like investing in firewalls or even something like a patching solution. And from there, I think it’s really more about continuously monitoring your environment. Once you are able to establish a configuration that you call secure, the right monitoring tools are going to be able to immediately flag when there’s been some deviation from your definition of secure. And this is really a key capability especially when organizations like to model their cybersecurity practices around some of the trusted industry standards or frameworks.

TE: So that all makes sense. I actually think that’s not that different from how you might approach a new enterprise IT environment. But we’re in the middle of a really significant, unprecedented change with COVID-19 driving different ways that people work and approach work. Technology’s impacted, of course. Do you see industrial cybersecurity having being impacted significantly by COVID-19? And what do you think those impacts are going to be?

KP: Yeah. from what we can tell, it’s going to pick up the pace and demand a faster acceleration of not only implementation for organizations who haven’t yet begun to invest in cybersecurity. But also the roadmaps vendors are going to I think accelerate in the technologies that they start bringing to market for industrial cybersecurity.

TE: Alright, awesome. Well, we’re out of time or we’re close to out of time. I really want to thank you for spending the time with us. Hope it was interesting and educational for everyone. I hope you tune in next time to the Tripwire Cybersecurity Podcast. Thanks.

The post ” Podcast Episode 8: Industrial Cybersecurity – From HVAC Systems to Conveyor Belts” appeared first on TripWire

Source:TripWire – Ray Lapena

Tags: Android, COVID-19, Encryption, Google, TripWire, Vulnerability

Continue Reading

Previous New Mobile Internet Protocol Vulnerabilities Let Hackers Target 4G/5G Users
Next Oracle E-Business Suite Flaws Let Hackers Hijack Business Operations

More Stories

  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks

23 hours ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Vulnerabilities

Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager

1 day ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

1 day ago [email protected] (The Hacker News)
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

2 days ago [email protected] (The Hacker News)
  • Critical Vulnerability
  • Cyber Attacks
  • Data Breach
  • Malware
  • Vulnerabilities

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

2 days ago [email protected] (The Hacker News)

Recent Posts

  • FBI Warns Russian Hackers Target Signal, WhatsApp in Mass Phishing Attacks
  • Oracle Patches Critical CVE-2026-21992 Enabling Unauthenticated RCE in Identity Manager
  • CISA Flags Apple, Craft CMS, Laravel Bugs in KEV, Orders Patching by April 3, 2026
  • Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages
  • Trivy Security Scanner GitHub Actions Breached, 75 Tags Hijacked to Steal CI/CD Secrets

Tags

Android APT Bug CERT Cloud Compliance Coronavirus COVID-19 Critical Severity Encryption Exploit Facebook Finance Google Google Chrome Goverment Hacker Hacker News High Severity Instagram iPhone Java Linux Low Severity Malware Medium Severity Microsoft Moderate Severity Mozzila Firefox Oracle Patch Tuesday Phishing Privacy QuickHeal Ransomware RAT Sim The Hacker News Threatpost TikTok TripWire VMWARE Vulnerability Whatsapp Zoom
Copyright © 2020 All rights reserved | NGTEdu.com
This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Read More here.Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT