Artwork

内容由Eric Sorensen提供。所有播客内容(包括剧集、图形和播客描述)均由 Eric Sorensen 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal
Player FM -播客应用
使用Player FM应用程序离线!

Avoiding a 'Chicken Little' Cybersecurity Strategy

39:03
 
分享
 

Manage episode 408208163 series 3352216
内容由Eric Sorensen提供。所有播客内容(包括剧集、图形和播客描述)均由 Eric Sorensen 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal

Threat intelligence is important, but why manufacturers should focus on risk factors first.
When it comes to the industrial sector’s ongoing cybersecurity challenges, we all know that there's more to defend, but what is most concerning is that we’re not responding quickly enough to the expanding threat landscape. In case you needed proof, here are some of the recent stats from Dragos 2023 Year in Review Report. It found that:

  • 80 percent of industrial sector vulnerabilities reside deep within the ICS network, making them difficult to see and harder to kick out.
  • 53 percent of the advisories Dragos analyzed could cause both a loss of visibility and control.
  • Ransomware attacks against industrial organizations increased by 50 percent last year, and Dragos tracked 28 percent more ransomware groups focused on the ICS/OT environment.
  • Attacks were confirmed in 33 unique manufacturing sectors.
  • 74 percent of all vulnerability advisories had no mitigation strategy.

I’m not going to promise solutions for all of these challenges, but we’ve definitely found a guy interested in trying. Scott Sarris is an Information Security, Compliance and Privacy Solutions Advisor at Aprio, a leading advisory and business consulting firm. Watch/listen as we discuss:

  • Why OT could affectionately be known as "Old Tech".
  • The political factors impacting IT/OT divisiveness in the industrial sector, but why Scott is optimistic about the progress being made in bringing the two segments together.
  • Why cybersecurity planning and investments needs to start with assessing and prioritizing risk.
  • How slowing down can help ramp up security efforts.
  • Why dwelling or living-off-the-land attacks will escalate.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

  continue reading

99集单集

Artwork
icon分享
 
Manage episode 408208163 series 3352216
内容由Eric Sorensen提供。所有播客内容(包括剧集、图形和播客描述)均由 Eric Sorensen 或其播客平台合作伙伴直接上传和提供。如果您认为有人在未经您许可的情况下使用您的受版权保护的作品,您可以按照此处概述的流程进行操作https://zh.player.fm/legal

Threat intelligence is important, but why manufacturers should focus on risk factors first.
When it comes to the industrial sector’s ongoing cybersecurity challenges, we all know that there's more to defend, but what is most concerning is that we’re not responding quickly enough to the expanding threat landscape. In case you needed proof, here are some of the recent stats from Dragos 2023 Year in Review Report. It found that:

  • 80 percent of industrial sector vulnerabilities reside deep within the ICS network, making them difficult to see and harder to kick out.
  • 53 percent of the advisories Dragos analyzed could cause both a loss of visibility and control.
  • Ransomware attacks against industrial organizations increased by 50 percent last year, and Dragos tracked 28 percent more ransomware groups focused on the ICS/OT environment.
  • Attacks were confirmed in 33 unique manufacturing sectors.
  • 74 percent of all vulnerability advisories had no mitigation strategy.

I’m not going to promise solutions for all of these challenges, but we’ve definitely found a guy interested in trying. Scott Sarris is an Information Security, Compliance and Privacy Solutions Advisor at Aprio, a leading advisory and business consulting firm. Watch/listen as we discuss:

  • Why OT could affectionately be known as "Old Tech".
  • The political factors impacting IT/OT divisiveness in the industrial sector, but why Scott is optimistic about the progress being made in bringing the two segments together.
  • Why cybersecurity planning and investments needs to start with assessing and prioritizing risk.
  • How slowing down can help ramp up security efforts.
  • Why dwelling or living-off-the-land attacks will escalate.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.
To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

  continue reading

99集单集

所有剧集

×
 
Loading …

欢迎使用Player FM

Player FM正在网上搜索高质量的播客,以便您现在享受。它是最好的播客应用程序,适用于安卓、iPhone和网络。注册以跨设备同步订阅。

 

快速参考指南