OT After Hours

• The CIA Triad in OT & Automation

  In this episode, we grapple with a deceptively simple question: in an operational technology environment, which element of the CIA triad—confidentiality, integrity or availability—should reign supreme? Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski (OT Security Analyst), Tyler Bergman (Industrial Cybersecurity Engineer) and Zach Woltjer (ICS Security Specialist) as they debate real-world incidents, legacy system constraints and industry priorities that shape how we secure critical infrastructure. Key Takeaways Availability often takes center stage in OT—downtime can cost millions and trigger regulatory shutdowns. Integrity attacks (like Stuxnet-style tampering) are scarier than outright outages: misleading data can hide dangerous conditions. Confidentiality matters too—information gathering paves the way for future, highly targeted attacks. In practice, availability and integrity are inseparable: validating data flow can bolster both pillars simultaneously. A holistic, risk-based “crown jewels” assessment helps organizations focus on the devices and data that matter most. Timestamps 00:00 – Introduction and sound check 00:43 – Welcome to Season Two of OT After Hours 01:06 – Guest introductions: Natalie, Tyler & Zach 04:00 – Defining confidentiality, integrity and availability 07:57 – Tyler on why availability skyrockets in OT environments 11:53 – Natalie on integrity attacks and the legacy of Stuxnet 25:05 – Ken and team explore integrity-based attack scenarios and encryption trade-offs 39:47 – Natalie on confidentiality’s long-term impact (Ukraine grid outages, HAVoC) 43:04 – Roundtable closing thoughts: tying availability & integrity together 47:12 – Outro and how to submit your questions Guest Information Natalie Kalinowski: OT Security Analyst at Verve Industrial, specializes in vulnerability management and threat research. Tyler Bergman: Industrial Cybersecurity Engineer at Verve Industrial, expert in SCADA availability and risk mitigation. Zach Woltjer: ICS Security Specialist at Verve Industrial, focuses on OT-IT convergence and strategic assessments. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

  --------  

  48:35
• To CVE or Not to CVE?

  In this episode, we explore how often OT teams really need to refresh asset-inventory data and what MITRE’s near-miss funding lapse for the CVE program means for vulnerability management. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski (OT Security Specialist), Lance Lamont (Team Lead, Special Projects & Protocols), Andrew Wintermeyer (Senior ICS Architect), and Tyler Bergman (Principal Security Consultant) as they discuss scan cadences, change-detection value, and building redundancy into threat-intel pipelines. Key Takeaways Context drives cadence. Fan speed may need minute-level polling, firmware often does not. Redundancy is resilience. Blend NVD, CISA, MITRE, and vendor advisories to survive feed outages. CVE is a language, not the cure. Losing it wouldn’t add vulnerabilities, but it would cripple prioritization. Change detection turns inventory data into real-time alerts for unauthorized config tweaks. Timestamps 00:00 – Introduction and sound check 03:30 – Why “asset-data freshness” landed on today’s agenda 04:10 – MITRE CVE funding scare: what happened and why it matters 10:50 – OT vs. IT views on vulnerability backlog and enrichment 18:00 – Mapping scan frequency to business need 24:40 – Change management and configuration-drift detection 33:00 – Diversifying data sources beyond NVD 38:50 – The proposed “CVE Foundation” for long-term stability 42:40 – Building redundancy into threat-intel pipelines 44:50 – Listener poll results: hard-rock “Legacy Code” wins 46:15 – Sign-off and credits Listener Q&A We're happy to announce that the hard rock version of Legacy Code on the Conveyor Belt was far-and-away the fan favorite! Download it now! Guest Information Natalie Kalinowski: OT Security Specialist at Verve Industrial; leads proof-of-value engagements and vulnerability mapping. Lance Lamont: VP, Solutions Engineering at Verve Industrial; directs driver development and asset-inventory strategy. Andrew Wintermeyer: Senior ICS Architect at Verve Industrial; designs secure network architecture for critical infrastructure. Tyler Bergman: Principal Security Consultant at Verve Industrial; focuses on risk prioritization and framework alignment. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

  --------  

  46:35
• Active vs. Passive

  In this episode, we explore the complexities of asset management in operational technology (OT) security. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Tyler Bergman, Zachary Woltjer, Natalie Kalinowski, and Lance Lamont as they discuss the challenges of tracking and securing assets in industrial environments, the impact of legacy systems, and the best strategies for improving visibility and resilience. Key Takeaways Asset management is a foundational element of OT security, yet many organizations struggle with visibility. Manual, passive, and active asset discovery each have unique benefits and limitations. IT/OT convergence presents additional challenges in integrating and securing legacy systems. The right combination of asset discovery methods is critical for maintaining security and operational efficiency. Organizations must balance security with practicality when implementing asset inventory strategies. Listener Q&A Cast your vote for your favorite version of Legacy Code on the Conveyor Belt! Version 1: https://suno.com/song/0fdc46c7-38b2-4c37-b390-9f2d54843e7a?sh=55oBq3xyYmqjUYRO Version 2: https://suno.com/song/550ed070-758d-4398-8a06-7e57fe8e19f8?sh=eQsUbG7WrF8iJdgS  Want to ask a question for the experts at Verve to answer? Let us know! Timestamps 00:00 – Introduction and sound check 06:00 – Why asset management is critical to OT security 10:30 – The impact of legacy systems on asset visibility 15:20 – Manual asset discovery: Pros, cons, and best practices 22:10 – Passive asset discovery: Leveraging network traffic for insights 30:55 – Active asset discovery: Gaining deeper visibility without disrupting operations 40:30 – IT/OT integration challenges and strategies 50:10 – Closing thoughts and recommendations Guest Information Tyler Bergman: Operations Manager, providing insights into the practical challenges of cybersecurity in industrial environments. Zachary Woltjer: Customer Success Specialist at Verve Industrial, with expertise in helping organizations implement OT cybersecurity solutions. Natalie Kalinowski: Cybersecurity Specialist, bringing research-driven insights into network security and asset discovery. Lance Lamont: OT Security & Asset Management Expert, discussing best practices for inventorying and securing critical assets. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

  --------  

  45:14
• Asset Inventory

  In this episode, we explore the challenges and best practices for identifying and inventorying assets in operational technology (OT) environments. Join host Ken Kully, Systems Support Lead at Verve Industrial, along with guests Lance Lamont, Andrew Wintermeyer, Tyler Bergman, and Rick Herzing, as they discuss how to establish trust, safely discover assets, and navigate network complexities without disrupting operations. Key Takeaways Establishing Trust & Engagement: Successful asset identification starts with building relationships with site personnel, including ICS engineers and facility managers. Safe Asset Discovery Techniques: Using non-disruptive methods like passive network monitoring, ARP table collection, and targeted scans is key in OT networks. Common Challenges: Mismatched documentation, unknown legacy devices, and unconventional network setups often complicate the process. Collaboration is Crucial: Teams at Verve integrate expertise from research, engineering, and cybersecurity to ensure efficient and secure asset inventorying. Continuous Monitoring & Adaptation: The process doesn’t end with identification—maintaining an up-to-date inventory is an ongoing effort. Listener Q&A Want to ask a question for the experts at Verve to answer? Let us know! Timestamps 00:00 – Introduction and sound check 01:10 – Welcome back to Season 2 of OT After Hours 03:14 – What is the core functionality of Verve in OT environments? 06:45 – Trust-building and engaging with OT personnel 12:30 – Real-world surprises: Unexpected device discoveries 18:05 – How Verve safely identifies assets without disrupting operations 27:38 – Leveraging Verve’s capabilities for accurate inventorying 41:11 – Importance of communication and customer engagement 46:53 – The evolving role of Verve and IT-OT integration Guest Information Lance Lamont – Lead, Special Projects & Protocols, Verve Industrial Andrew Wintermeyer – Lead, Device & Integration Team, Verve Industrial Tyler Bergman – Lead, Field Deployment Team, Verve Industrial Rick Herzing – OT Systems Support Analyst, Verve Industrial Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

  --------  

  49:17
• What's Next in OT?

  In this episode, we delve into the pressing challenges and exciting opportunities in OT cybersecurity as we look toward 2025. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski, Tyler Bergman, and Zach Woltjer as they share insights on industry trends, compliance requirements, and the evolving role of AI in securing operational environments. Key Takeaways Hybrid Workforces and Device Risks: Personal and work devices in operational environments pose security risks, requiring stronger BYOD policies. Regulatory Compliance: Evolving regulations, like NIST and NIS2, drive cybersecurity adoption but lag in addressing sectors like water infrastructure. AI in Cybersecurity: AI enhances detection, patching, and gap analysis, but foundational security issues must be addressed first. Dynamic Detection: AI and machine learning are replacing outdated static rules for real-time anomaly detection. Zero Trust Architecture: The shift to identity- and access-based security is accelerating, especially in hybrid workforce scenarios. Legacy Device Security: Secure proxies and similar tools help protect aging OT devices, but challenges with latency persist. Monitoring Approaches: Continuous monitoring offers immediate insights but increases network load, while scheduled checks provide stability but risk delays. Third-Party Risks: Organizations are diversifying security tools and assessing vendor practices to reduce supply chain vulnerabilities. Timestamps 0:00 – Introduction 02:15 – Guest introductions 06:10 – The water industry as a critical infrastructure concern 12:36 – Predictions for OT cybersecurity trends in 2025 20:17 – AI in OT cybersecurity: workforce gaps and anomaly detection 30:12 – The shift from static rules to advanced detection techniques 33:01 – Zero trust architecture: buzzword or paradigm shift? 47:39 – Continuous vs. scheduled monitoring in OT environments 55:03 – Protecting legacy devices in operational technology 1:08:08 – Final thoughts: hybrid work risks, compliance, and AI in 2025 Guest Information Natalie Kalinowski: Cyber Technology Consultant at Rockwell Automation and Verve, with a background as a network engineer working in diverse operational environments, from food and beverage to natural gas. Tyler Bergman: Cyber Operations Manager at Verve, bringing over 20 years of experience in utility and energy industries with a focus on IT/OT integration. Zach Woltjer: Cyber Data Analyst at Verve with a passion for simplifying complex cybersecurity challenges for industrial clients. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve

  --------  

  1:13:12

Więcej Technologia podcastów

Trendy w podcaście Technologia

O OT After Hours