Risk Matters X.0 Podcast
Episode 17: OT Cybersecurity - What Now? What Next?: When it comes to cyber targets, critical infrastructure remains in the line of fire. Furthermore, the attacks against them continue to develop in complexity with each strike, leaving operational technology (OT) and IT controls extremely vulnerable. This is especially true for the oil and gas space, which has been exposed to several organized crime syndicates in recent years. So, what’s next for your security infrastructure in combating these cyber attacks?
Join host Ian Bramson, Global Head of Industrial Cybersecurity, Jim Linn, CIO of American Gas Association and Executive Director for DNG-ISAC, and Rock Lambros, Cybersecurity Leader and CEO for RockCyber, to explore next steps for addressing your OT cybersecurity.
Episode 16: Lights On, Threats Off - Navigating Cybersecurity in the Power Industry: Cyber attackers know exactly what essential services can cripple us. Recent attacks on critical infrastructure have forced the power industry to take a step back and precariously assess its OT and IT controls. As the North American Electric Reliability Corporation (NERC) Critical Infrastructure Protection (CIP) standards continue evolving to address today’s threats the heavy question remains: Is it enough?
Join host Ian Bramson, Global Head of Industrial Cybersecurity, Dr. Dennis Hackney, Head of Cybersecurity Services Development and Michiko Sell, NERC CIP Services Supervisor at NAES Corporation, to explore how the regulatory environment is changing industry-wide and what role industrial cybersecurity plays in providing an essential layer of protection when implementing NERC CIP compliance services.
Episode 15: The Cyber-Physical World: A New Battleground for Industrial Operations: As cyber attacks on industrial operations and critical infrastructures continue to rise, so do the devastating real-world impacts. Criminals are no longer simply stealing data; their goal is to disrupt and control core operations. This translates into what is now known as the cyber-physical world. From influencing the flow of oil and the functions of machinery to manipulating the navigation of vessels, the risk to OT environments is vast.
Host Ian Bramson explores the question of how you can fight back on this new and ever-changing battleground. Listen as top industry experts George Daglas, Chief Operating Officer at Obrela; Dimitris Strevinas, Chief Technology Officer at Obrela; Christos Kapodistrias, IT Manager at Neptune Lines; and Grigoris Floutsakos, Data Protection Officer at WIND Hellas, provide key insights, including how you can move beyond fear-driven tactics to safeguard your organization.
Episode 14: Inspiring Women in STEM: Three Powerful Career Perspectives: What does a career in STEM look like and how can we encourage more women to pursue this path? Follow along with our guests, Sheila Boyington, President of Thinking Media/Learning Blade; Marcia Lee, Business Development Manager of Industrial Cybersecurity at Сòòò½ÊÓƵ; and Hannah Waldron, Graduate Process Safety Engineer at Сòòò½ÊÓƵ, as they discuss the experiences that shaped their lives, ultimately leading them to their current careers and goals, including how they plan to help young girls bridge the gender gap and gain the confidence they need to thrive in STEM.
Episode 13: The Casualties of Cyber War: Exploring the Colonial Pipeline Shutdown: If a cyber attack can take down an entire pipeline, what's next? As news from the recent attack on Colonial Pipeline continues to develop, private and public companies, the U.S. government and the nation continue to question the dangerous implications behind our critical infrastructure lacking the proper cybersecurity. Join host Ian Bramson, Global Head of Cybersecurity, Dr. Dennis Hackney, Head of Cybersecurity Services Development and Kyriakos "Rock" Lambros, cyber expert and CEO and Founder of RockCyber, LLC, as they dive into the minds of cybercriminals like DarkSide and discuss how this historic event will impact industrial operations and new cyber regulations moving forward.
Episode 12: Wärtsilä Part III - Cyber in the Supply Chain - When Things Go Wrong: Cyber incidents go from 0 to 100 in the blink of an eye. The recent cyber attack on Colonial Pipeline, one of the nation's largest fuel pipelines, highlights this callous reality. With nearly half of the East Coast's fuel supply disrupted, the conversation of protecting critical infrastructure is at the forefront of The White House Administration. Join our discussion with Wärtsilä as we talk about preceding real-life OT cyber incidents that have gone wrong.
Host Ian Bramson asks tough questions regarding the vulnerability of supply chains and debunks the "air gap" myth surrounding OT environments that claims limited access equates to cyber safety. Listen as Wärtsilä's industry experts , Head of Cyber Security, Technology Voyage; , Head of Product Incident Response; and , Director of Cyber Strategy explore supply chain risk management, the common red flags that have emerged from heightened connectivity and how organizations can increase their cyber maturity.
Episode 11: Wärtsilä Part II - Protecting Industrial Cyber Ecosystems: A system is only as secure as its weakest point. In this episode, we discuss cyber ecosystems with Wärtsilä, examining the advantages and vulnerabilities that support connectivity. "The ecosystem in the marine environment is a very populated space," says , General Manager for New Technologies at Wärtsilä. "There are a lot of hands in the pot, and not everyone has cybersecurity expertise." "There are a million things that can be taken into account when you are operating your vessel, and those come from IT and OT systems that expand far beyond the vessel ecosystem," adds , Cybersecurity Expert at Wärtsilä.
Episode 10: Wärtsilä Part I - Cyber in the Digital Age: Let's talk digitalization and cyber risk. In this episode, we welcome Wärtsilä to discuss increasing connectivity as a major concern for cybersecurity in the digital age. "We are already living in this digital, ultra-connected world and times. After 2020, we'll be even more connected and doing activities even more remotely. There are already discussions about 'zero trust' in the OT industry, and 'what about 5G,' and all the upcoming new technologies," says , General Manager of Cybersecurity at Wärtsilä Voyage. "I think the greatest hurdle is human behavior, having everyone understand the importance of what is needed to make the asset secure," adds , General Manager for New Technologies at Wärtsilä. Listen now to a leading OEM's perspective.
Episode 9: Cyber Risk Series - From the Hacker's Point of View: What does cybersecurity look like from the opposition's point of view? With a long background in pen-testing and extensive experience in security research and programming, Weston Hecker is a professional "white hat" hacker at Mission Secure, a firm focused on control system cybersecurity. He is currently working on a major university research project with the Department of Homeland Security on 911 emergency systems and attack mitigation. In this episode, Weston shares insights into hacking oil rigs and how he's found cyber vulnerabilities in popular software and firmware systems from some of the world's leading technology companies. Listen and learn why organizations working in the offshore oil and gas and maritime sectors must confront cyber as a growing threat to operations.
Episode 8: Cyber Risk Series - Hacking the Ship: 20 to 30 seconds. That's how long it takes cyber professional Ewan Robinson of Yangosat, a UK-based satellite communications supplier, to hack into your ship. "It's still very easy—the systems are still exposed. That's one of the things we're trying to bring to people, [the awareness of] just how exposed they are without knowing it." "No system is an island," adds host and cybersecurity executive Ian Bramson. Robinson is a white hat hacker, an ethical computer hacker who understands how easy it is to access a vessel's communications systems and disable, disrupt and potentially destroy your shipping operations. Listen now as we discuss the imminent threat of hacking maritime vessels.
Darrell Barker (left) and Ben Harrison (right) investigating incidents onsite.
Episode 7: Catastrophic Risk Series - Beirut Explosion : How have major industrial incidents, transportation accidents, terrorist attacks and natural disasters changed our understanding of risk? The ammonium nitrate explosion (AN) in Beirut, Lebanon, has brought recent public awareness to this topic. In the first installment of our Catastrophic Risk Series, host Matt Mowrer seeks answers from Сòòò½ÊÓƵ's Extreme Loads and Structural Risk division, which tests blast effects to understand how we can make buildings safer and more resilient to withstand disasters. Incident investigators Darrell Barker and Ben Harrison share what we know about AN and what we can learn from catastrophic incidents to improve awareness and better manage risk.
Episode 6: Cyber Risk Series - Superyachts: High ROI Targets for Hackers: Sleek showstoppers at sea, superyachts are privately owned luxury vessels with the latest and most advanced technology systems, making them a prime target for cyber attackers to exploit. In this episode, Ian Bramson takes a closer look at this unique cyber environment with experts from luxury technology provider Van Berge Henegouwen (VBH) and its cyber partner, Atlas Cybersecurity. Listen now to , Business Development Manager at VBH, and , co-founder of Atlas Cybersecurity, share their insights on superyacht cyber risk.
Episode 5: Government Series - COVID-19 Business and Legal Issues with Reed Smith: What is a business's responsibility for the general health and safety of its employees? Matt Mowrer, director of the Product Development and Innovation Center at Сòòò½ÊÓƵ, talks with labor and employment partner from Reed Smith about COVID-19 business and legal issues. As organizations return to work spaces, "there's going to be litigation about people who get sick, and there's going to be much more dangerous litigation about a failure to take appropriate steps after someone gets sick," Correll says.
Episode 4: Cyber Risk Series - American Institute of Marine Underwriters: "The best loss is the loss that never occurs – whether that is a cyber incident or traditional marine peril-based loss like a grounding or collision. Premiums reflect loss experience, so with fewer losses you're going to pay a lower premium." - , President of American Institute of Marine Underwriters (AIMU). Is cyber risk covered in your marine insurance plan? How does the insurance industry define cyber risk? Listen as Ian Bramson, global head of Cyber Security, talks cyber in the insurance space with AIMU's President.
Episode 3: Cyber Risk Series - Emergency Response and Facility Security Perspectives: "In emergency management, does cyber security have a role? Absolutely. The real question is will you realize it soon enough before you have an emergency inside of your emergency." After responding to eight major Gulf Coast hurricanes together as facility security officers, of Lucite International shares current cyber insights with intelligence professional and veteran Brian Shajari, a cyber security assessor at Сòòò½ÊÓƵ. Revisit our first episode to hear how the government is responding to cyber risk.
Government risk analysts Jake Stenzler (left) and Matt Mowrer discuss how we perceive hazardous risks during the pandemic.
Episode 2: Government Series - Risk Perception and COVID-19 Impact: Let's talk 'Risk Perception' as we confront COVID-19. Go behind-the-scenes to understand how risk professionals look at public safety threats using real-life data to debunk common fears. "Our goal is to provide objective data about risk to decision-makers...so if I come across as callous in this discussion, it's just part of it," - Restart Risk Model developer Matt Mowrer speaks to host Jake Stenzler, who leads a team of safety and risk analysts working closely with the U.S. Department of Homeland Security, FEMA and the Coast Guard.
Brennan, Miletello and Bramson at USCG Sector New York at historic Fort Wadsworth on Staten Island, February 27, 2020
Episode 1: Cyber Risk Series - United States Coast Guard: Let's talk 'cyber risk.' What is it and what does the threat landscape look like today? Host Ian Bramson, head of cyber security at Сòòò½ÊÓƵ, takes on a topic that's created a lot of confusion over the last 20 years. In this episode, he sits down with Lieutenant Commander Sarah Brennan and Emily Miletello, Attorney, at the U.S. Coast Guard to ask how the government is monitoring cyber risk as a threat to operations and how we can stay informed.