Welcome back to *Protect It All*! In Episode 17, host Aaron Crow is joined by Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions, to dive deep into secure remote access for Operational Technology (OT) systems. They explore the cutting-edge HERA (Hardware Enforced Remote Access) technology, which offers a revolutionary approach to remote control via TPM hardware, unidirectional gateways, and stringent encryption protocols.

This episode covers everything from the critical need for robust security in high-stakes environments like wind farms and manufacturing to the dangers of supply chain vulnerabilities to the broader implications for industries dependent on remote operations.

Ginter sheds light on the limitations of software-based solutions and the strategic advantages of hardware-enforced security, while also discussing his book "Engineering Great OT Security" and the latest initiatives in cyber-informed engineering.

Tune in to learn how organizations can remain competitive, reduce costs, and stay secure in an increasingly interconnected industrial world. This enlightening discussion could change the way you think about remote access!

Key Moments:

05:53 Spectrum of consequence in remote access explained.

07:55 Security flaws in remote access systems.

10:23 Remote access is often overlooked by many.

15:11 Supply chain vulnerability due to cloud connectivity.

17:33 Hardware-enforced remote access, HERA, fills the security spectrum.

20:52 Custom ASIC with 1M transistors for encryption.

25:55 Ways to exploit network security vulnerabilities discussed.

26:35 Exploiting technology to send unauthorized messages.

32:50 Benefits of centralizing engineering teams in businesses.

34:18 Competing in the international market with unique services.

39:31 Understanding the implications before implementing technology is crucial.

40:30 Uncertainty about large number, risk opportunity tap.

43:50 Firewall controls data flow and is potentially misconfigurable.

About the guest :

At Waterfall Security, Andrew leads a team of experts working with the world's most secure industrial sites. He is the author of three books on industrial security, co-author of the IIoT SF and the UITP Guide to CyberSecurity in Tendering, and co-host of the Industrial Security Podcast.

Links:

https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/hardware-enforced-remote-access-hera-under-the-hood/

LinkedIn: https://www.linkedin.com/in/andrewginter/

Email Andrew: andrew.ginter@waterfall-security.com

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: info@protectitall.co
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at info@protectitall.co

Vincente Diaz, Threat Intelligence Strategist on Google’s VirusTotal team and formerly the EU director of Kaspersky Lab’s Global Research & Analysis Team, joins the Nexus Podcast to discuss how artificial intelligence and machine learning is an integral part of what VirusTotal is doing around malware analysis. Vincente describes the advantages these advanced technologies bring to malware analysis, in particular how it cuts down analysis time, and improves exploit detection.

האם העובדה שביצעתם מבדקי חדירות ותיקנתם ליקויים אומרת שאתם מוגנים? אין ספק שאתם יותר מוגנים ממה שהיתם לפני, אבל נדרש לערוך את מבדקי החדירות בלופ כדי לוודא שלא נפתחו פרצות חדשות מאז המבדק האחרון

נחשון פינקו מארח את אושר עשור שותף ומנכ"ל חטיבת הסייבר והטכנולוגיה באוריין ישראל, אחת משתיים עשרה חברות ראיית החשבון הגדולות בעולם. בשיחה על מבדקי חדירות, ההבדל בין כלים אוטומטים למבדק אנושי ועוד

Does the fact that you performed penetration tests and corrected defects mean that you are protected? You are undoubtedly more protected than before, but conducting the penetration tests in a loop is necessary to ensure that no new loopholes have opened since the last test.

Nachshon Pincu hosts Osher Asor, partner and CEO of Cyber Security & Tech Division @Auren Israel, one of the twelve largest accounting firms in the world. In a conversation about penetration tests, the difference between automated tools and human testing, and more.

For the last twenty years we’ve invested in software security without parallel development in firmware security. Why is that? Tom Pace, co-founder and CEO of NetRise, returns to Error Code to discuss the need for firmware software bills of materials, and why Zero Trust is a great idea yet so poorly implemented. As in Episode 30, Tom is a straight shooter, imparting necessary truth bombs about our industry. Fortunately he’s optimistic about our future.

In dieser Folge von Rhebos OT Security Made Simple erklärt Matthias Maier vom SIEM-System-Hersteller Splunk, warum eine OT-Sicherheitsstrategie auf Managementlevel unumgänglich ist, um bei der Tool-Auswahl die richtigen Investment-Entscheidungen zu treffen. Er erläutert die einzelnen Schritte und verdeutlicht noch einmal die Verantwortung des Managements bei der Cybersicherheit der OT, insbesondere mit Blick auf NIS2 und Co.

Let's continue unpacking the "Cyber Incident Reporting for Critical Infrastructure Act". What else do you need to know? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

In this episode, cybersecurity expert Sandeep Lota, Nozomi Networks Field CTO, joins Dino Busalachi to discuss the challenges and innovations in OT cybersecurity.

Key topics they explore include dealing with the evolution of OT security tools, the challenges with IT-OT convergence, and the increasing importance of continuous monitoring.

Sandeep also talks about the role of OEM partnerships and the rising trend of managed services. Tune in to stay ahead of the curve!

Chapters

• 00:01:00 - Meet Sandeep Lota of Nozomi Networks
• 00:02:00 - Cybersecurity Journey and Milestones
• 00:03:00 - IT vs OT: The Convergence Challenge
• 00:05:00 - OEM Partnerships in Security
• 00:07:00 - Future Trends in OT Security
• 00:10:00 - Why Continuous Monitoring Matters
• 00:11:00 - The Boom in Managed Services
• 00:18:00 - Nozomi Networks' Global Impact
• 00:19:00 - Key Takeaways and Final Thoughts

Links And Resources:

• Sandeep Lota on LinkedIn
• Nozomi Networks
• Velta Technology
• Dino Busalachi on LinkedIn
• Jim Cook on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, YouTube, and Google Podcasts to leave us a review!