Send us a Text Message.

According to IBM’s Cost of a Data Breach Report, nearly 20 percent of the organizations surveyed stated that they have experienced a breach stemming from a compromise in their supply chain, or a vulnerability related to it. The average cost of these breaches was estimated at just under $4.5 million. Their data also found that attacks emanating from the supply chain had a longer lifecycle than average.

The increased costs and complexities of addressing supply chain attacks is not a surprise when you consider that these intrusions not only impact the targeted company, but the logistics, distribution and retail elements that are dragged along on this difficult and painful ride. To help dive into the factors associated with supply chain attacks and other cybersecurity challenges, we welcome Theo Zafirakos, a Cyber Risk and Information Security Expert at Fortra to the show.

Watch/listen as we discuss:

• The three primary soft spots from which supply chain hacks emanate - software, devices and people.
• Why people are the most neglected of the three, and how they can be trained to identify attacks.
• The expanded role AI is playing in email compromises that help fuel supply chain attacks.
• Why IT and OT need to become more aware of each other's requirements and risks.
• The important role cybersecurity plays in ensuring operational reliability.
• The growing need for ransomware response plans, and how a national supply chain hack helped reinforce this need for all enterprises, regardless of size or sector.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Send us a Text Message.

Due to the rise in attacks on manufacturing and critical infrastructure, and the devasting impacts these attacks have on daily lives around the world, the World Economic Form recently unveiled a report entitled Building a Culture of Cyber Resilience in Manufacturing.

This initiative not only identified the sector’s primary challenges for developing a culture of cyber resilience, but also formulated three guiding principles for establishing an enduring strategy. They revolve around people, processes and culture.

I was fortunate enough to have one of the key contributors to the creation of these strategies sit down with me for some unique takes on the biggest challenges facing industrial cybersecurity. Watch/listen to my conversation with Kris Lovejoy, Global Security and Resilience Leader at Kyndryl, a leader in cyber resiliency strategies and services, as we discuss:

• How the capital investment process utilized throughout manufacturing could be leaving several key players behind, and the negative impacts this could have on the entire sector.
• Why security is not a tool, but a process.
• The ongoing issues associated with asset inventory and the first steps to take in correcting this issue.
• The Trojan Horse dynamic that smaller enterprises need to embrace in order to improve their security posture.
• How to know if you're the biggest risk or weakest link in a production environment or supply chain.
• Why regulatory efforts focused on cybersecurity could dramatically change the composition of the industrial sector.
• The difference between moving to the cloud and securely moving to cloud platforms.
• How security should be a driver of digital transformation strategies.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Send us a Text Message.

When looking at industrial cybersecurity, more attention is being paid to how workers are logging in to access critical machinery, software or data. And according to Trustwave Threat Intelligence’s recent Manufacturing Threat Landscape report, 45 percent of attacks experienced by manufacturers stemmed from the bad guys accessing credentials.

Whether by utilizing brute-force tactics, submitting fake support tickets, or purchasing logins on the Dark Web, this seems to prove that hackers would much rather log in than break in.

The report also cited the rise of Initial Access Brokers, or groups that focus specifically on obtaining and selling log-in data to other hackers. One example cited by Trustwave saw an IAB offering access to a leading steel manufacturer for just over $60,000. Unfortunately, this is not a unique circumstance, which is why we're talking to David Cottingham, president of rf IDEAS to weigh in on the ongoing challenges surrounding secure access throughout the OT environment.

Listen as we discuss:

• The importance of simplifying security processes to keep people engaged with them.
• Why no manufacturer is too small to be a target for credential-based attacks.
• Overcoming the bad behaviors that can result from operations personnel dealing with over 25 passwords.
• Avoiding punitive actions surrounding people-based security vulnerabilities.
• Why dual factor authentication strategies are key to ongoing security developments.
• Best practices for mobile device use.
• How VPNs, firewalls and password wallets are simultaneously solutions and vulnerabilities.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Send us a Text Message.

As we’ve discussed numerous times on Security Breach, terms like change, evolution and constant are more than just buzz terms – they’re a simple reality of working in the industrial OT space.

Whether we’re discussing threat actors from Stuxnet to Lockbit, tactics from social engineering to double-extortion ransomware, or vulnerability sources ranging from weak passwords to embedded secure-by design concerns, the ever-expanding attack surface is a constant reminder of change and the evolving nature of threats.

In this episode we talk to Michael Haase, and draw on his extensive background and personal experiences as we discuss:

• The on-going balancing act between cost and security priorities.
• Why he considers the need for phishing training, "a massive failure on the part of the technical community."
• How AI is laying the groundwork for attacks that haven't happened yet.
• Why the growing complexity of hackers is actually a positive indicator.
• Automation is the inflection point for cybersecurity - for both sides.
• The shift from worrying about the ability to detect new attacks to focusing on the vulnerabilities being exploited.
• The distinction between learning what needs to be done and actually taking action.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Send us a Text Message.

Over the last nearly 100 episodes of Security Breach we’ve discussed a wide range of strategies for protecting the manufacturing enterprise. But perhaps the most polarizing of these has been Zero Trust. While some unwaveringly champion the cause of this approach, others question the ways in which it is typically deployed.

Perhaps this dichotomy is best represented in Palo Alto and ABI Research’s The State of OT Security report. It found that 93 percent of those surveyed were familiar with Zero Trust, and 87 percent found the approach to be the right fit for protecting OT environments. However, half of those participating in the research also stated that there are practical blockers that prohibit implementation.

In the end, like most things in the cybersecurity world, the answer lies in striking a balance between restricting access and implementing safeguards against time-consuming processes. In this episode I talk to Roman Arutyunov, Co-founder and SVP of product at Xage Security, about zero trust and a number of other topics, including:

• How cybersecurity needs to be viewed as both a productivity and protection tool.
• Overcoming the "it won't happen to me" mindset.
• The sector's over-reliance on VPNs and firewalls.
• Why manufacturing is missing regulatory guidance, and why that will change in the short-term.
• Improving responses to attacks, including ransomware..
• How AI can play a key role in shrinking the attack surface.
• Avoiding tool implementations that can be an "inverse pyramid of pain."

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Send us a Text Message.

One of the more common obstacles that we discuss here on Security Breach is how increased connectivity has combined with new Industry 4.0 technologies to constantly expand the OT attack surface. In the midst of all this expansion, it’s easy to either overlook cybersecurity concerns, or put too much trust in the embedded security features of the new assets.

So, while this usually brings up conversations about endpoint security, integration processes and secure-by-design protocols, let’s talk about something that our guest for today’s episode knows and understands all too well … time.

Industry experts value downtime on the plant floor at about $250k/hour. So, just like predictive maintenance has become part of a facility’s new normal, predictive cybersecurity needs to receive the same priority.

Here to discuss this concept is Riley Groves, an engineer at Auvesy-MDT, a leading providing of ICS and automation solutions. Listen as we also discuss:

• The improving convergence of IT and OT on the plant floor.
• Getting ahead of vulnerabilities.
• The factors driving greater buy-in from the C-suite on cybersecurity investments.
• Why cybersecurity is the Special Teams of the industrial enterprise.
• How legacy systems are providing "function by disfunction" from a security perspective.
• The better ways to use AI.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Send us a Text Message.

Those of you with a military or law enforcement connection are probably, and unfortunately, familiar with the term collateral damage. While this phrase has a legacy in these environments, it’s also become an unwelcome addition to the realm of cybersecurity.

Examples of this dynamic can be found in a number of hacktivist attacks that targeted infrastructure in a certain region, but either through unrealized connections or other bad actors simply following the blueprint, impacted facilities across the globe.

Jason Oberg, the CTO of Cycuity, a leading provider of vulnerability mitigation solutions for semiconductor manufacturers, recently joined us to discuss some of the potential fallout from hacks, and how to prevent or respond to them in minimizing the collateral damage. We also talked about:

• How hackers are getting smarter in their hacks against chip makers.
• Why awareness of hacker tactics is not enough, and how manufacturers of all types can enhance their knowledge level pertaining to the growing sophistication of hackers and attacks.
• Addressing the baked-in compromises of hardware products, and the long-term impacts on all users and industries.
• Focusing on the inherent vulnerabilities of production processes, not just the associated technology.
• Balancing the goals of "getting product out the door" with embedding greater levels of security.
• How greater transparency can help with secure-by-design challenges.

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.

Send us a Text Message.

Viewing hacks as diseases to address evolving threats, vulnerabilities and tools like AI.

Like many of you, I recently dove into Verizon’s 2024 Data Breach Investigations Report (DBIR). And while there’s a plethora of data housed in the report that could fuel conversations on a multitude of topics, I chose the following two pieces of information:

• While credential harvesting and phishing attacks still led the way, the use of exploitable vulnerabilities to access networks tripled from last year, and were primarily leveraged by Ransomware and other Extortion-related threat actors.
• The reported median time to click on a malicious link after an email is opened is 21 seconds, and then only another 28 seconds for the person caught in the phishing scheme to enter their data. So, basically, a successful phishing attack can be executed in less than 60 seconds.

These two items caught my eye because they seem like the low-hanging fruit when it comes to cybersecurity. In this episode, Roland Cozzolino, CTO/CIO of InsightCyber, a global provider of asset visibility, risk management and security services delivered via an AI-driven platform, offers his perspective on these types of exploits, as well as:

• Why state-sponsored hacker groups are his biggest concern.
• The problems caused by patient hackers and their live-off-the-land, or dwelling approach to network intrusions.
• How manufacturers can and need to improve their use of AI tools for enhancing visibility, asset management and threat detection.
• The advantages of designing OT security processes as though you're working in a disease-driven environment.
• Viewing cybersecurity as less about saving money and more about not losing control of an operation.
• Developing a strategy that goes beyond just "unplugging the machine".

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

To download our latest report on industrial cybersecurity, The Industrial Sector’s New Battlefield, click here.