Hack the Plant Bryson Bort

“From an architecture standpoint, from a resilience standpoint, from a capabilities standpoint, I think everybody's kind of facing the same problems, and I think there's not enough resiliency baked into these systems,” says Paul Shaver.

Paul Shaver is Global OT Security Practice Lead at Mandiant / Google Cloud. In this episode, Bryson and Paul discuss Paul’s military background, the difference between persistent threats and regular threats, and more.

“So our main product in Claroty is an idea solution. And in order for an idea solution to work properly, it needs to have a really good understanding and visibility into the protocols, to the network traffic. And so I started in Claroty as a protocol researcher, meaning I was trying to understand how industrial protocols operate, and this means I had to research a lot of ICS equipment to really understand what types of data, different components in the ICS network, exchange, how do they operate? What are the different protocols and how can we understand what they mean?” - Sharon Brizinov

Sharon Brizinov is director of research at Claroty, a cybersecurity company focused on protecting industrial control system. In this episode, Bryson and Sharon cover Sharon’s career, his experience in the ICS industry, and more.

“If something is going to take a couple of billion dollars to develop and there's not a known, validated commercial return associated with it, why would any private industry take that on? It's really the role of government.”
-Robert Shaughnessy

Robert Shaughnessy, CEO of operational technology security company Psymetis, joins us for this episode of Hack the Plant. We discuss his work with Psymetis, challenges to innovation in the private sector, and the role of government in developing new technologies.

"Critical infrastructure is just how we get our water and our health care and our education and our transportation and our communication and how we get gas at the pump and money from the ATM. It really is the networks and the systems and the data that we rely upon every hour of every day and that power our lives."
- Jen Easterly

Jen Easterly, Director of the Cybersecurity and Infrastructure Security Agency (CISA) joins us for this episode of Hack the Plant. We discuss her work on leading CISA’s critical infrastructure mission, implementing efforts to make products Secure by Design, and working with private companies to combat ransomware.

“My strategy was built around people, process, and technique … After about a year of working through that strategy, I realized something was missing. I wasn't getting the traction that I needed. And what I realized what was missing was the culture. The company didn't have the culture for cybersecurity, because it wasn't anything anybody thought of previously.”
-Jesse Whaley

Jesse Whaley, the Chief Information Security Officer at Amtrak joins us for this episode of Hack the Plant. We cover key aspects of keeping Amtrak’s digital assets and physical infrastructure secure. We discuss how Jesse has built up a diverse talent pipeline for the work cyber force, and the role that has played in staffing Amtrak’s cybersecurity. Join us to learn more.

“Within the cybersecurity community, we build cybersecurity tools for other cybersecurity professionals. We don't really build cybersecurity tools designed or intuitive for the operators that need to use it. With ICS Advisory, I focused on how do we just put this in plain language that makes sense for them? Not over using overuse of acronyms, speaking plainly about the vulnerabilities, and really trying to do that with breaking out the common vulnerability scoring system.
-Dan Ricci

Today’s episode focuses on the ICS Advisory Project, an open source platform that helps asset owners across sixteen critical infrastructure sectors stay secure. Dan Ricci, its founder, joins us to discuss how data visualization translates into more accessible information for the industrial control systems operators on the ground – and how they can use that information to identify weaknesses in their environments. Join us to learn more.