58 min
Dan Gunter: Lessons Learned from Real-World Attack on Ukraine’s Critical Infrastructure The PrOTect OT Cybersecurity Podcast
-
- Management
About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.
In this episode, Aaron and Dan Gunter discuss:
Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant’s report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OT
Key Takeaways:
In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions.
"I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter
Connect with Dan Gunter:
Website: https://insaneforensics.com/
Email: dan@insaneforensics.com
YouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPA
LinkedIn: https://www.linkedin.com/in/dan-gunter/
Twitter: https://twitter.com/insaneforensics
Connect with Aaron:
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about Industrial Defender:
Website: https://www.industrialdefender.com/podcast
LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/
Twitter: https://twitter.com/iDefend_ICS
YouTube: https://www.youtube.com/@industrialdefender7120
Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.
In this episode, Aaron and Dan Gunter discuss:
Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant’s report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OT
Key Takeaways:
In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions.
"I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter
Connect with Dan Gunter:
Website: https://insaneforensics.com/
Email: dan@insaneforensics.com
YouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPA
LinkedIn: https://www.linkedin.com/in/dan-gunter/
Twitter: https://twitter.com/insaneforensics
Connect with Aaron:
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about Industrial Defender:
Website: https://www.industrialdefender.com/podcast
LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/
Twitter: https://twitter.com/iDefend_ICS
YouTube: https://www.youtube.com/@industrialdefender7120
Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
58 min