52 min
Ron Fabela: Secure Access That Makes Sense for Operations The PrOTect OT Cybersecurity Podcast
-
- Management
About Ron Fabela: Ron Fabela, a seasoned cybersecurity professional with over 20 years of experience, specializes in safeguarding Industrial Control Systems (ICS) and Operations Technology (OT). Currently serving as the Field CTO at XONA, Ron leads initiatives to establish secure industrial access, ensuring safe operations for asset owners globally. With a background rooted in hands-on experience across diverse critical infrastructure sectors such as power generation, offshore oil, and refineries, he excels in overcoming industry-specific challenges and possesses a unique skill set to articulate technical and business concepts effectively to a broad audience.
In this episode, Aaron and Ron Fabela discuss:
Adopting secure remote access in OT as an operational requirementThe complex landscape of active scanning in ICSBuilding trust and bridging the gap between cybersecurity and OTBalancing innovation, risk, and security in a changing landscape
Key Takeaways:
In the dynamic world of ICS, securing remote access is not just a cybersecurity necessity but a practical operational requirement, as witnessed through the evolution from air gaps to accepted industry practices, embracing the concept of zero trust while facilitating secure access is not only a cybersecurity feat but a collaborative effort aligning operational needs with stringent security measures.The shift from passive to active scanning is crucial for effective threat detection and asset visibility; while skepticism persists, bridging the gap between security and operations through trust-building and advocacy is essential to navigate the challenges and seize the opportunities in securing critical infrastructure.To establish trust and enhance cybersecurity in operational environments, genuine collaboration, understanding the challenges of control system engineers, and acknowledging small victories are crucial steps toward securing critical infrastructure and ensuring operational resilience.The future of industrial cybersecurity brings excitement and concern with the shift to advanced systems like cloud, edge, and virtualization, offering scalability but inheriting a substantial attack surface. This underscores the importance of a strategic security approach in this evolving landscape.
"I appreciate where I'm at. That's why I stay in the community. I don't think I could ever go back to enterprise and have that same feeling of mission and importance without letting it get to you. Early on, a lot of us were like, "We're saving the world." It's like, "No, no, no. We're just trying to help people, and we're helping ourselves in the process." That's why I love the community." — Ron Fabela
Connect with Ron Fabela:
Email: ron@fabela.co (unofficial business) & ron@xonasystems.com (official business)
LinkedIn: https://www.linkedin.com/in/ronniefabela/
Twitter: https://twitter.com/ron_fab
Connect with Aaron:
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about Industrial Defender:
Website: https://www.industrialdefender.com/podcast
LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/
Twitter: https://twitter.com/iDefend_ICS
YouTube: https://www.youtube.com/@industrialdefender7120
Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
About Ron Fabela: Ron Fabela, a seasoned cybersecurity professional with over 20 years of experience, specializes in safeguarding Industrial Control Systems (ICS) and Operations Technology (OT). Currently serving as the Field CTO at XONA, Ron leads initiatives to establish secure industrial access, ensuring safe operations for asset owners globally. With a background rooted in hands-on experience across diverse critical infrastructure sectors such as power generation, offshore oil, and refineries, he excels in overcoming industry-specific challenges and possesses a unique skill set to articulate technical and business concepts effectively to a broad audience.
In this episode, Aaron and Ron Fabela discuss:
Adopting secure remote access in OT as an operational requirementThe complex landscape of active scanning in ICSBuilding trust and bridging the gap between cybersecurity and OTBalancing innovation, risk, and security in a changing landscape
Key Takeaways:
In the dynamic world of ICS, securing remote access is not just a cybersecurity necessity but a practical operational requirement, as witnessed through the evolution from air gaps to accepted industry practices, embracing the concept of zero trust while facilitating secure access is not only a cybersecurity feat but a collaborative effort aligning operational needs with stringent security measures.The shift from passive to active scanning is crucial for effective threat detection and asset visibility; while skepticism persists, bridging the gap between security and operations through trust-building and advocacy is essential to navigate the challenges and seize the opportunities in securing critical infrastructure.To establish trust and enhance cybersecurity in operational environments, genuine collaboration, understanding the challenges of control system engineers, and acknowledging small victories are crucial steps toward securing critical infrastructure and ensuring operational resilience.The future of industrial cybersecurity brings excitement and concern with the shift to advanced systems like cloud, edge, and virtualization, offering scalability but inheriting a substantial attack surface. This underscores the importance of a strategic security approach in this evolving landscape.
"I appreciate where I'm at. That's why I stay in the community. I don't think I could ever go back to enterprise and have that same feeling of mission and importance without letting it get to you. Early on, a lot of us were like, "We're saving the world." It's like, "No, no, no. We're just trying to help people, and we're helping ourselves in the process." That's why I love the community." — Ron Fabela
Connect with Ron Fabela:
Email: ron@fabela.co (unofficial business) & ron@xonasystems.com (official business)
LinkedIn: https://www.linkedin.com/in/ronniefabela/
Twitter: https://twitter.com/ron_fab
Connect with Aaron:
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about Industrial Defender:
Website: https://www.industrialdefender.com/podcast
LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/
Twitter: https://twitter.com/iDefend_ICS
YouTube: https://www.youtube.com/@industrialdefender7120
Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
52 min