Bridging the Gap in Cybersecurity Knowledge with the Eleven Fifty Academy

Running Successful OT Systems in Complex Environments with Cecil Pineda

Cecil Pineda, CISO & Managing Director at https://cyberwatchsystems.com/, joined host Jason Claybrook, head of Marketing North America, https://www.cyberbit.com/, and Clayton Coleman, part of Cyberbit's OT cybersecurity team, for a discussion on the role of CISO’s in organizations, and the challenges of running OT systems in complex environments. Pineda began the conversation by telling Claybrook and Coleman of his time as a CISO for the DWF airport. Pineda discussed, at length, the challenges of testing cybersecurity protocols, scenarios, and patches in an environment where shutting down systems for any length of time is not an option. Another challenge Pineda pointed to in maintaining healthy OT security is many devices these systems use were not originally designed with security measure in place and are still using weak passwords and default accounts. Coleman added that manufacturers are beginning to realize these systems need to have software security built in and are starting to do include security as part of their basic architecture. Pineda next walked through several of the critical lessons he learned about managing IT and OT in a critical environmental such as the DFW airport. Educating people and generating awareness in why certain security testing needs to take place, which might impact someone else’s daily routine was a key takeaway for Pineda. The discussion concluded with Pineda talking about his current role as a consultant, working with CISO’s on techniques to strengthen their OT roles in complex environments. Pineda’s background with the DFW Airport makes him a valued resource for other Airports, and he’s consulted with several. For more podcasts like this one, go to https://www.cyberbit.com/blog/.

Bridging the Gap in Cybersecurity Knowledge with the Eleven Fifty Academy

On this episode of https://www.cyberbit.com/resources/, John D’Annunzio, Vice President of https://www.cyberbit.com/, and Teddy Guzek, Director of Cybersecurity for https://elevenfifty.org/, joined host Jason Claybrook [contributor page], head of Marketing North America at Cyberbit, for a lively discussion on bridging the gap of cybersecurity knowledge in the business world. Guzek provided an overview of his background in cybersecurity, and how the Elven Fifty Academy recruited him to head up their cybersecurity program. The Eleven Fifty Academy is a non-profit, Indiana-based, learning academy featuring advanced coding bootcamps for anyone who has a desire to learn to code or upskill their talent. Guzek’s uses his role at the Academy to connect employers with academy graduates and keeping up with the latest trends in cybersecurity. Next, Guzek discussed penetration testing, which he referred to as ‘ethical hacking.’ Companies pay Guzek to break into their systems, analyze the weak areas, and provide solutions. Guzek’s worked with both large and small companies. Claybrook introduced the hands-on role today’s CISO needs to play. Guzek said the range, ages, and backgrounds of today’s CISO’s vary by a wide degree. The conversation segued into the cybersecurity talent gap, and this is the area the Eleven Fifty Academy is concentrating on. Guzek stated a college education is not necessary to obtain a job in cybersecurity, but a rigorous training program that provides hands-on experience is. Eleven Fifty’s training, which they call a ‘boot camp’ uses the Cyberbit Range to train their cybersecurity students. The conversation concluded with a reminder that cybersecurity is a field in need of skilled workers, and it can be a great opportunity for veterans seeking employment opportunities after their military service has ended. The Eleven Fifty Academy encourages veterans to consider a career in cybersecurity, and often their GI Bill benefits will cover the cost of the education and more. Thank you for checking out Parabellum, a Cyberbit podcast. For more podcasts like this one, go to https://www.cyberbit.com/resources/.

OT Security Starts with Visibility, Solving Technology and Organizational Blindspots, with Sharon Rosenman

In this webinar from February 2019, Sharon Rosenman, Cyberbit’s VP of Marketing was joined by Alon Nachmany, Cyberbit ICS Security Expert, and Cecil Pineda, former CISO of DFW Airport and CISO/Managing Director of Cyber Watch Systems. This webinar took participants through an overview of OT visibility and challenges, presented a CISO Case Study on managing a converged IT/OT network, provided approaches to securing IT/OT environments, presented a case study on smart building security project, and wrapped up with a Q&A session. Nachmany discussed visibility and the OT security challenge. He mentioned several examples of major attacks on ICS / OT systems from 2013-2018. Pineda discussed his prior experience working in cyber security at DFW airport and laid out the numerous systems at risk. “Think of the airport cyber security, not just the cybersecurity side, the IT and the OT side; it’s almost like an orchestra, everything has to be in synch with each other," Pineda said. Pineda continued his presentation by presenting the technical challenges of multiple IT, OT and IoT Systems in a typical airport, and how he and his team addressed those challenges. Next, Rosenman and Nachmany covered Securing the Converged IT/OT Environment. Nachmany walked through several key steps, which included: Enhancing IT Security, revisiting network architecture, obtaining full OT visibility, creating a baseline for OT anomaly, and consolidating OT and IT incident management with SOA. The webinar concluded with a Q&A session with all three speakers. Thank you for checking out this Cyberbit webinar podcast. For more podcasts like this one, go to https://www.cyberbit.com/resources/.

Attack on US Critical Infrastructure and the Post Mortem of an IT/OT Attack with Tony Rowan

Tony Rowan, Cyberbit Cybersecurity Architect, provided a deep-dive into the Grizzly Steppe campaign which targeted critical infrastructure networks in North America. Rowan introduced the discussion with an overview of Cyberbit, before he launched into some examples of several attacks on OT (Operational Technology) networks over the last few years. Rowan provided a kill chain analysis of the attack, saying: "It is pretty much to be expected now to be an arm of any future warfare to include attacks on infrastructure through cyber techniques." Why are OT networks at risk? Rowan walked through several potential reasons. One of the main ones being the convergence of IT and OT networks which increases connectivity to the outside world. Other factors increasing OT risk are lack of OT monitoring and inherent design flaws. Rowan offered steps to prevent similar attacks, focusing on a segmented network architecture, obtaining more visibility into assets and network communications, creating a robust OT security policy, and establishing a means to detect both known and unknown threats. For more Cyberbit webinars and podcasts, head to https://www.cyberbit.com/resources/.

The IT/OT Automated SOC, 2018 SANS SOC Survey with Edy Almer

The 2018 SAN SOC Survey recap webinar, conducted in October of 2018, was hosted by Edy Almer, VP Product at Cyberbit. The webinar covered the key survey findings and certain challenges that could be overcome through the use of an automated SOC. Almer first walked through the key survey findings. The lack of skilled staff was identified as the number one shortcoming. “Over 60% of people surveyed think that less than half of the applicants are qualified for the position for which they are applying," Almer said. Almer reviewed the top metrics tracked by SOCs and discussed ways to train cybersecurity experts. One of the challenges is most cybersecurity experts have never experienced a real attack. “Having an effective simulation of a cyberattack,” Almer said, “is something that would allow those cyber security experts to train the same way fighter pilots train.” After a review of on the possibilities of automating incident response IR, Almer discussed the third takeaway from the survey—Fusing IT and OT in the SOC. Almer wrapped up the webinar with a Q&A session. For more Cyberbit webinars and podcasts, head to https://www.cyberbit.com/resources/.