Unsolicited Response Podcast

Unsolicited Response Podcast

Dale Peterson interviews guests who are pushing and prodding the ICS community to improve cyber security, as well as those in related fields with innovative ideas the ICS community should consider. Dale began his career as a NSA Cryptanalyst, has been securing ICS for over 15 years, and is the founder and program chair of the S4 Conference.... Show More
June 12, 2018 69 min

Michael Assante is my guest for this episode. He has a storied career and recently won the RSA Conference Award for Excellence in Information Security. Mike was the VP/CSO of NERC CIP, active at INL in the Aurora demonstration, led the development and implementation of the SANS ICS Security Training program, and even began working as CSO for an electric utility. In this episode we discuss: Mike's receiving the RSA award and what this means for the recognition of ICS security by the breoader information security community. Based on Mike's NERC CIP experience, what type of regulation would he recommend for another sector such as natural gas pipelines? Should we avoid the regulated entity determing and auditing the regulations? How should we make a regulation more efficient (more risk reduction for the level of effort and resources)? Based on Mike's involvement in Aurora, what messages and followup actions were intended and what was the actual impact? What lessons remain to be learned? What is the most valuable aspect that NCCIC should take forward from the old ICS-CERT? What should they do dramatically different? Why did Mike select SANS for his workforce development efforts (after starting his own organization prior to that)? Who is going to train the people from the Operations side where SANS has much less mindshare? How do we fill the gap for people that need more than cyber hygiene, but not a 3 or 5 day course? How should one going into a large, bureaucratic organization and maintain a forward push for change without getting being beaten down or getting ejected for pushing too hard. Links: SANS ICS Security Training S4x19 Call For Presentations This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation. Check out the CyberX Global ICS and IIoT Risk Report and my podcast from last year on the report with Phil Neray.

Share
Mark as Played

Chat About Unsolicited Response Podcast

Popular Podcasts

The Daily
The Daily
This moment demands an explanation. This show is on a mission to find it.
The Ron Burgundy Podcast
The Ron Burgundy Podcast
Will Ferrell reprises his role as Ron Burgundy in his brand new Ron Burgundy Podcast! Each episode has a different theme in which Ron engages in conversation with another notable person on the topic at hand.
Stuff You Should Know
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks then look no further. Josh and Chuck have you covered.