Andrew Ginter joins us to look at OT / industrial risks and security approaches. He starts with an update of the big cyber threats everyone is talking about: the SolarWinds supply chain breach, the Ramsay (USB) attack, and targeted ransomware. Then he takes us into what he's working on for his next book. He starts with business and engineering priorities vs OT / industrial security first principles. He then progressively applies the principles, starting with the smallest sites who have the least amount of effort and money to throw at the problem, and works up to larger and more complex sites. He touches on all of physical mitigations (SPR and CCE), manual fall-backs, air gaps, USB and laptop controls, the role of AV, security monitoring, unidirectional gateways, when and why (and why not) to do security updates, where (and where not) to use firewalls, uses and limitations of encryption and more. It may sound like a lot but the target for the book is less than 100 pages. Expect a discussion format - Andrew is looking for feedback as to whether the material makes sense, needs to be re-ordered, has gaps, etc.
Andrew Ginter is the VP of Industrial Security at Waterfall Security Solutions. He has written two books on industrial cybersecurity, is a co-author of the Industrial Internet Consortium Security Framework, co-hosts the Industrial Security Podcast, is a lecturer for the Industrial Security Institute, and contributes frequently to industrial security standards and best-practice guidance. Andrew spent 20 years developing control systems and IT/OT middleware. He then led the development of the world's first industrial SIEM as the Chief Technology Officer at Industrial Defender. Today he leads a team of experts at Waterfall who work with the world's most secure industrial sites.
If you would like to attend, RSVP to "office" at "cuug.ab.ca" and we'll send you a Zoom invite prior to the meeting. We look forward to seeing you there!
See the main CUUG web page for general information about CUUG.