Managing Incident Responses to Critical Infrastructure Attacks

“Understanding the environment that you're dealing with is a really important part of incident response. It's something that we don't talk about enough … You need to understand what operating systems are going to be in play. How are you going to access systems to get forensic data? Is there network connectivity? Can the incident responders access the log servers and the historians? Can they do that remotely? Do they need to be on site? … It's very helpful to understand what vulnerability landscape looks like, too, because it can help you pinpoint things in your timeline.” - Lesley Carhart Lesley Carhart, of industrial cybersecurity company Dragos, Inc. joins this episode of Hack the Plan[e]t. Lesley is the Director of Incident Response for North America. Today, we dive into what’s involved in assessing vulnerability in industrial environments, and the painstaking process of securing operational technology (OT). What are emerging challenges for critical infrastructure asset owners? What kind of threats are out there - and what does a robust incident response look like? Join us to learn more.

Om Podcasten

Electricity. Finance. Transportation. Our water supply. In Hack the Plant, podcast host Bryson Bort looks for answers to the question: Does connecting these systems, and others, to the internet leaves us more vulnerable to attacks by our enemies? We often take these critical infrastructure systems for granted, but they’re all becoming increasingly dependent on the internet to function. From the ransomware threats of Colonial Pipeline to the failure of the Texas power grid, it is clear our interconnectivity is also a significant source of risk. Hack the Plant walks through the world of hackers working on the front lines of cyber security and public safety to protect the systems you rely upon every day. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. ICS Village is a nonprofit that equips industry experts and policymakers with the tools to better defend our critical infrastructure. We educate people on critical infrastructure security with hands-on examples, not just nerd stuff. Catch us at an event near you! www.icsvillage.com. The Institute for Security and Technology is a nonprofit think tank with the mission to bridge gaps between technology and policy leaders to help solve these emerging security problems together. Learn more at securityandtechnology.org.