In this episode, we explore the implications of the recent Crowdstrike incident for OT cybersecurity. Join host Ken Kully, Cyber Tech Lead at Verve Industrial, and his guests Tyler Bergman and Ryan Zahn as they discuss the impact of IT security tools on OT environments, the importance of staged rollouts, and the delicate balance between automated updates and manual controls.
Key Takeaways:
- The Crowdstrike incident highlights the risks of using IT-focused security tools in OT environments
- Staged rollouts and thorough testing are crucial for minimizing risks in critical infrastructure
- OT environments require a different approach to updates and security compared to IT systems
- The incident underscores the need for better collaboration between IT and OT teams
- Kernel-level access in security software presents both benefits and risks that must be carefully managed
Timestamps:
00:00 – Introduction and discussion of recent events
03:08 – Overview of the Crowdstrike incident and its impact
05:50 – Discussing the differences between IT and OT security approaches
14:57 – Exploration of staged rollouts and testing processes
23:43 – The importance of human safety in OT environments
28:36 – The need for OT-specific considerations in security tool deployment
35:36 – Discussion on the risks associated with kernel-level access
43:18 – Reflecting on the broader implications for cybersecurity and critical infrastructure
48:06 – Closing thoughts and wrap-up
Guest Information:
Tyler Bergman: Utility engineering expert with 20 years of experience, focusing on cybersecurity efforts for the past five years.
Ryan Zahn: Customer Success professional at Verve Industrial with over 11 years of experience and a background in OT as a state engineer for a Midwest power utility.
Subscribe
Get in Touch
LinkedIn | YouTube | Twitter/X | Contact Verve