This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Player FM - Internet Radio Done Right
35 subscribers
Checked 1d ago
Додано eight років тому
Вміст надано Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Схожі до Unsolicited Response
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !
Переходьте в офлайн за допомогою програми Player FM !
))
Daily Deals
Подкасти, які варто послухати
РЕКЛАМА
Send us a text On this very funny short Bonus Show, standup comic Mack Dryden shares his story about going to the Dentist...you'll never believe what happens...Hilarious! Look for Mack Dryden's "NEW" Dry Bar Comedy Special... Please Listen, Enjoy, and Share where you can...Thanks!! Support the show Standup Comedy Podcast Network.co www.StandupComedyPodcastNetwork.com Free APP on all Apple & Android phones....check it out, podcast, jokes, blogs, and More! For short-form standup comedy sets, listen to: "Comedy Appeteasers" , available on all platforms. New YouTube site: https://www.youtube.com/@standupcomedyyourhostandmc/videos Videos of comics live on stage from back in the day. Please Write a Review: in-depth walk-through for leaving a review. Interested in Standup Comedy? Check out my books on Amazon... "20 Questions Answered about Being a Standup Comic" "Be a Standup Comic...or just look like one"…
Unsolicited Response
Відзначити всі (не)відтворені ...
Manage series 1450749
Вміст надано Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Dale Peterson interviews the innovators in ICS / SCADA cyber security as well as the top talent in related fields. It is the podcast for those who want more information similar to what is presented at the annual S4 event each January in Miami South Beach.
…
continue reading
87 епізодів
Поширити
Відзначити всі (не)відтворені ...
Manage series 1450749
Вміст надано Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair. Весь вміст подкастів, включаючи епізоди, графіку та описи подкастів, завантажується та надається безпосередньо компанією Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair або його партнером по платформі подкастів. Якщо ви вважаєте, що хтось використовує ваш захищений авторським правом твір без вашого дозволу, ви можете виконати процедуру, описану тут https://uk.player.fm/legal.
Dale Peterson interviews the innovators in ICS / SCADA cyber security as well as the top talent in related fields. It is the podcast for those who want more information similar to what is presented at the annual S4 event each January in Miami South Beach.
…
continue reading
87 епізодів
Усі епізоди
×
If you're not interested in S4, skip this episode. Dale goes over the feedback from the survey and S4 Event's own thoughts on the event, Tampa, and more.
Dale Peterson speaks with Joel Langill, the SCADAHacker, about his new training course entitled Conducting Threat, Vulnerability, and Risk Assessments For ICS. A two day version of this course will be offered prior to S4x25 . Of course Dale and Joel jump around a bit on training, the workforce and other items. Take a listen.…
Stewart Baker is one of the preeminent lawyers on topics of cyber law with an impressive career in and out of government. Stewart also hosts the Cyberlaw podcast. The Biden administration is contending that vendors should be held liable for security deficiencies in their products. Assuming this is turned into law and/or executive orders, what does it mean? What can we learn from other liability law to inform us what would be required for a vendor to be held liable for a security issue? How would the judgment / damages be determined. Dale's note: We talk about the SEC charges against SolarWinds in this interview.…
Dale Peterson interviews Rob Lee on the S4 Main Stage. They cover a lot of ground and Rob is never shy about sharing his opinions and analysis. They discuss: Rob’s first S4 PIPEDREAM deployed v. employed distinction … and why 2 years later is it still the most dangerous ICS malware? Are we really more homogenous? What makes a group something that Rob/Dragos tracks as an ICS focused attacker? If the answer to intel is do the basics, do I need intel? What ICS specific data was VOLTZITE exfiltrating? What countries are targeting critical infrastructure? Is it realistic to expect any country to not target its adversaries CI? Threat actors focused on manufacturing How should an asset owner measure the effectiveness of their detection solution?…
Chris Hughes and Nikki Robinson recently wrote the book Effective Vulnerability Management. Dale and Chris discuss the topic and book including: The definition and scope of vulnerabilities. It’s much more than coding errors that need patches. Are ICS protocols lacking authentication “vulnerabilities” The reality that most organizations have 100’s of thousands of unpatched vulnerabilities. Some statistics and will this change. Ways to prioritize what vulnerabilities you address. The SSVC decision tree approach that was introduced at S4 as Never, Next, Now Tooling … vulnerability management, software configuration, ticketing, remediation. And much more. Links: Effective Vulnerability Management, https://www.amazon.com/Effective-Vulnerability-Management-Vulnerable-Ecosystem/dp/1394221207/ Dale’s ICS-Patch Decision Tree, https://dale-peterson.com/wp-content/uploads/2020/10/ICS-Patch-0_1.pdf…
Waterfall Security Solutions and ICSSTRIVE put out an annual threat report that Dale Peterson believes is the best in OT. Why? It only includes incidents that had physical consequences on systems monitored and controlled by OT. Dale and Andrew discuss: What is in and out of scope for the report. The breakdown of the 68 incidents that occurred in 2023 by industry sector, cause, threat actor and more. The impact reporting requirements may have on these numbers in the future. What percentage of OT cyber incidents with physical consequences are made public. Ransomware on IT causing physical consequences, exfil v. encryption, and what asset owners should do given this represents 80% of the known incidents in the report. And more. Links: 2024 Threat Report: https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/2024-threat-report-ot-cyberattacks-with-physical-consequences/ ICSSTRIVE: https://icsstrive.com S4 Events YouTube Channel: https://youtube.com/s4events…
Patrick Miller has OT cybersecurity experience as an asset owner, PacificCorp. As a regulator and one of the first NERC CIP auditors with WECC. As a community organizer creating and leading EnergySec and the BeerISAC. And as an entrepreneur creating and leading a number of consulting practices. He is currently the Founder of Ampyx Cyber. In this episode Patrick and Dale discuss: Why Patrick changed the company name and selected Talinn as the location for the new European office. The major differences in approaches to OT cybersecurity and risk management between Europe and the US. (more than just regulatory differences) What has the EU learned or improved on regulation from NERC CIP. What is the current state of NERC CIP regulatory risk? Are the regulated entities understanding and meeting the standards’ requirements? The challenge of slow NERC CIP modifications, eg virtualization and cloud. Bad standard & good regulator v. good standard & bad regulator. Should water follow the NERC CIP model as recommended by AWWA? How Patrick is dealing with AI. Links Ampyx Cyber: https://ampyxcyber.com Patrick’s Critical Assets Podcast: https://amperesec.com/podcast Subscribe to Dale’s ICS Security Friday News & Notes: https://friday.dale-peterson.com/signup Advertise on Unsolicited Response: https://dale-peterson.com/advertising/…
Emma Stewart joins Dale to discuss the 3 big OT & ICS security stories from the first quarter. They end by giving their win, fail and prediction for Q1.
In this solosode episode Dale reviews the status of his three predictions from the Q1, 2 and 3 quarter in review episodes and answers a listener question.
Dale is joined by Steve Pozza, CISA Section Chief of Operational Resilience, and Tom Millar, CISA Branch Chief of Resilience, to discuss some of CISA's security services for asset owners. They discuss: The Internet accessible attack surface enumeration and vulnerability scanning surface. Asset owners can buy products or services to do this. Why is the government doing this? What CISA is doing with this attack surface data? How is CISA measuring the success of this service offering? Other broadly available services and tools, the cybersecurity performance goals (CPG assessment) ~500 done in 2023 (and their thinking about self-assessments), Malcom traffic analysis tool, and a couple of other tools. Links CISA Vulnerability Scanning Services Malcolm Tool…
Andrew Ginter published his third book this year: Engineering-Grade OT Security . Dale interviews Andrew on the book including: Who was the target reader that Andrew wrote the book for? Do (should) professional engineers lose their licenses for poor and dangerous cybersecurity design and deployments? The use of the term engineering grade, and how he defines it. Unhackable protection and safety controls as a major part of engineering grade. Unidirectional (one-way) network devices as the only security control listed as engineering grade. Is one-way from the enterprise network to the OT network engineering grade? Given the ICSSTRIVE/Waterfall report that 75% of all cyber incidents affecting operations are due to ransomware on IT, should asset owners prioritize address this issue or engineering grade security first? What is keeping Andrew working rather than retiring Links Complete this form to get a free copy of the book…
Ласкаво просимо до Player FM!
Player FM сканує Інтернет для отримання високоякісних подкастів, щоб ви могли насолоджуватися ними зараз. Це найкращий додаток для подкастів, який працює на Android, iPhone і веб-сторінці. Реєстрація для синхронізації підписок між пристроями.
Схожі до Unsolicited Response
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Player FM - додаток Podcast
Переходьте в офлайн за допомогою програми Player FM !
Переходьте в офлайн за допомогою програми Player FM !
))
