Industrial Talk is onsite at IoT Solutions World Congress and talking to Laia Garcia Padro, Security Awareness Manager at Ackcent Cybersecurity about “The human solution to cybersecurity”.

Finally, get your exclusive free access to the Industrial Academy and a series on “Why You Need To Podcast” for Greater Success in 2023. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

LAIA GARCIA PADRO'S CONTACT INFORMATION:

Personal LinkedIn: https://www.linkedin.com/in/laia-garcia-padró-870790158/

Company LinkedIn: https://www.linkedin.com/company/ackcent/

Company Website: https://ackcent.com/

PODCAST VIDEO:

THE STRATEGIC REASON “WHY YOU NEED TO PODCAST”:

OTHER GREAT INDUSTRIAL RESOURCES:

NEOM: https://www.neom.com/en-us

Hexagon: https://hexagon.com/

Arduino: https://www.arduino.cc/

Fictiv: https://www.fictiv.com/

Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html

Industrial Marketing Solutions:  https://industrialtalk.com/industrial-marketing/

Industrial Academy: https://industrialtalk.com/industrial-academy/

Industrial Dojo: https://industrialtalk.com/industrial_dojo/

We the 15: https://www.wethe15.org/

YOUR INDUSTRIAL DIGITAL TOOLBOX:

LifterLMS: Get One Month Free for $1 – https://lifterlms.com/

Active Campaign: Active Campaign Link

Social Jukebox: https://www.socialjukebox.com/

Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader):

Business Beatitude the Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

The post Laia Garcia Padro with Ackcent Cybersecurity appeared first on Industrial Talk.

In this week's Industrial Talk Podcast we're talking to Richard Ku with TXOne Network and Trend Micro about “Powerful and Flexible Cybersecurity Network Solutions to Protect your People and Assets”.  Get the answers to your “Industrial Cyber Security” questions along with Richard's unique insight on the “How” on this Industrial Talk interview!

Finally, get your exclusive free access to the Industrial Academy and a series on “Why You Need To Podcast” for Greater Success in 2020. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

RICHARD KU'S CONTACT INFORMATION:

Personal LinkedIn: https://www.linkedin.com/in/richardku1/

Company LinkedIn: https://www.linkedin.com/company/trend-micro/

TX One Networks Company Website: https://www.txone-networks.com/en-global

Trend Micro Company Website: https://www.trendmicro.com/en_us/business.html

PODCAST VIDEO:

Other Powerful Cyber Security Resources:

TXone Network Industrial Network

High-level and Endpoint Solutions PdF Download

https://www.trendmicro.com/vinfo/us/security/threat-intelligence-center/internet-of-things/

Fake Company, Real Threats: Logs From a Smart Factory Honeypot – Security News (trendmicro.com)

Lost in Translation: When Industrial Protocol Translation goes Wrong – Security News (trendmicro.com)

Unveiling the Hidden Risks of Industrial Automation Programming – Security News (trendmicro.com)

Security in the Era of Industry 4.0: Dealing With Threats to Smart Manufacturing Environments – Security News (trendmicro.com)

https://resources.trendmicro.com/Smart-Factory-Success-Story.html

https://www.youtube.com/watch?v=mKJomr8HqdQ

THE STRATEGIC REASON “WHY YOU NEED TO PODCAST”:

OTHER GREAT INDUSTRIAL RESOURCES:

NEOM:  https://www.neom.com/en-us

CAP Logistics:  https://www.caplogistics.com/

Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html

Industrial Marketing Solutions:  https://industrialtalk.com/industrial-marketing/

Industrial Academy: https://industrialtalk.com/industrial-academy/

Industrial Dojo: https://industrialtalk.com/industrial_dojo/

Safety With Purpose Podcast: https://safetywithpurpose.com/

YOUR INDUSTRIAL DIGITAL TOOLBOX:

LifterLMS: Get One Month Free for $1 – https://lifterlms.com/

Active Campaign: Active Campaign Link

Social Jukebox: https://www.socialjukebox.com/

Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader):

Business Beatitude the Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

PODCAST TRANSCRIPT:

SUMMARY KEYWORDS

deploy, typically, network, industrial, richard, iot, product, solution, devices, environment, talk, scott, endpoint, diagram, important, cybersecurity, provide, business, txOne, traffic

00:04

Welcome to the industrial talk podcast with Scott MacKenzie. Scott is a passionate industry professional dedicated to transferring cutting edge industry focused innovations and trends while highlighting the men and women who keep the world moving. So put on your hard hat, grab your work boots, and let's go all right, again. Welcome to industrial talk. This is where we celebrate you. That's right you I'm putting my pin is pointing right at you, industry hero. You are bold, you are brave, you dare greatly you innovate. You solve problems, you ask the questions. Why not? Well, what if you are the dream makers, you are changing lives and you're changing the world. This very day at this very moment. That's why we celebrate you. Alright, this is number five. In a series we are doing on cybersecurity with Trend Micro, Richard Kuh is always in the hot seat, getting peppered with questions from me. And if you have not checked it out, you've got to look at the other podcasts to this one. It builds. This is where it gets real. This is why this is stuff is important. You in the digital transformation world.

01:16

You better look into this. Alright, let's get cracking.

01:21

Yeah, it gets real. I mean it is it is head if you're saying yourself, Scott, I want to get into that whole digital transformation journey. cybersecurity, Scott, what do I need to do to get in that digital transformation journey? Well, there's a lot of things. And one of them, of course, is a solid, safe, secure environment, and you need solutions. And you're saying to yourself, Scott, but it's complex? Nope. Richard makes it easy. This particular series, this is number five, of course. And we have been on a cybersecurity journey. As you can tell, we've been walking down this path. And just talking cybersecurity, we spoke of cybersecurity threats, sort of laying that foundation. We're talking about the challenges if you're in that digital transformation. That's number two. Number three, we talk about best practice, because you're already cotton, you're saying yeah, I see the threats. Yeah, I see the challenges. What do I need to do best practices? Number four, you need tools? You need things that are just like, yeah, let me plug it in, do this. And I can start on my security journey. Right. And on this particular series, right, number five, we are talking about the hardware we're talking about. Let's just sort of look at my thing here, because I want to make sure that I get this right.

02:49

We have spoken one last week on the endpoint products, right endpoint products. How do we how do we deploy those today? This conversation is network products. Yep. Don't worry. Richard does a great job at differentiating the two. Right? And so you can, you know, go out to industrial talk, you got, we got these great downloads. I mean, we've got these diagrams, you don't have to, there is no reason Trust me. There's no reason why you can't just sit there and go, I got it. I got it. Let me chalk this up there. And here it is. here's a here's a diagram, I'm looking at a diagram. We're going to have all of that out on industrialtalk.com and specifically the one of our network, it's a 1010 Deck diagram with

03:38

TX, one trend, micro, all of the stuff that's right up there. And it's, it's pretty doggone cool. Even I can follow it. And I'm not the sharpest tool in the shed. Now, before we get into this interview, I want to just make sure that you understand industrial talk is going down the road of industrial talk to Dotto, because I have no other word to call it, it's a change. And I want to make sure that you understand we're not just highlighting me and, and and these wonderful professionals. They're going to be videos, there's going to be articles, and it's going to just be across the board not coming from me but coming from industry, industry leaders who are at the cutting edge, you just go there and then springboard wherever you want to go. If you want information, the latest and greatest information brought to you in a way that All right, this is pretty cool. Industrial talk, the the new one is where you want to go. Trust me, you do want to go there. The number two part is that

04:38

we have this industrial Academy, then we're going to put all this stuff out there on industrial Academy to and what we have come up with is a sort of show, you know share it forward or or give it forward or whatever that that term is, but from an educational perspective to communities and organizations that are in need of what we

05:00

These leaders bring to the marketplace, they've got to learn education changes, education changes lives. It's the bottom line. And we have to collaborate, we have to come together to, to share and be able to provide this wonderful information that is, is available out there. Go to industrial talk, be a part of that effort. Because there are a lot of people, a lot of communities, a lot of countries around the world that would greatly benefit from your insights. And if you want to be an instructor, if you want to share your knowledge, the industrial Academy is where it's at. We'd love to have you on that Academy so that we can help the world from an industrial education perspective. Don't get off tinkly. about that. I know I do. I do. You guys have got it. industry can change the world and change lives. That's the bottom line. All right, let's get on with the interview.

06:03

Well, let's say the series a continuation of the series. Once again, this is network stuff. This we've talked about endpoint, we've got a series out there it is a must sort of consume, and re consume it. Get this stuff, right. Okay. So out on industrial talk, we're going to have this deck, it's going to be in PDF form. and download it, see it, grab it, learn it, listen to Richard, reach out to them, reach out to th one reach out to Trend Micro you will not be disappointed. Alright, let's get going. Enjoy the interview. All right, Richard, welcome back to industrial talk. Now, listeners, this is an important conversation. We're talking cyber security. We're talking we we've laid the foundation, we have a number of cybersecurity related related topics for you to consume. And this one is we're talking about now that we've recognized the the challenges that exist out there, we need solutions, we need solutions to be able to deploy. And that's this particular conversation now, Richard, thank you again, as always, for joining industrial talk, how you doing?

07:13

Good. Thank you, Scott. Good to be back. And I'm happy for for you and your family. Why? Thank you very much, I appreciate that back at you. Absolutely. back at you. Now, let's, let's let's level set, let's talk about products, because we can all talk about the challenges that exist out there, but we need to put something into action. And that's where we're talking about products and solutions that Trend Micro and TX one networks provide? So at our last episode, can you sort of sort of lay out the difference between it OT and all of that good stuff, so that the listeners sort of get oriented?

07:53

Yeah, so you know, I think, as we speak many time, right? You know, one of the big changes in this digital transformation is the convergence of the it OT, and in order for us to provide, you know, a clear guideline for our customer and our partner, you know, we need to kind of define what is, you know, IoT device versus ot devices? Right. And so that's clear. So, you know, I did typically, you know, from my experience, you know, on the IT environment, typically, most of these are multi purpose system and designed to do multiple things like maybe running Microsoft Office, right, or doing some kind of video conferencing, right, or, you know, then this typically on it, so I usually have the latest and greatest version of the operating system. They require internet connectivity for tasks to be complete, right, and they have a higher tolerance for, you know, interruption or latency. And, you know, I think, you know, on the, you know, it side, people typically look at confidentiality as kind of their priority, right. But when you look at the OT environment, the system are typically, you know, mission critical, I carry maybe a single task or, you know, carrying, you know, maybe the tasks are both the productivities, as well as the

09:19

ability of the system is got low tolerance for, you know, interruption and latency, because they have been around for years and decades. And they're designed to do you know, one task, right. And so any type of performance impact would be a big challenge. You know, some of the system on the OT environment are typically air gapped, right? They have no internet connectivities and update in patches, right? Typically doesn't happen, you know, often right? And they have to be on a schedule maintenance in order for them to do any updates or patches. And, you know, I think availability and safety is kind of the priority, right for many

10:00

This organization on the OT side, right, so on a high level, I think those are kind of distinction between the it OT, and then when you go down to the, you know, product level last year was a podcast, we talked about our employee product. And these are, you know, you know, typically designed for employees that have issues deploying, let's say, a conventional, you know, you know, anti malware or security solution, because, you know, these environments are typically your legacy, and in tenant for doing your single task, and the resources are limited, and they have no internet connection. So you need a special type of endpoint solution that's designed for those. And that's what we talked about on the last, you know, basically podcast, right? Now, let's shift gear to the networking product, right. The networking product, typically, you know, you know, what we have here is are designed to address some of the challenges in you know, OT networks, and that will be happening when you have kind of like a big flat networks without proper segmentation, or you have a lot of unpatched protocol or vulnerability protocols or on you know, depend also as you know, a lot of unpatched, you know, say, devices, right, that you need to address. And, you know, also, you know, someone in our network environment typically have weak authentication, right, and non encrypted communication, you know, between different devices. Right. So, that's what the network product is designed to address. So as endorser diversity to different the type of solution that we have, let me ask you this question.

11:52

Just to find for the listeners out there, what do you mean by big flat networks?

11:59

Well, I've got traditionally, right, you have, I would say, you know, on the OT side, you have people, you know, building the networks, and just the hiring pieces to arrive and not, not really well design or structure. And so you're gonna have basically system device everywhere, but what are our say, architect well into that environment, so you can see a very flat network like that, and it's more challenging to address because they're everywhere. Right? Thank you that that, that makes complete sense. Now, let's start talking about now that you've identified that big flat network, you identify the challenges associated with an ad just, that's, that's pretty much all businesses out there, they just sort of evolve and grow as, as business needs. That's a mad right. So let's talk a little bit about how we can sort of secure that big flat network.

12:58

Yes, so, you know, within a network product or solution that we have, we have a total of,

13:06

you know, four products that is designed for that kind of environment, right. And so, the very first product we have is called the edge IPS. And these are basically a single segment and then designed to address a darkened environment and they typically, you know, think this system about 300 megabit per second, just, you know, now analyze the traffic and it's very versatile and can be deployed easily. And you know, the hrps itself can also provide some level of IP and protocol whitelisting in there, it can be deployed in a harsh environment, and we also provide you know, your virtual patching right onto the device itself. And it is how we bypass right. So, this is kind of our single segment, edge IPS product or the next level product

14:01

is called the edge fire. And this is basically is a tool

14:07

when, and you know, I was a VLAN interface, and it can help you to you know, do some level of micro segmentation, right, and it can also be deployed on a harsh environment, or it also include currently virtual patching, and you know, if you like, right, you know, typically we have this convergence between it or, or even like, say, at the shop floor, or let's say in a manufacturer, you can actually put a, you know, between East and West traffic protection, right. So, it's got some,

14:40

you know, network access, you know, you know, I think control in there and you know, nit in firewall capability. So this is kind of our hrps right, and then the next level of the product we have is the edge IPS probe. This is a system or network device that have

15:00

1224 and 36 and 48 segments, you can deploy to the current environment when you know, and they typically they are about 10 gigabit per second to, you know 20 gigabit per second. So it's a high performance, you know, you're in the system right and it allows you to basically can deploy an interstate between East and West traffic or maybe north and south traffic, but in

15:28

this particular edge IP is broken help you to basically cry on a network, you know, do you do like a network segmentation is got its own dedicated in the management port. And you know, it also provided a virtual patching, audit from programmable hardware bypass are also included, and it can be deployed like to say on East West traffic. Very good. And I got

15:54

I got an interrupt here, when we start talking about east west, north south traffic, what do you mean by that?

16:01

Yeah, so typically, when you have this convergence, right, between

16:05

God, right, and, you know, you know, and that's what we call it on the east and west traffic, right, you know, maybe the old ci ci will be kind of your web traffic and kind of your it sites to ease traffic in between, right, you might have a DMZ zone, right. And that's where we call, you know, East West traffic. And then I did on the previous

16:29

I think, you know, podcasts that we did, I talked about the iisa, you know, IEC 62443,

16:39

you know, reference model, a lot of people call it the producer model, right. And when you look at, you know, that kind of architecture or reference architecture, used, you know, you know, organization typically layout, you know, the gen network architecture, from a level zero, level one, level two, level three, and a in to the enterprise environment and the different level, that's what we call the north south traffic, because you have a device talking to maybe a PLC, and an HDMI machine was on a SCADA system, right? So that's that level is called what we call the north south traffic, and then between it OT, that's what we call east and west traffic. All right, very good. I had to ask the question, because I'm sitting there thinking to myself, What do you mean by that, but now it's, so listeners, we're gonna have the the diagram, when he starts talking about north south, we talk about level 123, and so on, there's a good diagram that is, will be available. And then of course, East West, it OT and all of that convergent, which is an important component that don't don't gloss over it. That's that's important, too. All right. Now, we know what you guys got. Maybe I got the audience. Oh, you want to?

17:59

Yeah, I can we can share that reference architecture.

18:04

We want on that.

18:06

podcast right now. All right, listeners, we're gonna be sharing it as we speak, right, as we speak.

18:14

All right, here it is. If you're out there on video, you'll see it if you're out there on podcasts, we'll go to the video because you won't be able to see it on a podcast. So here we go. We've got the diagram. Take us through it again there, Richard.

18:30

Yeah, so this is, you know, it typical, our, say, reference architecture that I put together. And I take into account on the left side is the OT networks, right? This is the, you know, OT environment, and on the right side, which is the information technology environment, right. And that is what your traditional IT environment on the top is kind of your cloud and virtualization or, you know, what I call the connected world,

19:00

you know, for the cloud. And so when you look at this environment, you can see there is a bridge, right, or a DMZ zone between it on the right side, and then the old T on the left side, right, and this what I call the currently where you can deploy some of the edge IPS pro in that area. And this is kind of what we call the east and west traffic, and then the different levels from level zero, you know, 123 and four, into the cloud, right? And that's kind of what we call it because I know it's out, you know, traffic. And that's where you can deploy some of our solution, you can deploy as a one to one relationship as a maybe putting ntps in front of a PLC. Or you can deploy, let's say an edge IPS Pro, right in front of whole level or the whole segment, right. And so that's what we call the north and south traffic. So hopefully that kind of cleared up a little bit. cleared it up for me, and I'm the most important person on this pocket.

20:00

Just kidding, don't don't even die. I don't want to hear any email saying, Scott, That's not right. All right, let's go into. So we have right now we have the the, we've talked about edge IPS, we've talked about edge fire, we spoke about edge IPS Pro, we talked about one to one, one to many relationships. And, and that's all great, that's all good. But I need to see this information, I need to understand what's taking place, what type of solutions do you have out there for that? Right. So, you know, with all those different products, as you meant, it is very challenging, right for customer and you know, partner to have visibility into, you know, all the different devices that they have, you know, what type of threat is being detected, what type of protocol they are, you know, we are intercepting. And so, you know, we also develop a, you know, a product called key defense counsel, right, and this can support up to 1000, network segmentation, right. And it provide basically, a centralized management for you to, you know, have better visibility into all different threats that come into your environment, and, you know, whatever activity is there, and what type of threat that we detect. And but also it gives you the ability to basically Central, basically, deploy security policy, right, and, you know, the latest signatures or rules across Samsung device, right. And, you know, like, a lot of challenges and a lot of people have is, you know, all the different shadow ot or the different devices coming through, right? How do you have visibility into production environment. And so this Management Console also give you that level of visibility across all your audio devices. And it can be integrated with your let's say, you know, a third party, same platform, right, if you have your own SOC, and you want to be able to integrate all the train record, you know, gx one networks, solution into the SIM, we can send all those log orders, you know, threat intelligence directly from our console into the sim so that people can have now a corporate wide visibility across both the IT side, and OTS are on the same. So this is something that we can provide using this central management product called the old key defense counsel. Okay, so I stick my business hat on, I recognize the necessity to have a robust cybersecurity strategy. You've mentioned, three products that are out there, OT environment, whatever it might be. And then of course, you got the Council, the console, excuse me, that allows us to sort of take a greater look at all of the data and all the information and be able to be proactive in our action.

23:03

What, where do I even start? Okay, you got the edge IPS, you've got the edge fire, you've got the edge IPS Pro, you got the console? Where do I start?

23:15

Yeah, so that's a very good question, Scott. And typically,

23:20

you know, many of our customers, you know, come to us, right. And, you know, we will basically, you know, talk to them about some of the business and technical challenges they have. And we'll try to assess what kind of environment they have, what what type of, you know, issue they have, and then we will provide the right recommendation, you know, to them, right, and, and also the level of comfort that they might have, for example, you know, some organization may not want to deploy, you know, the complete solution, or what we call the defense in depth solution, right, from endpoint all the way up to the cloud. And in the network, in everything in between, you know, what some people typically do is they say, Hey, you know, what, I have, you know, HDMI machine running Windows XP is and has been around for decades and don't have a lot of patch of vulnerability, and we got a lot of vulnerability, what can you guys do to help us and so we'll assess that kind of use case, and then we will provide the right offering to address that simple inability Hmm, machine, you know, for in this case, it would be a stellar one, you know, still in force or sell or protect, right. So, that can certainly typically happen quite a bit. But we will help the customer through that journey to get the right product into the right environment, and also the level of comfort that they might have. I like the term journey because, for me, if I had my business hat on, I would be overwhelmed. I would, I would know one side that there are challenges that exist within the cyber security

25:00

space in my business. And again, I don't know where to go, I don't know where to start, I don't know where to take my first step. And it's it's imperative that I have a relationship with an organization that can guide. Do I have to? Can I do it incrementally Do I have to make? I mean, you've got so many wonderful products. Can I do it incrementally? The Big Bang? What what? What's the recommendation?

25:28

Yeah, so I think, as I mentioned, right, is really depend on the comfort level of the customer, you know, as we all know, right on the OT environment, or traditional, you know, these devices never have any security built in or security does not get play a very important role. And so many organizations tend to kind of, you know, I will say, deploy a solution like this smaller, incremental, you know, why, right. So, you know, last, you know, I will say, you know, episode, we talked about the different endpoint, right. And so, you know, for example, if you just want to start with scanning all the contracted machine, right only first, before they do any kind of maintenance on my PLCs, or my network, OT networks, you could just get a product called portable security, right, or you just do the scanning of all the contracted machine before you come in, right. And then that will be kind of maybe the simplest and easiest way to start. And then you might go to the next stage, right, where you say, now I feel a little bit more comfortable, let me put something in a, let's say, my Windows XP machine, because they haven't been able to get any patches have been vulnerable, and we're just worried and concerned, then you can go to next step where you deploy all your stellar, protect or enforce into that environment, right? So yes, you have the option I and you know, to basically deploy them incrementally, or you can deploy everything really up to your comfort level. And that's what we're here to, to kind of here to help you to go through that process. And make sure we make you feel comfortable. And then you can deploy the solution. And typically, the customer also will kind of go through the proof of concept, right? Make sure that they feel very comfortable before they actually deploy. So so all those options are available to the customer. I think it's important, I think this is a vital conversation.

27:31

In given the speed, just like anything else, even this digital transformation journey that we've been talking about and the necessity to to deploy proper cybersecurity, it's moving fast as well. And just like cybersecurity, it's moving fast as well. This is this is a subject and topic and relationship that needs to be nurtured. Because you can't do this on your own, you need

27:55

companies like Trend Micro TX one networks, to be able to develop that relationship, because just telling you right now, for me, personally, I get nervous, I get nervous when I hear things like that. And that means I want to look for strategic partners to be able to have great conversations to make sure that that my business is secure. How would somebody get ahold of you there Richard?

28:17

Yeah, so, you know, all these different solutions are just talked about right there are endpoint solution or networking products, right, they are readily available through all our channel partners right turn micro is very much you know, a channel company so we actually sell the market orders back to our channel policy, you can reach out to your channel partners for you know, recommendation and guidelines on how to get access to some of these products. Or you can reach when you go to our website to get a little bit more information on it@www.trendmicro.com or you can also go to our TX one network their website and you can find more information. And if you want to reach out to me, you can email me at Richard underscore k u at when Microsoft COMM And I'm happy to answer any questions you might have you related to some this particular product we just mentioned, this is more of a very high level. And if you want a more deep dive, then you know we'll set up a call and we'll walk through this product for you. Alright listeners, there's no excuse. You have all the contact information. This is an important topic. This is an important solution. This is important for your business and the integrity of your business. Reach out to Richard and team Trend Micro very important. Do not hesitate. They'll they'll they'll help you through it and hold your hands because they they've been through it and this is a very, very important. Richard, thank you very much for joining again, industrial Talk.

29:52

Thank you, Scott. All right, listeners. We're gonna wrap it up on the other side. All the contact information will be out on industrial talk as well as

30:00

All of the presentations, everything that you need to get this thing rolling will be out there. Thank you very much. Stay tuned. You're listening to the industrial talk Podcast Network.

30:17

All right, this is once again, it gets real here. This is cybersecurity. This is a series this is number five in a hopefully expanding series, because this topic is absolutely important. And must, must be shared with the globe. Alright, Richard knocked it out of the park. Again, that works. Alright. Again, I want you to hear me out.

30:43

What you have inside your head is important. And it can change lives. If you're an industry. The industrial Academy is for you. I want I want to encourage you to reach out to me and say, Scott, I want to be a part of that great. And I want to be able to share that education with the world. That's what this whole beautiful digital world that we live in. You can change lives. You can transform lives, you can definitely create dreams. You are bold, you are brave. You dare greatly hang out with people who are bold and brave and daring greatly.

31:16

Nothing could stop you. All right, we're gonna have another great, hopefully, cybersecurity interview right around the corner.

The post Richard Ku, Trend Micro and txOne Networks appeared first on Industrial Talk.

In this week's Industrial Talk Podcast we're talking to Richard Ku with txOne Network and Trend Micro about “Cyber Security: Digital Transformation Challenges Facing Industrial Organizations”.  Get the answers to your “Industrial Cyber Security” questions along with Richard's unique insight on the “How” on this Industrial Talk interview!

Trend Micro Event:  Cyber Security Perspectives.  Hold Your Seat Here.

Finally, get your exclusive free access to the Industrial Academy and a series on “Why You Need To Podcast” for Greater Success in 2020. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

RICHARD KU'S CONTACT INFORMATION:

Personal LinkedIn: https://www.linkedin.com/in/richardku1/

Company LinkedIn: https://www.linkedin.com/company/trend-micro/

TX One Networks Company Website: https://www.txone-networks.com/en-global

Trend Micro Company Website: https://www.trendmicro.com/en_us/business.html

PODCAST VIDEO:

Other Powerful Cyber Security Resources:

[Whitepaper] Integrating Security Into the IoT Strategy in the New Converged Environment

https://us-cert.cisa.gov/ics

https://www.waterisac.org/

https://www.trendmicro.com/us/iot-security/

THE STRATEGIC REASON “WHY YOU NEED TO PODCAST”:

OTHER GREAT INDUSTRIAL RESOURCES:

NEOM:  https://www.neom.com/en-us

CAP Logistics:  https://www.caplogistics.com/

Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html

Industrial Marketing Solutions:  https://industrialtalk.com/industrial-marketing/

Industrial Academy: https://industrialtalk.com/industrial-academy/

Industrial Dojo: https://industrialtalk.com/industrial_dojo/

Safety With Purpose Podcast: https://safetywithpurpose.com/

YOUR INDUSTRIAL DIGITAL TOOLBOX:

LifterLMS: Get One Month Free for $1 – https://lifterlms.com/

Active Campaign: Active Campaign Link

Social Jukebox: https://www.socialjukebox.com/

Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader):

Business Beatitude the Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

PODCAST TRANSCRIPT:

SUMMARY KEYWORDS

cybersecurity, organization, industrial, business, digital transformation, guidelines, digital transformation journey, important, understand, big, trend micro, podcast, industry, conversation, ot, running, number, challenge, requiring, system

00:04

Welcome to the industrial talk podcast with Scott MacKenzie. Scott is a passionate industry professional dedicated to transferring cutting edge industry focused innovations and trends while highlighting the men and women who keep the world moving. So put on your hard hat, grab your work boots, and let's get All right. Welcome to the industrial talk podcast, your single location of all things industrial, because we celebrate you the industrial hero, you are bold, you are brave, you dare greatly. You solve problems. You're changing lives, you're changing the world. You're the dream makers. You're the miracle workers. That's why we celebrate you on this podcast. This is podcast number two, in our series on cyber security when you're in digital transformation, when you're saying hey, and I've talked to a lot of people near saying, Hey, we want to go down this digital transformation journey. Yeah, cybersecurity, let's get cracking. Yeah, you can't you can't just sit there can't just sit there and say, Oh, yeah, we want to go down digital transformation, which you should, which is important. It is necessary to create a business of resiliency, long term success, competitive advantage, you name it. It's important. And there are incredible individuals out there credible companies that are that you need to contact. And of course, they've been on the industrial talk podcast, because we're all about the need to educate, collaborate and innovate. So that's what we're all about. Now. This is podcast number two. This is with Richard Kuh. He is with Trend Micro. And I like their tagline. Here's the tagline securing your industrial digital transformation journey. Yeah. And on this particular conversation, we're going to be talking about industry business, technical challenges with organizations on their digital transformation, journey. Yeah, that's what we're doing. However, however, grab your paper and pencil because what you've got because this is cybersecurity, we're celebrating cybersecurity. Here, we're celebrating the people, like team Trend Micro boom or TX one, right. That's another nother company, same parent. But anyway, we're celebrating cybersecurity this month, just because we talk about digital transformation. We keep on sort of overlooking that cybersecurity side. So with that said, there's an event and it is June. Well, it starts June 15. If you're in the Asia Pacific area, or the Middle East, Africa, Mediterranean, it starts at that time. Or if you're in the Americas or Europe, June 16. It is live, right? But they're gonna be pumping it out. And I will have all of the information the times and how to save your seat. Yeah, it's global baby. And it is necessary. And it's important. And you're going to be hearing from Eva Chen. And she is the co founder and CEO of micro trends. So they've been around a long time, she's seen a lot. And I highly recommend that you do that if you're on this digital transformation journey. Alright, let's get on with the podcast. Once again, this is number two, if you haven't listened to number one, cybersecurity threats, challenges and risks. Go out there. It's out there. It's published right now. This one's going to be industrial business and technical challenges facing organizations as they go through digital transformation, important conversation. Richard nails it? Of course he does. And here it is. All right, Richard, welcome back to the second installment of the Trend Micro cybersecurity, caught, you know, conversation and we're going to be talking on this particular podcast, industry, business and technical challenges facing industrial organizations as they go through their digital transformation. slapping journey. Richard, how are you? Good. Good to be back. Scott, and I good to hear from you again. I am telling you that I'm hypersensitive to cybersecurity. I'm hypersensitive to what is taking place, specifically with industry and their desire to go down the digital transformation road. But a big component of that is of course, their cybersecurity and being focused on that. What are those challenges that we are talking about in this industry? And the technical challenges in industry?

04:54

Yeah, so I think like every other industry, right, I think over the last I was, you know, many decades as organization going through that transformation. But, you know, regardless of you know, if you look at back in the 90s, were, you know, that you had that transformation from, you know, desktop to server and client server architecture to wide area network, the internet now, virtualization cloud Ryan, every time you see this transformation by every other's decades, you do have a, I will say, level of concerns when it comes to cyber security, because as you transform the organization, you will open up more vectors and more threat vectors for the organization, and is very similar to this digital transformation, you know, also in industry, or in industrial space as well, you know, when you go from an industrial 1.0, right now to 4.0, you see that big changes, and you start to see more, I think drive vectors, you know, coming around. And so, definitely, there is a lot of business and technical challenge facing many, you know, organization. One specifically, I think one of the biggest one is, you know, we talked about the lack of domain knowledge, or expertise out there in providing sufficient cybersecurity knowledge and, you know, adding countermeasure for organization, and that's a big one, I think, today, we are facing a big challenge in that for many organizations, right, because, you know, lack of expertise are the second big one, I think, as organization going through this conversion between it ot right, you know, you have a very unclear roles and responsibility between the IT organization in the old tea, and that have not yet been fully defined. And you're not clearly defined by many organizations. So that is a big challenge, I think, for many organizations as they go into transformation, right? Because traditionally, all the cybersecurity are typically managed by the you know, it, folks, and now you're adding this additional component that creates, you know, that big challenges. We also talk about, kind of the third thing is all this legacy liability, right, you know, you got some of these environments on this platform. And some of these networks have been around for decades. And, you know, many of these systems are all right, you know, especially if you have a SCADA system or ATM machine running Windows seven, or Windows XP, and those environment is Oh, it doesn't get updates or patches. Right. So that's a big challenge. And so that legacy issues become very, very important thing. The fourth thing I think, is a big, you know, I think business challenge is you have this, I will say organizations tend to pursue, right, the economic, overall, this cybersecurity, right, me, meaning that they tend to, you know, focus maybe maybe on a business or color, you know, cybersecurity is kind of the secondary, you know, I think, and so, this is a big challenge. And I think we can move at the cyber sphere to be, you know, I think side by side with each other, right, you have to have the same priority, as part of your planning or, you know, of your business plan. And I think the fifth thing is also kind of that return on the investment, right? Oh, I, you know, sometimes it's very difficult for, you know, organization, for example, I turned Microsoft wants to go talk to, you know, company about cybersecurity. And, you know, sometimes they say, Well, you know, what's the Oh, you know, how do you prove that return on investment? Right? So it's I always telling people, it's like, you're buying insurance, right, you know, you got to buy insurance to cover yourself in case something happened, right, you are protected, or you're, you know, at least you're good coverage. And that's kind of some was similar to kind of like, you know, cybersecurity for the, you know, ICS or the industrial control environment. Now, of course, I think that the other big challenge, you know, we are seeing a lot lately, it's also some of this regulation or compliance, right. Or some of the executive order, you know, from the government, right. So, for example, the recent executive order from President Biden, right, also, you know, making as I think, some kind of guideline for organizations to start to put in place a cybersecurity plan for the, you know, critical infrastructures. And so, those are some big, you know, interesting, but also, regulation, that is a big challenge for many businesses. So, I would say this is someone that big four or five items that you know, is really a big challenge for many organizations. Alright, listeners,

09:54

let's let's summarize real quick on what we're talking about here. The first one is Lack of domain knowledge, big business challenge. It ot convergence. Absolutely agree with that. Legacy liability, that's number three. Note that out that's, that's really interesting organizations in pursuit of economic benefits versus that need to look at their cybersecurity element. Number five would be the return on investment ROI, sort of from a cyber perspective, and companies or customer perspective, difficulty in trying to quantify the value of cybersecurity. And finally, number six, the regulation and compliance and, of course, executive orders coming out of DC that are requiring businesses to implement or have guidelines. Very important. Let me let me go back back to the number one, when we start talking about lack of domain knowledge, how do we solve that? What do we do to solve lack of domain knowledge?

11:07

Yeah, I think there are a lot of things that I think our organization can do, right, you know, for example, as an industry, right, you know, we are started to, you know, go out there, and really educate and train organization about cybersecurity, but also, you know, out of the university and some of the college right, where, you know, you just started to see many, you know, I was a university start to provide training, education and certification or program, our degree program on cybersecurity. Right. So I think that's one way that we can actually really increase the level of I think, you know, expertise out there. So I think that will be very helpful. I mean, today, I think we have probably more than a million plus, you know, I was a cyber security, I have not been filled in, I think that will really help by by having more expertise out in the field. So that's one thing. Hold on, hold

12:04

on, I have to interrupt you just about a million plus openings. Did you say?

12:10

Yeah, I think last year, when I look at the numbers, you know, from some statistics indicate that there are more than a million jobs that need to be filled, when it comes to cybersecurity. Right. And, and that's really a challenge for organization because especially when understanding both the it and ot environment, because, you know, having it scale is one thing, but having both the it and ot or industrial control, cybersecurity expertise. And, you know, I think experience is that's a really big one.

12:44

What do we do about it? And I'm going on to the next one, I like how you answered number one. Number two, how do we address and gain greater synergies between it activities and ot activities?

13:00

Well, I think that there's a couple of things that I think organizers can do, right? Typically, traditionally, you don't have this, I was a conversation between these two groups, right. And they had to be more collaboration, right between the IT organization or the organization, and that need to happen. And that mean, it required, you know, let's say, doing the planning in cybersecurity together and make sure that both sides coming to the table, I have that conversation, understanding the roles and responsible who need to do what, and define clear guidelines for everybody, so then that's really gonna be able to help people on that area. In terms of this, you know, I think, roles and responsibility between it ot I think the other way to do it also is, you know, I think, you know, organization need to be to fully right, understand that cybersecurity, it is not just a it issue, when I ot issue, right, you need to really have a holistic understanding of what happened on both environment. And that also need to happen, right? I think when we start having some this conversation that you're going to be able to solve some of these, the issue right, understanding this is not just in it otas you may as a company issue. So those are some of the few things

14:21

yeah, no, you're spot on there, Richard. And what I see as a result of this, it is what it is it's industry for Dido, it's digital transformation. And if you're a company, if you're a manufacturer, if you're in water you whatever you're in, you're going to have to have that that that ability to collaborate and then have that holistic view if you want to go down the you know, digital transformation journey. It just is. No the way

14:49

Yeah. Let's talk in. Yeah, no, no, I say it's difficult for to to really address a cyber security by just looking at one little one side. You know, only, you have to have a holistic view.

15:02

I like that. Let's talk about legacy liability. What are we, outside of getting new computers? What do we do about legacy liabilities? What's the solution?

15:16

Well, you know, I think some of these environments, especially in industrial controls are some of the system have been around, you know, for decades, right, and they were never really designed to, you know, kind of reprise or you, you know, was never really part of that design or implementation. Beginning. So, some of the systems probably going to continue to go on for the next hour, you know, maybe five to 10 years, right, until a new system are put in place. And so I think there are some, you know, things that organization can do, right, you know, for example, some of these environment, even though they're running, let's say, you know, Windows seven, or Windows XP, and they are, your technology capability can help address some of this issue. Like, for example, if you have an HDMI machine running Windows seven, right, even though a lot of vulnerability, or require some patches, or there is whitelisting, or lockdown solution out there in the market that you can actually deploy in some of the systems in lockdown, or their audit type, or let's say, you know, IPS capability that you can actually put in front of some of these box, so they can filter all this traffic and make sure that they are, you know, being, you know, check and verify for any potential risk to the someone's Hmm, machine, right. So, so those are some of the things that I think company can do to address some of this, then probably last but not least, really kind of, you know, make sure that the security solution that are put in service, Environmental Design, right in the way that is for this kind of environment, right, you cannot just go down, and you know, try to, you know, pick up some, you know, it product and expect it to work on some of these, you know, industrial control systems, right. And so, you know, building an adaptable or you know, you know, adapted solution that can, you know, easily adapted to the existing infrastructure or this existing environment, I think that will be very helpful. So, those are some of the two or three things I think organization can do. Right. And they are all the things that I think, are tools and technologies, are there already as well.

17:24

Is it important to be able to understand, like, from, from, as I look at inventory to understand those vulnerabilities out there, those old legacy systems, those legacy liabilities? Is it important for us to have that, that understanding and then develop a strategy with that?

17:45

Yes, I think it's very important to understand, you know, what's going on in your networks and your environment, I think it will very helpful for you to, you know, build a good strategy or any plan to to address them in cybersecurity, right. And I think, you know, in the, you know, I would say the last couple of decades, we really more talk more tea, right, and we are all this shadow IT system, you know, bringing our BYOD stuff with that, you know, into the company. And that's also create a lot of challenge. As we go into this similar trance transformation on the, you know, the industrial control side, we will have shadow ot right, and so having a very good visibility across all these different devices. And in your organization, you know, what, how your network construction look like, I think that will really help you to plan a good cyber strategy from top to bottom.

18:41

How do you this is number four, how would you address businesses are going to always look at the economics of whatever project they're putting in place, they're going to say, we do this, we get this benefit, this economic benefit? How do we start to incorporate the necessity to bring in the cybersecurity conversation at the beginning of these conversations?

19:08

Yeah, I think that's a very important question, Scott. And, you know, I always tell folks, at least people that I speak to that, you know, cybersecurity should be part of your, you know, planning, right, is part of that early planning process, and be baked into your overall strategy. Right. And, you know, and you will be able to basically see the return as you start to implement some of this plan, you know, on the, I guess, on your strategy, or as part of the implementation plan.

19:51

I believe that it's, it's,

19:54

yeah, go ahead. Yeah. So I think like, for example, Maybe in order for us to really show them, you know, the economic right that, you know, cybersecurity can add value, right? We talked about the planning, but also, you know, we can show that, you know, having a cybersecurity strategy in place, and, you know, we can show, you know, instead of showing maybe the sea level, you know, people just a bit and by by really kind of tell them that, hey, you know, if your system go down for X number of weeks, or months, or days, right, here is a cause for, let's say, production, or here's the cost for having your system to go down, right? If you can show those kind of economic numbers, I think that will be quite beneficial. And so this way that we can do that there are in a model, you are the organization create the show that,

20:54

you know, and that's in line with number five, that is the ROI. I mean, yeah, you might invest something, it's hard to quantify it. But it's easy, from my perspective, to see the risk that exists out there, and how it applies to your business. And if your business goes down for a period of time, how much money you're in that business to ensure that assets stays up and productive.

21:22

Right. I mean, especially on the industrial control, sir. I mean, I think the keep the operation from running as a big critical issue, and the safety and reliability of the system. I mean, those are probably two of the most important, especially on the industrial side of things.

21:41

Last question, and this is with the number six, that regulation and compliance. How is Trend Micro sort of leading the way because just like anything else, whatever comes out of Washington might be some sort of, you know, sketch, but it requires companies and organizations like Trend Micro yourself and professionals to be able to say, oh, what do you guys do in there to help businesses understand that regulatory and compliance edict?

22:15

Well, there are a couple things that we are doing, especially when you have, you know, regulation and compliance like this, you know, out of, you know, say, DC write a couple things I want, you know, we work with our partners, right, try to truly understand what are the requests? And what are the guideline from the orders, and then we will work with this partner to understand that and try to write requirements and plan to address some of these, you know, you know, requiring so for example, that requirement actually came, and I think the reason is deco came in, and I think they requested for like Sisa, right, or, you know, some organization to come up with some kind of best practice, right? And in there, there are some recommendations about, okay, what type of security controller you need to put up in place to address this particular issue or challenge, right, and they will provide that recommendation, right. And then we, as a security provider, we actually come in, and we say, all right, for, let's say, activity, A and B, right, we have this type of security control that address those two, you know, requirement, you know, stuff like that. So, that's what we've been working on. And, you know, working with our partners to do that. The other thing is that we're also actively basis basically tried to understand exactly what each of those, you know, a day requirement coming from, you know, to the government, right, and, you know, we will work with that our product development organization to make sure that all security solutions are designed in such that will address some of this concern, right. So, you know, one of the big things they talk about on critical infrastructure is what I bought, like some of the SCADA system and how do you lock down somebody's system, right, well, how do you protect somebody's system? Well, and now we basically tried to figure out what the best way to lock down and say, Hmm, machine running, you know, Windows XP, right? Well, there's a couple ways one, you could, you know, put a lockdown solution that you can actually like down the system, make sure that nothing can be you know, compromised or nothing can be run on that system. Because typically the system designed such that only Allah type applications run as you can do that, that's only a first step in helping the customer or to adjust them this executive order is, um, this requirement. So those are spirit thing that we are doing in terms of these orders. Is there going to be a validation that they comply with the guidelines, the new guidelines, the executive orders? Well, I haven't see any enforcement yet, right? I mean, I think today, most of those guidelines are more of a guideline and make sure that organization or start to put some of these in place, especially if it wasn't as critical infrastructure. They're affecting, you know, I think our economy, right, so those are guidelines. I don't know, if you know, when that's gonna become, you know, something that will be enforced. You know, I think there are certain verticals, you know, I think they may, right, need to be enforced, right? To make sure, you know, organizations start to implement, you know, for example, like Les Paul in water, right. Energy, right. Those are, you know, critical infrastructure, you know, that it can only copy. So, by this for now, I think that there isn't any, you know, enforcement yet. It's more of a guideline.

25:53

All right, let's summarize this incredible conversation. We've got six key points, lack of domain knowledge, these are business challenges, it ot convergence, they need to collaborate, need to have that that desire to look at your business holistically, legacy liabilities, of course, that is a big important component. But there's ways of being able to lock down that we're looking at the pursuit of economics versus the cyber side. But that has got to be done at the beginning of this conversation, which then rolls into the ROI, because you don't want your asset to be sort of just sitting there falling apart because of being compromised. And the last one, of course, is regulatory regulation, compliance, and of course, the new guidelines. Did we leave anything else out? All right. All right. Well, I know so good. Yeah. Yes. Okay. Well, thank you, Richard. That's an incredible, incredible value for the listeners out there. Let's put it this way. If you're in the world of digital transformation, if your business is going down that, that avenue, you need cybersecurity, whether you like it or not, and that conversation has to happen at the beginning. And you're going to have to figure out what your legacy systems are your legacy liabilities, and, and address those as well. So that your asset is up and running and doing what it needs to do. All right, Richard, thank you very much. Thank you, Scott. All right, we're gonna also have all his contact information, if you want to connect with him, which I highly recommend. It'll all be out on industrial talk.com. You're listening to the industrial talk, Podcast Network.

27:50

Alright, this is, once again, podcast number two in our cybersecurity, love best, whatever you want to call it, because you need it. Because you need to be engaged in your digital transformation journey, everything that's associated with that. And cybersecurity has to be at the very top of that conversation. All right, if you have not, you got to find out about podcast number one, it's out on industrial talk.com. Again, because cybersecurity is so doggone important. We've got an event. It's out there it is covering all time zones, right? So it's June 15, and June 16, depending on where you're at. But I've got the link out there on industrial talk comm so fair not find the place that you're, you're at, and it's going to be featuring Eva Chen, and she is the co founder and CEO of micro trend, micro very important, very important conversation. All right. Be bold, be brave, dare greatly hang out with people who are bold and brave and daring greatly and you will change the world. We're gonna have another great cybersecurity podcast right around the corner. So stay tuned.

The post Richard Ku with Trend Micro and txOne Networks talk about Cyber Security Challenges with Digital Transformation appeared first on Industrial Talk.

In this week's Industrial Talk Podcast we're talking to Richard Ku and Ryan Flores with txOne Network and Trend Micro about “Cyber Security Threats, Challenges and Risks in the Industrial Control Environment”.  Get the answers to your “Industrial Cyber Security” questions along with tx One's unique insight on the “How” on this Industrial Talk interview!

Trend Micro Event:  Cyber Security Perspectives.  Hold Your Seat Here.

Finally, get your exclusive free access to the Industrial Academy and a series on “Why You Need To Podcast” for Greater Success in 2020. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

RICHARD KU'S CONTACT INFORMATION:

Personal LinkedIn: https://www.linkedin.com/in/richardku1/

Company LinkedIn: https://www.linkedin.com/company/trend-micro/

TX One Networks Company Website: https://www.txone-networks.com/en-global

Trend Micro Company Website: https://www.trendmicro.com/en_us/business.html

RYAN FLORES' CONTACT INFORMATION:

Personal LinkedIn: https://www.linkedin.com/in/ryan-flores-4800b8a/

PODCAST VIDEO:

Other Powerful Cyber Security Resources:

https://iiot-world.com/our-team/our-contributors/richard-ku-sr-vice-president-of-product-services-management/

https://iiot-world.com/ics-security/cybersecurity/iiot-world-days-track-ics-security-bringing-order-to-ics-cyber-chaos/

https://iiot-world.com/ics-security/cybersecurity/industrial-cyber-security-why-it-ot-collaboration-is-no-longer-an-option-but-a-necessity-2/

https://iiot-world.com/industrial-iot-cybersecurity-from-the-shop-floor-to-the-board-room/

https://iiot-world.com/ics-security/cybersecurity/9-best-cybersecurity-practices-itot-environment/

THE STRATEGIC REASON “WHY YOU NEED TO PODCAST”:

OTHER GREAT INDUSTRIAL RESOURCES:

NEOM:  https://www.neom.com/en-us

CAP Logistics:  https://www.caplogistics.com/

Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html

Industrial Marketing Solutions:  https://industrialtalk.com/industrial-marketing/

Industrial Academy: https://industrialtalk.com/industrial-academy/

Industrial Dojo: https://industrialtalk.com/industrial_dojo/

Safety With Purpose Podcast: https://safetywithpurpose.com/

YOUR INDUSTRIAL DIGITAL TOOLBOX:

LifterLMS: Get One Month Free for $1 – https://lifterlms.com/

Active Campaign: Active Campaign Link

Social Jukebox: https://www.socialjukebox.com/

Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader):

Business Beatitude the Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

PODCAST TRANSCRIPT:

SUMMARY KEYWORDS

cybersecurity, trend micro, industrial, people, industry, organizations, network, business, ryan, attackers, cyber, important, pay, attacks, Iot, ransomware, richard, colonial, challenges, gain

00:04

Welcome to the industrial talk podcast with Scott MacKenzie. Scott is a passionate industry professional dedicated to transferring cutting edge industry focused innovations and trends while highlighting the men and women who keep the world moving. So put on your hard hat, grab your work boots, and let's get

00:21

All right. Welcome to the industrial talk podcast, the number one location for all things industrial. Yep, industrial talk, go figure. We talked industrial. We've got a five part series, a five part series that focuses in on industrial cybersecurity, we're going to be featuring some incredible at trailblazers, let's put it that way in the world of cybersecurity, and I believe, and I think you believe if you're going down this world of digital transformation, and you want to take advantage of industrial for Dotto, you need at the forefront of this particular decision, this strategic decision to help create greater resiliency in your business. cybersecurity, let's get cracking. So, yeah, I, I've been very fortunate. And of course, you know, as well as I do, that there's a lot of conversation out there about cyber security, you have the colonial pipeline. And so industrial talk as a whole wants to be this just a central location for industrial related information. So you don't have to go around. We want to promote events, we want to promote individuals that are speaking at these events, we want to facilitate this knowledge, because we believe that education is it, education, collaboration, and innovation is where success will be in the future. And that's just a reality of it. So I mentioned briefly about this particular five part series, this is the first of five, this is cybersecurity threats, challenges, risks in industrial control environments, and this just came out after the colonial pipeline, which on the industrial talk website, we will have a white paper that was produced by incredible people at trend, micro and Trend Micro sponsoring this particular series, they are fabulous to work with a. I mean, when you think about cybersecurity, when you think about all the stuff that has to be thought of and, and how they facilitate this digital transformation. They're not meant to get in your way. They're, they're meant to make sure that that your life is not interrupted by unfortunate situations within cybersecurity. That's what Trend Micro is all about. Now, number two in this particular series will be industrial business and tech, not technical challenges facing industry. Number three cybersecurity best practices, number four, industrial cyber solutions, which is pretty cool. And then finally, CEO, CEO talk. So we're gonna have a conversation on I mean, we've just got to recognize that this is important now, because I'm all about getting that information out there is an event. This is an event that is featuring and Trend Micro, it is a live event, it is June 16. This is for the Americas June 16. It is from 11am to 4pm. Eastern Time, and they're going to be talking all things cyber, because it's important. It's like the the the topic is ready for a new perspective, don't miss this exclusive one day virtual event. And it's going to be featuring the CEO of Trend Micro and then a gentleman by the name of Neil McDonald, VP and distinguished analyst at Gartner. How about that. And if you're not if you're in Europe, they have one for you, too. It's on June 16. But it's 10am to 3pm. And then if you're in the Middle East Africa and Mediterranean, same thing, June 15 11am, to 4pm. And then finally an Asia Pacific 10am to 3pm. A go out and I'll have the link. Don't worry about it. I'll have the link out there. But I think that this is an important conversation to have. I think you need to be a part of it. I think you need to hear from leaders within this space because well,

04:26

if you want that digital transformation journey, if you want to embrace that, if you want to reap the benefits associated with all of that, you need to have a sound and strong cybersecurity strategy, Trend Micro reach out to them. Alright, this particular podcast which we're going to convert into the industrial Academy, because I think it's a it's a series that warrants an industrial Academy type of approach. So this particular podcast we're going to be talking about cybersecurity threats, challenges and risks to industrial Control environment, it features a gentleman by the name of Brian Flores as well as a Richard Kuh. bolt with Trend Micro enjoy. Ryan and Richard, thank you very much for joining the industrial talk podcast listeners, what we're going to be talking about is cyber security threats, challenges and risks in the industrial control environment. I don't know where you set on that, and then anything cybersecurity, but that for that particular topic is dead sexy. I am excited about having this conversation. For the listeners and Ryan, give us a little background on who you are level set, figure out who you are. And then then we're gonna go to Richard, do the same thing. And then we're gonna go into that topic.

05:42

All right. Hi, everyone. I'm Ryan florists. I'm happy to be here. I've been working in the cybersecurity space for more than a decade now. Investigating attacks and incidents. So you know, the recent attacks that have been happening, it's some quite close to my passion. And in my field.

06:06

It's interesting. I, I'm looking at your stat card out on LinkedIn, you've been with Trend Micro for 18 years. Oh, yeah. Oh, yeah. Why don't you just start at age one?

06:16

No, no. Um, yeah. Right on it right out of college? Oh, yeah. So if I just one of those young guys that are doing reverse engineering, you know, solutions for viruses and malware that are coming around, and then, you know, progressed to, to looking at cyber criminals and the other technologies and infrastructure that, you know, that is being used, and that is emerging. So I'm excited, we are excited to be in the space.

06:49

I'm telling you, you have a tiger and you got to hold on to that tail, because it's they're very creative people out there very nefarious individuals that never stop thinking about how to, unfortunately, gain access to where they're not supposed to gain access. All right, Richard, give us a little background on who you are, and why you're such an incredible cyber guy.

07:11

Thank you, Scott. Yeah, so I've been around in the cyber security space for a little bit over 30 years. And, you know, over the last, I will say, five years or so I've been very focused on, you know, I just had no development and understanding of, you know, cybersecurity in the industrial space. But I am, you know, in the cybersecurity for more than 30 years, with the company. Previously, I involved in a lot of product development, a lot of research. So, yeah, I've been very passionate about, you know, cyber security, specifically on the industrial area, right, because I think over the last, you know, couple years, we have been having a lot of challenge, you know, especially in some of the critical infrastructure. And so we're going to talk about that a little bit more, but I'm excited to be here.

07:59

Yeah, here's the interesting part. You know, there's that the good side, bad side, double edged sword type of thing with this digital transformation journey, right? It just is. Yeah, you leverage the the available. innovation that exists out there that give you greater insights into what your business is doing. But then again, again, you're opening up areas of weakness, potentially, if you're not a business, if you're not an industrial business, not thinking about, Hey, this is great IoT stuff. What's that cyber side? Ryan, let's talk a little bit about, from my perspective, just lay the foundation of what I say, what's a cyber one, what is a cybersecurity threat? What does that mean? And why are people interested in trying to gain access to the industrial, you know, infrastructure?

08:54

Yeah. So, um, basically, a cyber threat is something that can, uh, adversely affect your network or your digital assets, right. So it can be something in a more traditional IT network, it can be like the server, it can be a user account that has access to certain information. And in other networks, like in an OT network, that can be an ICS endpoint that is responsible for controlling a certain process or monitoring certain conditions, right. But the thing that we've learned in, you know, in studying these kind of attacks, is that a lot of times the attackers don't don't really target or maybe they don't have an initial idea who they were able to compromise or gain access to, is just that, they learn about it when they are able to gain access, and then Okay, this looks like an important company. This looks like an important server in the network, I'm going to attack it, ransom, ransom it. So, and then I think like, for example, in colonial attack, right, the attackers even admitted that they were not aware of the impact of of that back that they have done.

10:20

So, again, let's get into the psychology of it. Why Why? Why is that appealing? To some? It's like, I know, I don't outside the fact that I'm, I might be considered lazy, but I don't sit around saying how do I, you know, penetrate get into? for no reason. It's like, Oh, yeah, I don't understand what's the psychology behind that.

10:47

It's it's just the money. Um, it's, it's a business out there. Um, so a lot of the attacks that are happening right now is its monetary driven, they plan to gain profit from the attacks on either via extorting for, for the files that that has been, or the network that has been held ransom, or by by by blackmailing that, hey, if you don't pay me up, I would I would reveal this information, this, this data that I have on you that I have stolen from your network, or are building up a supply value chain in the cybercrime underground network, meaning, if I, for example, have stolen several credentials, and it's quite important, I can then resell this to somebody else who might be interested in this credentials for later use. So it's really an economy out there and everything is doing with money. So

11:55

we can add it right. Because I think if you look at the history of cyberthreat, right, yeah, back in the 90s, right, most of these cyber incident or threat is really coming from I think, you know, kids or college students, and, you know, laboratory, right, that's kind of early 80s and 90s. Right, and it's proving they can do it, but then as over time, right, and you start to see these, all these digital transformation, and people are starting to see that there's a, you know, economically gain from it, right. And so, all these you know, you know, attack, or these hackers now try to basically transform their business model right, from not just, you know, I tried to prove they can do it, but now they are, you know, really focused on monitoring gains and gaining access to, you know, confidential information. So all those underground, right, and that whole underground market. Oh, it is the economy, actually is quite big. I mean, it's probably a couple of trillion dollars in terms of the whole economy underground. Right. And so, well, then it's easy for them to make money, right. I mean, you know, we work. Yeah, it's easy for them. So,

13:04

the T word, oh, my jaw just dropped. I said, I can't you dropped a trillion on that

13:12

hole, maybe 100 billion, you know, I can't remember the exact number. But the last look, it was something like, I can't remember Ryan. But what something two or $300 billion, or something economy or something. Right. So it's more on the beat, not on the team? Yeah.

13:29

Holy cow. Yeah. I better get I better sharpen up my skills. If that's the case. No, no, don't even don't even contact me and say that. Okay. So, me, business owner, I'm still very confused. And the reason I'm confused is, is where are the laws that in this case, let's let's let's use the the elephant in the room. Let's just take a take that, for example, you got this ransomware situation on colonial pipeline, it is impacting me, and it's impacting a lot of people around the United States. And they I guess, they tracked it back to Russia and all of this good stuff. What What do we do we we pay for that extortion? What What do we do?

14:16

What are the laws? Unfortunately, a lot of victims actually opt to pay or not a lot. You know, a significant number of victims pay because it's it's also difficult for them to to recover. Once, for example, your network is hacked. They also they also play the economic game, right? So it takes us one month to recover and pay this amount of money to contractors to software licenses and everything like that instead of just paying it so they have you know, they did have to juggle that with the time constraints that they also have.

14:58

Yes. Now I understand it's like, boom, incident happens ransomware bring where we've got a problem. Now the decision on the business side is like, okay, we can pay it. Okay, I see it, or I haven't got to find somebody or some company or some entity to remove it has a price. This has a price. And you got to look at it. from that. That point of view. Yes. Oh, that's ugly. I'm sorry.

15:32

Oh, yeah. And that's really difficult, especially in in industrial environments, because you also need to factor in, you know, last time. Yes, right.

15:42

Yes. So let's, let's, let's sort of pull on that string a little bit with the colonial pipeline ransomware. Do you by chance, Ryan have any insights into what what took place with that event?

15:59

Alright, so I'm not going to speak about anything that I don't factually know. But for example, it's been known that these ransomware groups don't operate by themselves, they have other affiliates or partners that would do the actual hacking for them. And they just, you know, it's like, commission based, you install a ransomware into a compromised network, we don't do the compromise ourselves. We don't do the hacking ourselves. But if you've managed to hack the network, contact us, and you'll get a cut of whatever profit we make from that. So there's also like a, you know, tiered model there. And then it's also depends on whom they're able to, to hack or compromise. If it's a bigger company, they would ask for a bigger ransom. If it's a smaller company, you know, they actually judge the cup the capability to pay of the victim. So and how would the initial compromise or hack happen? several things. There are there might be unpatched systems that are exposed to the internet, there might be, you know, fished user accounts, user credentials, that attackers were initially able to gain access to, or there might just be some security misconfigurations that are made available, or, you know, the hacker was able to, by happenstance, able to access and these things happen, and we've seen, you know, all of these things played out in previous incidents.

17:41

So this is it. This is unnerving. Right? You and others would turn micro, this never stops, right? No, they don't just say, Hey, guys, Trend Micro there, they've, they've pretty much should protect everything. And so we might as well just shut it down. That's not the case. They're gonna continue to try to figure out ways of penetrating these because the financial rewards are too great.

18:14

Oh, yes, definitely. That's why for example, you know, one of the push is not just for, for having security products, but also having people in, in the industry advocate for more cybersecurity, or tailored cybersecurity for this particular niche, right. Industry niche. Yeah, and also having people in the industry, talk to each other share information, share best practices, in order to have a higher raise the bar for the attackers, you know, to overcome.

18:49

So I hear what you're saying, I'm uncomfortable, I'm getting. Now if they hack me, I've got $20 out there, I'll pay for it. But that's about it, that I don't have anything beyond that. But let me ask you this. What are the actionable items that we could do today? If I was a business? Give us a little, you know, 123 do these things today?

19:14

All right. Um, yeah. So so one of the things that we've seen is that, um, basic security, hygiene or cybersecurity hygiene is not, or, you know, it's not as widespread as we would have hoped. There's a lot of small companies out there that that have what one ID administrator guy who's managing the whole network, both it and ot network side, and that is not enough. One of the things that, that contribute to that is, is that there's the awareness of the business owner of the magic Assuming that security is important, cybersecurity is important. So I think if we have to start somewhere, we have to put out the word out there that, first and foremost, cybersecurity is important, specially, if you have critical infrastructure and critical equipment process for that you maintain and run, right. And the next step of that would be make the investment, the investment in hiring the right people, and implementing the right technology in order to properly protect all of this assets and processes. And third, would be having good knowledge on what is in your network. A lot of times, what we've seen is that the reason why an attacker is able to enter the network is because there is one computer out there, that has been forgotten that it's not part of the audit, that was just lying there connected to the network, and everybody has forgotten about it. And that was the what the attacker was able to gain access to. So having complete visibility and audit on what assets you have, and what were those where those assets are connected to, and what these assets mean to the network would be, you know, a good step to be able to know, your network and to be able to properly protect the network.

21:32

Yeah, a couple of things as well. I think in addition to you know, Ryan's point, when I speak to many of my customers appointment, there are kind of four key pillars that I typically recommend them, right. And those are, you know, people process technology and culture within an organization, right. And so, I think people play a very important role in cyber security or your cyber strategy, right? If you have a good train, security awareness organization, that can reduce your cybersecurity risk, as well as having the competence peoples and risk to deal with such instances, the employer was I think the people pieces are also very important. And then you know, followed by that process, right, you know, to get a good cybersecurity strategy, you need to have some type of process in place, right, so that you can some kind of governance or some type of auditing, to make sure that you as you implement your cyber strategy, you continue to evolve, you continue to basically make sure that you get improved over time, right, and so a good process in place, and that they're also very good in the technology itself, specifically on the industrial control side, right, in industrial control, because some of these systems have been around for decades, right, and many of this system have, or operating system, you know, it was never designed to have security. So you wanted to build the right security solution implement right solution, is to make sure that the solution, you actually mean to that environment can be adapt, right and work in that environment. Because my experience, we have many customers, where they try to take an IT product and try to deploy it on an OT environment, and does not always solve the problem, because they actually create more problems than, you know, solving it. So understanding technology, right, you know, validate, verify, and make sure the technology can be worked on that environment. And then of course, last but not least, is that culture thing, right? You know, it's, you have to create some kind of like culture, cybersecurity culture within the organization. And, you know, and that will really going to help people to kind of, you know, evolve around and make sure that can be done. Otherwise, you know, people just don't care too much and put us in cybersecurity very low. So, at least those are the on a very big picture with a fundamental thing I think organizations need to consider, and then you talk about what are my cyber security cyber framework need to look at? Right, so

24:04

those are the things very good on both both accounts, very interesting. Now. It makes sense. What are the roadblocks what what are preventing people to do the what is right for their organizations in the world of cybersecurity? What what are they not getting?

24:28

Me? Wrong, you can add? Right, as you know, I think that especially in the industrial sector, there are some definitely business challenges. Right. And, and we can talk about a little bit and also there's some technical challenges, you know, and those are the roadblocks. I think in in especially on the OT world, right, you have kind of four areas that I see it a big challenge. One is that lack of domain knowledge and expertise right especially on you know, in cybersecurity for ot or industrial control side. There's a lack of skill set lack of expertise in that area. So that's one big, I think, kind of issue on that. And then, you know, traditionally you have this conversion between it ot Yeah, you don't have that before I before, which is it, and then ot they are completely separate. But now you have this convergence. And that roles and responsibilities become very unclear as to who need to manage or need to make decision on soon, let's say a cyber incident. Right. And that is also a big, big challenge for many, many organization. And then another piece, is that legacy liability, right? You know, you have all these all environment going around for that? And how do you make sure that you can implement the right technology, the right solution into those environments? So that's a big challenge for them, because maybe this environment being worked and, you know, will continue to work, you know, for the next five or 10 years. Right. And I want to touch it. Right. And, you know, in always a day, it will work in you know, why? Why bought it right? So I think that's a big, you know, obstacle for folks. And I think last but not least, and it is from my perspective is that, you know, organization tend to kind of put ha, I will say priority on the economic side, versus cybersecurity, right, cybersecurity is always going to kind of draw or color the secondary, you know, I think priority. And so, I think that had to change giving someone a very current incident, like from the colonial pipeline, or the solar wind attacks, or even some of the, you know, Microsoft, you know, vulnerability, right. These are, it should be, you know, upfront and impiety for many organizations. So it is those are some of the challenges in know, people maybe last thing is, is that all I write people don't see your return on investment, as you will come to investing in cybersecurity. Right. And so, they want to see the economic and sometimes, you know, you don't see that. So it's those are some of the I think, potential challenges for many organizations. Well,

27:08

I guarantee a colonial knows about the ROI understands the economic impact. That's for doggone sure you have anything to add to that, right.

27:17

Oh, yeah, I think the one thing that I would like to add is that I think there's still big discrepancy you between what the IT people think, and ot people think. And I think it's just a matter of them. Getting into a room together, understanding each other's priorities and what we are they're trying to achieve, such so that the digitization that is happening right now proceeds with security in mind, and also supports both the it objective and the OT objective.

27:53

And that's cultural. None. And, yes, Richard brought that up. And that's a cultural thing. And we've all been in organizations where that, that they don't talk. They they just don't.

28:05

Yeah, unfortunately, you know, in this industry, especially for the industrial control side, right, these people haven't been talking to each other for so so many decades, right. And now, you know, because this convergence is forcing people to have that conversation and talking, and I think it's very difficult, right?

28:24

So I've got a couple of other sort of insights here that I want to ask you guys. First off, let's say I'm a I'm a business. And, and I think Ryan and Richard, you painted a picture that it's a dynamic environment out there, and you got to keep current and you got to constantly consume this information in some way, shape or form. You got to find the organizations to be able to share their story, which is pretty hard when it comes to cybersecurity people are not really sharing information from a business, what's going on? Now? I've got limited, let's say limited resources, fine. Is there a value proposition for what I would call a fractional cybersecurity expert? Like, I can't have a guy on on board? I can't pay that. But I can try to fractionalize and say, I've got I've got somebody over here that keeps current with all the information that's out there. I can draw upon that. There's a it makes sense for my financials, but I'm in the I'm moving forward in a secure or a secure strategy. Is there is there any value proposition there?

29:37

I think I'm within the industry. There are industry specific cert computer emergent emergency response teams. I believe there's ICS cert. that exists, and they are the they would have, they would send regular notices on certain incidents that are happening. that are affecting the industry. So there are organizations out there that do this kind of things that help distill, you know, that stream of information and turn it to the right. Industry and to the right, people. I think also, there's some isaaq type of organizations that is also for for ICS, and to. So I think, you know, if you're a business, and you're, you know, you want to have industry relevant information regarding cybersecurity, it would be best to subscribe into these types of organizations and mailing lists, because, you know, the information that that arrives to us already filtered out, and it would be relevant to your industry.

30:52

We talk about and I think, I think, Richard, you brought it up, which is very important. In in the world of utilities, when we start talking about legacy liability, there are assets out there that are 5060. And beyond years of age, and it still works still current churning along, I see a real challenge to say, how do we create a secure environment for those, and that's also in the water, right? You don't you don't want compromises in the water world, you just don't? And, and given the realities that have taken place recently, with colonial and others? I don't, I want to compress my time. So how do I get ahold of somebody at Trend Micro to help me with my learning curve to get up to a speed where I feel comfortable. And then I can start deploying the things that I need to do to process or begin to think through it. Because I just, if you want this digital transformation, world we want to live in, you cannot ignore the cyber side, cybersecurity side, is there a way of being able to contact Trend Micro?

32:18

Yeah, so, you know, as you know, turnback have been around for over 30 years, right. And we have many partners, as well, as you know, you know, reseller across in the US or across multiple regions are, and, you know, and each of these partners, and, you know, partner, we actually do a lot of training for them, right? available need to buy used to be, you know, person to person in the past, but now we have not online materials, that, you know, anyone can actually come into our website and get that training, and you get that education. And that's available today through our partners or through some our retailers. Right. And, of course, you know, there are tons of information that we are making available for anyone that who are interested in learning more of this, you know, at our website, where you just contact Trend Micro directly, and we'd be happy to send you all the necessary information needed.

33:15

Yeah, out on the trend micro.com website. And I'm looking at everything you've got, it's, it's easily navigate, I can navigate around it, I can see every thing that exists out there, I see partners to see support. I think it's an easy, easy peasy way of being able to sort of begin that education and cybersecurity just because, I mean, let's just let's just lay it on the table. You have to you can't ignore it, right. You're just Yeah, sorry. You might want to, and, but you're gonna have to do it.

33:53

So to add, if you know, our viewers or listeners can just google Trend Micro IoT security, we actually have a dedicated page for IoT security related news and research straight from the research team, such as from my team and other teams inside Trend Micro, and that's, you know, condensed, organized into that single page for the relevant information.

34:20

All right, listeners, we're gonna have all these links, including some of the other resources that they were talking about. So Fear not, you'll be able to find everything you possibly can. There it is. I just, I've been on the the Trend Micro site. I just popped into the Trend Micro IoT security site. Excellent. Yep. resource rich. No complaining, baby. Not. You're not gonna listen to it. If I did complain, I'm already nervous. Yeah. All right. We're gonna have to wrap it up. This and I want to make sure everybody notes this. This is a real important conversation. We're going to continue to expand upon it because we have more in the area of cybersecurity. So, don't, don't just say this is one a done, we've got more that are is very important. This is a very important topic that is meaningful to your business. This was on cybersecurity stretch challenges and risks. Big, big, we're going to give you some links out there definitely. This is going to be an A video, it's going to be often. So learn your cybersecurity. Ryan, absolute wonderful meeting you. Thank you, Scott, for having us. always enjoyed your conversation. Richard, you're all great. Thanks, guys. Awesome job. Yep, thank you. And once again, listeners, we're gonna wrap it up on the other side, we're gonna once again figure out how to can contact with his Jensen and everything that's associated with cybersecurity. You're listening to the industrial talk, Podcast Network. All right, once again, this is number one in a series of five regarding cybersecurity, and digital transformation and why it's important for you, as a manufacturer, as anybody within industry, to reach out to Trend Micro find out more, it'll all be out there on industrial talk COMM And remember, we're going to have this as a featured industrial Academy, learning management opportunity, as well with all of the links, all of the contact, all of the information that you could possibly need to gear up and make sure that you are truly ready to go in your cyber world. Once again, let's talk a little bit about that event that we're talking about. June 16. Put that on your calendar 11am 4pm. I have the links out there. Just Just go out to industrial talk, find the right time zone. But remember, you need to have this conversation. You need to be able to do this. It is exceptionally important. Now, before I go, second podcast, industry, business and technology trends, stay tuned. We're gonna have another great conversation.

The post Richard Ku and Ryan Flores with tx One talk about Industrial Cyber Security Threats, Challenges and Risks appeared first on Industrial Talk.

The post Mr. Vincent Scott with Defense Cybersecurity Group is talking Cybersecurity in a Industrial 4.0 World appeared first on Industrial Talk.

The post Ms. Sandy Carielli with Forrester Research is talking about BOTs and Possible Impact to Business. appeared first on Industrial Talk.

The post Mr. Gary Chan with Alfizo talks about How Cybersecurity has changed because of COVID19 appeared first on Industrial Talk.

The post Ms. Sandy Carielli with Forrester Research talking Application Security appeared first on Industrial Talk.

The post Live From IoT World Congress Mr. Lucas Catranis with Irdeto talks Cyber Security in this World of Industry 4.0 appeared first on Industrial Talk.

Live from IoT Solutions World Congress, IIC Voice Podcast interviews Willem-Jan Bruin, Head of EMEA Business Development and Partner Alliance at nCipher Security. Live From IoT World Congress Mr. Willem-Jan Bruin with nCipher talks Cyber Security and Industry 4.0 Block Chain, IoT, IIoT, AI, ML and Cloud all have needs for powerful Cyber Security strategies and solutions. WJ and his team at nCipher are driven to help you secure your Industry 4.0 strategy now and in the future. Get the answers to your “How” questions along with W.J's unique insight on where it's all headed on this IIC Voice Podcast interview!

You can find out more about W.J. and the wonderful team at nCipher from this interview and the links below. Finally, get your exclusive free access to the Industrial Academy and webinar access to “Building a Better Industrial Sales and Marketing Platform for Greater Success in 2020”. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

WILLEM-JAN BRUIN CONTACT INFORMATION:

Personal LinkedIn: https://www.linkedin.com/in/willemjanbruin/

Company LinkedIn: https://www.linkedin.com/company/nciphersecurity/

Company Website:  https://www.ncipher.com/

IIC Twitter: https://twitter.com/

IIConsortium IIC Company Website: https://www.iiconsortium.org/

PODCAST VIDEO:

Industrial Academy (One Month Free Access And One Free Licence For Future Industrial Leader):

Industrial Talk Free Webinars:

Business Beatitude The Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

The post Live From IoT World Congress Mr. Willem-Jan Bruin with nCipher talks Cyber Security and Industry 4.0 appeared first on Industrial Talk.

Live from IoT Solutions World Congress, IIC Voice Podcast interviews Kevin Gillick, Executive Director at GlobalPlatform. In his interview, Kevin discusses the pressing need for Cyber Security standardization in the world of Industry 4.0. The GlobalPlatform organization and members focus on setting Cyber Security standards from connected cars to wearables and everything in between. Get the answers to your Why questions about Cyber Security Standards along with Kevin's unique insight on where it's all headed on this IIC Voice Podcast interview!

You can find out more about Kevin and the wonderful team at GlobalPlatform from this interview and the links below. Finally, get your exclusive free access to the Industrial Academy and webinar access to “Building a Better Industrial Sales and Marketing Platform for Greater Success in 2020”. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

KEVIN GILLICK CONTACT INFORMATION:

LinkedIn: https://www.linkedin.com/in/kevin-gillick-8243897/

Company LinkedIn: https://www.linkedin.com/company/globalplatform/

Company Website: https://globalplatform.org/

IIC Twitter: https://twitter.com/IIConsortium

IIC Company Website https://www.iiconsortium.org/

Industrial Academy (One Month Free Access And One Free Licence For Future Industrial Leader):

Industrial Talk Free Webinars:

Business Beatitude The Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

The post Live From IoT World Congress: Mr. Kevin Gillick with GlobalPlatform Is Talking about the Future of Cyber Security appeared first on Industrial Talk.

Live from IoT Solutions World Congress, IIC Voice Podcast interviews Sandy Carielli, Principle Analyst with Forrester Research. In his interview Sandy talks about the rapid changes happening in industry and the tools needed to properly “Beef-up” your Cyber Security strategy for long-term cyber security success. Get the answers to your Cyber Security questions along with Sandy's unique insight on where it's all headed on this IIC Voice Podcast interview!

You can find out more about Sandy and connect with her at the links below. Finally, get your exclusive free access to the Industrial Academy and webinar access to “Building a Better Industrial Sales and Marketing Platform for Greater Success in 2020”. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

SANDY CARIELLI CONTACT INFORMATION:

LinkedIn: https://www.linkedin.com/in/sandra-carielli-251599/

Twitter: https://twitter.com/sandycarielli

Forrester Research Website: https://go.forrester.com/

IIC Company Website https://www.iiconsortium.org/

Industrial Academy (One Month Free Access And One Free Licence For Future Industrial Leader):

Industrial Talk Free Webinars:

Business Beatitude The Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

The post Live From IoT World Congress: Ms Sandra Carielli talks Cyber Security In the IoT, IIoT and AI World appeared first on Industrial Talk.

Live from IoT Solutions World Congress, IIC Voice Podcast interviews Richard Soley, Chairman and CEO at Object Management Group. In his interview Richard talks about the rapid growth of industrial digitization and the positive impact IoT, IIoT, AI and Cyber Security will have on you and your business today and in the future. Get the answers to your questions along with Richard's unique insight on where it's all headed on this IIC Voice Podcast interview!

You can find out more about Richard and connect with him at the links below. Finally, get your exclusive free access to the Industrial Academy and webinar access to “Building a Better Industrial Sales and Marketing Platform for Greater Success in 2020”. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy!

RICHARD SOLEY CONTACT INFORMATION:

LinkedIn: https://www.linkedin.com/in/soley/

Company OMG Website: https://www.omg.org/

IIC Company Website https://www.iiconsortium.org/

Industrial Academy (One Month Free Access And One Free Licence For Future Industrial Leader):

Industrial Talk Free Webinars:

Business Beatitude The Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

The post Live From IoT World Congress: Mr. Richard Soley Discusses IoT and the Growth of the Industry appeared first on Industrial Talk.

Live from IoT Solutions World Congress, IIC Voice Podcast interviews Sven Schrecker, Vice President and Chief Architect, Cyber Security with LHP. In this interview, Sven discusses the importance of cyber security in the auto industry and the cyber strategy needed for future IoT protection. Get you cyber security answers on this IIC Voice Podcast interview. Also connect with Sven at the links below. Finally, get your exclusive 1-month free access to the Industrial Academy and webinar “Building a Better Industrial Sales and Marketing Platform for Greater Success in 2020”. All links designed for keeping you and your company current in a rapidly changing Industrial Market. Enjoy!

SVEN SCHRECKER CONTACT INFORMATION:

LinkedIn: https://www.linkedin.com/in/svenschrecker/

Company Hitachi Website: https://lhpes.com/

IIC Company Website https://www.iiconsortium.org/

Industrial Academy (One Month Free Access and One Free Licence for Future Industrial Leader):

Industrial Talk Free Webinars:

Business Beatitude the Book

Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES…The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES!

TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES!

Reserve My Copy and My 25% Discount

The post Live From IoT World Congress Mr. Sven Schrecker Talks Auto Cyber Security appeared first on Industrial Talk.

Today, our world's energy, food, and water systems are so poorly protected and we have a responsibility to protect them from nefarious intruders wishing harm. Cyber attacks are on the rise and we must work together to make our factories, refineries and smart grid secure, safe and reliable. In this weeks Industrial Talk episode, we talk to Keao Caindec, Head of Cyber Protection and Privacy with Mocana and we are talking about the importance of an ongoing cyber security strategy to ensure long-term safety and operational continuity. Learn more about Keao and Mocana at:

Company Website: https://www.mocana.com/

Company Facebook: https://www.facebook.com/mocanainc/

Company LinkedIn: https://www.linkedin.com/company/mocana/

Company Twitter:  https://twitter.com/mocana

Keao's LinkedIn: https://www.linkedin.com/in/kcaindec/

YOUR MOCANA TOOLKIT:

Click on the Mocana Toolkit picture above and receive the following “Must Have” Mocana Cyber reports:

1. Mocana CyberWall Datasheet
2. Mocana PNAC Datasheet
3. Mocana TrustCenter DS
4. Mocana TrustPoint DS
5. Mocana Unpatchable Legacy ICS Devices

OTHER INDUSTRIAL RESOURCES:

Safeopedia: https://www.safeopedia.com/

Industrial Marketing:  https://industrialtalk.com/industrial-marketing/

Industrial Academy: https://industrialtalk.com/industrial-academy/

Industrial Dojo: https://industrialtalk.com/industrial_dojo/

YOUR INDUSTRIAL DIGITAL TOOLBOX:

Bliss Drive: https://www.blissdrive.com/

Active Campaign: Active Campaign Link

BombBomb: BombBomb Link

Social Jukebox: https://www.socialjukebox.com/

YOUTUBE VIDEO OF INTERVIEW:

The post Cyber Security Strategies with Keao Caindec from Mocana appeared first on The Industrial Talk Podcast with Scott MacKenzie.

The post Cyber Security Strategies with Keao Caindec from Mocana appeared first on Industrial Talk.