PrOTect It All

In this insightful episode of Protect It All, titled "Why Cybersecurity Matters: Protecting Our Food Supply from Digital Threats with Kristin Demoranville," host Aaron Crow and guest Kristin Demoranville tackle the critical yet often overlooked role of cybersecurity in the food and agriculture industry.

Kristin stresses the need to shift from reactive to proactive cybersecurity measures to protect our complex food supply chains and ensure resilience. The discussion covers real-world cyber incidents like the ransomware attack on JBS meat company, emphasizing the human factors, financial misconceptions, and the necessity for robust incident response and business continuity plans.

Listeners will also learn about the dangers of excessive reliance on technology and automation, the significance of water conservation, and the importance of integrating OT security in data centers. Through professional insights and personal anecdotes, Kristin highlights the crucial need for community support within the OT landscape.

This episode offers a comprehensive look at the cultural and societal implications of cyber threats to our food supply, making it essential listening for anyone interested in the safety and security of the food industry.

Key Moments:

00:10 Training and spreading awareness about operational technology.

10:21 Agriculture lacks attention; needs OT cybersecurity focus.

15:26 Security professionals foresee major food safety risk.

18:04 Supply chain issues during COVID highlight concerns. Regenerative farming and feeding the population.

24:04 ICS OT industry united in game proposal.

27:35 Designing systems must consider cyber risk implications.

34:11 Cybersecurity often an afterthought in many companies.

41:47 Respectful, supportive, and geeky cyber community advocate.

42:58 Texan upbringing shaped love for celebratory food.

51:10 Concern over CrowdStrike blaming and finger pointing.

57:16 Operator scans RFID tags from break room.

59:24 Resisting a wasteful task, leading to change.

About the guest :

Kristin Demoranville is the visionary founder and CEO of AnzenSage, a cybersecurity firm specializing in the food and agricultural industry. She also leads as the CEO and co-founder of AnzenOT, a groundbreaking SaaS OT Cybersecurity Risk Intelligence solution. With 26 years in the tech industry, Kristin seamlessly blends cybersecurity with food protection culture, always emphasizing the vital role of people and processes. Her extensive background—ranging from collaborating with Fortune 500 companies and various manufacturing sectors to studying gorilla behavior as part of her Environmental Management degree—gives her a unique and well-rounded perspective on cybersecurity and critical infrastructure. A published expert and in-demand speaker, Kristin is known for bridging the worlds of food protection and cybersecurity. She’s also the host of the Bites & Bytes Podcast, where she drives meaningful conversations between professionals across food, cybersecurity, and technology.

Anzensage Website : https://www.anzensage.com/

AnzenOT Website : https://www.anzenot.com/

Bites and Bytes Podcast: https://www.bitesandbytespodcast.com/

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: [email protected]
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at [email protected]

In Episode 10 of Protect It All, titled "Tools and Techniques for Better Network Visibility and Vulnerability Management with Kylie McClanahan," host Aaron Crow and guest Kylie McClanahan dive into the critical elements of enhancing cybersecurity through advanced tools and strategies. Kylie, CTO of a company specializing in this field, shares her insights on overcoming the challenges of consistent naming conventions, accurate vendor data, and breaking down silos for effective communication across teams.

They explore the utility of tools like Spartan and Network Perception in visualizing network vulnerabilities, mapping asset inventories, and planning effective patch management. They emphasize the importance of correlating vulnerabilities with business priorities rather than just CVSS scores and the need for a layered security approach.

The episode also discusses cybersecurity risks to non-technical stakeholders, highlighting the business implications. The duo discusses the evolving landscape in the power utility sector, the dual nature of physical and cyber threats, and the ever-present need for continuous adaptation.

Kylie shares her excitement about machine learning and graph neural networks for grid state estimation while expressing caution about AI tools' accuracy. Aaron and Kylie stress the importance of reliable data, automated processes, and vendor security advisories in maintaining effective asset management.

Key Moments:

03:47 Discussion focused on improving cybersecurity classifications and communication.

08:48 Compliance sometimes leads to minimum effort for benefit.

11:17 Vendor security advisories prioritize patch tracking.

14:46 Testing for security vulnerabilities and potential exploits.

17:20 Understanding and communicating cybersecurity risk to non-professionals.

20:50 Disagreement on consistent product naming causes confusion.

25:46 NVD website publishes overwhelming recent vulnerabilities.

27:07 Understanding the importance of asset management.

32:13 Challenges of tracking change management in organizations.

33:33 People, process, and technology are crucial investments.

37:34 Spartan takes any scan, offers change management.

39:55 Vision of the future: a dynamic ecosystem.

43:19 Vendors acknowledge changes in control systems effectiveness.

48:09 Equations useful, AI for optimization, caution with models.

49:28 Questioning truthfulness of AI in HR replacement.

53:01 Toyota and Lexus prioritize reliable, tested technology.

About the guest :

Kylie McClanahan is the Chief Technology Officer of Bastazo, Inc and a doctoral candidate in Computer Science at the University of Arkansas. She has nearly a decade of experience with cybersecurity in the electric industry, including both professional experience and frequent collaborations with industry as a graduate researcher. Her research explores the automation of vulnerability analysis and remediation using natural language processing and machine learning. She holds a GCIP certification from GIAC and speaks frequently about cybersecurity in industrial control systems.

How to connect Kylie:

https://www.linkedin.com/in/kyliemcclanahan/

https://www.bastazo.com

https://www.cisa.gov/stakeholder-specific-vulnerability-categorization-ssvc

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: [email protected]
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at [email protected]

In this episode, Aaron is joined by Paul Shaver, an experienced OT security consultant from Mandiant, part of Google Cloud. Together, they navigate the nuanced landscape of operational technology (OT) cybersecurity.

The episode begins with Aaron recalling a critical incident at a power plant that underscores the potential pitfalls in OT environments. This sets the stage for a rich discussion on the evolution of OT technology, with Aaron and Paul reminiscing about primary domain controllers and early NT workstations.

The conversation shifts to the future of OT in the cloud, where Paul highlights the benefits of cloud solutions, including enhanced resiliency, security, and data optimization through AI. A compelling customer case study illustrates modern technology adoption with web-based HMIs and Chromeboxes.

Paul offers a detailed analysis of the current OT cybersecurity landscape, addressing the persistent legacy system challenges and the need for a cohesive IT-OT security strategy. He discusses the evolving threat landscape influenced by global geopolitical tensions and the rise of zero-day vulnerabilities.

Listeners will gain practical insights into foundational cybersecurity measures, such as network segmentation, asset inventory management, and robust access control..

Key Moments:

04:14 Connecting IT and OT optimizes processes securely.

09:54 Lost production severely impacts manufacturing revenue recovery.

14:06 Ensure network notifications; control access, separate credentials.

17:10 Engineers need secure access to adjust parameters.

21:55 Endpoint detection on older systems is critical.

28:47 Resilience is crucial in CrowdStrike incident response effectiveness.

32:11 Limited resources for global incident response efforts.=

39:22 Rebuilt domain controller caused authentication issues.

42:37 Focus on resiliency and cloud opportunities, leveraging multi-cloud.

44:59 Improve grid operations using cloud and hyper-converged technology.

48:38 Local cloud provides redundancy for remote sites.

51:15 Critical for acquisition process and problem-solving.

About the guest :

Paul Shaver has dedicated more than two decades to various roles in Operational Technology (OT), primarily within the oil and gas industry. His expertise spans OT architecture, design, and build, along with run and maintaining responsibilities as an asset owner.

Before transitioning into cybersecurity, Paul served as a Technology Director for an oil and gas company in California. Driven by a burgeoning interest in security, he joined Mandiant nearly five years ago. At Mandiant, now part of Google, Paul relishes the mission of enhancing security postures in OT and critical infrastructure, contributing to significant advancements in the field.

How to connect Paul: https://www.linkedin.com/in/pbshaver/

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: [email protected]
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at [email protected]

In this episode, Aaron Crow and special guest Joseph Perry dive deeply into the evolving landscape of cybersecurity. The episode explores the integration of commercial off-the-shelf systems into OT environments, highlighting how this transition brings similar security challenges from the IT sector into play. Throughout their discussion, Aaron and Joseph tackle the complex vulnerabilities, the resistance to adopting new technologies, and the critical necessity of tailored security measures. They also examine the pervasive buzzwords like "AI" in modern cybersecurity products.

Listeners will gain insights into the growing regulatory scrutiny from the SEC, the heightened responsibility of Chief Security Officers, and the anticipated evolution of cybersecurity professions into more rigorous, skilled trades. The conversation further touches on the chaotic state of threat intelligence, the impact of technological advancements such as AI on cyber-attacks, and the increasing industrialization of fraud. From understanding the hype cycles of AI to the practical challenges of explaining complex security solutions to non-technical stakeholders, this episode is packed with valuable information.

Aaron and Joseph also discuss the importance of learning from past IT mistakes when adopting new technologies and the unique challenges of protecting both cutting-edge and legacy systems within OT environments. As they address topics like social engineering attacks, ransomware, and the use of AI tools in cybersecurity, listeners will come away better equipped to navigate the intricate cybersecurity landscape. Tune in for a comprehensive exploration of these critical issues.

Key Moments:

05:36 Library catalog conversion led to career in cybersecurity.

15:02 AI useful in cybersecurity for structured data.

18:07 Questions remain about AI, and human intervention need.

25:39 Advanced fraud detection surpasses current AI capabilities.

28:37 AI contributes significantly to medicine, finance, and cybersecurity.

34:57 Powerful means test and audience testing revolutionized fraud.

37:58 Attacks getting shorter, focused on initial access.

47:52 Focus shifts to CPE, vulnerability, and attack.

48:53 Russian threat actors reassert, causing chaos. No rules.

54:43 IT challenges in dealing with construction clients.

59:56 Evolution of cyber security concerns and measures.

About the guest :

Joseph Perry is a seasoned cybersecurity expert currently leading incident response, threat intelligence, and purple teaming at MorganFranklin Cyber. With a background spanning the US Navy and the National Security Agency, Perry has built a robust expertise in emerging technology and cybersecurity. He specializes in critical infrastructure protection, threat intelligence, and the adoption of new technologies.

Perry is a prominent figure in the cybersecurity community, contributing his insights at major conferences like Black Hat and Defcon. He focuses on the practical applications of AI in cybersecurity, fraud detection, and the evolving threat landscape. Committed to advancing the field, Perry emphasizes continuous learning and domain expertise to help organizations combat cyber threats effectively

How to connect Joseph : https://www.linkedin.com/in/lousyhacker/

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: [email protected]
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at [email protected]

Summary

The conversation covers various topics related to cybersecurity, including offensive security, IoT devices, hidden threats in cables, advanced hacking devices, privacy concerns with smart devices, cyber hygiene, securing personal data, risks of social media platforms, importance of cybersecurity education, government regulations, and trends in cybersecurity for 2024. The conversation explores the prevalence of social engineering attacks and the effectiveness of generative AI in social engineering. It discusses the challenges of detecting phishing emails generated by AI and the difficulty of defending against AI-powered attacks. The role of password managers and firewalls in defense is highlighted, as well as the importance of recognizing the limitations of human perception. The conversation emphasizes the need for cyber defense measures in organizations and the vulnerability of the weakest link in the chain. It also addresses the risks associated with third-party vendors and the impact of cyber attacks on critical infrastructure. The importance of cyber-informed engineering and designing with security in mind is discussed, along with the challenges of securing outdated OT systems. This conversation covers various topics related to securing OT networks, including the challenges of upgrading OT systems, the complexity of OT networks, and the use of OT firewalls. The discussion also explores the importance of understanding OT protocols and the security risks of unencrypted OT protocols. Additionally, the conversation delves into the impact of Active Directory issues and the role of AI in cybersecurity. The future of AI and quantum computing in cybersecurity is also discussed.

More About The Episode

Hosted by: Aaron Crow

Guest: Duane Laflotte

Connect with Duane Laflotte:

• Website: www.pulsarsecurity.com/
• LinkedIn: https://www.linkedin.com/in/duanelaflotte/

Connect with Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: [email protected]
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest, or suggest a guest/episode please email us at [email protected]

—

Audio production by NMP. We hear you loud and clear.