Nexus is a cybersecurity podcast hosted by Claroty Editorial Director Mike Mimoso. Nexus will feature discussions with cybersecurity leaders, researchers, innovators, and influencers, discussing the topics affecting cybersecurity professionals in OT, IoT, and IoMT environments. Nexus is formerly known as Aperture.
…
continue reading
1
Joe Saunders on Advanced Cyberattacks Against Critical Infrastructure
34:43
34:43
Spela senare
Spela senare
Listor
Gilla
Gillad
34:43
Runsafe Security CEO and Cofounder Joe Saunders joins the Nexus Podcast to discuss the strategic shift from certain APTs toward destructive cyberattacks targeting U.S. critical infrastructure. Groups such as Volt Typhoon and Sandworm have aggressively focused their efforts on hacking OT, IoT, and healthcare organizations, opening new fronts that as…
…
continue reading
1
Grant Geyer on the Business Impact of Disruptions from Cyberattacks
25:03
25:03
Spela senare
Spela senare
Listor
Gilla
Gillad
25:03
Claroty Chief Strategy Officer Grant Geyer joins the Nexus Podcast to discuss the results of a survey of 1,100 cybersecurity leaders and practitioners on the business impact of disruptions from cyberattacks on cyber-physical systems. The financial losses are steep from these attacks impacting connected systems that are so central to our way of life…
…
continue reading
1
Alethe Denis on Social Engineering, Red-Teaming
43:45
43:45
Spela senare
Spela senare
Listor
Gilla
Gillad
43:45
Bishop Fox senior security consultant Alethe Denis joins the Claroty Nexus podcast to discuss social engineering in cybersecurity and how it has become part of red-team engagements, especially inside critical infrastructure organizations. She explains the value of open source intelligence and data stolen in breaches to scammers and extortionists in…
…
continue reading
1
Alon Dankner on Extracting Crypto Keys from PLCs
27:58
27:58
Spela senare
Spela senare
Listor
Gilla
Gillad
27:58
Alon Dankner of the Technion Institute for Technology in TelAviv Israel joins the Claroty Nexus Podcast to discuss a presentation he gave at the recent Black Hat cybersecurity conference in Las Vegas. Dankner and colleague Nadav Adir's presentation looked at the attack surface of programmable logic controllers (PLCs), in particular Siemens’ S7 prot…
…
continue reading
1
Noam Moshe on Extracting Forensic Data from Unitronics PLCs
27:52
27:52
Spela senare
Spela senare
Listor
Gilla
Gillad
27:52
Claroty Team82 researcher Noam Moshe joins the Nexus Podcast to talk about Team82’s research into Unitronics Vision series integrated HMI/PLC devices. The OT devices were exploited last year in attacks against water treatment facilities in the U.S. and Israel. Team82 researched the security of these devices and developed a pair of tools that allowe…
…
continue reading
1
Alexander Antukh on Cyber Risk Quantification
43:05
43:05
Spela senare
Spela senare
Listor
Gilla
Gillad
43:05
Alexander Antukh, CISO of AboitizPower in the Philippines, the country's largest power and renewable energy provider, joins the Nexus Podcast to discuss cyber risk quantification (CRQ). CRQ is a popular framework used to assess the financial impact of a cybersecurity threat on an organization. Antukh is an advocate of CRQ, and discusses his approac…
…
continue reading
1
Vincente Diaz on Using AI for Malware Analysis
27:38
27:38
Spela senare
Spela senare
Listor
Gilla
Gillad
27:38
Vincente Diaz, Threat Intelligence Strategist on Google’s VirusTotal team and formerly the EU director of Kaspersky Lab’s Global Research & Analysis Team, joins the Nexus Podcast to discuss how artificial intelligence and machine learning is an integral part of what VirusTotal is doing around malware analysis. Vincente describes the advantages thes…
…
continue reading
1
Ahmik Hindman on Patching OT and ICS
28:16
28:16
Spela senare
Spela senare
Listor
Gilla
Gillad
28:16
Ahmik Hindman, Senior Network and Security Solution Consultant at Rockwell Automation, joins the Claroty Nexus podcast to discuss the challenges and success stories he's experienced in patching operational technology equipment and industrial control systems. Hindman has been at Rockwell Automation for 28 years and has expansive experience with cust…
…
continue reading
1
Dr. Bilyana Lilly on Information Warfare
27:49
27:49
Spela senare
Spela senare
Listor
Gilla
Gillad
27:49
Dr. Bilyana Lilly, an expert on geopolitics and Russia’s codification of information warfare as a strategy, says that the war in Ukraine has only temporarily delayed Russia’s activity against the West in cyberspace. On this episode of the Nexus podcast, she reinforces the idea that despite the fact that Russia is operating under severe resource con…
…
continue reading
1
Vinnie Liu on Offensive Security Testing During Incidents
29:30
29:30
Spela senare
Spela senare
Listor
Gilla
Gillad
29:30
Bishop Fox CEO and Cofounder Vinnie Liu joins the Nexus Podcast to discuss his team's role during security incidents in conducting offensive security testing alongside incident response activities. In healthcare environments where ransomware is the leading threat, red-teams and other offensive security specialists are called in, Liu said, to ensure…
…
continue reading
1
Diana Kelley on Protecting the AI Lifecycle
26:11
26:11
Spela senare
Spela senare
Listor
Gilla
Gillad
26:11
Protect AI Chief Information Security Officer Diana Kelley joins the Claroty Nexus podcast to discuss the intricacies of securing machine learning and artificial intelligence use inside the enterprise. She also explains the concept of MLSecOps and how it compares and contrasts to DevOps used in application development. For more, visit nexusconnect.…
…
continue reading
1
Jennifer Minella on OT Cybersecurity Convergence
29:56
29:56
Spela senare
Spela senare
Listor
Gilla
Gillad
29:56
Jennifer Minella, founder and principal advisor of Viszen Security, joins the Claroty Nexus podcast to discuss her experiences advising organizations on operational technology implementations, risk management, and succeeding at IT/OT convergence. This episode was recorded during RSA Conference where Jennifer and Bryson Bort gave a talk on convergen…
…
continue reading
1
Charles Blauner on the Changing Role of the CISO
31:00
31:00
Spela senare
Spela senare
Listor
Gilla
Gillad
31:00
Charles Blauner, Team8 operating partner and CISO in residence, joins the Claroty Nexus podcast to discuss the rapid changes in responsibilities and liability risks facing today's chief information security officers. Blauner, former CISO at JP Morgan and Deutsche Bank, describes how, for example, the new SEC rules around disclosures and incidents, …
…
continue reading
1
Mikko Hypponen on a Decade of Corporate Ransomware Attacks
32:18
32:18
Spela senare
Spela senare
Listor
Gilla
Gillad
32:18
Cybersecurity pioneer Mikko Hypponen joins the Claroty Nexus live at the RSA Conference to discuss a decade of ransomware attacks against corporate networks. Hypponen is Chief Research Officer at WithSecure, the former F-Secure for Business. He has observed and analyzed malware from its infancy when it was a merely a means of disruption and attenti…
…
continue reading
1
Adm. Michael Rogers on Geopolitics and Cybersecurity
27:57
27:57
Spela senare
Spela senare
Listor
Gilla
Gillad
27:57
Former NSA Director Adm. Michael S. Rogers (Ret. USN) joins the Claroty Nexus Podcast live from RSA Conference in San Francisco to discuss the current geopolitical climate, its impact on chief information security officers, and how they can and should response. Rogers discusses how the doctrines of adversaries are changing and that U.S. critical in…
…
continue reading
1
Abel Archundia on Complexity in Critical Infrastructure
35:37
35:37
Spela senare
Spela senare
Listor
Gilla
Gillad
35:37
Abel Archundia, chief technology officer and global head of advisory for Istari, joins the Claroty Nexus podcast to discuss the nature of complexity, technical debt, and regulation, and how it influences risk decisions in critical infrastructure environments. He explains the challenges complexity brings to manufacturing, pharmaceuticals, and other …
…
continue reading
Adam Gluck, founder and CEO of Copia Automation, joins the Claroty Nexus podcast to discuss the need for DevOps within industrial automation. DevOps practices are popping up more frequently in these environments, but there are still hurdles and challenges for developers and engineers to overcome. Adam covers those, and explains how DevOps can impro…
…
continue reading
1
Greg Garcia on the Change Healthcare Cyberattack
44:35
44:35
Spela senare
Spela senare
Listor
Gilla
Gillad
44:35
Greg Garcia, the executive director of the Healthcare and Public Health Sector Coordinating Council’s Cybersecurity Working Group, joins the Claroty Nexus podcast to discuss the Change Healthcare ransomware attack and what can be done from a policy perspective to minimize the impact of such attacks in the future. Garcia has had a long career on the…
…
continue reading
1
Ryan Pickren on New Web-Based PLC Malware Research
35:17
35:17
Spela senare
Spela senare
Listor
Gilla
Gillad
35:17
Ryan Pickren, a Ph.D. student in the School of Electrical and Computer Engineering at the Georgia Institute of Technology, joins the Claroty Nexus podcast to discuss a recently published research paper that explains a new web-based malware attack against programmable logic controllers. Pickren, the lead author, along with colleagues Tohid Shekari, …
…
continue reading
1
Mike Rogers on Understanding a CISO's Personal Exposure in Cyber Incidents
37:26
37:26
Spela senare
Spela senare
Listor
Gilla
Gillad
37:26
Hormel Foods Chief Information Security Officer and Director of Information Security and Compliance Mike Rogers joins the Claroty Nexus podcast to discuss why it's so important for CISO's to understand their personal liability during cybersecurity incidents. New regulations, including the SEC's cybersecurity rules, are driving this need for securit…
…
continue reading
1
Team82 Answers More of your OT Cybersecurity Questions
31:58
31:58
Spela senare
Spela senare
Listor
Gilla
Gillad
31:58
Noam Moshe of Claroty Team82 is back to answer more listener questions about OT vulnerability research, threats and risks to OT networks and IoT devices, and the best mitigation and remediation strategies for defenders. This is a follow-up podcast to an episode we recorded in December answering listener questions. You can listen to that episode her…
…
continue reading
1
Juan Piacquadio on Securing Pharma 4.0
47:26
47:26
Spela senare
Spela senare
Listor
Gilla
Gillad
47:26
Phlow Corp., CIO Juan Piacquadio joins the Claroty Nexus podcast to discuss the application of Industry 4.0 to pharmaceuticals, also known as Pharma 4.0. The industry is quickly adopting advanced technologies such as artificial intelligence, digital twins, and augmented reality to enhance the development of medicine and improve patient care. Along …
…
continue reading
1
David Elfering on CISOs and Cyber Liability Insurance
44:19
44:19
Spela senare
Spela senare
Listor
Gilla
Gillad
44:19
David Elfering, CISO at Carrix and former security and risk executive at Marsh, is back for another episode of the Claroty Nexus podcast to discuss cyber liability insurance. Elfering has extensive experience working not only as an enterprise cybersecurity executive, but also with one of the world's leading insurance carriers. Listen as he brings i…
…
continue reading
1
Team82 Answers Your Vulnerability Research Questions
28:47
28:47
Spela senare
Spela senare
Listor
Gilla
Gillad
28:47
Team82 researchers Sharon Brizinov and Noam Moshe join the Claroty podcast for a special episode where they answer questions submitted by users. This Ask-Me-Anything style of podcast covers the team's OT and IoT vulnerability research process, resources for experienced and beginner vulnerability researchers, and insights from their point of view on…
…
continue reading
1
Mandiant on Sandworm APT Attacks in Ukraine
30:27
30:27
Spela senare
Spela senare
Listor
Gilla
Gillad
30:27
Nathan Brubaker, Mandiant and Google Cloud Head of Emerging Threats and Analytics, joins the Claroty Nexus podcast for a timely discussion on his team’s report published this week on the Sandworm APT’s activity in Ukraine. Sandworm leveraged a new TTP—Living off the Land techniques—to target a Ukrainian energy company in October 2022 to cause a pow…
…
continue reading
1
Don Weber on Security Culture in Control Environments, STAR Methodology
44:41
44:41
Spela senare
Spela senare
Listor
Gilla
Gillad
44:41
Don Weber of Cutaway Security joins the Nexus podcast to discuss a trend in control environments where asset operators and engineers keep trained cybersecurity professionals at arm's length, citing safety concerns. As more control systems are connected and managed online, it's critical for certified security professionals to be included in overall …
…
continue reading
Misha Belisle and Blaine Jeffries of MITRE join the Claroty Nexus podcast to discuss Caldera for OT, a new set of operational technology plugins for the open source core Caldera adversary emulation platform. Caldera for OT supports the Modbus, BACnet, and dnp protocols, and Belisle and Jeffries hope to add future support for additional protocols. R…
…
continue reading
1
Jim LaBonty on the OT Security Stack
46:50
46:50
Spela senare
Spela senare
Listor
Gilla
Gillad
46:50
Retired Pfizer Chief Information Security Officer Jim Labonty joins the podcast to discuss the operational technology (OT) security stack, and how it differs from IT. This episode provides especially important for the growing number of security leaders who are newly responsible for OT cybersecurity and the safety of cyber-physical systems. Labonty …
…
continue reading
1
Stephen Reynolds on Protecting the CISO During Incident Investigations
33:46
33:46
Spela senare
Spela senare
Listor
Gilla
Gillad
33:46
Stephen Reynolds, a partner at the law firm of McDermott, Will, and Emery, joins the Nexus Podcast to discuss some of the concerns and questions CISOs and other security executives may have about their personal liability and exposure during breach investigations. The short of it: Don’t panic, but don’t be unprepared either. In this case, preparatio…
…
continue reading
1
Team82 on NAS Research, OPC UA Exploit Framework
34:30
34:30
Spela senare
Spela senare
Listor
Gilla
Gillad
34:30
Team82’s extensive research into network attached storage devices and the ubiquitous OPC UA industrial protocol came to a head recently in Las Vegas with a pair of presentations at Black Hat USA and DEF CON disclosing vulnerabilities in Synology and Western Digital NAS cloud connections and the unveiling of a unique OPC UA exploit framework. In thi…
…
continue reading
1
Bishop Fox on OSDP Weaknesses Putting Secure Facilities at Risk
26:30
26:30
Spela senare
Spela senare
Listor
Gilla
Gillad
26:30
In this episode of the Nexus podcast, Bishop Fox researchers Dan Petro and David Vargas explain their research into the Open Supervised Device Protocol (OSDP), meant to bring encryption to badge readers and controllers providing physical access controls at secure facilities. Petro and Vargas explain a number of protocol weaknesses and vulnerabiliti…
…
continue reading
1
Jennifer Lyn Walker on Cybersecurity Risks in the Water Sector
46:42
46:42
Spela senare
Spela senare
Listor
Gilla
Gillad
46:42
Jennifer Lyn Walker, Director of Infrastructure Cyber Defense for the WaterISAC, joins the Nexus podcast to discuss the state of cybersecurity within the water and wastewater critical infrastructure sector. Walker explains where the cybersecurity technology, funding, and skills gaps currently exist among smaller—and larger—water providers. She also…
…
continue reading
1
Kathleen Moriarty on CIS' IoT Security Guidance
38:38
38:38
Spela senare
Spela senare
Listor
Gilla
Gillad
38:38
Kathleen Moriarty, Chief Technology Officer of the Center for Internet Security (CIS) joins the Nexus podcast to discuss CIS' recently published IoT Embedded Security Guidance. The document walks vendors, developers, DevOps professionals through the most commonly used IoT protocols and analyzes them from a security perspective. The aim is to help v…
…
continue reading
1
Walter Risi on the CISO's Journey from IT to OT
35:07
35:07
Spela senare
Spela senare
Listor
Gilla
Gillad
35:07
Walter Risi, Global OT Lead and the Technology and Cyber Security Consulting leader at KPMG in Argentina, joins the Nexus podcast to discuss the CISO's journey from IT to OT. Risi explains what's driving this convergence of security disciplines, and the challenges security leaders are facing across industries. You'll also learn why resilience shoul…
…
continue reading
1
Noam Moshe on Teltonika 4G IIoT Router Cybersecurity Research
16:51
16:51
Spela senare
Spela senare
Listor
Gilla
Gillad
16:51
Claroty Team82's Noam Moshe joins the Nexus podcast to discuss a recent research collaboration with OTORIO looking at Teltonika's 4G industrial routers and cloud management platforms. Eight vulnerabilities were uncovered and patched by the vendor in a recent update. Moshe discusses the vulnerabilities, attack vectors involved, and the state of secu…
…
continue reading
1
Charles Carmakal on Cybersecurity Threats to Healthcare
37:54
37:54
Spela senare
Spela senare
Listor
Gilla
Gillad
37:54
Mandiant Chief Technology Officer Charles Carmakal joins the Claroty Nexus podcast to discuss real-world threats to healthcare organizations. Mandiant has a unique vantage point as an incident response team involved in many high-profile cyberattacks. Based on that insight, Carmakal is able to comment on the conventional and opportunistic attacks he…
…
continue reading
1
Lorrie Cranor on IoT Security and Privacy Labels
32:39
32:39
Spela senare
Spela senare
Listor
Gilla
Gillad
32:39
Lorrie Cranor, Director and Bosch Distinguished Professor in Security and Privacy Technologies at Carnegie Mellon University's CyLab, joins the Nexus podcast to discuss an IoT security and privacy label initiative under way at CyLab. The labels are meant not only to help consumers make informed buying decisions, but also to nudge vendors and manufa…
…
continue reading
1
Skip Sorrels on the 405(d) HICP, Healthcare Cybersecurity
41:04
41:04
Spela senare
Spela senare
Listor
Gilla
Gillad
41:04
Skip Sorrels, director of cybersecurity at Ascension Technologies, which oversees the technology needs for Ascension Healthcare, one of the country’s biggest non-profit healthcare providers, joins the Nexus podcast to discuss the 405(d) Task Group's Health Industry Cybersecurity Practices (HICP). The HICP identifies top cybersecurity threats to the…
…
continue reading
1
Dave Elfering on Cyber Liability Insurance
42:34
42:34
Spela senare
Spela senare
Listor
Gilla
Gillad
42:34
Dave Elfering, senior vice president at Marsh, a global insurance broker and risk management company, joins the Nexus podcast to discuss the current state of cyber insurance. A longtime figure in information security, Elfering explains the current volatility around coverage, premiums, and exclusions. He goes deep into what can sometimes be contenti…
…
continue reading
1
Vera Mens on Akuvox E11 Vulnerabilities
21:16
21:16
Spela senare
Spela senare
Listor
Gilla
Gillad
21:16
Team82 researcher Vera Mens joins the Nexus podcast to discuss her research that uncovered 13 vulnerabilities in the popular Akuvox E11 smart intercoms. These devices are used to control access to offices, residential, and commercial establishments. The vulnerabilities range in severity, and pose serious privacy implications for users. Vera will di…
…
continue reading
1
Adm. Mike Rogers on the National Cybersecurity Strategy
39:38
39:38
Spela senare
Spela senare
Listor
Gilla
Gillad
39:38
Adm. Mike Rogers, USN (Ret.) joins the Nexus podcast to discuss the recently released National Cybersecurity Strategy, the first such strategy from the Biden administration. The strategy codifies many of the cyber-physical systems security initiatives the White House has produced since 2021 in the aftermath of the Colonial Pipeline ransomware attac…
…
continue reading
1
Katherine Gronberg on the Federal Government and OT/IoT Cybersecurity
43:56
43:56
Spela senare
Spela senare
Listor
Gilla
Gillad
43:56
Katherine Gronberg, head of government services at cybersecurity venture capital firm NightDragon, joins the Nexus Podcast to discuss what's driving the federal government's renewed interest and investment in OT and IoT cybersecurity. Katherine brings insight from her unique perspective on these issues, especially as it pertains to upcoming require…
…
continue reading
1
Noam Moshe on a Generic WAF Bypass Technique
30:46
30:46
Spela senare
Spela senare
Listor
Gilla
Gillad
30:46
Claroty Team82 researcher Noam Moshe joins the podcast to discuss his recent research and development of a generic bypass of leading vendors' web application firewalls. This research was presented at Black Hat Europe and on the Team82 blog. The technique involves prepending JSON syntax to a SQL injection payload. Prior to this research, WAFs were b…
…
continue reading
Claroty Team82 Director of Research Sharon Brizinov joins the podcast to discuss the recent Pwn2Own Toronto event. Brizinov was successful in three categories at the event, finding and exploiting zero day vulnerabilities in two network-attached storage devices and a popular router. In this episode, Brizinov explains his preparation for the contest,…
…
continue reading
1
Joe Slowik on TRITON Malware, XENOTIME Hacking Group
42:17
42:17
Spela senare
Spela senare
Listor
Gilla
Gillad
42:17
Joe Slowik, threat intelligence and detections lead at Gigamon, joins the podcast to discuss the XENOTIME hacking group, the entity believed to be responsible for the 2017 Triton attack. Triton was deployed within a petrochemical facility in Saudi Arabia and triggered a fault in the Schneider Electric Triconex Safety Instrumented Systems that initi…
…
continue reading
Team82's Noam Moshe, one of the researchers involved in developing the EvilPLC attack, discusses the technique of using a weaponized programmable logic controller to compromise an engineer's workstation and gain access to other PLCs on the OT network. Read more about the EvilPLC technique Download Team82's paper on EvilPLC…
…
continue reading
1
Sarah Fluchs Revisits the Top 20 Secure PLC Coding Practices List
47:04
47:04
Spela senare
Spela senare
Listor
Gilla
Gillad
47:04
Sarah Fluchs, CTO at Admeritia, joins the Aperture podcast to discuss the Top 20 Secure PLC Coding Practices List. Written for engineers by engineers, the list provides recommendations that can be used to securely design and code programmable logic controllers (PLCs). The first iteration of the list was published in 2021, and since then, its core g…
…
continue reading
1
Vergle Gipson on Cyber-Informed Engineering
44:37
44:37
Spela senare
Spela senare
Listor
Gilla
Gillad
44:37
Vergle Gipson, senior advisor, at Idaho National Lab's Cybercore Integration Center, joins the podcast to discuss cyber-informed engineering and the maturing discipline of operational technology (OT) cybersecurity. Gipson recently testified before a House Committee on Homeland Security about the need to secure industrial control systems against cyb…
…
continue reading
Claroty Team82 researcher Noam Moshe joins the podcast to discuss the Evil PLC Attack research published recently. Evil PLC is a technique whereby a weaponized PLC is used to compromise an engineering workstation in order to move deeper onto the OT network, the enterprise network, or other PLCs. Read Team82's blog here. Download our technical paper…
…
continue reading
1
Dan Gunter on Threat Hunting in Industrial Control Systems
38:40
38:40
Spela senare
Spela senare
Listor
Gilla
Gillad
38:40
Insane Forensics CEO and founder Dan Gunter joins the Aperture podcast to discuss threat hunting approaches inside industrial control systems (ICS) and operational technology (OT) networks. Gunter describes how Shodan can be used to understand exposures within an industrial network and threats posed by trust relationships to the OT network. Gunter …
…
continue reading