As all of you know, there are no silver bullets when it comes to cybersecurity success in the industrial sector. Every enterprise has its own unique characteristics, each plant floor its different connectivity elements, and each business is comprised of diverse human dynamics that fuel its culture.
However, regardless of the environment, there continues to be a handful of best practices that can be universally applied. As I journey across the cybersecurity realm, one of these reoccurring themes is avoiding that urge to “eat the elephant” or “drink the ocean” when implementing cybersecurity strategies.
Rather, the thought process is to set priorities and check things off as you go. Our guest for this episode mentioned this numerous times, whether it comes to responding to an increasingly complex collection of threat actors, or tackling the right uses of artificial intelligence.
Watch/listen as we discuss a number of topics with Casey Ellis, Founder and Chief Strategy Officer of BugCrowd, including:
- The very real threat of IABs (initial access brokers) and state-sponsored hackers.
- How his organization works to reinforce why it's cool to be a White Hat.
- How thinking like a criminal helps improve defenses through penetration testing and other exercises.
- Developing strategies that prioritize resilience over perfection.
- Integrating new technologies with patching in mind.
- Using AI to develop faster response times and focusing on "which part of the elephant to eat first," instead of doing "stupid stuff" because of the pressure to implement it.
To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at [email protected].
