On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Content provided by Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to Unsolicited Response
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
A podcast about web design and development.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Podcasts Worth a Listen
SPONSORED
T
The Sarah Fraser Show
1 SISTER WIVES: The Brown Family Plans Garrison's Funeral, Gives NEW Details About His Passing. Justin Baldoni v Blake Lively UPDATES, First Pictures Of Micah Plath’s Broken Nose Have Surfaced!… 36:16
36:16 
Play Later 
Play Later 
Lists 
Like 
Liked36:16
Play Later
Play Later
Lists
Like
LikedDANMMMMM…Have I got a show for you! First, a lot of Sister Wives tea - new rumors have surfaced Janelle Brown is leaving the show. Plus, Gabe Brown gives a life update after losing and tragically finding his brother Garrison dead. Sadly, Garrison took his own life in March 2024. Then we head over to discuss the new Welcome To Plathville tea. The first pictures of Micah Plath have surfaced after being beat up by his brother Issac and it doesn’t look good for the future of his modeling career. Lastly, we discuss the latest in the Justin Baldoni v Blake Lively case, Justin is back on social media and it was the perfect social media return. Timestamps: 00:00:00 - Open and new Sister Wives news 00:05:43 - Janelle Brown leaving the show? Sister Wives Closet is officially closed 00:12:45 - A new pic of Micah Plath’s broken nose has surfaced 00:18:18 - Justin Baldoni back on social media and Taylor Swifts team is pissed at Justin Baldoni MY Go Big Podcasting Courses Are Here! Purchase Go Big Podcasting and learn to start, monetize, and grow your own podcast. USE CODE: MOM15 for 15% OFF (code expires May 11th, 2025) **SHOP my Amazon Marketplace - especially if you're looking to get geared-up to start your own Podcast!!!** https://www.amazon.com/shop/thesarahfrasershow Show is sponsored by: Download Cash App & sign up! Use our exclusive referral code TSFS in your profile, send $5 to a friend within 14 days, and you’ll get $10 dropped right into your account. Terms apply Horizonfibroids.com get rid of those nasty fibroids Gopurebeauty.com science backed skincare from head to toe, use code TSFS at checkout for 25% OFF your order Nutrafol.com use code TSFS for FREE shipping and $10 off your subscription Rula.com/tsfs to get started today. That’s R-U-L-A dot com slash tsfs for convenient therapy that’s covered by insurance. SkylightCal.com/tsfs for $30 OFF your 15 inch calendar Quince.com/tsfs for FREE shipping on your order and 365 day returns Warbyparker.com/tsfs make an appointment at one of their 270 store locations and head to the website to try on endless pairs of glasses virtually and buy your perfect pair Follow me on Instagram/Tiktok: @thesarahfrasershow ***Visit our Sub-Reddit: reddit.com/r/thesarahfrasershow for ALL things The Sarah Fraser Show!!!*** Advertise on The Sarah Fraser Show: thesarahfrasershow@gmail.com Got a juicy gossip TIP from your favorite TLC or Bravo show? Email: thesarahfrasershow@gmail.com Learn more about your ad choices. Visit megaphone.fm/adchoices…
Engineering-Grade OT Security with Andrew Ginter
Manage episode 386533670 series 1450749
Content provided by Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Andrew Ginter published his third book this year: Engineering-Grade OT Security. Dale interviews Andrew on the book including:
- Who was the target reader that Andrew wrote the book for?
- Do (should) professional engineers lose their licenses for poor and dangerous cybersecurity design and deployments?
- The use of the term engineering grade, and how he defines it.
- Unhackable protection and safety controls as a major part of engineering grade.
- Unidirectional (one-way) network devices as the only security control listed as engineering grade. Is one-way from the enterprise network to the OT network engineering grade?
- Given the ICSSTRIVE/Waterfall report that 75% of all cyber incidents affecting operations are due to ransomware on IT, should asset owners prioritize address this issue or engineering grade security first?
- What is keeping Andrew working rather than retiring
Links
- Complete this form to get a free copy of the book
87 episodes
ShareManage episode 386533670 series 1450749
Content provided by Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Dale Peterson, Dale Peterson: ICS Security Catalyst, and S4 Conference Chair or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Andrew Ginter published his third book this year: Engineering-Grade OT Security. Dale interviews Andrew on the book including:
- Who was the target reader that Andrew wrote the book for?
- Do (should) professional engineers lose their licenses for poor and dangerous cybersecurity design and deployments?
- The use of the term engineering grade, and how he defines it.
- Unhackable protection and safety controls as a major part of engineering grade.
- Unidirectional (one-way) network devices as the only security control listed as engineering grade. Is one-way from the enterprise network to the OT network engineering grade?
- Given the ICSSTRIVE/Waterfall report that 75% of all cyber incidents affecting operations are due to ransomware on IT, should asset owners prioritize address this issue or engineering grade security first?
- What is keeping Andrew working rather than retiring
Links
- Complete this form to get a free copy of the book
87 episodes
All episodes
×
Dale Peterson discusses with Maggie how she got into OT security, her recent move to the Financial Sector, women in ICS security, and more.
If you're not interested in S4, skip this episode. Dale goes over the feedback from the survey and S4 Event's own thoughts on the event, Tampa, and more.
1 Joel Langill On His New OT Security Training Class And More 50:34
50:34 Play Later Play Later Lists Like Liked50:34
Play Later Play Later Lists Like LikedDale Peterson speaks with Joel Langill, the SCADAHacker, about his new training course entitled Conducting Threat, Vulnerability, and Risk Assessments For ICS. A two day version of this course will be offered prior to S4x25 . Of course Dale and Joel jump around a bit on training, the workforce and other items. Take a listen.…
1 S4x24 Main Stage Interview With Stewart Baker 30:52
30:52 Play Later Play Later Lists Like Liked30:52
Play Later Play Later Lists Like LikedStewart Baker is one of the preeminent lawyers on topics of cyber law with an impressive career in and out of government. Stewart also hosts the Cyberlaw podcast. The Biden administration is contending that vendors should be held liable for security deficiencies in their products. Assuming this is turned into law and/or executive orders, what does it mean? What can we learn from other liability law to inform us what would be required for a vendor to be held liable for a security issue? How would the judgment / damages be determined. Dale's note: We talk about the SEC charges against SolarWinds in this interview.…
Dale Peterson interviews Rob Lee on the S4 Main Stage. They cover a lot of ground and Rob is never shy about sharing his opinions and analysis. They discuss: Rob’s first S4 PIPEDREAM deployed v. employed distinction … and why 2 years later is it still the most dangerous ICS malware? Are we really more homogenous? What makes a group something that Rob/Dragos tracks as an ICS focused attacker? If the answer to intel is do the basics, do I need intel? What ICS specific data was VOLTZITE exfiltrating? What countries are targeting critical infrastructure? Is it realistic to expect any country to not target its adversaries CI? Threat actors focused on manufacturing How should an asset owner measure the effectiveness of their detection solution?…
1 Chris Hughes, Author of Effective Vulnerability Management 43:55
43:55 Play Later Play Later Lists Like Liked43:55
Play Later Play Later Lists Like LikedChris Hughes and Nikki Robinson recently wrote the book Effective Vulnerability Management. Dale and Chris discuss the topic and book including: The definition and scope of vulnerabilities. It’s much more than coding errors that need patches. Are ICS protocols lacking authentication “vulnerabilities” The reality that most organizations have 100’s of thousands of unpatched vulnerabilities. Some statistics and will this change. Ways to prioritize what vulnerabilities you address. The SSVC decision tree approach that was introduced at S4 as Never, Next, Now Tooling … vulnerability management, software configuration, ticketing, remediation. And much more. Links: Effective Vulnerability Management, https://www.amazon.com/Effective-Vulnerability-Management-Vulnerable-Ecosystem/dp/1394221207/ Dale’s ICS-Patch Decision Tree, https://dale-peterson.com/wp-content/uploads/2020/10/ICS-Patch-0_1.pdf…
1 2024 Threat Report – OT Cyber Attacks with Physical Consequences 53:22
53:22 Play Later Play Later Lists Like Liked53:22
Play Later Play Later Lists Like LikedWaterfall Security Solutions and ICSSTRIVE put out an annual threat report that Dale Peterson believes is the best in OT. Why? It only includes incidents that had physical consequences on systems monitored and controlled by OT. Dale and Andrew discuss: What is in and out of scope for the report. The breakdown of the 68 incidents that occurred in 2023 by industry sector, cause, threat actor and more. The impact reporting requirements may have on these numbers in the future. What percentage of OT cyber incidents with physical consequences are made public. Ransomware on IT causing physical consequences, exfil v. encryption, and what asset owners should do given this represents 80% of the known incidents in the report. And more. Links: 2024 Threat Report: https://waterfall-security.com/ot-insights-center/ot-cybersecurity-insights-center/2024-threat-report-ot-cyberattacks-with-physical-consequences/ ICSSTRIVE: https://icsstrive.com S4 Events YouTube Channel: https://youtube.com/s4events…
1 State Of NERC CIP, European Update and OT Security Community 46:46
46:46 Play Later Play Later Lists Like Liked46:46
Play Later Play Later Lists Like LikedPatrick Miller has OT cybersecurity experience as an asset owner, PacificCorp. As a regulator and one of the first NERC CIP auditors with WECC. As a community organizer creating and leading EnergySec and the BeerISAC. And as an entrepreneur creating and leading a number of consulting practices. He is currently the Founder of Ampyx Cyber. In this episode Patrick and Dale discuss: Why Patrick changed the company name and selected Talinn as the location for the new European office. The major differences in approaches to OT cybersecurity and risk management between Europe and the US. (more than just regulatory differences) What has the EU learned or improved on regulation from NERC CIP. What is the current state of NERC CIP regulatory risk? Are the regulated entities understanding and meeting the standards’ requirements? The challenge of slow NERC CIP modifications, eg virtualization and cloud. Bad standard & good regulator v. good standard & bad regulator. Should water follow the NERC CIP model as recommended by AWWA? How Patrick is dealing with AI. Links Ampyx Cyber: https://ampyxcyber.com Patrick’s Critical Assets Podcast: https://amperesec.com/podcast Subscribe to Dale’s ICS Security Friday News & Notes: https://friday.dale-peterson.com/signup Advertise on Unsolicited Response: https://dale-peterson.com/advertising/…
1 Book Interview: Introduction To SBOM And VEX 59:20
59:20 Play Later Play Later Lists Like Liked59:20
Play Later Play Later Lists Like LikedEmma Stewart joins Dale to discuss the 3 big OT & ICS security stories from the first quarter. They end by giving their win, fail and prediction for Q1.
In this solosode episode Dale reviews the status of his three predictions from the Q1, 2 and 3 quarter in review episodes and answers a listener question.
Dale is joined by Steve Pozza, CISA Section Chief of Operational Resilience, and Tom Millar, CISA Branch Chief of Resilience, to discuss some of CISA's security services for asset owners. They discuss: The Internet accessible attack surface enumeration and vulnerability scanning surface. Asset owners can buy products or services to do this. Why is the government doing this? What CISA is doing with this attack surface data? How is CISA measuring the success of this service offering? Other broadly available services and tools, the cybersecurity performance goals (CPG assessment) ~500 done in 2023 (and their thinking about self-assessments), Malcom traffic analysis tool, and a couple of other tools. Links CISA Vulnerability Scanning Services Malcolm Tool…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Daily Deals
Similar to Unsolicited Response
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Hanselminutes is Fresh Air for Developers. A weekly commute-time podcast that promotes fresh technology and fresh voices. Talk and Tech for Developers, Life-long Learners, and Technologists.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
A podcast about web design and development.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
