Nozomi Networks security experts discuss topics that are important to the OT and IoT security community. This includes current cybersecurity threat intelligence, trends, news, and challenges. If you work in security or operations, or if you are a researcher, you’ll find episodes of interest.
The podcast The OT and IoT Security Podcast is created by Nozomi Networks. The podcast and the artwork on this page are embedded on this page using the public podcast feed (RSS).
In this episode of The Security Sandbox, hosts Vivek Ponnada and Sandeep Lota will dive into the top cybersecurity trends that shaped 2024 and discuss our predictions for 2025, including:
▶️ The impact of emerging technologies like AI on cybersecurity
▶️ The latest trends in threat actor tactics targeting operational technology
▶️ How zero trust initiatives are changing industrial network architecture
▶️ The growing role of Secure by Design principles
▶️ Upcoming regulations driving cybersecurity enhancements across industries
▶️ Why proactive defense in OT environments will be a key initiative in 2025
Hosts Vivek Ponnada and Sandeep Lota share their insights on and exploring topics such as:
✅ Emerging threats to ICS over the next 12-18 months
✅ Evolving strategies for integrating IT and OT cybersecurity
✅ The future role of AI in ICS cybersecurity
✅ Fostering collaboration between IT and OT teams
Most cybersecurity threats begin in IT systems. But as the lines between IT and OT continue to blur, these same threats have more and more opportunities to move closer to critical control systems. Having both visibility and context into what assets are most at risk across your operational environments is crucial for maintaining the safety and availability of these systems.
In this episode of the Security Sandbox, we'll cover the strategic use of cyber threat intelligence (CTI) to safeguard critical infrastructure and industrial environments.
You'll learn about:
Over the past decade, operational technology (OT) systems have become increasingly digitized and more vulnerable to cyber threats, making effective cyber risk management more crucial than ever. This session will explore the concept of cyber risk, defined as the potential for loss or harm to digital infrastructure, and how you can proactively apply the latest tools, trends and techniques to reduce cyber risk and enhance the resilience of your OT systems.
We’ll cover:
Traditionally, operational technology (OT) operators have shied away from active monitoring methods, driven largely by concerns over system disruption and OEM vendor validation expectations. However, the tide appears to be turning. Over the past few years, we’ve seen mindsets evolving from relying on a 100% passive approach to embracing more active monitoring methods to get deeper asset context, including configuration information, log files, user activity correlation, USB insertions, and even operational data from level 0 in a PLC.
During this session, we'll delve into the advancements in OT-safe proactive monitoring and how you could apply some of these latest developments towards securing your critical infrastructure while ensuring operational continuity and compliance.
Artificial intelligence (AI) is having a moment… a really long moment. It’s been evolving for decades, but now it’s everywhere all at once. AI-powered digital assistants like Siri and Alexa, as well as generative AI tools like ChatGPT, Gemini and Copilot, have put AI at everyone’s fingertips, including cybercriminals.In cybersecurity, the race is on to outsmart bad actors who are already using new forms of AI to find vulnerabilities faster and launch more effective attacks. During this session, we'll delve into what AI really is, its applications for cybersecurity, and how critical infrastructure and industrial organizations are using it to stay ahead of cyber threats.
Incident response is something we hope you don’t have to deal with very often, but for those responsible for securing industrial and critical infrastructure, it’s a critical component of their cybersecurity strategy. In fact it’s key to ensuring that your business, systems and personnel are well prepared to act swiftly and efficiently when an incident does occur.
Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and OT Cybersecurity Strategist Danielle Jablanski.
Malware and ransomware are of course some of the biggest and most widely known threats that businesses face today. However, having a basic understanding of the bigger picture will enable you to prepare your business for a whole range of threats that you may come across, and secure your business further.
Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Security Research Evangelist Roya Gordon.
The rise of remote working, hybrid cloud environments and use of mobile and IoT devices has casued the security perimeter approach to become obsolete. It’s quickly being replaced by the zero trust model which denies access to all applications and data by default. Zero trust is less a technology than it is a security policy objective and design approach.
Learn more from Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Gary Kinghorn, Senior Director of Product Marketing.
Cyber risk management involves identifying all the OT and IoT assets on your operational network, assessing their vulnerabilities, and outlining risk management processes to close security gaps.
Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Technical Sales Director Shan Zhou.
Response time refers to the amount of time that takes place between when we perceive something to when we respond to it. It is the ability to detect, process, and respond to a situation. In this case, we look at what a typical day an Operational Technology (OT) responder must endure and why this role is crucial within critical infrastructure and industrial control networks.
Will the rapidly expanding use of IoT devices, advent of smart cities and creation of an uber-connected world hasten the demise of privacy? In such a world, just how important is privacy, data security and protecting our IoT infrastructure?
Learn about the complex issues of privacy and privilege in this episode.
Operational technology (OT) and Information Technology (IT) have traditionally been managed separately. With the emergence of Internet of Things (IoT) and the changing threat and risk landscape, industrial, manufacturing and critical infrastructure companies are bringing together their OT, IT and IoT networks to achieve a combined cyber and risk plan to prevent future cyberattacks. The incoming Critical Infrastructure Bill is aimed at driving action in this direction and organizations must start to prepare now to secure their IT as well their OT / IoT infrastructure.
These combined capabilities not only achieve significant improvements in cybersecurity but bring remarkable improvements in the efficiency of managing and securing your diverse assets.
In this episode, learn more about:
PrintNightmare and the Kaseya ransomware attack are two recent cyber incidents making waves in the news about the escalating threat environment. Nozomi Networks Labs security researcher Ivan Speziale shares his insights into what went wrong in these attacks, and what can be done to mitigate their impact.
U.S. regulators are looking into how business operators maintain effective cybersecurity. The incoming Security of Critical Infrastructure legislative amendments will no doubt lead to an increased security compliance regime for any country.
Companies everywhere should proactively develop a robust cybersecurity compliance program – not because of legislation but because it’s good security hygiene and practice. How can you prepare for that now?
Join with us as we explore:
IoT security camera provider Verkada was the target of a recent attack. Hackers gained access to the live video feeds of 150,000 surveillance cameras used by their customers. The attack showed the risks involved in leveraging IoT devices within business operations. In this short episode, find out what happened during the recent security breach, and what common practices can open the door to attacks like this.
The number of devices used in Intelligent Transportation Systems (ITSs) is exploding. Unfortunately, this high level of connectivity and network complexity has created an expanded attack surface with many vulnerabilities. Join us to learn about security challenges faced by metro systems, maritime transportation and logistics, and how to gain deeper operational visibility, prevent downtime and detect cyber threats.
To help you address accelerating OT/IoT security issues, the Nozomi Networks Labs team shares their new research findings on the top threats targeting critical infrastructure and industrial operations. Join us for a discussion on the current OT/IoT threat landscape, supply chain threats to OT and IoT environments, ransomware risks, and how to protect your critical OT/IoT networks.
What makes the Australian Critical Infrastructure Act one of the most important pieces of security legislation to come out in the last decade?
Join Bill Hagestad II, Jonathan Rusch, Brian Hay and Nozomi Networks’ Diego Betancur for a discussion about the Act's impact upon the Australian industrial landscape. This episode explores the motivations behind targeting critical infrastructure, and covers the fundamental steps toward cybersecurity resilience.
Cybersecurity in the oil & gas industry has become a boardroom issue, as high-profile attacks and targeted threats like TRITON raise awareness about risks to energy sector safety and productivity. Learn how real-world energy leaders manage cyber risks, minimize disruptions and ensure safety. Special guest Jim Guinn, Global Managing Director with Accenture Security, joins the discussion to share his experiences that span time on the rig to board-level cybersecurity planning.
Here are links to the security resources mentioned during the session:
An increase in cyberthreats across IT, OT and IoT networks, combined with new labor safety laws designed to hold executive leadership or executive leadership teams accountable, is raising the stakes for corporations, boards and senior executives. In this episode, learn about corporate cyber risk and workplace safety laws from experts in cyber espionage and workplace and risk management. Find out what you can do to strengthen your security posture.
Former General Motors CISO Rich Armour reflects on how digital transformation and cybersecurity are driving the next generation of smart, connected and protected vehicles. General Motors’ 1977 Oldsmobile Toronado was the first production car to incorporate embedded software. Today, automotive manufacturing is one of the most widely automated industries in the world. Learn more about how smart devices are used for everything from in-vehicle diagnostics to autonomous control.
To learn more about Rich and his role as a Nozomi Networks advisor, visit: https://www.nozominetworks.com/company/leadership/
Businesses have faced extremely difficult times during the COVID-19 pandemic. Hear what Nozomi Networks Vice President of Finance Ngoc Phan is doing to address the uncertainty and volatility, and how he’s helped the company pull together to launch a new SaaS solution (Vantage), and find new ways to support customers, employees, and partners.
To learn more about Ngoc, visit: https://www.nozominetworks.com/company/leadership/
To increase botnet resiliency, threat actors are now using a P2P hybrid network topology that allows the botnet to survive a takedown of nodes with specialized roles, and reorganize itself accordingly. Though it can be challenging to disrupt the malicious activities of P2P botnets, you can follow proven strategies when a specific network has been affected. Listen to the podcast learn what can be done.
Here are links to the security resources mentioned during the session:
Learn why Stephen, Nozomi Networks’ Chief Revenue Officer, believes in creating an amazing customer experience at every touch point. He shares how listening closely to customer feedback and responding quickly to their requests leads to a much better OT/IoT security solution.
To learn more about Stephen, visit: https://www.nozominetworks.com/company/leadership/
In this episode, learn how digital transformation has been fuelled by a global pandemic that forced many of us to work from home. Security visionaries from Schneider Electric and Nozomi Networks discuss the latest trends in industrial cybersecurity that have developed from the need for secure remote access, and cover a use case for an innovative security solution.
Here are links to the security resources mentioned during the session:
As you move some or all of your data and applications from on-prem to the cloud, you may need to rethink your security strategy. This episode covers cloud options – private, public, and SaaS – to help you determine which is the right one for you. Panelists also discuss the risks of failing to ensure that your security infrastructure is ready before migrating.
Here are links to the security resources mentioned during the session:
Hear from Nozomi Networks’ President and CEO Edgard Capdevielle how the company transformed from a startup of seven people in the U.S. and Switzerland into a global OT and IoT security leader in less than seven years.
To learn more about Edgard and Nozomi Networks' path to success, visit: https://www.nozominetworks.com/company/leadership
Learn why Moreno Carullo launched Nozomi Networks with university-mate Andrea Carcano in 2013, and how artificial intelligence and machine learning are being used to drive OT security automation and increase the effectiveness of small cybersecurity teams. Moreno also discusses how Nozomi Networks uses these two technologies to provide up-to-date threat and asset intelligence.
In this episode, find out what every critical infrastructure and industrial operation should know to keep operations safe. Learn about cyber espionage, and how the lines are blurring between organized cybercrime and nation-sponsored efforts. Nozomi Networks’ Phillip Page is joined by Chinese Cyber Espionage Expert Retired Lt Colonel Bill Hagestad II, and former Federal Prosecutor US Department of Justice Jonathan Rusch, with the episode facilitated by Brian Hay, former Operational Commander of Fraud and Cybercrime for the Queensland Police.
Security teams can use the MITRE ATT&CK Framework for ICS to enhance their organization’s security strategies and policies. The framework uses threat modelling to classify malicious cybersecurity events against an OT environment, and to create a knowledge base of potential threat actor behaviors. Find out more about the differences between MITRE for IT and MITRE for ICS.
Here are links to the security resources mentioned during the session:
Learn about the pitfalls typically encountered when choosing an OT/IoT cybersecurity solution. From evaluation to selection, purchase, and deployment, this podcast covers the most important questions to ask the vendors you’re considering, and ways to successfully navigate past the key hazards. Join Nozomi Networks host Chris Grove and CMO Kim Legelis as they address this important process.
Here are links to the free resources mentioned during the webinar:
Learn about Alessandro’s path from pen tester to threat analyst, and what a threat analyst does day-to-day. Find out more about the activities that Alessandro and his security research team are involved in: looking for new threats reported by the security community, gathering samples, analyzing their behavior and creating efficient signatures to precisely detect threats and help industrial and other OT/IoT organizations keep their networks secure.
To find out more about Nozomi Networks Labs, visit: https://www.nozominetworks.com/labs/
This episode covers the most active threats seen in the first six months of 2020, including IoT malware, ransomware, and COVID-19-themed malware. Gain insight into their tactics, techniques and procedures, as well as recommendations for securing your OT/IoT networks. You’ll also learn about the top ICS vulnerabilities of 2020, and their ongoing impact on risk from Nozomi Networks security researchers.
Here are links to the free resources and security tools mentioned during the webinar:
· Research Report: OT/IoT Security Report 2020 1H
· Blog: What IT Needs to Know about OT/IoT Security Threats in 2020
· Learning Guide: The IT Pro’s Guide to OT/IoT Security
· Executive Brief: Integrating OT into IT/OT SOCs
· Executive Brief: The Cost of OT Cybersecurity Incidents and How to Reduce Risk
· Solution Brief: Real-time Cybersecurity and Visibility for Industrial Control Networks
This episode covers the most active threats seen in the first six months of 2020, including IoT malware, ransomware, and COVID-19-themed malware. Gain insight into their tactics, techniques and procedures, as well as recommendations for securing your OT/IoT networks. You’ll also learn about the top ICS vulnerabilities of 2020, and their ongoing impact on risk from Nozomi Networks security researchers.
Here are links to the free resources and security tools mentioned during the webinar:
As Nozomi Networks VP of Worldwide Business Development and Channel Sales, Chet Namboodri knows the value of partnerships. Learn how partnering between security providers creates better solutions, and what type of partners Nozomi Networks looks for. Also, find out what changes Chet sees in the future, as the partnership landscape evolves to address emerging threats.
To learn more about Chet, visit: https://www.nozominetworks.com/company/leadership/
Find out what led Nozomi Networks CMO Kim Legelis to cybersecurity, and who the bad guys are in the current OT/IoT security landscape. Learn what security experts are doing to protect us from cyberattacks on critical infrastructure. Kim also shares her thoughts on how the discussion has shifted from explaining the need for cybersecurity to focusing on what’s being done to address cyber threats.
To learn more about Kim, visit: https://www.nozominetworks.com/company/leadership/
How should Security Operations Center (SOC) analysts face the often-overwhelming number of alerts triggered by ICS and IoT systems? Find out why alerts can be a problem, and how you can avoid common SOC monitoring pitfalls. Nozomi Networks CPO & Co-founder Andrea Carcano and host Chris Grove also cover how automated OT/IoT monitoring and anomaly detection solutions can be used to increase SOC efficiency while enhancing responsiveness.
Here are links to the free resources and security tools mentioned during the webinar:
In this episode, learn about how vendors are implementing encrypted OT protocols into real-world device firmware, and the security implications of encrypted OT/IoT systems. Nozomi Networks security researchers combine research with field expertise to drill into what is being done, using IEC 62351 as an example. They also cover two different attack scenarios, and the future of the threat detection landscape.
Learn about IoT botnet threats from Nozomi Networks security researchers, including common propagation techniques, hacktivism, and strategies to protect your own networks. This episode discusses Dark Nexus, an IoT botnet that uses DDoS attacks for financial gain, and which has been active over the last few months. The related webinar shows a real-time execution demo of Dark Nexus.
Here are links to the free resources and security tools mentioned during the webinar:
COVID-19 has disrupted supply chains across the world. But disruptions to the manufacturing supply chain are surprisingly common, due to equipment failure, component unavailability, or nation-state sponsored cyberattacks. Learn how manufacturers and supply chain members can protect themselves, with panelist Armando Seay, Director of DreamPort.
Here are links to the free resources and security tools mentioned during the webinar:
What kind of person and what kind of effort does it take to become an OT security entrepreneur? Host Chris Grove interviews founder Andrea Carcano to learn about his background and the early startup days of Nozomi Networks. Don’t miss this free-wheeling and fun discussion, and learn the first example of the company “never giving up”. For more information, visit https://www.nozominetworks.com/company/leadership/
Suzanne Spaulding, former DHS Undersecretary for Cybersecurity, provides interesting insights into nation-state threats during COVID-19, the Solarium Cybersecurity Commission recommendations, election security and more. Join host Andrea Carcano and host Chris Grove for this discussion, including practical recommendations and resources for real-time threat intelligence.
Here are the resources Suzanne mentions in the podcast:
For more information on COVID-19 cybersecurity, visit: https://www.nozominetworks.com/labs/covid-19-cybersecurity/
Working from home is now the norm for millions of people, including those maintaining safe industrial operational processes. Join host Andrea Carcano and guests Scott Smith and Chris Grove as they discuss remote access monitoring, including what to monitor, free tools that can be used to do safe OT/IoT network monitoring, and other best practices.
For more information, visit https://www.nozominetworks.com/labs/covid-19-cybersecurity.
Andrea Carcano talks with colleagues Alexander Di Pinto and Chris Grove about the evolving COVID-19 threat landscape. Their discussion covers how threats are changing, the techniques used by hackers to perform attacks, and the sectors targeted by phishing campaigns. Alessandro describes the free threat intelligence downloads he helped create, and how to use them.
En liten tjänst av I'm With Friends. Finns även på engelska.