<p><strong style="background-color: transparent; color: rgb(0, 0, 0);">About Don C. Weber:</strong><span style="background-color: transparent; color: rgb(0, 0, 0);"> Don C. Weber is the Principal Consultant and Founder of Cutaway Security, LLC, an information security consulting firm based in Texas. With a master's degree in network security and a Certified Information Systems Security Professional (CISSP) certification, Don has a wealth of expertise gained over two decades. As a seasoned leader, he has spearheaded large-scale incident response efforts, overseen the certification and accreditation of classified federal and military systems, and managed distributed security teams safeguarding mission-critical Navy assets. A prolific contributor to open-source projects in the realm of information security and incident response, Don focuses his current efforts on assisting organizations in fortifying their critical infrastructure and operational technology environments through comprehensive vulnerability evaluations and strategic security solutions.</span></p><p><br></p><p><strong style="background-color: transparent; color: rgb(0, 0, 0);">In this episode, Aaron and Don C. Weber discuss:</strong></p><ul><li><span style="background-color: transparent;">Navigating the convergence of IT and OT in cybersecurity</span></li><li><span style="background-color: transparent;">Addressing the gray area in OT and IT collaboration</span></li><li><span style="background-color: transparent;">Enhancing cybersecurity in control systems</span></li><li><span style="background-color: transparent;">Embracing cloud technology in ICS security</span></li></ul><p><br></p><p><strong style="background-color: transparent; color: rgb(0, 0, 0);">Key Takeaways:</strong></p><ul><li><span style="background-color: transparent;">Understanding the distinct languages, processes, and incident response approaches between IT and OT is crucial for effective cybersecurity in the evolving landscape, requiring a collaborative baseline to ensure efficient communication and decision-making during critical incidents.</span></li><li><span style="background-color: transparent;">The integration of OT and IT in cybersecurity strategies is crucial, and addressing the often overlooked gray area between these domains requires proactive collaboration, communication, and education to bridge the gap and ensure a comprehensive approach to security measures.</span></li><li><span style="background-color: transparent;">The integration of cybersecurity measures in control systems requires a holistic approach, involving clear requirements, collaboration between IT and OT experts, and a shift from the traditional "we've always done it this way" mindset to address evolving challenges and ensure the resilience and safety of critical infrastructure.</span></li><li><span style="background-color: transparent;">As industries rapidly transition to cloud-based solutions, failure to integrate IT and OT teams, train IT professionals about OT, and prepare for potential vulnerabilities in cloud services can lead to increased costs, heightened risks, and a competitive disadvantage in the evolving landscape of ICS security.</span></li></ul><p><br></p><p><strong style="background-color: transparent; color: rgb(0, 0, 0);"><em>"Does the OT side understand anything about cloud? No, that's not their job. Whose job is it? It's the job, right now every company has an IT admin or an IT team, a full team for managing cloud within the corporate environment. If you don't accept, if you don't allow some leadership people from those teams in and start building out your cloud team, you're going to quickly fall behind the times, you're going to be deploying solutions that are vulnerable to remote attacks.</em>" — Don C. Weber</strong></p><p> </p><p><strong style="color: rgb(0, 0, 0);">Additional Resources:</strong></p><p><br></p><p><span style="color: rgb(0, 0, 0);">SANS Industrial Control Systems Security: </span><a href="https://www.sans.org/industrial-control-systems-security/" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204);">https://www.sans.org/industrial-control-systems-security/</a></p><p><span style="color: rgb(0, 0, 0);">ICS Village: </span><a href="https://www.icsvillage.com/" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204);">https://www.icsvillage.com/</a></p><p><br></p><p><strong style="color: rgb(0, 0, 0);">Connect with Don C. Weber:</strong><span style="color: rgb(0, 0, 0);"> </span></p><p><span style="color: rgb(34, 36, 47);">Email: </span><a href="mailto:[email protected]" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204); background-color: transparent;">[email protected]</a></p><p><span style="color: rgb(34, 36, 47);">Website: </span><a href="https://www.cutawaysecurity.com" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204); background-color: transparent;">https://www.cutawaysecurity.com</a></p><p><span style="color: rgb(34, 36, 47);">LinkedIn: </span><a href="https://www.linkedin.com/in/cutaway/" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204); background-color: transparent;">https://www.linkedin.com/in/cutaway/</a></p><p><span style="background-color: transparent; color: rgb(0, 0, 0);">GitHub: </span><a href="https://github.com/cutaway-security" rel="noopener noreferrer" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">https://github.com/cutaway-security</a></p><p><br></p><p><strong style="color: rgb(0, 0, 0);">Connect with Aaron:</strong></p><p><strong style="color: rgb(0, 0, 0);">LinkedIn: </strong><a href="https://www.linkedin.com/in/aaronccrow" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204);">https://www.linkedin.com/in/aaronccrow</a></p><p><br></p><p><strong style="color: rgb(0, 0, 0);">Learn more about Industrial Defender:</strong></p><p><strong style="color: rgb(0, 0, 0);">Website: </strong><a href="https://www.industrialdefender.com/podcast" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204);">https://www.industrialdefender.com/podcast</a><span style="color: rgb(0, 0, 0);"> </span></p><p><strong style="color: rgb(0, 0, 0);">LinkedIn: </strong><a href="https://www.linkedin.com/company/industrial-defender-inc/" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204);">https://www.linkedin.com/company/industrial-defender-inc/</a></p><p><strong style="color: rgb(0, 0, 0);">Twitter: </strong><a href="https://twitter.com/iDefend_ICS" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204);">https://twitter.com/iDefend_ICS</a></p><p><strong style="color: rgb(0, 0, 0);">YouTube: </strong><a href="https://www.youtube.com/@industrialdefender7120" rel="noopener noreferrer" target="_blank" style="color: rgb(17, 85, 204);">https://www.youtube.com/@industrialdefender7120</a></p><p><br></p><p><br></p><p><span style="background-color: transparent; color: rgb(0, 0, 0);">Audio production by</span><a href="https://www.turnkeypodcast.com/" rel="noopener noreferrer" target="_blank" style="background-color: transparent; color: rgb(0, 0, 0);"> </a><a href="https://www.turnkeypodcast.com/" rel="noopener noreferrer" target="_blank" style="background-color: transparent; color: rgb(17, 85, 204);">Turnkey Podcast Productions.</a><span style="background-color: transparent; color: rgb(0, 0, 0);"> You're the expert. Your podcast will prove it. </span></p>
