Hack the Plant

For the last episode of season 5, host Bryson Bort sat down with Andrew Ohrt, Resilience Director at West Yost Associates. A civil engineer specializing in water infrastructure, Andrew bridges the gap between traditional engineering and digital risk. Andrew walks us through the "invisible" nature of water systems, the impact of data centers on utility resilience, and how Cyber-Informed Engineering (CIE) protects our most essential resource. How did a drive under a rebuilt bridge in Minneapolis pivot Andrew’s career toward critical infrastructure? Why did a single wastewater release shut down Waikiki Beach for an entire week? And what happens when a cybersecurity team finds a client’s PLC exposed on the open internet? “To me, the integration of understanding cyber or digital risk in our critical infrastructure, the engineers picking that understanding up, building awareness, building skill sets, figuring out how to manage that risk, is one of the most important things that we've been working on,” he said. Join us for this and more on this episode of Hack the Plan[e]t.  The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers.  Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Our host Bryson Bort welcomes Dr. Natalie Sullivan, Medical Director of the Emergency Response Medical Group and an emergency medicine physician at a D.C. area hospital. Trained in EMS and disaster and operational medicine, Natalie turned her attention to the critical intersection of clinical medicine, patient safety, and cybersecurity resilience after experiencing a prolonged ransomware attack on a major hospital. Dr. Sullivan lays out the disaster preparedness cycle, and the many vectors of risks for hospitals. How does a cyberattack on one hospital lead to increased cardiac arrest mortality at the hospital three blocks away? Why is a generation of "digital native" doctors a hidden vulnerability in an analog emergency? And what happens when a hospital's reliance on these "tightly coupled" systems—like water, power, and the Medical IoT—collapses during a ransomware event?“We are critical infrastructure, but we're deeply, deeply dependent on the surrounding critical infrastructure,” Dr. Sullivan said. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Bryson Bort is joined by Dd Budiharto, Microsoft’s Customer Security Officer for the Oil, Gas, and Energy sectors, to share her experience bridging the IT/OT divide in the energy sector. Drawing on her background as a former CISO and industry veteran with decades of experience starting security programs at giants like Halliburton and Marathon Oil, Dd breaks down IT vs OT auditing, the cultural divide in oil and gas, and what cybersecurity looks like in the energy sector.   How did an early mistake involving a patch reboot change Dd's career forever? What is preventing private companies and the FBI from working together? Why is basic hygiene—like disabling terminated accounts—still the biggest "unsolved" problem in billion-dollar industries? “If you want to upgrade your home, to modernize it, the foundation still needs to be fixed first,” Dd said. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.

In this episode, host Bryson Bort sits down with Gary Kessler, retired cybersecurity professor and co-founder and director of the Maritime Hacking Village. As a maritime cybersecurity researcher, consultant, and practitioner with nearly fifty years of experience, Gary walks us through the ins and outs of cybersecurity at sea, automated identification systems (AIS), and AI’s current and future role in maritime operations. What is AIS spoofing, and why is it dangerous? What are the unique challenges posed by cybersecurity at sea? Is the maritime industry ready for artificial intelligence integrations? “AI is going to [present] really incredible opportunities for us moving forward. I think however, it is a tool that is not well understood in general by people who are not specialists. And particularly in the maritime industry, we're going to have to get a lot better at understanding the capabilities and the pitfalls,” Gary said. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Deputy Managing Director at the Cyber Readiness Institute Lessie Skiba joins host Bryson Bort to discuss the CRI’s new program connecting small- and medium-sized water utilities with cyber coaches to strengthen their resilience.What if the most effective cybersecurity solution isn't a new piece of technology, but a human connection? How can we empower small businesses to tackle cyber threats, even with limited resources? And if Lessie could wave a magic, air-gapped wand, what is one fundamental change she would make to our digital landscape?Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Our host Bryson sits down with Colin Ahern and Kirk Herath, two of the only cybersecurity experts working in Governors’ offices in the United States. Colin was appointed Chief Cyber Officer of the State of New York by Governor Kathy Hochul in June 2022, and Kirk stepped into his role as Cybersecurity Strategic Advisor to Ohio Governor Mike DeWine and Lt. Governor Jon Husted the same year. In their positions, Colin and Kirk are responsible for coordinating their states’ cybersecurity capabilities, overseeing threat assessment and response, working with local governments to prepare for and remediate cyber attacks, and more.  What were the critical lessons learned in building statewide cybersecurity programs from the ground up? How do states navigate the shifting landscape of federal support? And what are the biggest challenges and opportunities on the horizon for cyber czars and strategic advisors across the country? “You can't replicate these shared services unless you're doing it together. You just can't. We can either succeed together or we can fail separately. There's really not a middle ground where we can all have exactly everything we want all the time. Because like we've said, this is a risk management exercise in a world of limited resources,” Colin explained. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.

Bryson Bort is joined by Jim Montgomery, Director, Industrial Cybersecurity Solutions at TXOne Networks. TXOne provides network-based and endpoint-based products to tackle security vulnerabilities across industrial environments. With decades of IT security experience, Jim now leads TXOne’s work protecting Operational Technology environments across critical sectors like automotive, oil and gas, pharma, manufacturing, and semiconductors.How can we defend against threats that are already embedded within our systems? What are the most immediate and significant risks facing our critical infrastructure today? And how can operators begin to secure their networks? “Let's start with the basics. Let's start with understanding. Let's start with making it hard to get into your environment, and let's start discouraging that type of behavior from attacking your environment,” Jim said. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.

Bryson Bort sits down with Adam Robbie, Head of OT Threat Research at Palo Alto Networks, to pull back the curtain on OT threat research. With a background in electrical engineering, Adam’s first job in cybersecurity was at an IT help desk. He now leads a team dedicated to identifying, analyzing, and mitigating cyber threats targeting Operational Technology (OT) environments.What are the top threats Adam is seeing in OT attacks? Why is manufacturing such a vulnerable sector? And if he could wave a magic, non-Internet connected wand, what would he change? “I really would love to have more experts in OT,” Adam said. “The more knowledge…and the more experts we have, it will fasten this process [of innovation].” Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. 

Bryson Bort welcomes Sarah Powazek, Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity, to discuss the organization’s work providing cybersecurity resources for the public, and CyberCAN, a project to connect cities and nonprofits providing critical services.  How can cities play a larger role in protecting their communities? What are the biggest cybersecurity challenges facing nonprofits? What innovative solutions are being developed to address the cybersecurity resource gap? “It's never going to be enough to have one federal agency help every single organization in a country. We're just too large,” Sarah said. “I think the solution is to create more infrastructure at the state, local, and regional level.”Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plan[e]t is brought to you by ICS Village and the Institute for Security and Technology.

Welcome to season 5! Our host Bryson Bort sits down with Institute for Security and Technology (IST) Executive in Residence for Public Safety & Security Josh Corman. Josh previously joined us on season 1, episode 2 to discuss his experience founding I Am The Cavalry, a grassroots organization focused on the intersection of digital security, public safety, and human life. Today, Josh walks us through his Cyber Civil Defense initiative UnDisruptable27 and his work to bolster the resilience of local critical infrastructure systems. What role can you play in making our communities more resilient? What risks do we face from a hybrid conflict? How can we better prepare for disruptions to critical infrastructure? “You inform, influence, inspire. You make sure people aren't blindsided, and even if they can't stop the natural disaster, they can at least prepare for it and make informed decisions and innovate locally,” Josh said. “And unlike natural disasters, where we only have a couple hurricanes a year, we may have concurrent unnatural disasters on plural U.S. infrastructure sites across the country with finite resources to respond and recover.”Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plan[e]t is brought to you by ICS Village and the Institute for Security and Technology.