Hack the Plant
Bryson Bort
Electricity. Finance. Transportation. Our water supply. In Hack the Plant, podcast host Bryson Bort looks for answers to the question: Does connecting these systems, and others, to the internet leaves us more vulnerable to attacks by our enemies? We often take these critical infrastructure systems for granted, but they’re all becoming increasingly dependent on the internet to function. From the ransomware threats of Colonial Pipeline to the failure of the Texas power grid, it is clear our interconnectivity is also a significant source of risk. Hack the Plant walks through the world of hackers working on the front lines of cyber security and public safety to protect the systems you rely upon every day.
Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
ICS Village is a nonprofit that equips industry experts and policymakers with the tools to better defend our critical infrastructure. We educate people on critical infrastructure security with hands-on examples, not just nerd stuff. Catch us at an event near you! www.icsvillage.com.
The Institute for Security and Technology is a nonprofit think tank with the mission to bridge gaps between technology and policy leaders to help solve these emerging security problems together. Learn more at securityandtechnology.org.
Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
ICS Village is a nonprofit that equips industry experts and policymakers with the tools to better defend our critical infrastructure. We educate people on critical infrastructure security with hands-on examples, not just nerd stuff. Catch us at an event near you! www.icsvillage.com.
The Institute for Security and Technology is a nonprofit think tank with the mission to bridge gaps between technology and policy leaders to help solve these emerging security problems together. Learn more at securityandtechnology.org.
Episodes
Mentioned books
Feb 28, 2025 • 23min
From the Archives
For the final episode of the season, our host Bryson Bort reflects on four years and forty episodes of Hack the Plan[e]t, and picks a few favorites. Episode 8, DoD and Critical Infrastructure: https://hack-the-plant.simplecast.com/episodes/dod-and-critical-infrastructureEpisode 10, The Congressman, The Commission and Our Critical Infrastructure: https://hack-the-plant.simplecast.com/episodes/the-congressman-the-commission-and-our-critical-infrastructureEpisode 27, Managing Incident Responses to Critical Infrastructure Attacks: https://hack-the-plant.simplecast.com/episodes/managing-incident-responses-to-critical-infrastructure-attacksEpisode 28, Cyber Threat Intelligence Over the Past 25 Years: https://hack-the-plant.simplecast.com/episodes/cyber-threat-intelligence-over-the-past-25-yearsEpisode 36, Supporting Ukrainian Electrical Grid Resilience in Wartime: https://hack-the-plant.simplecast.com/episodes/supporting-ukrainian-electrical-grid-resilience-in-wartime-mxxhn2g3Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
Feb 3, 2025 • 31min
Protecting Critical Infrastructure for Rural Electric Cooperatives
Carter Manucy, Director of Cybersecurity at the National Rural Electric Cooperative Association, is a leading voice in safeguarding electric cooperatives. He discusses the pressing cybersecurity challenges these rural cooperatives face, especially in modernizing infrastructure affordably. Carter emphasizes the need for collaboration through initiatives like Project Guardian and the Cyber Mutual Assistance Program to strengthen cybersecurity culture. He also reflects on the future of cybersecurity and the importance of uniting efforts to protect our critical energy systems.
Nov 26, 2024 • 28min
Reliability and Risks of the North American Power Grid
Sara Patrick, President and CEO of the Midwest Reliability Organization, shares her insights on the vulnerabilities of North America's power grid. She discusses the escalating cyber threats and how smaller organizations can fortify themselves against risks. Sara emphasizes the growing role of artificial intelligence in grid reliability, warning of its dual-use nature. She also highlights the transition from compliance to operational excellence in ensuring a resilient energy infrastructure. Tune in for vital strategies to safeguard our power systems!
Sep 25, 2024 • 31min
Securing Embedded Systems
In this episode, Bryson sits down with MITRE EMB3D co-founder Niyo Little Thunder Pearson. For nearly 20 years, Niyo has been at the forefront of protecting critical infrastructure systems. He previously led incident response for American Express, directing the company’s Security Operations Center during the LulzSec and Anonymous attacks, and worked to develop an adversarial cyber defense program for the nation’s third largest gas utility at ONE Gas Oklahoma. Now, Niyo has co-founded MITRE EMB3D, a groundbreaking global threat network aimed at enhancing the security of embedded devices. What is MITRE EMB3D? Who is the intended audience? What problems is it trying to solve? “There is such a gap that exists today on what we understand and how risk averse these [embedded] devices are. They do well and they operate well. They're built for what they're doing in a safety context, but the security was never brought forward with it,” Niyo said. Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
Jul 23, 2024 • 42min
The Case For A Cyber Force
In this episode, Bryson sits down with Mark Montgomery, Senior Director at the Foundation for Defense of Democracies. For three years, Mark served as Executive Director of the Cyberspace Solarium Commission, created by congressional mandate to develop strategic approaches to defending against cyber attacks. Now, he directs CSC 2.0, an initiative that works to implement the recommendations of the Commission. What were the key recommendations of the Cyberspace Solarium Commission? What are the politics of cybersecurity? How do we ensure that our international partners have the same level of resiliency and recovery that we have domestically? “We'd like to fight our adversaries overseas. That means we have to fight with and through our allies and partners. So they have to have strong critical infrastructure as our forces arrive and execute their missions,” Mark said. Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
Jun 21, 2024 • 32min
Supporting Ukrainian Electrical Grid Resilience in Wartime
Joe Marshall is a Senior IoT Security Strategist at Cisco Talos Intelligence Group. When Russia invaded Ukraine in 2022, Joe helped coordinate a multinational, multi-company coalition of volunteers and experts to find a technological solution. Bryson and Joe sat down to discuss his efforts in Ukraine, how he got the go-ahead from Cisco leadership, and more. “They were like, yeah, we can't even get accurate timing to work on our transmission grid because of jamming that is interrupting GPS communications,” Joe explains. “A week later I was sitting in my office and I went, ‘I wonder if we have something inside of Cisco that can actually help with this.’” Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
May 21, 2024 • 31min
Preparing for the potential worst day
In this episode, Bryson Bort is joined by Paul Shaver, Global OT Security Practice Lead at Mandiant / Google Cloud to discuss the cyber threat landscape. How did Paul’s military background play a role in his decision to start working with control systems? What is the difference between an advanced persistent threat and a regular threat? What does Paul think is the best way to protect against documented threats from nation-state actors?“I think if we're not doing a better job of protecting critical infrastructure, protecting our assets, any one of the nation state actors could cause that level of mass scale outage or destruction of capability. It comes down to being better prepared to protect these environments,” Paul said. Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
Apr 23, 2024 • 34min
The ICS Hacker
Claroty is a cybersecurity company that helps organizations to secure cyber-physical systems across industrial (OT), healthcare (IoMT), and enterprise (IoT) environments: the Extended Internet of Things (XIoT). In this episode, Bryson Bort sits down with Claroty director of research and industrial control system (ICS) vulnerability expert Sharon Brizinov to discuss everything ICS.What are the most common vulnerabilities threatening ICS security? What’s the impact of cybersecurity controls standardization? And if he could wave a magic wand, what is one thing he’d change in the ICS industry? “Don't expose ICS equipment over the Internet,” Sharon said. “That's my wish. To eliminate all the ICS Internet-exposed devices.”Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
Feb 28, 2024 • 37min
Securing, Defending, and Bringing Resilience to Infrastructure
Psymetis creates Operational Technology (OT) security solutions that quickly and prevent electric grid outages and catastrophic infrastructure failures. Psymetis’ Werewolf system provides condition monitoring and threat mitigation for the power grid, detecting cyberattacks, equipment failures, and physical damage in real-time. In this episode of Hack the Plant, Bryson sits down with Psymetis CEO Robert Shaughnessy to discuss his work with Psymetis, challenges to innovation in the private sector, and the role of government in developing new technologies. What ecosystem problem is Psymetis solving? How is the federal government involved? What threats do our critical infrastructure systems face? How is China involved?“We're not talking about shooting wars, we're talking about wars where adversaries–to include economic adversaries–can have advantage,” Shaughnessy said. “As we're looking out over the next couple of years… there's a lot of frightening indicators that want us to plan for these events, knowing the capabilities of our tier one adversaries.” Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
Feb 2, 2024 • 51min
CISA’s Critical Infrastructure Protection Mission with Jen Easterly
As America’s Cyber Defense Agency and the National Coordinator for Critical Infrastructure Security and Resilience, the Cybersecurity and Infrastructure Security Agency (CISA) leads the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure that Americans rely on every day. In this episode of Hack the Plant, Bryson sits down with CISA Director Jen Easterly to discuss her work on leading CISA’s critical infrastructure mission, implementing efforts to make products Secure by Design, and working with private companies to combat ransomware.How has CISA’s role evolved since 2018? How do they advance critical infrastructure protection and cyber defense? What are Director Easterly’s priorities for 2024? And if she could wave a magic wand, what is one thing she would change? “We need transparency so that we can all work together to protect the ecosystem, because the actors are not ever going to fight fair,” Easterly said. “We need all the collective strength of the community to keep Americans safe and secure.”Join us for this and more on this episode of Hack the Plant. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.
