The OT and IoT Security Podcast

In this episode of The Security Sandbox, hosts Vivek Ponnada and Sandeep Lota will dive into the top cybersecurity trends that shaped 2024 and discuss our predictions for 2025, including: ▶️ The impact of emerging technologies like AI on cybersecurity ▶️ The latest trends in threat actor tactics targeting operational technology ▶️ How zero trust initiatives are changing industrial network architecture ▶️ The growing role of Secure by Design principles ▶️ Upcoming regulations driving cybersecurity enhancements across industries ▶️ Why proactive defense in OT environments will be a key initiative in 2025 Visit Our Website Follow Us on LinkedIn

Hosts Vivek Ponnada and Sandeep Lota share their insights on and exploring topics such as: ✅ Emerging threats to ICS over the next 12-18 months ✅ Evolving strategies for integrating IT and OT cybersecurity ✅ The future role of AI in ICS cybersecurity ✅ Fostering collaboration between IT and OT teams Visit Our Website Follow Us on LinkedIn

Most cybersecurity threats begin in IT systems. But as the lines between IT and OT continue to blur, these same threats have more and more opportunities to move closer to critical control systems. Having both visibility and context into what assets are most at risk across your operational environments is crucial for maintaining the safety and availability of these systems. In this episode of the Security Sandbox, we'll cover the strategic use of cyber threat intelligence (CTI) to safeguard critical infrastructure and industrial environments. You'll learn about: Visit Our Website Follow Us on LinkedIn

Over the past decade, operational technology (OT) systems have become increasingly digitized and more vulnerable to cyber threats, making effective cyber risk management more crucial than ever. This session will explore the concept of cyber risk, defined as the potential for loss or harm to digital infrastructure, and how you can proactively apply the latest tools, trends and techniques to reduce cyber risk and enhance the resilience of your OT systems. We’ll cover: Visit Our Website Follow Us on LinkedIn

Traditionally, operational technology (OT) operators have shied away from active monitoring methods, driven largely by concerns over system disruption and OEM vendor validation expectations. However, the tide appears to be turning. Over the past few years, we’ve seen mindsets evolving from relying on a 100% passive approach to embracing more active monitoring methods to get deeper asset context, including configuration information, log files, user activity correlation, USB insertions, and even operational data from level 0 in a PLC. During this session, we'll delve into the advancements in OT-safe proactive monitoring and how you could apply some of these latest developments towards securing your critical infrastructure while ensuring operational continuity and compliance. Visit Our Website Follow Us on LinkedIn

Artificial intelligence (AI) is having a moment… a really long moment. It’s been evolving for decades, but now it’s everywhere all at once. AI-powered digital assistants like Siri and Alexa, as well as generative AI tools like ChatGPT, Gemini and Copilot, have put AI at everyone’s fingertips, including cybercriminals.In cybersecurity, the race is on to outsmart bad actors who are already using new forms of AI to find vulnerabilities faster and launch more effective attacks. During this session, we'll delve into what AI really is, its applications for cybersecurity, and how critical infrastructure and industrial organizations are using it to stay ahead of cyber threats. Visit Our Website Follow Us on LinkedIn

Incident response is something we hope you don’t have to deal with very often, but for those responsible for securing industrial and critical infrastructure, it’s a critical component of their cybersecurity strategy. In fact it’s key to ensuring that your business, systems and personnel are well prepared to act swiftly and efficiently when an incident does occur. Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and OT Cybersecurity Strategist Danielle Jablanski. Visit Our Website Follow Us on LinkedIn

Malware and ransomware are of course some of the biggest and most widely known threats that businesses face today. However, having a basic understanding of the bigger picture will enable you to prepare your business for a whole range of threats that you may come across, and secure your business further. Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Security Research Evangelist Roya Gordon. Visit Our Website Follow Us on LinkedIn

The rise of remote working, hybrid cloud environments and use of mobile and IoT devices has casued the security perimeter approach to become obsolete. It’s quickly being replaced by the zero trust model which denies access to all applications and data by default. Zero trust is less a technology than it is a security policy objective and design approach. Learn more from Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Gary Kinghorn, Senior Director of Product Marketing. Visit Our Website Follow Us on LinkedIn

Cyber risk management involves identifying all the OT and IoT assets on your operational network, assessing their vulnerabilities, and outlining risk management processes to close security gaps. Learn more with Nozomi Networks Cybersecurity and Privacy Director Bruce Snell, and Technical Sales Director Shan Zhou. Visit Our Website Follow Us on LinkedIn

Response time refers to the amount of time that takes place between when we perceive something to when we respond to it. It is the ability to detect, process, and respond to a situation. In this case, we look at what a typical day an Operational Technology (OT) responder must endure and why this role is crucial within critical infrastructure and industrial control networks. Visit Our Website Follow Us on LinkedIn

Find out how increased cyber risk, threat of downtime, legacy equipment and IoT proliferation are contributing to the resilience challenge. Visit Our Website Follow Us on LinkedIn

Learn how the Ukraine Russia conflict has enlivened nation sponsored and cyber terrorism events and what defines their motivation. Visit Our Website Follow Us on LinkedIn

Join our esteemed panel of experts who cover ways to advance cyber security strategies for critical infrastructure by monitoring and protecting your assets. Visit Our Website Follow Us on LinkedIn

Will the rapidly expanding use of IoT devices, advent of smart cities and creation of an uber-connected world hasten the demise of privacy? In such a world, just how important is privacy, data security and protecting our IoT infrastructure? Learn about the complex issues of privacy and privilege in this episode. Visit Our Website Follow Us on LinkedIn

Operational technology (OT) and Information Technology (IT) have traditionally been managed separately. With the emergence of Internet of Things (IoT) and the changing threat and risk landscape, industrial, manufacturing and critical infrastructure companies are bringing together their OT, IT and IoT networks to achieve a combined cyber and risk plan to prevent future cyberattacks. The incoming Critical Infrastructure Bill is aimed at driving action in this direction and organizations must start to prepare now to secure their IT as well their OT / IoT infrastructure. These combined capabilities not only achieve significant improvements in cybersecurity but bring remarkable improvements in the efficiency of managing and securing your diverse assets. In this episode, learn more about: Visit Our Website Follow Us on LinkedIn

Join us as we embark upon a journey to secure our digital cities, including foundational technologies as CCTV’s. CCTV’s are used in local government, utilities, transportation systems, healthcare… the list goes on. Visit Our Website Follow Us on LinkedIn

PrintNightmare and the Kaseya ransomware attack are two recent cyber incidents making waves in the news about the escalating threat environment. Nozomi Networks Labs security researcher Ivan Speziale shares his insights into what went wrong in these attacks, and what can be done to mitigate their impact. Visit Our Website Follow Us on LinkedIn

U.S. regulators are looking into how business operators maintain effective cybersecurity. The incoming Security of Critical Infrastructure legislative amendments will no doubt lead to an increased security compliance regime for any country. Companies everywhere should proactively develop a robust cybersecurity compliance program – not because of legislation but because it’s good security hygiene and practice. How can you prepare for that now? Join with us as we explore: Visit Our Website Follow Us on LinkedIn

IoT security camera provider Verkada was the target of a recent attack. Hackers gained access to the live video feeds of 150,000 surveillance cameras used by their customers. The attack showed the risks involved in leveraging IoT devices within business operations. In this short episode, find out what happened during the recent security breach, and what common practices can open the door to attacks like this. Visit Our Website Follow Us on LinkedIn