Securing Digitalization

The last podcast episode of this season focuses on the cybersecurity component of Siemens Xcelerator. The many advantages of an increasingly connected world are undeniable, but cyberattacks have become a serious threat to businesses everywhere. That's why effective cybersecurity is paramount and Siemens Xcelerator offers a broad range of cybersecurity solutions. Join us to explore how expert knowledge, state-of-the-art technology and valuable partnerships help Siemens Xcelerator offer unbeatable protection. Our experts, Oliver Narr and Klaus Lukas, also explain how Siemens Xcelerator makes it easy to establish new business models and deploy innovative technologies like the virtual PLC.

Artificial intelligence (AI) is changing the game for cybersecurity professionals. On one hand, cybercriminals are using AI to create new ways of cyber threats and gain access to sensitive information. On the other hand, AI can be used for defense to predict and prevent cyberattacks before they happen. In this podcast, we explore the complex relationship between AI and cybersecurity and the opportunities and risks associated with it. Dr. Andreas Kind, Vice President for Cybersecurity & Trust at Siemens AG, and Andreas Kleinschmidt discuss the vulnerabilities and risks associated with AI being used for attacks, including the prompt injection of manipulated data and the insecure handling of information. But they also examine the opportunities for defenders, such as penetration testing and using AI for defense and to prevent cyberattacks.Plus, you get to know one similarity between soccer and cybersecurityTune in and discover the head-to-head race between good and bad guys and how AI is influencing the digital transformation of the cybersecurity industry.

What do you need when your healthcare company is threatened by a major cyber attack? According to our latest podcast guest, Carlos Arglebe, Corporate Cybersecurity Officer at Siemens Healthineers, it's primarily two things. First, a holistic approach to cybersecurity that keeps their systems secure and safeguards people's lives. Therefore, Carlos shares his experiences in managing cybersecurity during two significant hacking incidents, WannaCry and Log4J.But, beyond expertise and technology, there's another crucial element. Carlos emphasizes the importance of people and connectivity within this context and tells about his role as a mediator, communicator, and psychologist in cybersecurity. He'll provide insights into how he assists colleagues in dealing with cyber threats and how Siemens Healthineers trains its employees to remain vigilant against attacks. Tune in and find out how Siemens Healthineers is staying ahead of the curve to keep systems and people safe.

Welcome to the first episode of our new podcast series, where we delve into the cybersecurity landscape of the future. Join us as we explore the "Crystal Ball" with Natalia Oropeza and Saman Farsian, two visionaries who provide a glimpse into a future that may not be as grim as some might envision.In this episode, we will unravel the potential of digitalization and cutting-edge technologies like artificial intelligence (AI). We will also address how we are tackling the shortage of cybersecurity experts and offer a fresh perspective on how we can effectively defend against cyber threats.Get ready for a journey into the future of cybersecurity, where optimism and innovation converge. Stay tuned!

December 9, 2021, is a day that is etched into Natalia Oropeza’s memory. It all started with some initial reports of a dangerous security vulnerability known as Log4j. The following days were shaped by a race against hackers who were determined to exploit this vulnerability that particularly affected OT and critical infrastructure around the world. The Siemens’ Chief Cybersecurity Officer explains in our podcast series “Securing Digitalization” just how a Siemens task force was able to avert a disaster. Even though the team won the race, Oropeza still sees room for improvement. For instance, she says cybersecurity should be integrated into all links in supply chains – work that Siemens is actively doing as part of the Charter of Trust. Nonetheless, she thinks that Siemens is well positioned: Cybersecurity is an integral part of the new Siemens Xcelerator platform and will be built into many Siemens products.

The threat of cyberattacks is growing – and many companies are ill-prepared to address the cyberrisks they face. “The number of cyberattacks is constantly increasing,” warns Michael Metzler (VP Horizontal Management Cybersecurity). The topic of IT and OT convergence is another major challenge that our customers must overcome. Siemens is a leader in cybersecurity products and services and can provide the expertise that customers need. In our podcast series, Michael Metzler describes how the Horizontal Team draws on Digital Industries’ portfolio to create a secure overall solution for customers.In an interview with Andreas Kleinschmidt, the expert explains what customers can expect from Siemens DI in terms of cybersecurity.

It was a time filled with drama: Just before Christmas 2021, a security vulnerability called Log4j kept cybersecurity experts on tenterhooks around the world. Including those at Siemens. Stefan Ludwig, the Chief Cybersecurity Officer at Siemens Financial Services, was in the middle of the action. In our podcast series, Ludwig explains how his team overcame the threat. In the conversation with moderator Andreas Kleinschmidt, he also talks about the cybersecurity challenges that the financial industry in particular faces and about the security measures that will play a key role in the future.

Cryptographically relevant quantum computers are still a pipe dream. But security experts can already assure us that once these super computers are up and running, they’ll be able to effortlessly slip past today’s encryption mechanisms. But there’s no need to worry just yet, say Hans Aschauer and Fabrizio De Santis in the latest installment of our cybersecurity podcast. The cryptography experts from Siemens’ corporate research organization are working on encryption systems that even quantum computers will be unable to crack. They are also supporting the development of practical standards and methods to deploy quantum-safe encryption to Siemens products during this post-quantum era. And they’re working as quickly as possible to ensure that today’s data will remain secure tomorrow.

Just who wants to have a hacker seize control of a train racing down the tracks? No one – except maybe the hacker and his shady comrades in crime. Digitalization can make such nightmare scenarios possible. Just like other technical innovations, digitalization involves risks. When it comes to rail operations – a part of our critical infrastructure – steps must be taken to prevent such incidents.Is train travel safe? Yes, says Helen Negre, an expert for cybersecurity in the rail industry at Siemens in the United States. Manufacturers like Siemens and strict standards ensure that passengers can travel worry-free. In the podcast, Negre joins Marta Garcia of the European rail industry association UNIFE and discusses about another issue that is close to her heart: How can women gain respect in the male-dominated rail industry, and how can teams become more diverse?

A house that threatens its occupants – that’s simply the stuff of horror movies, Alina Matyukhina says. But: You better watch out. Hackers could seize control by slipping into the control systems of the increasingly complex and networked building technology. The cybersecurity expert at Siemens Smart Infrastructure works to ensure that such attacks never happen. In an interview with moderator Andreas Kleinschmidt, Matyukhina discusses in the first installment of our podcast series called Securing Digitalization ways that buildings can be made secure for decades and the Siemens products that can be used to fend off hackers.

Today, all supply chains have a digital and that means, a cybersecurity component. Software solutions especially are made up of a variety of proprietary and open-source components and have to be secured against cyberattacks. That’s why it’s not just important that all companies involved stay vigilant and implement approbate security measures: they also all need to cooperate closely with each other, as any chain, as we know, is only as strong as its weakest link – as Natalia Oropeza, Mirko Ross and our episode’ guest and Supply Chain expert Rafi Yahalom from Massachusetts Institute of Technology (MIT) know.

Who’d wish for a hacker having a train’s controls at their fingertips? Nobody – except for that hacker and other like-minded bad actors. What makes such a nightmare scenario possible is, of course, digitalization. As it transforms our lives, it is also a key part of today´s railways, and it makes it safer, more efficient, and convenient for both passengers and train operators. At the same time, digital systems expose railways to cybersecurity risks, so we need to take care that they are minimized as much as possible. Not an easy task: They are as versatile and dynamic as the whole digital world we live in. But luckily, that hacker up to no good has a counterpart, a team of cybersecurity experts that are attuned to this challenge – and meet it every day.

Intellectual Property (IP) is among a company’s most valuable assets. And since it’s so valuable, many people are unsurprisingly after it – be it by stealing valuable data and/or infringing upon patent rights. So industry has a good reason to be concerned about and be obsessed with protecting IP – in court as well as with a solid cyber defense.

Cybersecurity teams cannot be cut from one cloth alone. They need to bring different experiences, talents, perspectives, mindsets and resumes to the table, because only from a diversity of ideas and proposals can they create solutions that can cope with the threat landscape we face. But what does that mean in detail? Siemens CCSO Natalia Oropeza, Mirko Ross and Tyler Cohen Wood, internationally recognized Cybersecurity Expert from the US, have the answer.

We currently have a patchwork of regulations and standards. And this variety doesn’t help. In order to promote cybersecurity regionally and globally, it´s paramount to establish compatible international cybersecurity regulation and common standards. Without such a guiding framework, cybersecurity cannot be effective – and that, in turn, increases cyber risks. But not to worry – help is on the way. Siemens CCSO Natalia Oropeza and Cybersecurity expert Mirko Ross show how – together with Evangelos Ouzounis, head of Policy Development and Implementation Unit at the European Union Agency for Cybersecurity (ENISA).

Cybercriminals want your money – and their favorite weapon of choice are ransomware attacks. It’s a multi-billion-dollar business, going after industry, municipalities, service providers – and among the latter hospitals and healthcare providers, which have been targeted even during the pandemic. As repulsive as these actions are, there is no need for you to become a victim, too. In this podcast, Natalia Oropeza, Siemens’ Chief Cybersecurity Officer, and cybersecurity expert Mirko Ross, talk about the most common patterns of these attacks – e.g., they mostly take place on the weekend or during the holidays. And with the help of guest expert Steffen Stang, responsible for products at Siemens Digital Industries, they give sound advice on how to protect yourself and your company.

It sounds like a dystopian sci-fi flick: An army of bots attacks you and leaves you utterly paralyzed, or, possibly just as worse, uses you to attack someone else. That’s what botnet attacks do: They hijack millions of IoT-devices such as routers, computers, smartphones and launch malicious attacks – on whatever their dark master tells them to do. In this podcast, Natalia Oropeza, Siemens’ Chief Cybersecurity Officer, and cybersecurity expert Mirko Ross, talk about these nasty armies. And with the help of guest expert William Dixon, responsible for Cybersecurity at the World Economic Forum, they lay out various ways of how to combat this threat.

You’ve got mail! Someone sends you a message and poses as a friend or colleague and otherwise appears to know quite a bit about you – and encourages you to engage in a conversation, click on a link or open a document. Well: Don´t! Most cyberattacks start with email and social engineering attacks are the most insidious among these mail attacks. To tell you about how to defend your company against this threat and what to do if someone breached your network, here are Natalia Oropeza, Siemens’ Chief Cybersecurity Officer, and cybersecurity expert Mirko Ross, talking about various aspects of social engineering attacks. Hans Wallinger, Chief Technologist for Cyber Defense at Siemens, also chimes in give insights into Siemens’ approach towards cybersecurity.

You sure don´t want this to happen, yet, it can – at least in theory: cybercriminals getting access to your factory and shutting it down. So to avoid a catastrophe, it may help to brush up one’s cybersecurity credentials. Here are Natalia Oropeza, Siemens’ Chief Cybersecurity Officer, and cybersecurity expert Mirko Ross discussing various measures such as ‘Defense in depth’ or the role of AI for industrial cybersecurity. And as knowledgeable as these two are, they may not know everything. That’s why it’s fortunate that Klaus Lukas from Siemens’ ProductCert (Product Computer Emergency Response Team), is at hand to talk about the role the global community of cybersecurity researchers has for industry.

No, no, despite our clear views on the matter, it’s still not over. The pandemic is alive and well, and we all have to deal it. In this – our premier – episode of the Siemens Cybersecurity Podcast, Siemens’ Chief Cybersecurity Officer Natalia Oropeza and Cybersecurity expert Mirko Ross discuss what work is like during Corona, how Siemens has handled an increased number of attacks during Covid-19, the challenges of complexity, and other Cybersecurity lessons learned during this time. Last but not least, as a special guest we have Christian Dameff, Medical Director of Cybersecurity at the University of California San Diego, who informs us on the intersection of Cybersecurity and patient safety.