Go offline with the Player FM app!
Dan Gunter: How Our Growing Ability To Process Data Affects Cybersecurity
Manage episode 358118417 series 3431187
About Dan Gunter: Dan Gunter is an accomplished cybersecurity professional with a wealth of experience in the field. As the founder and CEO of Insane Forensics, he is committed to providing digital forensics and threat-hunting services to help organizations protect themselves from cyber threats. Dan's expertise was honed through years of service in the United States Air Force, including as an officer in the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams. He also served as Director of Research and Development for Dragos Inc, where he oversaw detection engineering and reverse engineering efforts to protect critical infrastructure sites. Dan is a highly-regarded speaker and has presented at numerous events, including Blackhat, Schmoocon, S4, and CS3STHLM, where he has shared his knowledge on incident response, threat hunting, consequence analysis, and security operations.
In this episode, Aaron and Dan Gunter discuss:
- The differences and challenges of incident response in IT vs OT environments, particularly in protecting critical infrastructure in OT systems
- What a typical engagement looks like in an industrial environment for proactive and reactive security services
- How asset owners of SMBs can secure their assets when they don't have an OT group, and what resources are available to help them
- How different factors impact the response and success of a security incident in OT environments compared to IT environments
Key Takeaways:
- OT and IT systems are often built with similar hardware and software, but on the OT side, the consequences of a system going down can be much more severe, so it's important to understand both the technical level and how humans interact with it, to protect and help asset owners and preserve life and safety.
- Industrial sites can work with security consultants to prevent problems by taking proactive measures like threat assessments, network monitoring, and incident response retainers, but it's important to understand the environment and build trust to develop effective strategies.
- To keep your business safe from cyber threats, consult with equipment manufacturers and follow their security guidelines, implement network monitoring and testing, and take proactive and reactive measures without overthinking.
- Adapting IT and OT procedures to your organization's assets and requirements is crucial due to the significant variation across industries and sites, and a lack of accurate data sources and asset inventory can cause issues.
"Our ability to consume, to process, to push technology forward continues to grow. Whether you look at smart city stuff, both for security and also for power management and others, or you look at other systems like 5g and other things, we're able to move data around a lot easier. This combination of us being able to get more data but also process the data, I think it's going to have huge implications on the security side." — Dan Gunter
Connect with Dan Gunter:
Website: https://insaneforensics.com/
YouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPA
LinkedIn: https://www.linkedin.com/in/dan-gunter/ and https://www.linkedin.com/in/dan-gunter/
Twitter: https://twitter.com/insaneforensics
Cost of a Data Breach 2022 Report: https://www.ibm.com/reports/data-breach
Connect with Aaron:
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about Industrial Defender:
Website: https://www.industrialdefender.com/podcast
LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/
Twitter: https://twitter.com/iDefend_ICS
YouTube: https://www.youtube.com/@industrialdefender7120
Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
47 episodes
Manage episode 358118417 series 3431187
About Dan Gunter: Dan Gunter is an accomplished cybersecurity professional with a wealth of experience in the field. As the founder and CEO of Insane Forensics, he is committed to providing digital forensics and threat-hunting services to help organizations protect themselves from cyber threats. Dan's expertise was honed through years of service in the United States Air Force, including as an officer in the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams. He also served as Director of Research and Development for Dragos Inc, where he oversaw detection engineering and reverse engineering efforts to protect critical infrastructure sites. Dan is a highly-regarded speaker and has presented at numerous events, including Blackhat, Schmoocon, S4, and CS3STHLM, where he has shared his knowledge on incident response, threat hunting, consequence analysis, and security operations.
In this episode, Aaron and Dan Gunter discuss:
- The differences and challenges of incident response in IT vs OT environments, particularly in protecting critical infrastructure in OT systems
- What a typical engagement looks like in an industrial environment for proactive and reactive security services
- How asset owners of SMBs can secure their assets when they don't have an OT group, and what resources are available to help them
- How different factors impact the response and success of a security incident in OT environments compared to IT environments
Key Takeaways:
- OT and IT systems are often built with similar hardware and software, but on the OT side, the consequences of a system going down can be much more severe, so it's important to understand both the technical level and how humans interact with it, to protect and help asset owners and preserve life and safety.
- Industrial sites can work with security consultants to prevent problems by taking proactive measures like threat assessments, network monitoring, and incident response retainers, but it's important to understand the environment and build trust to develop effective strategies.
- To keep your business safe from cyber threats, consult with equipment manufacturers and follow their security guidelines, implement network monitoring and testing, and take proactive and reactive measures without overthinking.
- Adapting IT and OT procedures to your organization's assets and requirements is crucial due to the significant variation across industries and sites, and a lack of accurate data sources and asset inventory can cause issues.
"Our ability to consume, to process, to push technology forward continues to grow. Whether you look at smart city stuff, both for security and also for power management and others, or you look at other systems like 5g and other things, we're able to move data around a lot easier. This combination of us being able to get more data but also process the data, I think it's going to have huge implications on the security side." — Dan Gunter
Connect with Dan Gunter:
Website: https://insaneforensics.com/
YouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPA
LinkedIn: https://www.linkedin.com/in/dan-gunter/ and https://www.linkedin.com/in/dan-gunter/
Twitter: https://twitter.com/insaneforensics
Cost of a Data Breach 2022 Report: https://www.ibm.com/reports/data-breach
Connect with Aaron:
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about Industrial Defender:
Website: https://www.industrialdefender.com/podcast
LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/
Twitter: https://twitter.com/iDefend_ICS
YouTube: https://www.youtube.com/@industrialdefender7120
Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.
47 episodes
All episodes
×Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.