Manage episode 373823818 series 2525086
Gus Serino worked at a large water utility before joining Dragos in 2019. We're talking water sector so it's obligatory to start with Oldsmar (2:20), but we don't talk cyber. Instead we go through the physical portion of the water system assuming the attacker is able to issue the command to the pump to dump a lot of sodium hydroxide into the water system and what would likely happen. Importantly Gus identifies the simple, unhackable solution to this threat. A hard wired PH sensor that will shut off the pump regardless of the commands from the ICS.
After Oldsmar Dale and Gus discuss:
- how small and medium water systems should approach cyber risk
- the greater challenge to large water systems
- the EPA's early steps on cybersecurity and future regulation - surprises in moving from a water utility to Dragos
- what Gus's new I&C Secure company is doing