Can We Lighten the Cybersecurity Load for Heavy Industries?
One of the biggest problems with the IT / OT convergence in critical infrastructure is that much of the legacy hardware cannot simply be patched to an acceptable compliance level. Recently, Sean Tufts, the practice director for Industrial Control Systems (ICS) and Internet of Things (IoT) security at Optiv, offered his perspectives on where the industry has been, where it is going, and some of the progress being made to secure critical infrastructure.
Phil Labas: Tell me a little bit about your journey into cybersecurity and how you became the ICS IOT practice manager at Optiv.
Sean Tufts: It started with an unsolicited email of all things. The thing we hate most, the thing we are not supposed to click, turned out to lead me to cybersecurity. At the time, I was working at General Electric, and they had just bought this cool company called Wurldtech, which was one of the Grandfathers of the Operational Technology (OT) space. They sent out a note that asked for people who wanted to learn cybersecurity. I thought it sounded amazing. I was installing SCADA systems and was on the networking side, but I had never been as involved as I would have liked. They put me into a training environment where we learned about risk, reward, and business models. That was my first entry into cybersecurity.
PL: What keeps you in the OT space? There’s lots of places to go, lots of little veins and little areas of focus. So what keeps you in ICS space?
ST: It’s real, it’s tangible, and I can touch it. I can look at a process and know how they made it. There’s some pride in what I do. This is not meant to disparage the rest of the security industry, but this area is my (Read more...)
*** This is a Security Bloggers Network syndicated blog from The State of Security authored by Phil Labas. Read the original post at: https://www.tripwire.com/state-of-security/ics-security/can-we-lighten-the-cybersecurity-load-for-heavy-industries/
