NCF-334 Security Engineering for Industrial Systems

Welcome back, everybody, to NewCyberFrontier. In today's episode, guest Andrew Ginter, Vice President of Industrial Security and Waterfall Security. Mr Ginter is also the author of a book titled, "Engineering Grade OT Security: A Managers Guide." He defines his book as sitting at the intersection of industrial systems and Engineering. These systems could range from inputs and outputs from computer systems such as power plants, Shoe factories, and high-speed passenger train rails. Mr. Ginter explains his book further by saying, "Small Shoe factories and High-speed train rail switches are very different on the Industrial system spectrum. What determines the difference is worst case consequences of compromise." What would be the worst outcome to a Shoe factory versus Passenger Train Rail switches if all commands to computer systems fail? Shoe factories might have to replace all the equipment and a couple million dollars worth of expenses that insurance could cover, but for the switches on a train, if all computer commands fail, this could result in massive casualties and two trains colliding, which insurance can not cover. These are two diverse examples of industrial systems that need to face different approaches to computer systems. Mr Ginter also explains in his book that Engineering Security is a public safety issue with no room for errors. "In recent years, we have been automating everything, which is not always the best option; we must have fail-safes in place with security and protection." We face many problems and cyber attacks in the engineering world that must be considered today. Thank you for watching NewCyberFrontier.