Navigating Cybersecurity Challenges: AI, Tabletop Exercises, and Operational Technology

PrOTect It All - A podcast by Aaron Crow - Mondays

In this episode, host Aaron Crow is joined by Clint Bodungen, Director of Cybersecurity Innovation at Morgan Franklin Cyber and founder of Threatgen, alongside Michael Welch, Managing Director at Morgan Franklin Cyber. Together, they delve into the ever-evolving world of cybersecurity in honor of Cybersecurity Awareness Month. Aaron kicks things off by discussing the importance of iterative processes and tabletop exercises in enhancing decision-making and preparedness. The conversation then shifts to the exciting yet complex role of AI in cybersecurity, particularly in operational technology (OT) and critical infrastructure. The experts emphasize the potential of generative AI for data analysis while underscoring the need for human oversight to avoid biases and misinformation. Clint introduces an “engineering informed cyber” approach to better integrate OT and IT in managing cybersecurity risks, while Aaron stresses the importance of collaboration between cybersecurity professionals and engineers. The episode also tackles balancing convenience and security, the intricacies of password management, and the critical role of communication and trust. Listeners will gain valuable insights into AI’s role in enhancing security operations, the consequences of system failures, and the debate between compliance and true security. This episode offers expert opinions, real-world examples, and practical advice for navigating today’s cybersecurity challenges. Join us for a comprehensive discussion on protecting our digital world.   Key Moments:    04:20 Generative AI aids efficient GRC and cybersecurity management. 08:40 AI lacks context for verifying asset information. 11:38 Generative AI creating and automating malware tools. 15:58 Building data centers using decommissioned power plants. 17:14 Regulation growing in infrastructure for compliance security. 22:09 Compliance is binary; partial compliance isn't sufficient. 24:33 Prioritize "engineering informed cyber" for OT resilience. 28:14 Collaboration between IT and OT is essential. 33:54 Frustration with excessive video game security measures. 34:49 Cybersecurity fails due to over-engineering complexity. 40:49 Make security easy with password managers, authenticators. 42:31 AI improves tabletop exercises for comprehensive insights. 45:31 Generative AI augments human capabilities and creativity. 48:08 Automated injects streamline engagement and business continuity. 53:46 Executives misunderstand risk, leading to false security. 54:29 Strong IT security, but vulnerable weak points. About the Guests :    Clint Bodungen:    Clint Bodungen is a globally recognized cybersecurity professional and thought leader with 30 years of experience (focusing primarily on industrial cybersecurity, red teaming, and risk assessment). He is the author of two best-selling books, "Hacking Exposed: Industrial Control Systems" and “ChatGPT for Cybersecurity...