Water Sector Cyber Risk with Gus Serino

Gus Serino worked at a large water utility before joining Dragos in 2019. We're talking water sector so it's obligatory to start with Oldsmar (2:20), but we don't talk cyber. Instead we go through the physical portion of the water system assuming the attacker is able to issue the command to the pump to dump a lot of sodium hydroxide into the water system and what would likely happen. Importantly Gus identifies the simple, unhackable solution to this threat. A hard wired PH sensor that will shut off the pump regardless of the commands from the ICS. After Oldsmar Dale and Gus discuss: how small and medium water systems should approach cyber risk the greater challenge to large water systems the EPA's early steps on cybersecurity and future regulation - surprises in moving from a water utility to Dragos what Gus's new I&C Secure company is doing