Industrial Talk: OT Security vs IT and Passive Discovery vs Active Scanning


Industrial Talk chats with Huxley Barbee, Security Evangelist at runZero about “OT Security vs IT Security and Passive Discovery vs Active Scanning.” The following is a summary of the conversation:

Cybersecurity and OT with Huxley from runZero. (0:00)

  • Palo Alto Networks provides comprehensive security solutions for all assets, networks, and remote operations.
  • Huxley Barbee, security evangelist at runZero, discusses cybersecurity and the importance of staying connected and safe in the digital world.
  • Industrial Talk is a platform dedicated to amplifying voices and solving problems through various mediums, including podcasts, videos, and webcasts.

Cybersecurity in IoT, OT, and ICS environments. (4:36)

  • Security evangelist at Ron zero discusses chasm solution for cyber asset attack surface management.
  • Huxley highlights the importance of security in IoT and OT environments, emphasizing that it’s often an afterthought. -Scott MacKenzie agrees, noting that security should be a priority from the beginning of a project, rather than an add-on later on.

Industrial control systems security. (9:13)

  • Scott MacKenzie and Huxley discuss the importance of aligning security and operations in an organization, with Huxley highlighting the need for more conversations to understand the importance of including security in planning and decision-making.
  • Huxley notes that operational teams may prioritize mechanical problems over security updates, but this can lead to negative consequences, such as security breaches or outages, which can affect the way devices operate.
  • Huxley emphasizes the importance of knowing what assets are present in an OT or ICS environment for proper security controls.

Cybersecurity risks in industrial control systems. (14:04)

  • Huxley emphasizes the importance of selecting security controls commensurate with the value of assets.
  • Huxley highlights the irony of introducing security measures to avoid outages, only to inadvertently cause them.
  • Vendors and devices create variety and complexity in IoT security.

Active scanning techniques for IoT devices. (20:02)

  • Huxley explains how active scanning techniques can cause real-world problems, such as network outages, due to the way they are implemented.
  • Huxley highlights the bias against active scanning that has developed as a result of poor deployments in the past.
  • Huxley argues that active scanning can be safe for OT and ICS environments with proper development.

Active scanning vs passive device discovery in cybersecurity. (24:19)

  • Active scanning involves customizing security measures based on specific devices, while passive discovery tends to be more costly and effortful.
  • Huxley discusses the challenges of passive discovery in network traffic analysis, including the need for multiple collectors and the difficulty of deploying collectors in the right locations.
  • Huxley also highlights the advantages of active scanning over passive discovery, including the ability to be targeted and thorough in gathering information.

OT security challenges and ransomware attacks. (28:58)

  • Organizations prioritize availability over security in OT environments, leading to potential exposure to penetration.
  • Huxley predicts decrease in cyber attacks due to increased payoffs.
  • Huxley believes there are more adversaries lurking in OT environments than known breaches, with a ratio of 50x on the OT side compared to 5x on the IT side.
  • Huxley thinks nation-state actors are waiting for political and military situations to make their moves, while financially driven actors are waiting for the right opportunity to strike.

Security programs and protocols for OTC organizations. (35:48)

  • Scott MacKenzie and Huxley discuss the importance of security programs in organizations, with Huxley mentioning the need for a security program at every organization with an OTC.
  • Huxley will be at the ICS village conference, showcasing runZero’s solutions for detecting protocols and devices in a mock network environment.

Cybersecurity and industry connections. (39:45)

  • Huxley shares his expertise on cybersecurity and asset protection in the industrial sector.

Meet Our Speakers

Huxley Barbee

Former Security Evangelist

Subscribe Now

Get the latest news and expert insights delivered in your inbox.

Welcome to the club! Your subscription to our newsletter is successful.

Related Resources

LimaCharlie: Defender Fridays - Decay of Network Segmentation with HD Moore
HD Moore, Founder and CEO at runZero, joined Defender Fridays to discuss the decay of network segmentation.
Risky Biz Interview: Keeping Up With CISA's KEV List
Rob King talks about keeping up with the stream of vulnerabilities in the KEV list and OT devices and runZero’s research into the SSH protocol.
Hacker History: The history of HD Moore
HD Moore joins Hacker History podcast for a fireside chat about his fascinating history in the security community.
GreyNoise Intelligence Storm Watch Podcast: One Year Anniversary Celebration with HD Moore
runZero's CEO and Co-Founder, HD Moore, joins the crew at GreyNoise Intelligence to celebrate the one year anniversary of the Storm Watch podcast.

See Results in Minutes

Get complete visibility into IT, OT, & IoT — without agents, credentials, or hardware.

© Copyright 2024 runZero, Inc. All Rights Reserved