Podcast
Nexus: A Claroty Podcast
Hosted by Claroty · EN
Nexus is a cybersecurity podcast hosted by Claroty Editorial Director Mike Mimoso. Nexus will feature discussions with cybersecurity leaders responsible for the security and protection of cyber-physical systems. Guests include cybersecurity researchers, executives, innovators, and influencers, discussing the topics affecting cybersecurity professionals in OT, IoT, and IoMT environments.
25episodes
Episodes
Newest firstAll episodes
Rob King on OT Asset Exposures, Mitigations
2w ago00:24:12Tap to summarizeRob King, Director of Applied Research at RunZero, joins the Nexus Podcast to discuss the security risks and exposures introduced by digital transformation to operational technology environments. As many OT and cyber-physical systems assets are connected online, there could be signification exposures introduced to these internet-facing devices and systems. Rob also discusses the effectiveness of popular mitigations such as segmentation and other controls. Subscribe and listen to the Nexus Podcast here.
Transcribe →Samir Boussarhane on New MITRE Caldera for OT Attack Simulators
3w ago00:23:23Tap to summarizeSamir Boussarhane, senior cybersecurity engineer at MITRE, joins the Nexus Podcast to discuss some new simulator plug-ins added to Caldera for OT. Caldera for OT is an open-source adversary emulation platform that automates security assessments for operational technology (OT) systems. Samir provides context on a new simulator called the Aloha Water Treatment plant, which emulates a water utility and serves as a training platform for students, engineers, and IT security teams alike. Caldera for OT now also supports protocols such as BACnet, Modbus, and includes an HVAC simulator.Subscribe and listen to the Nexus Podcast here. Access the Aloha Water Treatment simulator. Medium article on the Aloha Water Treatment simulator.
Transcribe →Jim Labonty on Data Center, Manufacturing Cybersecurity
3w ago00:24:24Tap to summarizeFormer Pfizer head of global automation engineering Jim LaBonty joins the Nexus Podcast to discuss an article he wrote for Nexus on the need to secure data centers during kinetic conflict. He also explains the interlock between data centers and manufacturing facilities, and why a cyberattack against a data center can be devastating to the uptime and reliability of factory floors. This interview was pulled from Episode 2 of Nexus Digest, a monthly recap of content published on Nexus. Subscribe and listen to the Nexus Podcast here.
Transcribe →Tiffany Wilson on the Security Crisis of Consumer Tech in Healthcare
4w ago00:25:42Tap to summarizeTiffany Wilson, the founder of Wilson Inclusive Solutions (WINS), a disability accessibility consulting firm, joins the Nexus Podcast to discuss the proliferation of consumer technology into healthcare infrastructure. This technology—smart speakers that help manage medications or cameras that monitor vulnerable individuals—often handles patient data and safety, and operates in a regulatory void. Wilson advocates for frameworks that manufacturers and distributors can use to protect patient information and safety, given that most of this assistive technology functions as healthcare infrastructure without existing oversight and protection given healthcare technology. Subscribe and listen to the Nexus Podcast here.
Transcribe →Joe Slowik on Exposed, Internet-Facing OT
Apr 1200:24:33Tap to summarizeJoe Slowik, Director of Cybersecurity Alerting Strategy at Dataminr, joins the Nexus Podcast to discuss the alarming trend of lesser-skilled hacktivist groups leveraging operational technlogy (OT) and cyber-physical systems (CPS) in attacks. Many of these exposed devices are easily scannable and accessible online, and attackers are hurdling low barriers to entry such as poor or missing authentication, or insecure, legacy protocols to access assets and either cause disruption or move further into the process or business networks. Often these attacks are carried out without exploits or malware. Subscribe and listen to the Nexus Podcast here. Download Team82's report: "Analyzing CPS Attack Trends"
Transcribe →Phil Englert on Medical Device Cybersecurity
Apr 500:25:46Tap to summarizePhil Englert, VP, Medical Device Security, Health-ISAC joins to discuss the cybersecurity risks introduced by legacy technology in healthcare and how it impacts patient care and safety. Phil also brings some context and insight into the U.S. Food and Drug Administration's (FDA) updated guidance on cybersecurity requirements for medical devices aimed at manufacturers and premarket product submissions. The guidance proposes stricter secure development processes, software component tracking, and more.Subscribe and listen to the Nexus Podcast here.
Transcribe →Raphael Arakelian on Operation Grim Beeper
Mar 2900:36:42Tap to summarizeRaphael Arkelian, the OT/IOT cybersecurity manager at Accenture, joins the Nexus Podcast to discuss his research into Operation Grim Beeper, the name given to a two-day attack in 2024 in the Middle East where explosives were introduced into pagers and walkie-talkies favored by Hezbollah. The explosions injured more than 1500 and killed dozens. Raphael’s research looks at several aspects of this attack and shares lessons and security gaps that can be applied across the OT and supply chain ecosystems. Subscribe and listen to the Nexus Podcast here.
Transcribe →Adm. Michael Rogers on his time as NSA Director
Mar 2400:26:57Tap to summarizeFormer NSA Director and Commander of U.S. Cyber Command Adm. Michael S. Rogers (Ret. USN) joins the Nexus Podcast. Rogers spoke in advance of an RSA Conference panel discussion today with the other living NSA directors, Keith Alexander, Paul Nakasone, and Tim Haugh, a rare time when the four can be in the same room. Rogers describes the principles that guided his time as director of these intelligence agencies, how the role changes as administrations change, and some of the core strategies that led to success. Subscribe and listen to the Nexus Podcast here.
Transcribe →Michael Pyle on Securing Internet-Facing OT and ICS Assets
Mar 2200:24:19Tap to summarizeMichael Pyle, Director of Product Cybersecurity at Schneider Electric, joins the Nexus Podcast to discuss Internet Exposure Prevention, a new SE approach to preventing illicit connections to operational technology and industrial control systems that are insecurely connected to the internet. Attackers are adept at enumerating exposed devices and leveraging OT and ICS to access process and corporate networks. Pyle explains that Internet Exposure Prevention drops inbound traffic that the asset did not initiate. Checks are made on the IP address initiating the connection and whether it's a routable source IP, and an allow/deny decision is made. Pyle explains the risk to exposed devices, and the need to shut down illicit connections. Subscribe and listen to the Nexus Podcast here.
Transcribe →Gus Serino on a Massachusetts Water Cybersecurity Collaborative
Mar 1500:26:39Tap to summarizeGus Serino, President of I&C Secure, joins the Nexus Podcast to discuss the formation and evolution of an ongoing water utility cybersecurity collaborative that leans on a collective defense model to share resources and threat intelligence among six water & wastewater companies in the commonwealth. Serino helped put together this coalition, and he explains how a feasibility study came together resulting in a shared grant that member utilities can use to improve their security programs. Gus talks about the origins of this collaborative and how other utilities can follow this model to improve cybersecurity in this struggling, resource-strapped critical infrastructure sector.Subscribe and listen to the Nexus Podcast here.
Transcribe →