OwlTail

Cover image of Andy Bochman

Andy Bochman

3 Podcast Episodes

Latest 18 Jul 2021 | Updated Daily

Weekly hand curated podcast episodes for learning

Episode artwork

There is No ‘Take Down the Whole US Grid’ with Sarah Freeman and Andy Bochman

WE'RE IN!

Why you should listen:Hackers are targeting critical infrastructure and there’s an urgent need for smarter cybersecurity defenses to protect Operational Technology. The best practices to defend against attacks on utilities.Why there is no such thing as “taking down the whole US grid.”Five Key Quotes: “How can you secure what you don’t even know you have? If you don’t even know what you have down to some level of detail...you’re not going to be in a good position to defend it.”  - Andy Bochman “The most senior person with the word cyber in their title ideally is at least at the VP level.” - Andy Bochman “You have to not only understand how the attacker can gain access to your network but ultimately gain access to the accounts that are most valuable – where are those crown jewel accounts?” - Sarah Freeman“IT and OT needs to be merged …the problem is cyber is here to stay and everybody needs to take part in this security process.” - Sarah Freeman“The government is most interested in who conducted the attack... The fact that there are two parties here with differing interests is a core issue.” - Sarah FreemanRelated Links:Countering Cyber Sabotage: Introducing Consequence-Driven, Cyber-Informed Engineering (CCE) 1st Editionhttps://hbr.org/2018/05/internet-insecurityhttps://medium.com/cxo-magazine/the-missing-chief-security-officer-11979a54fbf9https://www.synack.com/LinkedIn: Andy BochmanSarah FreemanTwitter:@andybochman

42mins

14 Jul 2021

Episode artwork

CCE with Andy Bochman of INL

@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: Unsolicited Response Podcast (LS 29 · TOP 10% what is this?)Episode: CCE with Andy Bochman of INLPub date: 2018-07-18Andy Bochman with INL joins me to discuss their Consequence-Driven, Cyber-Informed Engineering methodology (CCE). It is appealing because it places emphasis on the often neglected consequence part of the risk equation. I think you'll hear me struggling to make sense of some of the concepts in the CCE and questioning a number of the underlying precepts and value of stages of the methodology. One of the reasons is there is limited info out on what CCE is, and this podcast should clarify CCE to some degree. This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation. Check out the CyberX Global ICS and IIoT Risk Report and my podcast from last year on the report with Phil Neray. The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

1hr 7mins

17 Mar 2019

Similar People

Episode artwork

CCE with Andy Bochman of INL

Unsolicited Response Podcast

Andy Bochman with INL joins me to discuss their Consequence-Driven, Cyber-Informed Engineering methodology (CCE). It is appealing because it places emphasis on the often neglected consequence part of the risk equation. I think you'll hear me struggling to make sense of some of the concepts in the CCE and questioning a number of the underlying precepts and value of stages of the methodology. One of the reasons is there is limited info out on what CCE is, and this podcast should clarify CCE to some degree. This episode was sponsored by CyberX. Founded by military cyber experts with nation-state expertise defending critical infrastructure, CyberX has developed an end-to-end platform for continuous ICS threat monitoring and risk mitigation. Check out the CyberX Global ICS and IIoT Risk Report and my podcast from last year on the report with Phil Neray.

1hr 7mins

18 Jul 2018