ThreatConnect Podcast

ThreatConnect Podcast Ep. 21: Mitigating Cyber Risk in Critical Infrastructures

The recent surge in cyberattacks targeting critical infrastructure companies demonstrates the urgent need for critical infrastructure owners and operators to adopt a risk-led cybersecurity program. It is becoming clearer by the day that these major firms are not having the proper risk conversations between their cybersecurity experts and the business executives.

This special presentation of the ThreatConnect Podcast explores the cyber risk management issues facing our nation’s critical infrastructures with three world-class experts.

  • Bob Kolasky, Director of the National Risk Management Center, which is part of the Cybersecurity and Infrastructure Protection Agency at the Department of Homeland Security.
  • Tim Grieveson, Chief Information Security Officer (CISO) at AVEVA, an industrial software development company.
  • Joe Weiss, an international authority on control system cybersecurity, and Managing Partner at Applied Control Solutions.

There are 16 critical infrastructure sectors whose assets, systems, and networks, whether physical or virtual, are considered so vital to the United States that their incapacitation or destruction would have a debilitating effect on security, national economic security, national public health or safety, or any combination thereof.

Working with government and industry partners, CISA’s National Risk Management Center is adding analytic rigor to the ability for organizations to quantify cyber risk impact for cybersecurity measures they have in place in order to develop actionable metrics and use this information to reduce shared risk to the Nation’s security and economic security. The Care Lab at Temple University has documented nearly 1,000 “reported” critical infrastructure ransomware attacks since 2013.

critical infrastructure cybersecurity, mitigating cyber risk

critical infrastructure cybersecurity