Exploring the OT Landscape: Insights from Building Management with Kyle Peters
Listen now
Description
Kyle Peters is a recovering building automation and HVAC technician and programmer who was drawn to the dark side of cybersecurity and never looked back.  Today he is the senior consultant for OT Cybersecurity, focusing on building automation systems at Intelligent Buildings.  If you’d like to geek out on such things, reach out to Kyle via LinkedIn or email [email protected]. In this conversation, Kyle discusses the world of building management systems and the importance of cybersecurity in this field. He highlights the diversity of building systems and the interconnectedness of various components. The conversation emphasizes the need for a risk-based approach to security and the importance of policies and standards. Kyle also emphasizes the value of understanding the system and planning ahead to mitigate risks. The conversation concludes with a discussion on securing remote access and implementing segmentation. The conversation explores the lack of cybersecurity preparedness in organizations, the need to translate cybersecurity risks to business risks, the likelihood of attacks and targeting, the challenge of selling likely risks, exciting technological advances in cybersecurity, concerns about AI and rapid technological changes, and closing thoughts and a call to action.   Takeaways Building management systems encompass a wide range of components, including HVAC systems, fire alarms, and lighting. A risk-based approach to security is crucial in building management, considering the diverse systems and potential vulnerabilities. Policies and standards play a significant role in ensuring the security and reliability of building management systems. Simple solutions, such as proper cable management and backup plans, can greatly enhance the security and availability of building systems. Understanding the system and planning ahead are essential for effective risk mitigation in building management. Securing remote access and implementing segmentation are key measures to protect building management systems from cyber threats. Many organizations are not adequately prepared for cybersecurity threats, either due to limited budgets or lack of expertise. It is important to translate cybersecurity risks into business risks to help organizations understand the potential impact on their operations. Cyber attacks can come from various sources, including nation-state actors, but also from simple human errors or system failures. Selling the importance of cybersecurity can be challenging, as the most likely risks may not be as sensational as nation-state attacks. Exciting technological advances in cybersecurity are on the horizon, but they also bring concerns about the potential risks and implications of AI and rapid technological changes. — Connect with Kyle: LinkedIn: https://www.linkedin.com/in/kyle-peters-2a7173116/ Connect with Aaron Crow: Website: www.corvosec.com
More Episodes
In this episode, Aaron is joined by Paul Shaver, an experienced OT security consultant from Mandiant, part of Google Cloud. Together, they navigate the nuanced landscape of operational technology (OT) cybersecurity.   The episode begins with Aaron recalling a critical incident at a power plant...
Published 11/18/24
Published 11/18/24
In this episode, host Aaron Crow addresses the pressing issue of cybersecurity for small and medium-sized businesses. With their limited budgets and resources, these enterprises are often prime cyberattack targets. Aaron explains why these businesses are particularly vulnerable, the potentially...
Published 11/11/24