Episode 19

full
Published on:

26th Apr 2023

Cyber security and Critical Infrastructure: Are We Prepared for the Worst?

In this episode of Razorwire, I had the pleasure of speaking with Phil Tonkin from Dragos about securing critical infrastructure. Phil and I delved into the definition of critical infrastructure, the fragility of supply chains and the importance of preparing for potential attacks. We also talked about the Colonial Pipeline incident and the inextricable link between IT and OT in critical infrastructure.

Phil tells us how we should be advancing the development of defensive capabilities and safeguard civilisation as well as how to overcome the many challenges of managing risks and compliance, the changing perception of IT and cyber security within organisations and how to deal with the increasing sophistication of cyber attacks.

Overall, it was a fascinating discussion that shed light on the critical importance of securing our infrastructure in the most suitable way given the challenges we are facing. I hope you enjoy listening to this episode of Razorwire as much as I enjoyed recording it.

"Don't just chase the newest and sexiest technology. Focus on actual risks and develop capabilities that can manage those risks." 

Phil Tonkin

Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listen


In this episode, we covered the following topics:

  • The evolution of critical infrastructure and how we can advance our defensive capabilities 
  • How the Colonial Pipeline incident changed the perception of critical infrastructure security, and how to prepare for future attacks
  • The decision-making processes of critical infrastructure companies during a cyber attack 
  • The factors that increase the likelihood of an attack, according to Dragos’ latest research
  • The reduction of surplus reserves and the need for governments to identify what to subsidise to increase resilience 
  • What are the key concerns Dragos are seeing from customers in critical infrastructure and what do these organisations need to be mindful of
  • The problems with securing an organisation simply to meet minimum compliance standards 
  • Cyber security budget limitations vs high expectations 



GUEST BIO

Phil Tonkin 

Phil is the Senior Director of Strategy at Dragos and has worked in the power industry for over 20 years. In the last five years, Phil has led the cyber security efforts for operational technology in the UK and US, with experience in securing systems in electricity and gas control centres, communication networks and operational sites. 


Resources Mentioned

Dragos Inc

Solarwinds Cyber Attack

Colonial Pipeline Attack


Other episodes you'll enjoy


Data Protection and Ethical Standards in Cyber Security

https://www.razorthorn.com/the-business-of-biometrics-data-protection-and-ethical-standards-in-cyber-security/


A Snapshot in Time: Why Penetration Testing Is Critical for Cyber Security

https://www.razorthorn.com/a-snapshot-in-time-why-penetration-testing-is-critical-for-cyber-security-razorwire-podcast/


Connect with your host James Rees


Hello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.

Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.

With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.

If you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.


Linkedin: Razorthorn Security

Youtube: Razorthorn Security

Twitter:   @RazorThornLTD

Website: www.razorthorn.com


Loved this episode? Leave us a review and rating here


All rights reserved. © Razorthorn Security LTD 2024



This podcast uses the following third-party services for analysis:

OP3 - https://op3.dev/privacy
Show artwork for Razorwire Cyber Security

About the Podcast

Razorwire Cyber Security
The Podcast For Cyber Security Professionals
Welcome to the Razorwire podcast where we share information, best practices and up to date news in cyber security and infosec.

Our mission is to help you become a better cyber security professional and support our vision of creating an agile community of cyber professionals who are stronger than ever before.

This show is first and foremost about sharing knowledge and benefiting from collaboration. We bring you the advice and wisdom of both your host, James Rees, and his guests to build on the strength and depth of your own knowledge and experience.

Your host James Rees is an information security veteran with over 25 years of industry experience and is the founder of Razorthorn Security, delivering expert security consultancy and testing services on a day to day basis to some of the largest and most influential organisations in the world, including many in the Fortune 500.

The Razorwire podcast is for cyber security professionals looking for new ideas and the drive to improve their response to cyber security events. Through collaboration, we can strengthen our defences.

For more information about us or if you have any questions you would like us to discuss on the podcast email podcast@razorthorn.com or head to www.razorthorn.com