Nexus: A Claroty Podcast

Raphael Arkelian, the OT/IOT cybersecurity manager at Accenture, joins the Nexus Podcast to discuss his research into Operation Grim Beeper, the name given to a two-day attack in 2024 in the Middle East where explosives were introduced into pagers and walkie-talkies favored by Hezbollah. The explosions injured more than 1500 and killed dozens. Raphael’s research looks at several aspects of this attack and shares lessons and security gaps that can be applied across the OT and supply chain ecosystems. 
Subscribe and listen to the Nexus Podcast here.

Former NSA Director and Commander of U.S. Cyber Command Adm. Michael S. Rogers (Ret. USN) joins the Nexus Podcast. Rogers spoke in advance of an RSA Conference panel discussion today with the other living NSA directors, Keith Alexander, Paul Nakasone, and Tim Haugh, a rare time when the four can be in the same room. 
Rogers describes the principles that guided his time as director of these intelligence agencies, how the role changes as administrations change, and some of the core strategies that led to success. 
Subscribe and listen to the Nexus Podcast here.

Michael Pyle, Director of Product Cybersecurity at Schneider Electric, joins the Nexus Podcast to discuss Internet Exposure Prevention, a new SE approach to preventing illicit connections to operational technology and industrial control systems that are insecurely connected to the internet. 
Attackers are adept at enumerating exposed devices and leveraging OT and ICS to access process and corporate networks. Pyle explains that Internet Exposure Prevention drops inbound traffic that the asset did not initiate. Checks are made on the IP address initiating the connection and whether it's a routable source IP, and an allow/deny decision is made. 
Pyle explains the risk to exposed devices, and the need to shut down illicit connections. 
Subscribe and listen to the Nexus Podcast here.

Gus Serino, President of I&C Secure, joins the Nexus Podcast to discuss the formation and evolution of an ongoing water utility cybersecurity collaborative that leans on a collective defense model to share resources and threat intelligence among six water & wastewater companies in the commonwealth. 
Serino helped put together this coalition, and he explains how a feasibility study came together resulting in a shared grant that member utilities can use to improve their security programs. Gus talks about the origins of this collaborative and how other utilities can follow this model to improve cybersecurity in this struggling, resource-strapped critical infrastructure sector.
Subscribe and listen to the Nexus Podcast here.

Industrial cybersecurity expert Dan Ricci, the founder and maintainer of the ICS Advisory Project, joins the Nexus Podcast to discuss the evolution of the industry's premier ICS and OT security advisory repository as it turns 4 years old. 
Dan talks about the impact of the project on OT security teams, the dashboards he's created to better parse the volume of data on the site, and unique use cases that asset owners and operators have for this critical information. 
Subscribe and listen to the Nexus Podcast here.