Nexus: A Claroty Podcast

Ric Derbyshire, a Principal Security Researcher at Orange Cyberdefense and an Honorary Researcher at Imperial College London, joins the Nexus Podcast to discuss how attackers are able to gain lateral movement across operational technology (OT) assets through a tactic known as Living Off the Plant.
Similar to Living-off-the-Land attacks, Living-Off-the-Plant TTPs leverage native functionality specific to OT, with a potential negative impact on physical assets and safety concerns. 
Subscribe and listen to the Nexus Podcast here.

Rapid7 Principal Security Research (IoT) lead Deral Heiland joins the Nexus Podcast to discuss work his team did on how attackers might weaponize cellular-based IoT. 
Rapid7 conducted three phases of this research, with the most recent digging into how attackers with access to these systems can abuse them to gain unauthorized access, potentially exfiltrate critical data, or pivot into backend network infrastructure. 
Subscribe and listen to the Nexus Podcast here. 
Read the Rapid7 research report.

Rob King, Director of Applied Research at RunZero, joins the Nexus Podcast to discuss the security risks and exposures introduced by digital transformation to operational technology environments. 
As many OT and cyber-physical systems assets are connected online, there could be signification exposures introduced to these internet-facing devices and systems. Rob also discusses the effectiveness of popular mitigations such as segmentation and other controls.  
Subscribe and listen to the Nexus Podcast here.

Samir Boussarhane, senior cybersecurity engineer at MITRE, joins the Nexus Podcast to discuss some new simulator plug-ins added to Caldera for OT. Caldera for OT is an open-source adversary emulation platform that automates security assessments for operational technology (OT) systems. 
Samir provides context on a new simulator called the Aloha Water Treatment plant, which emulates a water utility and serves as a training platform for students, engineers, and IT security teams alike. Caldera for OT now also supports protocols such as BACnet, Modbus, and includes an HVAC simulator.
Subscribe and listen to the Nexus Podcast here. 
Access the Aloha Water Treatment simulator.  
Medium article on the Aloha Water Treatment simulator.

Former Pfizer head of global automation engineering Jim LaBonty joins the Nexus Podcast to discuss an article he wrote for Nexus on the need to secure data centers during kinetic conflict. He also explains the interlock between data centers and manufacturing facilities, and why a cyberattack against a data center can be devastating to the uptime and reliability of factory floors. 
This interview was pulled from Episode 2 of Nexus Digest, a monthly recap of content published on Nexus. 
Subscribe and listen to the Nexus Podcast here.