Blog
May 1, 2024

The Cutting Edge of OT Cyber Defense

We talk to OT cybersecurity expert Ric Derbyshire about his research and work in cutting-edge technology for OT cyber defense.

Posted by
Exalens
Posted by
Share Article
Posted in
First Published

This post is an external link. Please follow this link:

Exalens Podcast Episode 7

Exploring the Current State and Future of OT Cybersecurity

In this episode, Ryan Heartfield and Andrew MacFarlane delve into the world of OT cybersecurity with Dr. Ric Derbyshire, a Senior Security Researcher at Orange Cyberdefense. In the conversation highlight the intricate dance between safeguarding operational technology and advancing cyber-defense mechanisms.

Key Highlights from the Podcast

Dr. Derbyshire shares his extensive background, transitioning from an entrepreneurial start in cybersecurity to a more academic and research-focused approach. His journey reveals a rich variety of experiences from creating a penetration testing service to his deep dive into PhD research at Lancaster University, where he concentrated on quantitative risk assessment and the economical costs of cyber-attacks.

A pivotal part of the discussion revolves around Dr. Derbyshire's pioneering work in what he terms "cyber-physical cyber extortion". This concept redefines traditional notions of ransomware, illustrating how adversaries might manipulate industrial control systems beyond mere data encryption, aiming at tangible disruptions to physical operations.

The podcast also explores the evolution of OT cybersecurity, and the potential of living off the land techniques — exploiting built-in functionalities of systems for malicious outcomes. This approach, Dr. Derbyshire argues, can be more efficient and less detectable than traditional exploits, urging a shift in the focus of cybersecurity efforts from vulnerability patching to understanding and manipulating operational functionalities.

Final Thoughts

This episode serves as a critical reminder of the nuanced challenges at the intersection of cybersecurity and operational technology. As industries continue to integrate more deeply with digital technologies, the strategies discussed by Dr. Derbyshire highlight the urgent need for robust, dynamic security measures that go beyond conventional practices.

The insights provided by Dr. Derbyshire underscore the importance of developing cybersecurity strategies that are as sophisticated and evolved as the technologies they aim to protect. For businesses, as the threat levels continue to rise, it is vital to not only stay informed about current security practices but take steps towards building a more robust and resilient operations to tackle any ensuing challenges.

If you want to try out our Unified Industry 4.0 Monitoring and Security platform, then check out more at exalens.com or contact us for a demo.