Episode 203: Don’t Hack The Water and Black Girls Hack Founder Tennisha Martin
The Security Ledger Podcasts - Un pódcast de The Security Ledger
Categorías:
In this episode of the Security Ledger Podcast (#203) we talk about the apparent hack of a water treatment plant in Oldsmar Florida with Frank Downs of the firm BlueVoyant. In our second segment: is infosec’s lack of diversity a bug or a feature? Tennisha Martin of Black Girls Hack joins us to talk about the many obstacles that black women face as they try to enter the information security field. Part 1: Don’t Hack the Water! An obscure water treatment facility in Oldsmar Florida became ground zero for the United States concerns about foreign adversaries ability to access and control critical infrastructure last week, after local officials revealed in a news conference that an unknown assailant had remotely accessed the facility’s SCADA system and attempted to raise levels of the poisonous chemical sodium hydroxide in the drinking water by a factor of more than 100. Frank Downs is the Director of Proactive Services at Bluevoyant. The attack failed after a worker at the treatment plant saw it play out on his terminal in real time, and adjusted the sodium hydroxide levels back to normal. Nor would it have worked, officials assured a worried public: sensors elsewhere in the water distribution system would almost certainly have caught the abrupt increase in the dangerous chemical. But closies do count when it comes to critical infrastructure hacks, and the Oldsmar incident set off a federal investigations and a flurry of warnings and editorial hand-wringing about the risks facing critical infrastructure systems. That’s especially true with so many workers accessing them remotely during the pandemic, leaving sensitive systems exposed. Episode 202: The Byte Stops Here – Biden’s Cyber Agenda In our first segment this week, Frank Downs of the firm BlueVoyant joins us in the Security Ledger studio to discuss the water system hack and why critical infrastructure firms continue to struggle to protect their environments. Can Infosec Walk the Talk on Diversity? For years professionals have decried the lack of diversity in the information security field which, even more than high tech in general, is dominated by white men. At infosec conferences, concerted effort has been made giving more visibility and voice to women and minorities. The dreaded “MANels” – panels made up entirely of men – have been targeted and, in many cases, banished. But down in the trenches – where information hiring takes place and information work is done – there is little evidence of change. Tennisha Martin is the Executive Director of Black Girls Hack. The lack of progress, despite a crushing shortage of infosec workers and the stated intentions of infosec leaders and executives, might get you wondering whether cyber’s lack of diversity is a bug or a feature of the system.