CyberWire Daily Podcast, featuring Robert M. Lee on the evolution of safety and security in ICS.
Dave Bittner: [00:13:50] And I’m pleased to be joined once again by Robert M. Lee. He’s the CEO at Dragos. Rob, it’s great to have you back. I wanted to take a little trip down memory lane with you, and I want to start with a personal story of my own. My grandfather spent his entire professional career working in a steel mill – in the melt shop of a steel mill – started sweeping the floor at 17 and retired at 65 with his gold watch and spent his entire life in that same company. And I remember him telling me stories about how along the way, the technology changed when it came to making steel. Part of that was better chemistry, better testing. He said, you know, they shifted from knowing the steel was right by the color and the smell to actually being able to test things. Dave Bittner: [00:14:37] And eventually, computers came on board, and that increased the quality of the steel, and it increased the safety of the plant. And I tell you that story to ask you this. Can you take us through – can you think of a good example to kind of give us some insight and some perspective as to how that has affected ICS, how that path has happened in ICS, and what are some of the implications of that process that we’re living with today? Robert M. Lee: [00:15:03] I mean, that was beautiful, man. I know you asked me for an example, but that was a much better example. Dave Bittner: [00:15:07] (Laughter). Robert M. Lee: [00:15:09] But I’m going to remind you. That’s great. And you should be proud of that. I mean, that’s wonderful to see kind of the evolution of that industry. Dave Bittner: [00:15:14] Yeah. Robert M. Lee: [00:15:15] And that’s what we’re seeing everywhere. We’re seeing – you know, back in the day, if you will, before networking and IP-based technologies and ARPANET and DARPANET, we had control systems. And control systems were isolated systems – sometimes pneumatic, sometimes not – of just systems that were serving a purpose of taking an input and getting to an output. I mean, it’s a physical kind of system. And then we saw connectivity, and we started seeing these environments that were never networked before starting to become networked. And the same way they might have had a power plant that was good at producing power, but now, you could network it so you could actually get information off the plant and make it a little bit more efficient, and to make it safer and more productive. Robert M. Lee: [00:16:02] Then we saw site-to-site interconnectivity, and we started seeing even things like SCADA or supervisory control and data acquisition systems, basically the control systems that sit above control systems to be able to make multiple plants and multiple sites efficient and work together more effectively and safer and more productively. And then we’re starting to see this advent of what some – the community, you know, some – our European partners would call, like, industry 4.0. Robert M. Lee: [00:16:31] We’re starting to see beyond site-to-site but even company-to-company and the immersion of the industrial world in every aspect of our lives and connected in where the operator – you know, their shift schedule is timed in with maintenance schedule, is timed and with recharging of maybe consoles or using – I could think of, like, Caterpillar. And they’re doing some amazing work about, you know, hey, instead of having the same operator use the same backhoe every single day, why don’t we rotate it around and let us know which ones are the right ones to take advantage of for their maintenance schedule? Robert M. Lee: [00:17:10] And it’s the interconnectivity of not only just plants now but every individual component and learning from the larger community. We’re seeing cloud-based technologies be able to drive efficiencies and refining, which is saving so much money or allowing companies to generate so much more money that they could rebuild the facility every couple years, you know. I mean, it’s just amazing. The downside of that, of course, is you’re increasing connectivity to where systems have much more control and have more input, which means the ability to modify those systems from an adversarial-based approach exists in ways that it never did before at the same time that adversaries are learning industrial systems to not only go and exploit a system but learn the industrial operations and how to manipulate the physical process. Robert M. Lee: [00:17:58] So you have a community that’s doing the right thing. They’re learning and evolving and building a better world. But just by the very nature of that, you’re introducing opportunity for adversaries to go and disrupt that now-interconnected world. So the thing that I usually like to tell executives and others in this space is the security component of this is just a natural evolution of the fact that you’re able to take more advantage of what you’re doing and then take more advantage of the systems than you’ve ever had before. And it’s a component just to deal with that risk and let that beautiful industrial automation and the value that it’s bringing to safety and productivity be there and be present and get the full value out of it. Robert M. Lee: [00:18:43] So it’s been wonderful to watch the world evolve in this way. And I think it’s – it can be easy to opine about, well, I want to go back to manual controls, or I want to go back to when it was different. And those days weren’t better. It’s just the things that we are doing are making a better world. We just need to be thoughtful in the way that we do it. – See more at: https://thecyberwire.com/podcasts/cw-podcasts-daily-2019-12-05.html#.dpuf