Craig Reeds, CISSP, CRISC, Velta Technologies, “Protecting the Production Lines From Cyber Crime”

About This Episode

Velta Technologies is a firm that specializes in providing security services for the industrial space.  Based out of St. Charles, Mo. their practice focuses on the security needs of the manufacturing, utility, and maritime verticals. Craig serves as a Cyber Security Engineer for the organization and in this episode he shares with us an area not often travelled by many MSP’s, but can be an area of opportunity, Operational Technology Networks or OT.

With the growth of IoT devices coupled with aging production machines this area can often be overlooking in its importance and access within each business and become a huge target for the hacking community.  Craig starts the discussion describing what is the first step in security the OT, a Cyber Security Assessment for exposure risks and technology gaps.

He then shares with us about how electrical utilities have many compliance regulations for its power generation system and need to be NERC compliant (North American Electrical Reliability Corporation). These regulations map to the areas of critical infrastructure supporting municipal areas.

A big area of concern for the plant side of these industrial businesses is the people side of technology.  Craig shares what the biggest threat is to the  industrial plant networks,  rogue assets connecting to the OT network.  When technicians com in to service the plant, they often connect to the network and their asset now becomes a point of vulnerability on the network.

At the end of the day it all comes back to common sense, similar to the traditional IT network.  Ensure you have controls to support the network security and limit access and the risk will be reduced.