Ian Frist: Beyond Buzzwords, Building Effective Programs in OT Security

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)
Episode: Ian Frist: Beyond Buzzwords, Building Effective Programs in OT Security
Pub date: 2023-08-24

About Ian Frist: Ian Frist is the Cybersecurity Compliance Program Director at Corning, boasting a MS in Cybersecurity. With a dynamic background spanning both private sector and government roles, Ian's expertise encompasses NIST, CIS, and CMMC frameworks. Currently leading Corning's compliance team within the cybersecurity group, Ian's journey ventured from accidental entry into ICS/OT through the National Guard, where even as a medic, he embraced the cyber realm. Transitioning into compliance and GRC, Ian's enduring passion for ICS/OT continues, evident through speaking engagements at prestigious events like SANS conferences, reflecting his commitment to both fields.

In this episode, Aaron and Ian Frist discuss:

Navigating compliance and cybersecurity in the changing landscape of OTBuilding effective cybersecurity programsIntegrating cybersecurity in OTImplementing effective asset management and inventory in manufacturing

Key Takeaways:

Compliance is shifting from a mere checkbox exercise to a powerful lever that compels organizations, including manufacturing and utilities, to elevate their OT cybersecurity by setting a baseline of controls and risk management strategies, bridging the gap between different industries' cybersecurity maturity levels while emphasizing the imperative to safeguard critical operations and infrastructure.In the complex landscape of cybersecurity, building a comprehensive program that understands and manages the unique assets, risks, and impact of your organization's operations is paramount, transcending mere reliance on tools and instead emphasizing a holistic approach to preparedness and response.Building redundancy and preparedness into systems is common practice, but the often overlooked key is to integrate cybersecurity understanding, people, processes, and technology from the start to truly fortify against a wide range of potential incidents and ensure resilient operations.Navigating the complexities of asset management and inventory in manufacturing requires acknowledging the need for an initial manual effort, understanding the limitations of automation tools, setting realistic and adaptable goals that balance compliance and risk, and embracing the ongoing commitment required for effective governance. 

"Don't fall for a buzzword, build a program. I think we're going to have to keep watching out for that moving forward." — Ian Frist

 

Connect with Ian Frist: 

Website: https://www.corning.com/worldwide/en.html

Email: [email protected]

LinkedIn: https://www.linkedin.com/in/ian-frist-ms-cybersecurity-cissp-cmmc-pa-pi-3028a9181/

Connect with Aaron:

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about Industrial Defender:

Website: https://www.industrialdefender.com/podcast 

LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/

Twitter: https://twitter.com/iDefend_ICS

YouTube: https://www.youtube.com/@industrialdefender7120

Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. 

The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.