OT-ISAC

"To enhance information sharing and permit timely responses against cyber threats, CSA collaborated with the Global Resilience Federation Asia Pacific (GRF APAC) and launched the OT Cybersecurity Information Sharing and Analysis Center (OT-ISAC)" OT-ISAC facilitate sharing of tactical and strategic security details, providing early insight into emerging threats, detection techniques, and containment measures. Exchanged information includes vulnerabilities and attacks to OT systems and relevant IT applications affiliated with OT systems. For organizations that is keen to join OT-ISAC Community, you may visit www.otisac.org for more information.

30 Oct 2024: Thanks CyberEdBoard Community and Geetha Nandikotkur for the opportunity to share my views with the community, representing as OT-ISAC, on the importance of OT Cybersecurity in every organisation in this Industry 4.0 era, while on the side-lines of Singapore International Cyber Week GovWare 2024 a few weeks back. #OT #Cybersecurity #Risk

We are less than 2 weeks away from the Summit but there is still time to register to see how your peers are managing and advancing their security and risk management programs. November 13-14, practitioner-presenters who are experts in their fields will cover topics including third-party risk, cloud security, AI application and threats, and supply chain and geopolitical risk. Learn more about the speakers and their sessions: https://lnkd.in/er2Hh4mU. A non-exhaustive list of confirmed presenters: -Managing Director at Accenture -Principal Director, Security at Accenture Security -Manager Third Party Security at Amazon -CEO at ArmorText -SVP, Cyber Risk Strategist at Black Kite -Program Director at Business Resilience Council -Director of Cyber Risk and Awareness at Campbell Soup Company -Cybersecurity Awareness Manager at Campbell Soup Company -Associate Chief of Strategic Technology at CISA -CSO & Head of Technology Risk at City National Bank of Florida -CSO at Cloud Security Alliance -AI Security Chief at Cranium -COO at Cranium -Founder & Chairman at Cyber Future Foundation -Managing Director at Cyber Risk Partners -CEO at EMC Advisors -Senior VP for Critical Infrastructure at Exiger -Chief Technologist at FDD -Supervisory Special Agent at Federal Bureau of Investigation -Head Information Risk Governance and Resilience, formerly of Hudson's Bay Company -CTI Analyst at Health-ISAC -Director, Security Product Line Manager at Hewlett Packard Enterprise -Managing Director at KPMG -Americas Cyber Leader at KPMG -VP, Procurement and Vendor Risk at Lendmark Financial Services -Executive Chairman and Co-Founder at Lewis & Clark Bancorp -Director of Product Management at Manifest -Program Director at Manufacturing ISAC -TPRM Compliance Manager at Mayo Clinic -Partner at McKinsey & Company -Senior Manager, Enterprise Security Assurance & Governance at Netflix -6x CISO/CSO and Faculty at NYU Tandon School of Engineering -Cofounder at PromptArmor -Director of Analysis at RANE Network -Chief Procurement Officer at Raymond James Financial -Cyber Risk Advisor & Solution Architect at Safe Security -Senior Manager Information Security at Salesforce -Chief Executive Officer at Shared Assessments -CSO at Sheppard Mullin LLP -Chief Information Security Officer at Stoel Rives LLP -Chief Evangelist & Advisory Board Co-Chair at Supply Wisdom -Co-Founder and CEO at Third Party Risk Association -VP of Solutions Engineering at ThreatLocker -Director Third Party Risk at United Community Bank #cybersecurity #thirdpartyrisk #riskmanagement #ai

In this new research, we looked at what else "targeting OT" was available on VirusTotal around the same time as the FrostyGoop/BUSTLEBERM sample. The title of the blog and the "targeting OT" part are supposed to be provocative, in the sense that people mostly think about engineering protocol abuse when they think of OT malware. What we saw on VT was a few botnet clusters that beyond the typical IoT infection capabilities (credentials and exploits) had two behaviors: * Wiping OT-related directories * Trying to infect devices with OT-related credentials. Bonus: This is also a nice follow-up to our recent research uncovering botnets sharing code for wiping behavior. Expect more research about evolving malware behavior and its impact in IoT/OT soon!

“Guidelines and Companion Guide on Securing AI Systems” https://lnkd.in/eJwpiaX4

19 Oct 2024: Contributed this write-up, in my OT-ISAC capacity during Oct Cybersecurity Awareness Month, sharing my view on some of the key considerations in the wake of overseeing the testing of #Generative #AI solutions for #Cybersecurity. Hope this can help organisations who are just starting out in their evaluation. Thanks IDC Foundry and CSO Online for providing the opportunity for me to share.

17 Oct 2024: Being a member of the Standards Working Group for Cyber Essentials and Cyber Trust and in my capacity at OT-ISAC, I had the privilege of attending SG Cyber Safe for Enterprises event at Singapore International Cyber Week 2024, and enjoyed the great opening by SMS Kiat How Tan and succinct closing presentation by Veronica Tan, as well as successful journeys including that shared by Audrey Teoh in-between!

Join us tomorrow on Day 3 at GovWare Panel Discussion 👇🏼

🚨 Tune into our next interview for the day at #GovWare2024! 🚨 Featuring: John Lee, Managing Director, Global Resilience Federation Asia-Pacific (GRF Asia-Pacific) The conversation with our editor Geetha Nandikotkur revolves around building OT resilience, effective response strategy against OT attacks, and the use of AI in building resilience. John is a senior leader with over 20 years of experience in Information Security, OT Cybersecurity, Project Management, Governance, Risk Management, and Operations. #ISMGStudio #Govware2024 #ISMGatGovWare

In order to harness new and emerging digital technologies to improve lives and livelihoods, citizens and businesses need to be reassured that the digital world is safe, secure and reliable. Addressing this at the opening ceremony of the ninth Singapore International Cyber Week (SICW), Senior Minister and Coordinating Minister for National Security, Teo Chee Hean, delivered a speech on the theme 'Strengthening Digital Trust Now and for the Future'. SM Teo laid out three strategies to build trust in the digital domain; promoting international and multi-stakeholder cooperation, designing resilience into the digital ecosystem from its foundation, and laying the foundations to manage risks arising from emerging technologies. In alignment with these strategies, SM Teo announced the release of the updated Safe App Standard 2.0, which sets out updated security best practices for the industry to incorporate in app design. He also announced a new set of Guidelines and Companion Guide on Securing Artificial Intelligence (AI) Systems, vital for guiding organisations on deploying AI systems safely and securely. Stay tuned for details of other initiatives that would be announced at SICW later this week. At the opening ceremony, Mr David Koh, Chief Executive of the Cyber Security Agency of Singapore (CSA), also delivered welcome remarks, emphasising the crucial need for dialogue across diverse perspectives to tackle key cybersecurity issues. He highlighted SICW as a vital platform for bringing people together and allowing ideas, partnerships and trust to take shape. Learn more about how #SICW2024 is shaping the future of global cybersecurity. Visit https://lnkd.in/gdMGFfXt to find out more about the SAS 2.0 and the Guidelines and Companion Guide on Securing AI Systems. #CyberSecurityWeek #DigitalTrust #GlobalInnovation #DigitalFuture #TechLeadership