Bill Nelson, director and officer of the Operational Technology Information Sharing and Analysis Center (OT-ISAC), joins the Claroty Nexus podcast to discuss why automation companies need to share indicators of compromise and other incident information within the industry.

Nexus Podcast: OT-ISAC on ICS Threat Intelligence Sharing

Michael Mimoso
/
Feb 2, 2022

Participants in information-sharing groups, regardless of industry, share an innate hesitancy to deliver relevant information about incidents to others. The reasons are plentiful: victims don't want to share they've been breached with competitors, legal counsel may be denying their efforts to share, or they just don't want to fuel future attacks with any appearance of vulnerability.

Bill Nelson, director and officer of the Operational Technology Information Sharing and Analysis Center (OT-ISAC) knows the ropes and the struggle. As former president of the Financial Services ISAC (FS-ISAC), Nelson saw information-sharing opportunities go to waste while attackers widened their intelligence gap over defenders.

In this episode of Claroty's Nexus podcast, Nelson joins to discuss the information-sharing dynamic within OT-ISAC, and the need to share indicators of compromise and other incident information within an industry tasked with keeping public safety and national security as top priorities.

"The big thing to understand is that the sharing of information is not a competitive issue," Nelson said, recalling how members of the FS-ISAC carried the belief that since security was a competitive advantage, they would not share incident information.

"There were two large institutions in New York that made the decision that they would start sharing everything," Nelson recalled. "That was a big change. When they started doing that, the other financial institutions saw it and they were able to stop attacks. They realized the benefit, and they started sharing themselves."

Nelson hopes to ramp up similar sharing within OT-ISAC and its member organizations. "I thnk it's a learning process; they start to see what the benefits are," Nelson said. "It's not all about member-to-member sharing too. We're getting information from government partners which is valuable. We're getting it from other sectors, intelligence vendors, and companies within the OT space."

Listen to the rest of this conversation, and learn:

  • More success stories and challenges from other industry ISACs that the OT-ISAC is considering

  • A new operational resilience framework from the Business Resilience Council working group that focuses on recovery solutions beyond backups

  • Work being done to help OT asset owners and operators recover data, applications, devices, OT systems, architecture, and more within the industrial domain

Subscribe, rate, and review the podcast on all major platforms, including Apple Podcasts and Spotify.

Michael Mimoso
Editorial Director

Michael Mimoso is Director of Influencer Marketing at Claroty and Editorial Director of Nexus.

Stay in the know Get the Nexus Connect Newsletter
You might also like… Read more
Latest on Nexus Podcast