This episode of Path to Zero is particularly timely with the recent cyberattack that shut down a major oil pipeline. This interview was recorded just before the attack that forced the Colonial Pipeline offline and prompted gas shortages across the country. Tucker talks to two cybersecurity experts who explain why the nation’s critical energy infrastructure is vulnerable to attacks like this.
Silent Quadrant
Kenneth Holley and Adam Brewer are the co-founders of Silent Quadrant, a digital security firm with a particular focus on infrastructure security and data analytics.
Holley’s experience in digital protection originated while serving in the U.S Navy and working on the first generation of the Naval Tactical Data System (NTDS). He has been a subject matter expert on digital technology security and new media for more than 25 years and he is a frequent contributor to technology-related publications.
Brewer leveraged his twenty years in the hospitality industry to the information technology services sector. He specializes in partnering directly with business owners to equip them with innovative security solutions, while continuing his focus on technical modernization and alignment across their entire digital platform.
Show Notes
From smart devices in our homes to critical infrastructure, Holley has observed a hastened pace of vulnerabilities in recent years and cyber criminals taking advantage of those exploits. Tucker talks extensively with Holley and Brewer about why energy organizations are among the most targeted by cyber criminals, as well as what can be done to safeguard our critical systems.
Growing Threat
According to Holley and Brewer, adversaries are watching events like what happened in Texas during Winter Storm Uri and the disruptions in the electric grid. He says they look at the systems and how we responded to identify weak spots. Holley says it’s a reminder of how vigilant the energy industry needs to be with digital protection. One way the industry can protect itself is through decentralization. Having multiple choices, multiple fuels and multiple paths is one way to achieve energy security, including cyber threats.
Brewer says with everything that we depend on, there needs to be a foundational security component involved.
It’s not time to avoid Internet of things (IoT) technology, says Holley. However, IoT devices must have security engineered into them from the beginning and they must be capable of being updated on a regular basis to meet whatever vulnerability is discovered.
Holley points out that we are beyond the point where an adversary causing physical harm and getting into critical infrastructure is hypothetical. He says that kind of attack is now reality.
Holley cites an example of a client that was doing research for a COVID-19 vaccine and suddenly, that organization became a target of China. He says they adequately defended against that threat but it was another example of adversaries looking for the weakest point in a system where they can embed and gather intelligence.