Ahead of the Breach - Al Imran Husain, CISO & VP of Global Infrastructure
Ahead of the Breach Podcast sits down with Al Imran Husain, CISO & VP of Global Infrastructure where he shares his insights on the unique challenges faced by the industry, particularly the convergence of IT and OT systems.
Every week, Casey Cammilleri interviews an expert leading the charge on empowering security experts and practitioners with the knowledge and insights needed to excel in the future of cybersecurity.
In our latest edition, we dive into our interview with Al Imran Husain, CISO & VP of Global Infrastructure at MillerKnoll. Here are the top takeaways from the interview.
#1: Secure Legacy Systems in the Age of Cyber Threats
“Legacy can be any type of server or system which is, whatever, so many years old, but it's just simply not supported anymore by their respective company or proprietary services. So that is becoming an issue. And the issue is because the fact that these types of systems still need to run, they are still an integral part of the operational technology environment. So how do you secure those types of systems? How do you make sure, especially with those externally type of devices, externally facing devices within the manufacturing realm, how are they being protected from things such as ransomware, and ransomware and other types of cyber attacks are now becoming a very big issue within the manufacturing industry.
“[D]own in Miramar, Florida, where a water plant was compromised to the point where someone broke in and they were basically trying to increase the levels of sodium hydroxide in the water treatment. Now, if anybody understands water treatment, sodium hydroxide is a vital component to making sure that the water is purified. The problem is, is that you cannot increase that type of dosage by triple the amount. That's what this individual did. They tried to increase the levers on that volume of liquid by triple the amount. If it wasn't for some kid working there, pretty much the graveyard shift at the plant, nobody would have known about the increase in sodium hydroxide.
“And the repercussions of that would have been, and I can say this very easily and fairly, people would have died, because if you drink that water with so much sodium hydroxide in it, you're basically looking at death. So the point that I'm trying to make here is manufacturing and the way we try and protect not just what we're trying to produce from a process perspective in terms of chairs and steel and cars and all that, but it even goes down to something where water and even food products can be compromised through these types of hacking, and it has a severe result in society.”
Actionable Takeaway: Legacy systems still play a crucial role in manufacturing but pose significant cybersecurity risks due to lack of support and updates. Securing these systems is vital, especially when they are externally facing and vulnerable to ransomware and other cyberattacks. Implement layered security strategies to protect critical infrastructure.
#2: Build a Strong Cybersecurity Foundation for Manufacturing
“It's pretty much the same type of application we use within the information technology realm. You want to go ahead and make sure you've got endpoint scanning. You want to make sure that you are scanning for vulnerabilities. And so having a good vulnerability management tool is important. Having a good endpoint security tool is very important. Those are the first two things I would recommend anyone within the manufacturing realm — or just about any other industry, which is kind of coming up to speed with cyber — they really need to lay down that foundation.
“Other things which are important are user access control. Who actually has access to your respective systems within manufacturing, I think that's very key because again, compromising someone's admin privileges or even user privileges can really be a jeopardy to your environment. And so making sure that you've got appropriate access controls, for only specific individuals to get into that respective environment is also key.
“And if there's other systems within there that are, say, ERP systems or databases which need to really be protected, have multi-factor authentication, all of these different types of ingredients from the IT can easily be passable over into the OT. And that's how you really kind of secure your security posture within that manufacturing environment.”
Actionable Takeaway: A strong cybersecurity foundation in manufacturing starts with endpoint scanning, vulnerability management, and user access controls. Apply IT security tools to operational technology (OT) environments, ensuring that admin privileges and critical systems are safeguarded with multi-factor authentication and stringent access controls to prevent unauthorized access and cyber threats.
#3: Master the Fundamentals of Cybersecurity for Success
“Because of the different facets of new ways of your network and your environment to be compromised, it's very important to understand the entire gamut of what a CISO needs to do in order to be responsible. And I think there's a couple of things that people, especially your younger audience, should probably recognize. One being that it's not just about learning cybersecurity and the solutions and tools and all those kind of cool gadgets. It's more about understanding the pillars of what you need to recognize when it comes to becoming a very good cybersecurity practitioner.
“Number one, understanding networking, that is the key towards anybody's gateway to getting into the cybersecurity market. If you don't understand how firewalls and switchers and routers, all those old school types of devices work and how they communicate to one another and what they do from a topology perspective, then you're doing yourself a disservice. So I would say networking really needs to be a part of your portfolio.
“The second part is infrastructure. So when we talk about things such as assets and servers, how do they work, how do they communicate with one another, how do you update them from a configuration perspective? So that's going to be very important in terms of understanding how infrastructure has a huge, huge impact on cyber. And not only just endpoint and assets, but we're talking about disaster recovery, we're talking about databases, we're talking about the cloud, which is also a very, very big landscape of different types of ways of setting up systems and assets.
“So all of that really needs to be understood before you can even get into cyber, because cyber is that top layer. All these other ones are on the bottom, but as a whole, it really needs to be digested and dissected very well for you to understand how to become a successful cyber practitioner.”
Actionable Takeaway: Before delving into advanced cybersecurity, it’s essential to understand the fundamentals of networking and infrastructure. A solid grasp of firewalls, routers, servers, and cloud systems provides the foundation for becoming an effective cybersecurity practitioner. Mastering these core elements is key to building successful cyber defense strategies.
Listen to full episodes out now
For more information about Ahead of the Breach, please visit www.sprocketsecurity.com/aob-podcast. Episodes are available on all major podcast platforms.
We look forward to bringing you more conversations with actionable insights that help in your pursuit to protect your most valuable assets — and help clients do the same!
Continuous Human & Automated Security
The Expert-Driven Offensive
Security Platform
Continuously monitor your attack surface with advanced change detection. Upon change, testers and systems perform security testing. You are alerted and assisted in remediation efforts all contained in a single security application, the Sprocket Platform.
Expert-Driven Offensive Security Platform
- Attack Surface Management
- Continuous Penetration Testing
- Adversary Simulations