Apply Now to Attend Nexus Conference 2025
Claroty Nexus Logo
Topics:
See all in Cyber Resilience See all in Articles
See all in Videos
See all in Podcasts
Cutaway Security's Don C. Weber joins the Claroty Nexus podcast to discuss ICS cybersecurity training from his experience as a SANS certified instructor and understanding of where automation organizations are struggling and succeeding with cybersecurity.

Nexus Podcast: Don C. Weber on ICS Cybersecurity Training

Michael Mimoso
/
Jun 17, 2022

Don C. Weber is in a unique position to see where organizations are struggling—and succeeding—in securing control systems and OT environments.

As a certified SANS Institute instructor, founder of Cutaway Security, a security services provider, and host of the fun CutSec ICS Friday InfoSec Chats show on YouTube, Weber interacts with operators, engineers, and security practitioners of all skill levels and expertise. His students, his clients, his peers often find themselves working in converged IT/OT environments, anchored to legacy equipment, and wondering if and when the next ransomware attack or OT-specific exploit lands at their feet. Part of Weber's mission is to not only secure these systems, but to share his knowledge and experience to ensure the safety of the industrial domain.

"I just try to give back to the community where I can and that's a part of putting yourself out there, having conversations," Weber said.

In this episode of the Nexus podcast, Weber discusses his career path in information security, which began after serving in the U.S. Marine Corps (he had never picked up a computer until he left the service), to building a two-decade-long career that currently focuses on providing security assessments, penetration testing, and training.

Subscribe, rate, and review the Aperture podcast on all major platforms, including Apple Podcasts and Spotify.

"I started when I came out of the Marine Corps; I was already 30 and had never picked up a computer and that was 20 years ago," Weber said. "Learning computers and how to do them well, I always felt like I was pitting myself against people that had been in the industry for 10 years."

Weber explains how he gravitated toward writing blogs, contributing during the early days of podcasts, as avenues for sharing his expertise.

"I just dove into that with the theory that if I'm wrong, people would tell me. If I'm right, maybe people will learn," he said.

Aside from his SANS training course, Weber, known as Cutaway on social media, contributes a number of freely available coding and scripting tools. Most recently, he's developed the NERC CIP Assessment Scripts (NCAS) that generate required baseline outputs to help satisfy the requirements for NERC CIP-010-3.R1.

"I call that the Collector; and that's just so that people can baseline their systems, gather information about installed software, certain security settings that are required to monitor those systems, create a baseline and monitor for changes to ensure those changes are authorized," Weber explained, adding that he also built from that script an advanced forensics tool that collects volatile information as well.

Throughout the discussion, Weber discusses his SANS training classes, observations about where organizations are struggling and succeeding with cybersecurity, and how the Friday InfoSec Chats came about.

Michael Mimoso
Editorial Director

Michael Mimoso is Director of Influencer Marketing at Claroty and Editorial Director of Nexus.

Stay in the know Get the Nexus Connect Newsletter
Subscribe
Listen on Apple Podcasts. Listen on Spotify Podcasts.
Share
LinkedIn Twitter Facebook Email
Featured Articles
Considerations for Medical Device Vulnerability Remediation Technical Debt in OT Environments: How It's Different and Why it Matters The Purdue Model's Risky Blindspot
Featured Videos
Browse by Topics
Cyber Resilience Cybersecurity Insurance Federal Food & Beverage Healthcare Industrial Internet of Things Nexus Conference Operational Resilience Operational Technology Ransomware Risk Management Technical Debt Vulnerability Management Zero Trust
You might also like… Read more
megan-stifel.png
Federal
Cyber Resilience
Ransomware
Operational Resilience

Nexus Podcast: Megan Stifel on the Impact of the Ransomware Task Force

Michael Mimoso
Joe Slowik, threat intelligence and detections lead at Gigamon, joins the Nexus podcast to discuss a Virus Bulletin paper and presentation he gave recently on XENOTIME.
Federal
Risk Management
Cyber Resilience
Operational Resilience

Nexus Podcast: Joe Slowik on Identifying Truly ‘Critical’ Infrastructure

Michael Mimoso
danielle-jablanski.png
Cyber Resilience
Operational Resilience
Operational Technology
Risk Management
Federal

Nexus Podcast: Danielle Jablanski on Critical Infrastructure Protection

Michael Mimoso
cassie-crossley.jpeg
Federal
Cyber Resilience
Operational Resilience
Vulnerability Management
Risk Management

Nexus Podcast: Cassie Crossley on Hardware Security, HBOMs

Michael Mimoso
On this episode of the Nexus Podcast, Rapid7 Senior Director of Threat Analytics Christiaan Beek explores the economics of ransomware and the continued profitability and success of it as an attack vector.
Ransomware
Cyber Resilience
Risk Management

Nexus Podcast: Christiaan Beek on Ransomware’s Continued Profitability

Michael Mimoso
florence-hudson-picture_edit.jpg
Healthcare
Internet of Things
Risk Management
Cyber Resilience

Nexus Podcast: Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity Standard

Michael Mimoso
On this episode of the Claroty Nexus Podcast, Mike Holcomb, global lead for ICS and OT cybersecurity at engineering and construction solution provider Fluor, discusses his advocacy and efforts to educate engineers and IT cybersecurity professionals in the nuances of protecting operational technology and industrial control systems.
Operational Technology
Operational Resilience
Vulnerability Management
Industrial

Nexus Podcast: Mike Holcomb on Starting and Succeeding in OT Cybersecurity

Michael Mimoso
Ron Fabela joins the Nexus podcast to discuss his research into low-skilled threat actors targeting operational technology and industrial control systems. Many of these groups operate as hacktivists and carry out less sophisticated defacements and intrusions. While less of a risk, these incidents are still a drain on human resources required to investigate them and decided on mitigation strategies.
Industrial
Vulnerability Management
Risk Management
Operational Technology

Nexus Podcast: Ron Fabela on Low-Skilled OT/ICS Threat Actors

Michael Mimoso
On the latest episode of the Claroty Nexus Podcast, Munish Walther-Puri, adjunct professor at the Center Global Affairs at New York University, describes a homegrown scale OT cybersecurity incidents called the Infrastructure Cyber Incident Scale, which takes into account an incident's magnitude, intensity, and duration.
Industrial
Operational Resilience
Operational Technology
Risk Management

Nexus Podcast: Munish Walther-Puri on Developing a Scale for OT Cybersecurity Incidents

Michael Mimoso
Brian Foster, senior advisor for grid security at Southern California Edison, joins the Nexus Podcast to discuss his presentation delivered at the S4 Conference on the risks of a hyperconnected grid. Adding a Wi-Fi connection to vulnerable smart meters that are enrolled by customers on a massive scale may allow attackers able to compromise centralized command and control of these devices to issue commands at scale that could result in catastrophic damage.
Industrial
Internet of Things
Operational Technology
Cyber Resilience

Nexus Podcast: Brian Foster on the Risks of a Hyperconnected Power Grid

Michael Mimoso
Matthew Rogers, ICS Cybersecurity Strategy & R&D Lead at CISA, joins the Nexus Podcast to discuss the agency's and its international partners' release of a procurement guide for operational technology (OT) owners and operators . The guide describes 12 OT cybersecurity elements that buyers should be looking for, and hopefully influencing automation and control system vendors to implement. Rogers hopes this initiative not only gives OT asset owners some agency during procurement, but also to creates a market-influenced demand among leading vendors to integrate these security elements by default into OT products.
Cyber Resilience
Operational Technology
Industrial

Nexus Podcast: CISA on Secure-by-Demand for OT

Michael Mimoso
On this episode of the Nexus Podcast, Team82 researcher Noam Moshe provides some technical details on the IOCONTROL malware, a Linux-based backdoor used to infect critical infrastructure around the world. IOCONTROL has a modular architecture that allows it to be configured for IoT, OT, and SCADA devices.
Internet of Things
Operational Technology

Nexus Podcast: Noam Moshe on the IOCONTROL Malware

Michael Mimoso
Latest on Nexus Podcast
See all episodes
The Nexus podcast features conversations with security leaders, researchers, and experts sharing their expertise on cyber-physical systems security.
megan-stifel.png
Federal
Cyber Resilience
Ransomware
Operational Resilience

Nexus Podcast: Megan Stifel on the Impact of the Ransomware Task Force
Joe Slowik, threat intelligence and detections lead at Gigamon, joins the Nexus podcast to discuss a Virus Bulletin paper and presentation he gave recently on XENOTIME.
Federal
Risk Management
Cyber Resilience
Operational Resilience

Nexus Podcast: Joe Slowik on Identifying Truly ‘Critical’ Infrastructure
danielle-jablanski.png
Cyber Resilience
Operational Resilience
Operational Technology
Risk Management
Federal

Nexus Podcast: Danielle Jablanski on Critical Infrastructure Protection