‹ All episodes

NextExec - EWF

Season 3 Episode 8: The Trifecta for critical national infrastructure - IT,OT and regulation

August 30, 2021 Season 3 Episode 8
NextExec - EWF
Season 3 Episode 8: The Trifecta for critical national infrastructure - IT,OT and regulation
Info
NextExec - EWF
Season 3 Episode 8: The Trifecta for critical national infrastructure - IT,OT and regulation
Aug 30, 2021 Season 3 Episode 8

In this episode, we’re bringing to you a discussion around critical national infrastructure with our host Kristen and her guests Chantel and Sandy. With OT technologies taking prime spot in news headlines with the recent ransomware attacks, our guests provide their insight on the different threat vectors that OT face with components of critical national infrastructure being exposed to the internet. Sandy and Chantel talk about how IT and OT can come together and how regulatory bodies are responding  to tackle the external adversaries that are exploiting the gaps in the dynamics of IT/OT and Cloud. 

Guests:

Chantel Haswell

Chantel Haswell, PMP, is a Deloitte Advisory Manager within the Cyber Risk Services practice within the East Region.  Chantel has over 15 years of experience in the Energy industry, with a focus on the Power and Utilities sector.  In particular, Chantel has significant experience in regulatory reliability and compliance standards, including NERC Order 693 and Critical Infrastructure Protection (CIP).  Broadly, her activities have included Project Management, Cyber Policy development, Cyber metrics reporting, Compliance Training development and implementation, and overall Compliance program support and internal controls implementation.  Most recently, Chantel supported a large Cloud Service Provider (CSP) by performing analysis of the implications of Power & Utility customers hosting NERC CIP assets on the cloud.


 Sandy Bacik

Sandy Bacik, CISSP, ISSMP, CGEIT, CISA, CDPSE, PCI QSA, is CipherTechs’ Director Audit & Compliance, has over 20 years’ direct information security and operational experience in the areas of IT Audit and Compliance, BCP/DR, Incident Response, Physical security, Privacy, Regulatory Compliance and Audit, Policies/Procedures, Operations, and Management. With an additional 15 years in Information Technology Operations.  Ms. Bacik has been heavily involved with local, national, and international security industry events.  Ms. Bacik is the author of Building an Effective Security Policy Architecture and a contributing author to the past years of Information Security Management Handbook.


Host:

Kristen Wilbur, CPA, CISSP, CCSK, CISA, ISO 27001 Lead Auditor, is a Director at Schellman & Company LLC, with over 10 years of experience in providing IT attestation and compliance services. Kristen has evaluated risk and controls for Global 1000, Fortune 500, and regional companies during the course of her career with a strong focus in the technology sector. Kristen currently leads the New York City practice at Schellman where she specializes in SOC 1, SOC 2, ISO 27001, and HIPAA reporting. In her portfolio she also oversees large scale engagements that include assessments around FedRAMP, HITRUST, and Privacy.


Support the Show.

Share
Apple Podcasts Spotify Overcast Stitcher iHeartRadio Podcast Addict +
Show Notes

In this episode, we’re bringing to you a discussion around critical national infrastructure with our host Kristen and her guests Chantel and Sandy. With OT technologies taking prime spot in news headlines with the recent ransomware attacks, our guests provide their insight on the different threat vectors that OT face with components of critical national infrastructure being exposed to the internet. Sandy and Chantel talk about how IT and OT can come together and how regulatory bodies are responding  to tackle the external adversaries that are exploiting the gaps in the dynamics of IT/OT and Cloud. 

Guests:

Chantel Haswell

Chantel Haswell, PMP, is a Deloitte Advisory Manager within the Cyber Risk Services practice within the East Region.  Chantel has over 15 years of experience in the Energy industry, with a focus on the Power and Utilities sector.  In particular, Chantel has significant experience in regulatory reliability and compliance standards, including NERC Order 693 and Critical Infrastructure Protection (CIP).  Broadly, her activities have included Project Management, Cyber Policy development, Cyber metrics reporting, Compliance Training development and implementation, and overall Compliance program support and internal controls implementation.  Most recently, Chantel supported a large Cloud Service Provider (CSP) by performing analysis of the implications of Power & Utility customers hosting NERC CIP assets on the cloud.


 Sandy Bacik

Sandy Bacik, CISSP, ISSMP, CGEIT, CISA, CDPSE, PCI QSA, is CipherTechs’ Director Audit & Compliance, has over 20 years’ direct information security and operational experience in the areas of IT Audit and Compliance, BCP/DR, Incident Response, Physical security, Privacy, Regulatory Compliance and Audit, Policies/Procedures, Operations, and Management. With an additional 15 years in Information Technology Operations.  Ms. Bacik has been heavily involved with local, national, and international security industry events.  Ms. Bacik is the author of Building an Effective Security Policy Architecture and a contributing author to the past years of Information Security Management Handbook.


Host:

Kristen Wilbur, CPA, CISSP, CCSK, CISA, ISO 27001 Lead Auditor, is a Director at Schellman & Company LLC, with over 10 years of experience in providing IT attestation and compliance services. Kristen has evaluated risk and controls for Global 1000, Fortune 500, and regional companies during the course of her career with a strong focus in the technology sector. Kristen currently leads the New York City practice at Schellman where she specializes in SOC 1, SOC 2, ISO 27001, and HIPAA reporting. In her portfolio she also oversees large scale engagements that include assessments around FedRAMP, HITRUST, and Privacy.


Support the Show.