The CIA Triad in OT & Automation | OT After Hours, An OT Security Podcast

Подробнее о видео

In this episode, we grapple with a deceptively simple question: in an operational technology environment, which element of the CIA triad—confidentiality, integrity or availability—should reign supreme? Join host Ken Kully, Cyber Tech Lead at Verve Industrial, and his guests Natalie Kalinowski (OT Security Analyst), Tyler Bergman (Industrial Cybersecurity Engineer) and Zach Woltjer (ICS Security Specialist) as they debate real-world incidents, legacy system constraints and industry priorities that shape how we secure critical infrastructure.

Key Takeaways:

Availability often takes center stage in OT—downtime can cost millions and trigger regulatory shutdowns.

Integrity attacks (like Stuxnet-style tampering) are scarier than outright outages: misleading data can hide dangerous conditions.

Confidentiality matters too—information gathering paves the way for future, highly targeted attacks.

In practice, availability and integrity are inseparable: validating data flow can bolster both pillars simultaneously.

A holistic, risk-based “crown jewels” assessment helps organizations focus on the devices and data that matter most.

Timestamps:

00:00 – Introduction and sound check
00:43 – Welcome to Season Two of OT After Hours
01:06 – Guest introductions: Natalie, Tyler & Zach
04:00 – Defining confidentiality, integrity and availability
07:57 – Tyler on why availability skyrockets in OT environments
11:53 – Natalie on integrity attacks and the legacy of Stuxnet
25:05 – Ken and team explore integrity-based attack scenarios and encryption trade-offs
39:47 – Natalie on confidentiality’s long-term impact (Ukraine grid outages, HAVoC)
43:04 – Roundtable closing thoughts: tying availability & integrity together
47:12 – Outro and how to submit your questions

Guest Information:

Natalie Kalinowski: OT Security Analyst at Verve Industrial, specializes in vulnerability management and threat research.


Tyler Bergman: Industrial Cybersecurity Engineer at Verve Industrial, expert in SCADA availability and risk mitigation.


Zach Woltjer: ICS Security Specialist at Verve Industrial, focuses on OT-IT convergence and strategic assessments.