Events , Governance & Risk Management , Operational Technology (OT)

OT-CERT: Enabling SMBs to Address Cybersecurity Risks

Dawn Cappelli, Head of OT-CERT at Dragos, on Training 'Non-IT' People on Security
Dawn Cappelli, head of OT-CERT, Dragos

With an ever-expanding threat landscape, organizations need to possess the right tools and knowledge to deal with cyberattacks. Dawn Cappelli, head of OT-CERT at Dragos, recommends educating and training small and medium-sized businesses that are just starting their operation technology, cybersecurity and industrial control system security journey.

See Also: SASE: Recognizing the Challenges of Securing a Hybrid Workforce

Small and medium-sized companies can't afford security staff, and yet they're part of our critical infrastructure across the world, she said. They need the resources and appropriate training to protect themselves against advancing threats. OT-CERT, Cappelli said, offers free resources to "non-cybersecurity and non-IT" people through training videos, monthly best practice sessions and Zoom meetings. CERT's mission, she said, is to "tell them exactly what to do."

"We built OT-CERT, got the processes and road map in place. We started monthly working group sessions because I feel like this is scary to people. So, any member of OT-CERT can join in the Zoom meeting and ask questions. You can talk to other members that are doing the same thing you are," she said. "My real goal is working with the larger companies, my fellow CISOs out there, and getting them to push this down to their suppliers. Because that, I think, is the best way of getting it down to get their attention."

In this video interview with Information Security Media Group at RSA Conference 2023, Cappelli also discusses:

  • How OT-CERT is different than academia;
  • How OT-CERT has expanded;
  • Why the OT threat landscape has expanded and what organizations should do.

Cappelli provides free resources to help small and medium-sized businesses address cybersecurity risks in industrial infrastructure. In a career spanning more than 20 years, she has worked with global industry, government and intelligence leaders on cybersecurity issues.

About the Author

Tom Field

Tom Field

Senior Vice President, Editorial, ISMG

Field is responsible for all of ISMG's 28 global media properties and its team of journalists. He also helped to develop and lead ISMG's award-winning summit series that has brought together security practitioners and industry influencers from around the world, as well as ISMG's series of exclusive executive roundtables.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.