CyberWire Daily - Robert Lee: Keeping the lights on. [ICS] [Word Notes]
Episode Date: December 20, 2020CEO and co-founder of Dragos Robert Lee talks about how he came to cybersecurity through industrial control systems. Growing up with parents in the Air Force, Robert's father tried to steer him away ...from military service. Still Rob chose to attend the Air Force Academy where he had greater exposure to computers through ICS. Robert finds his interest lies in things that impact the physical world around us. In his work, Dragos focuses on identifying what people are doing bad and helping people understand how to defend against that. Rob describes the possibility of making a jump to control system security from another area recommending you bring something to the table. Rob talks about the world he would like to leave to his son and his hopes for the future. We thank Rob for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the Cyber Wire Network, powered by N2K. and VPNs, yet breaches continue to rise by an 18% year-over-year increase in ransomware attacks
and a $75 million record payout in 2024. These traditional security tools expand your attack
surface with public-facing IPs that are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security. Thank you. Hi, I'm Robert Lee, and I'm the CEO and co-founder of Dragos.
My earliest memories weren't related to security or computers at all.
My mother and father were both enlisted Air Force folks, and they ended up retiring after 25 years of service each.
And my earliest memories were around planes and Air Force.
And, man, I want to be like my dad.
And credit to my dad, he tried to push me away from that.
Hey, go be a lawyer.
Go do something different than I did, son.
You know, don't join the military.
Go do whatever.
And he couldn't talk me out of it. So that's the direction I went and ended up going off the Air Force Academy and commissioning into the service.
I ended up going off the Air Force Academy and commissioning into the service.
But I'd always liked computers and I'd always played games and been a computer junkie,
but it wasn't as drenched in it as a lot of other people in our community. It wasn't until I got into the Air Force Academy that the topic of computers became interesting,
and it was only that they became interesting
because of industrial control systems.
So I was into industrial control systems
and working with water filtration units
and wind turbines and similar.
Heck, even getting, from the Air Force Academy perspective,
getting access to control systems that were on planes
that were being developed, like the F-22,
and seeing the engine work and the engineering of it,
that was my draw before computers or computer security ever was.
Even today, when I look at security as a whole,
the idea of protecting data or information,
it's a very important thing that does not interest me at all.
To me, the interest is in things that
impact the physical world around us. And that's very exciting to me. And so I joined an organization
called Engineers Without Borders and ended up going to Cameroon and doing humanitarian work there.
And it was in building water filtration units and wind turbines to store electricity and car
batteries to provide lights for folks
so they could continue to work into the evening and be more productive.
And that idea, not only the physical world around us, but this ability for control systems
to make life better for people.
That's something really, really special.
That's something really, really special.
We try to focus on identifying what people are doing bad and helping people understand how to defend against that
while also thinking of the art of the possible
so that we can get ahead of the challenge.
And doing that in a system of systems world
where everything is connected, everything is impactful,
and a lot of the security and insights and protections
or whatever were developed on a system level.
But the moment you start deploying things
in a systems of systems context,
like we do in industrial control systems,
all that goes out the window.
And we get to be the puzzle makers
that sit there and document what others have done and come up with new ways to do it and make sure
that we're empowering folks to go keep the lights on, the water running, the manufacturing goods
producing, and the Accela running on time. I tend to believe that anybody can do anything,
and I don't think you have to do one path,
but I do like the idea of bringing something to the table to get started.
And so that might mean maybe starting out in IT before you pivot into security.
Or maybe it means starting out in control systems before you go into security,
or starting out in security before you go into control systems security.
But I want to be careful that folks that want to start out
have a community and have a foundation of knowledge available to them
so they don't get discouraged.
Find something that drives you from a passion perspective.
Maybe it's network security, maybe it's memory security,
maybe it's the physical process of electric transmission.
But do that first, then let's talk about the other piece of it
and form it together.
My hope of what I'm doing at SANS,
what Dragos is doing, what our community is doing,
what I'm hoping is we move it into a foundational topic
so that five, ten years from now,
people do walk directly into ICS security
because it's more documentation, a common language, a professionalization around it.
It's more accepting and capable for someone new to start out in kind of a sandbox versus, you know, no floor underneath you, no ceiling above you.
I think a lot about my son, and I want my son to grow up in a community that has safe and reliable electric power and water and transportation and similar.
And today, that would be true.
Actually, our infrastructure is pretty awesome. We have some of the most safe and reliable and affordable infrastructure in all of history.
pretty awesome. We have some of the most safe and reliable and affordable infrastructure in all of history. The problem is the trend that we're on, that trend doesn't look so good five to 10 years
from now. I would love to make it impossible to kill people through cyber in industrial
environments. I think that's an achievable goal. It's a hard one, especially with the trend of the
community, but I think it's achievable. And I would like to leave the world in a better place,
but definitely no worse for my son.
Cyber threats are evolving every second, and staying ahead is more than just a challenge.
It's a necessity.
That's why we're thrilled to partner with ThreatLocker,
a cybersecurity solution trusted by businesses worldwide.
ThreatLocker is a full suite of solutions designed to give you total control,
stopping unauthorized applications, securing sensitive data,
and ensuring your organization runs smoothly and securely.
Visit ThreatLocker.com today to see how a default-deny approach can keep your company safe
and compliant.