Marco (Marc) Ayala’s Post

So far this month in Houston, I've had the pleasure of meeting many remarkable individuals. From #InfraGard members to asset owners and a diverse group from across the USA, it's been an enriching experience. The sessions have been incredibly insightful, and I had the privilege of moderating an exceptional asset owner-operator panel. It's truly one of the best discussions I've been a part of in a long time. A special thanks to these individuals for their outstanding leadership and dedication to securing our nation's critical infrastructure. Your efforts are truly commendable. Sign up today for InfraGard: https://www.infragard.org/ Click "Join Today" #Houston #InfraGard #AssetOwners #CriticalInfrastructure #Leadership #OTCybersecurity #USA

As we approach the new school year in Texas and our nation, it's paramount to prioritize safety in our educational environments. The FBI Violence Reduction Unit has released a new Run/Hide/Fight video, tailored specifically for school settings. This video is a valuable resource for schools' active shooter planning, offering vital guidance on what to do once an attack begins. video: fbi.gov/survive. At InfraGard Houston Members Alliance, we encourage schools and organizations to stay informed and prepared. If your organization is interested in active shooter training, don't hesitate to reach out to your local FBI office or your InfraGard representative or me. Let's work together to ensure our communities are safe as we begin this new school year. Our Education Cross Sector Council (CSC) will be gathering very soon to have Steve Lupo provide a comprehensive talk on this very subject. Those in our Chapter be looking for an invite from the secure portal with more details... #SchoolSafety #RunHideFight #InfraGardHouston #EducationCSC #fbi #InfraGard #InfraGardNational

This month in Singapore I will be at OTCEP hosted by Cyber Security Agency of Singapore (CSA). I will be sharing something important to me and hope those registered can join in! Ensuring the integrity of mission-critical operational technology (OT) control and safety systems through Secure-by-Deployment is where we need to focus on. This has become increasingly challenging with evermore-so enterprise integrations and the rise of artificial intelligence (AI). I will cover the vendor and OEM’s role, the SI’s role, and the OT asset owner’s role which will be very important for a country master plan. Hope to see many friends while I am on the vacation trip!! Cyber Security Agency of Singapore (CSA) Agenda: https://lnkd.in/e5GBkwsU #OTCEPFORUM2024 #icssecurity #otsecurity #SecurebyDeployment

I've supported Chemical Facility Anti-Terrorism Standards (CFATS) since it's start in 2007/2008 as an asset owner/operator, and will continue to support it today and into the future. This program is very important and we Americans should all agree. Reauthorize CFATS, protect the homeland. History of CFATS: https://lnkd.in/gqCypmAn #ReauthorizeCFATS #chemsector #safety #security #tiers #nationalsecurity #communityimpact

🌐 Insights from Podomation Episode 004 on Maritime Cybersecurity 🚢 I recently had the privilege of being one of the four panel speakers on the latest episode of Podomation from International Society of Automation (ISA), where we the technicalities of maritime systems, and cybersecurity. Our discussion highlighted how current events, increasing digitization, and emerging technologies are reshaping maritime operations. While these advancements enhance operational capabilities, they also introduce new vulnerabilities that must be addressed. Regulations and standards are becoming important in integrating cyber risk management into safety management systems on board ships. A significant focus was placed on operational technology systems, which are vital for controlling and operating physical shipboard processes. We discussed the importance of incorporating cybersecurity measures right from the shipbuilding phase to ensure comprehensive protection. One of the key takeaways was the application of ISA/IEC 62443 standards in maritime cybersecurity. As a longtime ISA/IEC 62443 training instructor, I emphasized how this methodology helps in assessing risks and ensuring compliance with industry standards. We also delved into government policies, including the USCG's proposed rule-making (NPRM) and the National Maritime Cybersecurity Plan, which aim to elevate the baseline of cybersecurity across the maritime sector. This episode was a deep dive into the challenges and solutions in maritime cybersecurity, emphasizing the need for a risk-based approach and continuous improvement. Stay tuned for more insights and developments in this critical field! Podomation Panel: Michael DeVolld - Senior Principal Consultant, ABS Kevin Duffy - CEO, Maritime Imperative Sean Plankey - Global head of Cybersecurity Software Me - President InfraGard Houston, 22yr. ISA member, AMSC GoM OCS Chair D8 Host: Morgan Foor, MBA #MaritimeCybersecurity #Podomation #CyberRiskManagement #ISA62443 #MaritimeSafety #DigitalTransformation #isa #isms #imo #otsecurity #safetycriticalsystems

Department of Homeland Security, Office of Inspector General OIG-24-37 - Coast Guard Should Take Additional Steps to Secure the Marine Transportation System Against Cyberattacks From the report: The United States Coast Guard (Coast Guard) took steps to enhance the cyber posture of the Marine Transportation System (MTS) but faces challenges fully implementing cybersecurity readiness efforts to protect the U.S. supply chain. Over the past 2 years, in accordance with its statutory requirements, Coast Guard established maritime cybersecurity teams to deter and respond to transportation cybersecurity incidents. In 2021, Coast Guard implemented Cyber Protection Teams to offer services that can help industry stakeholders prevent and target malicious cyberspace activities. However, private industry stakeholders have not fully adopted these services; stakeholders in only 36 percent of Coast Guard’s sectors requested and received these services. Coast Guard faced these challenges because industry stakeholders are hesitant to use the cybersecurity services offered. Coast Guard also conducts facility and vessel inspections, but these did not always address the full scope of potential cybersecurity threats. This occurred because Coast Guard does not have the authority or training to enforce private industry compliance with standard cybersecurity practices. In addition, Coast Guard is not adequately staffed to provide cyber expertise for facility and vessel inspections or industry stakeholders due to the job series classification for a key cybersecurity position, which leads to hiring delays. Overcoming these challenges will better enable Coast Guard to protect the MTS, which remains vulnerable to the exploitation, misuse, or failure of cyber systems. This continued cyber vulnerability may lead to injury or death, harm the marine environment, or disrupt vital trade activity. Link: https://lnkd.in/g2b4FJrw #maritime #cybersecurity #otsecurity #ports #terminals #offshore #uscg #mts #tsi

Hello Singapore! This August at OTCEP I will be sharing something important to me and hope those registered can join in! Ensuring the integrity of mission-critical operational technology (OT) control and safety systems through Secure by Deployment (SbDeploy) is where we need to focus much more on. This has become increasingly challenging with evermore-so enterprise integrations and the rise of artificial intelligence (AI). (wait for it, lol) We'll cover the growing discussions of Secure by Design (SbD) principles, driven by dynamic threats and regulatory demands, and highlight how what is secure today .. may be weak tomorrow. We will also reflect on the human factors, such as our deviance spiral as we spin from normal and unverified trust, which can undermine even the best-designed and deployed systems. Many excellent speakers on the subjects of OT at the event such as, Eric Byres, Tim Conway, Cassie Crossley, Sarah Fluchs, Michael Hoffman, Peter Jackson Robert M. Lee, Terence Liu Saltanat Mashirova Justin Searle, Zach Tudor, Woo Lip Lim. and many more! Hope to see many friends while I am on the vacation trip!! Cyber Security Agency of Singapore (CSA) Agenda: https://lnkd.in/e5GBkwsU #OTCEPFORUM2024 #icssecurity #otsecurity #SbDeploy