Adapting to Legislative Demands: Insights on Cyber Security Compliance in Critical Infrastructure episode artwork

EPISODE · Feb 7, 2024 · 55 MIN

Adapting to Legislative Demands: Insights on Cyber Security Compliance in Critical Infrastructure

from Razorwire Cyber Security & InfoSec Insights

Welcome to Razorwire, the podcast dedicated to exploring the complex and evolving world of cyber security legislation. I'm your host, Jim, and in today's episode, we delve into the intricate landscape of cyber security legislation with our guests Steve Applegate and Phil Tonkin from Dragos.In this episode, our guests shed light on the challenges and intricacies of navigating the cyber security legislature, focusing on the impact on critical infrastructure and the evolving landscape of compliance. From managing connectivity safely to the complexities of integrating IT and OT in modern manufacturing, we explore the key factors influencing cyber security legislation and its practical implications.Key Talking Points:1. The importance of managing connectivity safely and ensuring proper segmentation and visibility in the Niz legislation.2. Challenges faced by organisations, such as Sellafield, in implementing controls and recognising legacy challenges in OT environments.3. The impact of conflicting regulations on consumers and the need for practical compliance requirements in cyber security legislation.“We can't let FUD be the guide, right? If every time we hear a thing, we start panicking and we deviate from our processes and start making a whole bunch of new mandates, even internally, all the people within a company that have to track that and follow it and meet with people, and it's a distraction, I think, from real security."Steve Applegate - DragosListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Managing Connectivity Safely: Emphasising the need to ensure proper segmentation and visibility in cyber security legislation.Challenges Faced by Organisations: Discussing the difficulties in implementing controls, recognising legacy challenges, and the importance of proportional controls.Conflicting Regulations and Consumer Impact: Raising concerns about conflicting regulations and the impact on consumers due to compliance costs.Information Exchange Hesitance: Discussing the hesitance of information exchange for cyber security purposes and its impact on managing threats.Reporting Dilemma: Describing the challenge of eradicating cyber events and the dilemma of reporting to the public versus mitigating further attacks.Third-Party Oversight Frustrations: Addressing the frustration with third-party involvement in security oversight and assessment processes.Transparency in Security Relationships: Advocating for transparent and trust-based relationships with third parties, emphasising actionable intelligence, and fostering transparency.Evolving Skill Set of Security Professionals: Describing the evolving skill set of security professionals, particularly the increasing specialisation and separation from GRC.Legislative Impact on OT Environments: Expressing concerns about the impact of legislation and compliance on operational technology environments and the difficulty of implementing changes in systems with old technology.Challenges of Sudden Legislative Changes: Discussing the challenges of sudden legislative changes, public outcry influencing legislation, and the need for realistic expectations of change in a legacy industry.Resources Mentioned- Dragos- Sellafield- Azure Active Directory (AD)- Microsoft Active DirectoryOther episodes you'll enjoyDORA Compliance Made Clear: Essential Training for Safeguarding Financial Institutions w Paul Dwyerhttps://www.razorthorn.com/dora-compliance-made-clear-essential-training-for-safeguarding-financial-institutions-w-paul-dwyer/Lessons from an InfoSec Icon: A Fireside Chat with PCI Guru Jeff Hallhttps://www.razorthorn.com/lessons-from-an-infosec-icon-a-fireside-chat-with-pci-guru-jeff-hall/Connect with your host James ReesHello, I am James Rees, the host of the Razorwire podcast. This podcast brings you insights from leading cyber security professionals who dedicate their careers to making a hacker’s life that much more difficult.Our guests bring you experience and expertise from a range of disciplines and from different career stages. We give you various viewpoints for improving your cyber security – from seasoned professionals with years of experience, triumphs and lessons learned under their belt, to those in relatively early stages of their careers offering fresh eyes and new insights.With new episodes every other Wednesday, Razorwire is a podcast for cyber security enthusiasts and professionals providing insights, news and fresh ideas on protecting your organisation from hackers.For more information about us or if you have any questions you would like us to discuss email [email protected] you need consultation, visit www.razorthorn.com, We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.Linkedin: Razorthorn SecurityYoutube: Razorthorn SecurityTwitter:   @RazorThornLTDWebsite: www.razorthorn.comLoved this episode? Leave us a review and rating hereAll rights reserved. © Razorthorn Security LTD 2025

NOW PLAYING

Adapting to Legislative Demands: Insights on Cyber Security Compliance in Critical Infrastructure

0:00 55:36

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

The Hunt Diaz Task Force A hard-hitting, eye-opening podcast that takes you deep into the relentless fight against human and sex trafficking. Each episode explores the dangerous world of traffickers and predators from every angle—street operations, online investigations, and digital warfare. Hear firsthand from law enforcement, federal agents, and prosecutors as they share real stories of sting operations, investigative tactics, and the challenges of bringing traffickers to justice. Follow live sting operations, online predator investigations, and real-time takedowns of trafficking rings, with insights from cybercrime experts, undercover decoys, and live case discussions. We dive deep into how traffickers operate on the dark web, using cryptocurrency and other digital tools to exploit victims. Learn how law enforcement is using cutting-edge technology to track traffickers and disrupt their operations. The Hunt, pulls back the curtain on the digital and real-world fight against trafficking, exposing the p Explicit The Uncaged Pod Jess MacMillan The Uncaged Pod is the podcast for bold, soul-led women who are ready to break free from the cages of perfectionism, people-pleasing, and limiting beliefs. Hosted by Jess MacMillan, mama, keynote speaker, and women's empowerment advocate, this show delivers raw conversations, powerful insights, and unapologetic truths that will inspire you to reclaim your voice, rewrite your story, and rise with unstoppable confidence.Each week, Jess and her guests dive into topics around leadership, personal growth, entrepreneurship, and motherhood, offering real-life strategies, soulful reflections, and empowering stories to help you lead, live, and love uncaged.Whether you're an entrepreneur, a creative, or a woman who’s remembering who she really is, The Uncaged Pod is your invitation to step into your power and live life on your own terms. Explicit Crime and Conscience Ashley Painter Discover the world of true crime with Ashley on Crime and Conscience. Explore psychological insights and stories that challenge our perceptions of guilt and innocence. Uncover the complexities of crime, trauma, and the human experience in each episode. Explicit Technado (Archived) ACI Learning The Technado crew covers a whirlwind of tech topics each week from interviews with industry experts and up-and-coming companies to commentary on topics like security, vendor certifications, networking, and just about anything IT related. Explicit

Frequently Asked Questions

How long is this episode of Razorwire Cyber Security & InfoSec Insights?

This episode is 55 minutes long.

When was this Razorwire Cyber Security & InfoSec Insights episode published?

This episode was published on February 7, 2024.

What is this episode about?

Welcome to Razorwire, the podcast dedicated to exploring the complex and evolving world of cyber security legislation. I'm your host, Jim, and in today's episode, we delve into the intricate landscape of cyber security legislation with our guests...

Is there a transcript available for this episode?

Yes, a full transcript is available for this episode. You can read the complete transcript on the episode page.

Can I download this Razorwire Cyber Security & InfoSec Insights episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!