Dragos has strengthened its plans for the launch of its OT Cybersecurity Emergency Response Team. It has appointed Dawn Cappelli as OT CERT Director. Cappelli will launch and lead Dragos’s OT CERT community resource centre and support industrial asset owners and operators.
Cappelli said, “Dragos has been a vocal advocate for the industrial community, and for years I’ve admired the passion and commitment the company puts into helping companies to secure critical infrastructure around the world
“I’m looking forward to working with Dragos’s exemplary leadership team to build the new OT CERT into a world-class resource center that serves both Dragos customers and the greater ICS/OT community to bring about better awareness and preparedness for the safety and security of industrial infrastructure. I’m especially excited about the opportunity to provide resources for small and medium-sized companies in protecting their ICS environments.”
Who is Dawn Cappelli?
Cappelli has a long career in industrial automation and manufacturing combined with cybersecurity. Eight years working on nuclear power plants led to a chance to work with CERT in 1988. For 23 years, Cappelli was the technical manager of the Threat and Incident Management team.
It was no surprise that she later became the Director and Founder of the CERT Insider Threat Center at Carnegie Mellon’s Software Engineering Institute.
That role led to Cappelli joining Rockwell Automation, where she was Director and then Vice President of its Insider and Information Risk Management teams, respectively. For the last six years, Cappelli has been CISO at Rockwell Automation.
It makes Cappelli a natural fit for Dragos as it looks to create an OT CERT programme. Her experience in developing insider threat programmes will be a key element here, as will her experience building CERT programmes.
It is all too easy to think that all attacks are external. The reality is that an increasing number are internal. Once an attacker gains access to a system, they become an insider threat to other systems. It is the sort of attack path that is becoming common in OT attacks. Security failures in IT systems let attackers in. They then transition to the OT network and then launch attacks from there.
What will be interesting is how the OT CERT plans play out. What timescale is Cappelli working to? Will we see new training courses? How will she educate SMEs who are often most at risk? Will the OT CERT offer process and other advice? There is much, as yet, unknown here.
Enterprise Times: What does this mean?
An increasing amount of attention is being paid to ICS/OT security. Part of that is coming from realising how much at risk many systems are. Regulators are also beginning to act, albeit too late and with less than perfect controls.
That Dragos has taken the step to create an OT CERT programme is no surprise. It is a natural step given the focus of the company. However, to attract someone like Cappelli is excellent news. She brings decades of experience in building and delivering such programmes. She will also give the OT CERT an immediate air of trust and importance.
All that remains now is a launch date.