Security Breach: Humans, 'Promiscuous Devices' Creating More Threats

How increasingly complex attacks might demand taking humans out of the cybersecurity loop.

First published in 2014, the National Institute of Standards and Technology (NIST) recently announced updates to its Cybersecurity Framework (CSF). The goal of version 2.0 of the CSF is to better integrate areas like supply chain risk management and governance. More specifically, this means:

  • A broader focus to better reflect all the organizations that use the framework’s guidance.
  • More emphasis on governance within organizations and supply chain management.
  • Better integration of resources, including the Privacy Framework and NIST’s National Initiative for Improving Cybersecurity in Supply Chains. 
  • Bringing more attention to cybersecurity measurement and assessment.

All of these measures would appear tailored towards greater inclusion of the industrial sector, and many of its unique challenges. And the timing couldn’t be better. According to Proofpoint’s 2023 Voice of the CISO report, 76 percent of industrial sector chief information security officers feel their organization is at risk for a cyber attack within the next 12 months.

Our guest for today’s episode is Ethan Schmertzler, CEO of Dispel, a leading provider of secure access solutions for industrial control systems.

We’re also excited to announce that Security Breach is being sponsored by Pentera. For more information on how Automated Security Validation can help you safely test all your IT security controls with the click of a button in a non-stop industrial operational environment, visit

To download our latest report on industrial cybersecurity,  The Industrial Sector’s New Battlefield, click here.

More in Educational Resources - FM