Marty Edwards is a renowned expert in Operational Technology (OT) and Industrial Control System (ICS) cybersecurity. He collaborates with industry leaders, government bodies, and academic institutions to highlight and mitigate security risks affecting critical infrastructures globally.
In 2022, he was a leading working group member for the National Security Telecommunications Advisory Committee (NSTAC) report to the President on the convergence of IT and OT systems.
Before his role at Tenable in 2019, Edwards dedicated three decades to the field, including a significant tenure as the Global Director of Education at the International Society of Automation (ISA).
Notably, he was the longest-serving Director of the U.S. Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team (ICS-CERT). FCW honoured him with a Federal 100 Award for his exceptional contributions to the U.S. federal IT sector.
Could you share your journey into technology? How did you start?
My journey into technology started from humble beginnings on a farm in Western Canada, where I developed a knack for mechanical systems and tinkering. This curiosity evolved through my school years and led me to pursue a technical education in industrial control systems engineering.
My career path was deeply influenced by the evolving technology landscape of the 1980s, a time when computers were becoming more prevalent. This background laid the groundwork for my later focus on cybersecurity, particularly after the critical shifts in security postures prompted by events like 9/11 in the United States.
What led to your focus on cybersecurity, particularly after 9/11?
The terrorist attacks of 9/11 were a turning point, revealing vulnerabilities in areas previously considered secure. My involvement in cybersecurity escalated when the U.S. government recruited me to direct the Industrial Control Systems Cyber Emergency Response Team.
This role positioned me at the frontline of defending critical infrastructure against cyber threats. The realisation that operational technologies were significantly under-protected compared to IT systems sparked my commitment to enhancing cybersecurity measures in these critical sectors.
What were the main cybersecurity challenges you faced while working with the government?
One of the starkest challenges was confronting the inherent lack of security in operational technology systems—systems that are fundamental to societal functioning yet have minimal security protocols like encryption or basic password protections. This disparity highlighted a critical need for a security overhaul, which became a central focus of my tenure.
The journey from recognising these vulnerabilities to implementing substantial security measures was challenging and rewarding.
How do you perceive the cybersecurity landscape evolving in this region?
The cybersecurity landscape in this region is comparatively robust, particularly given its heavy reliance on oil and gas industries. These sectors have historically invested well in operational technology cybersecurity, setting a solid foundation. However, despite these strengths, a significant need remains for broader and more integrated security investments. The challenge lies in extending the robust security frameworks of IT environments to the more vulnerable OT systems, which have not received equivalent attention or resources.
What are the key technology and cybersecurity trends in this region?
One of the most pronounced trends observed here, especially at this event, is the application of artificial intelligence in cybersecurity. The dual use of AI—for both offensive purposes and defensive strategies—is a topic of much discussion. However, it’s important to emphasise that AI and other advanced analytics are only as effective as the underlying cybersecurity fundamentals they build upon.
Before companies rush to adopt AI solutions, there needs to be a solid foundation of cybersecurity practices in place, ensuring that the data used for AI processing is well-secured and meaningful.
How do you compare the cybersecurity measures in private sectors to those in national security systems?
In the US, much of the critical infrastructure is in the hands of the private sector, not the government. This realisation often surprises many, as one might expect national security systems to be more robustly protected. However, the cybersecurity measures across private and governmental sectors are surprisingly similar, though both need heightened security protocols to safeguard against the increasing frequency and sophistication of cyber-attacks.
What are the current major cybersecurity risks?
The landscape of cybersecurity threats is dominated by two major risks: criminal ransomware attacks and nation-state attacks. The former has sharply increased as criminals target industries integral to economic stability, such as manufacturing and healthcare. Nation-state attacks represent a more sinister escalation, where geopolitical tensions are manifesting as cyber assaults on civilian infrastructure, making this an area of growing concern for global cybersecurity.
How has the pandemic affected cybersecurity in operational technologies?
The pandemic introduced new complexities to cybersecurity, primarily through the necessity of remote operations. This shift exposed vulnerabilities in systems not originally designed to be managed remotely, prompting a rapid evolution in security practices.
The lessons learned during this period about remote access and data security will likely influence future cybersecurity strategies, emphasising the need for more resilient and adaptable security frameworks.
What proactive measures can organisations take to improve their cybersecurity during geopolitical tensions?
Proactive cybersecurity becomes crucial in times of geopolitical tension. Organisations increasingly recognise the importance of reacting to threats and preventing them.
This entails a strategic shift towards comprehensive risk assessments, robust incident response plans, and ongoing security training for all stakeholders. Investing in advanced security technologies and fostering a culture of cybersecurity awareness are essential steps in building resilience against criminal and geopolitical threats.
What future trends do you foresee in cybersecurity for 2024 and beyond?
Looking ahead, the integration of operational technology with traditional IT security is imperative due to the interconnected nature of modern systems. While AI continues to be a significant trend, the full potential of technologies like blockchain in OT security is yet to be realised.
The future will likely see a greater emphasis on holistic security solutions that bridge various technological platforms, enhancing organisations’ overall security posture.
What are your plans at Tenable concerning OT cybersecurity?
At Tenable, my role is to monitor and integrate emerging technologies from the IT sector into our OT solutions. The goal is to identify and adapt IT security innovations that can transform industrial and operational technologies. This approach is crucial as it allows us to provide comprehensive security solutions that cater to the unique needs of OT environments, ensuring that our clients are protected against current and emerging threats.
