Ep. 030 - Securing Food Systems with a Defense Mindset with Brian Schleifer
Senior Systems Security Engineer
💡 What can the food industry learn from 25+ years of defense cybersecurity experience?
In this episode of the Bites and Bytes Podcast, host Kristin Demoranville talks with Brian Schleifer, a cybersecurity expert with a career spanning the U.S. Air Force, Department of Defense systems, and advanced cyber-physical risk management. Together, they unpack how the principles of defense cybersecurity, from risk modeling to system resilience, can help protect the food and agriculture sector, one of the most vulnerable critical infrastructures.
This episode explores:
✅ What precision agriculture and defense systems have in common
✅ Why autonomous tractors and food processing systems are prime targets
✅ The reality of protecting proprietary food data and recipes
✅ Cyber-physical risks in modern farming and food production
Whether you work in OT, IT, food safety, risk management, or supply chain, this episode is packed with real talk and relatable analogies (plus homemade tortillas and schnitzel get shoutouts). Tune in to hear why safety and security must go hand in hand — and what it really means to secure the systems that feed the world.
⚠️Disclaimer: The views expressed by Brian Schleifer are his own and do not represent the Department of Defense, his employer, or any government entity.
_______________________________________________
🎙️ Guest Information: Brian Schleifer, MBA
LinkedIn: https://www.linkedin.com/in/brian-schleifer/
People Add Value Experience (P.A.V.E.) Podcast: Hosted by Brian, the People Add Value Experience (P.A.V.E.) podcast explores how individuals contribute to adding value across various aspects of life. Topics include fostering and adoption, professional development, and small business insights.
Listen on Apple Podcasts: https://podcasts.apple.com/us/podcast/people-add-value-experience/id1691150774
Watch on YouTube: https://www.youtube.com/@P.A.V.E.
_______________________________________________
🎯 Episode Key Highlights
00:17:00) – Caterpillar as a Cybersecurity Model for Ag & Food Systems
(00:19:50) – The Solar Flare That Took Out GPS on Tractors
(00:24:50) – Is Food Data Secret? Yes — Here’s Why It Matters
(00:14:41) – What Food & Ag Can Learn from the Defense Sector
(00:21:01) – What a Strategic Attack on Food Infrastructure Might Look Like
(00:29:43) – Leadership Failure & Lessons from the Peanut Corporation Disaster
(00:37:54) – Why Food Cybersecurity Must Be Treated Like Safety
(00:38:04) – Cyber PHAs: Planning for the “What Ifs” in Food Systems
(00:45:20) – The Case for Sector-Specific Cyber Frameworks
(00:52:00) – When Donuts Got Hacked: The Krispy Kreme Incident
(00:52:21) – McDonald’s Onions & Public Awareness of Food Supply Risk
(00:53:00) – Ukraine’s War Rippled Through the Wheat Market
(00:54:30) – Fiber-Optic Drones and the Future of Cyber-Physical Warfare
(00:56:10) – Meet Brian’s Podcast: People Add Value Experience (P.A.V.E.)
_______________________________________________
Show Notes:
📚 Books & Documentaries Mentioned:
Salt Sugar Fat by Michael Moss – A behind-the-scenes look at how processed food is engineered for maximum appeal — mentioned in Brian’s discussion about food memory and food science.
https://a.co/d/byO516wThe Power of Habit by Charles Duhigg – Referenced during the conversation on safety culture, behavioral change, and leadership accountability.
https://a.co/d/9YwlmM6Mindset by Dr. Carol Dweck – brought up in the context of continuous learning and a growth mindset in cybersecurity and industry adaptation.
https://a.co/d/9aherBXPoisoned (Netflix documentary featuring Dr. Darren Dettweiler) – Recommended by Kristin as a must-watch on food safety failures, systemic vulnerabilities, and public health.
https://www.netflix.com/title/81460481Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers by Andy Greenberg –
Brian mentioned the NotPetya cyberattack and its impact on global shipping and food supply chains.
https://a.co/d/eWmJH8Y
🧠 Key Terms & Concepts:
· Risk Management Framework (RMF) – NIST SP 800-37
Referenced in Brian’s experience assessing and implementing cybersecurity controls in defense systems.
· STPA-SEC – System-Theoretic Process Analysis for Security (MIT)
A systems thinking approach to security based on safety analysis, used by Brian in his academic and professional work.
· CMMC – Cybersecurity Maturity Model Certification
Brought up during the discussion on compliance and upcoming requirements for government contractors and vendors.
· Cyber-Physical Systems Overview – NIST
Used to frame how digital systems interact with the physical world — particularly in agriculture, food processing, and defense.
· IEC 62443 – Industrial Cybersecurity Standard
A referenced framework used across OT/ICS environments to manage and mitigate industrial cybersecurity risk.
· NIST SP 800-171
Cited when talking about supply chain risk, CMMC alignment, and government-facing compliance.
· Cyber PHA – Process Hazard Analysis for Cybersecurity
Mentioned by Kristin as a structured, scenario-based approach to evaluating cyber and safety risks together.
· OSHA – Occupational Safety and Health Administration
Discussed in comparison to cybersecurity maturity. Brian questioned when formal safety began in industry and compared that moment in history to where cybersecurity is now — on the cusp of needing the same level of attention and resource allocation.
· Glenda Snodgrass – Cybersecurity Training & Talks
Brian mentioned seeing her speak and appreciated how she used real examples—both good and bad—of how to answer security controls effectively.
⚠️ Real-World Incidents & Case Studies:
Peanut Corporation of America – CDC Overview – Discussed as a case where lack of oversight and bad leadership led to a deadly food safety crisis.
Boar’s Head recall and plant shutdown – USDA FSIS – Cited as an example of how safety and cybersecurity intersect and impact real communities.
JBS ransomware attack – BBC – Used to illustrate food supply chain vulnerabilities to cyber incidents.
Caterpillar vulnerability disclosure – Referenced in Brian’s praise of Caterpillar’s proactive cybersecurity maturity.
John Deere Right to Repair agreement – BBC – Discussed as a milestone in agricultural autonomy and cybersecurity implications for farmers.
Solar Flare & GPS Disruption in Precision Ag – NASA Overview – Referenced by Kristin when discussing how non-cyber events (like solar flares) affect precision farming and GPS reliance.
Krispy Kreme Hack
Kristin mentioned this as a food-related cyber incident that gained attention. The event highlighted third-party risk in the food sector and how public perception shapes urgency.McDonald's E. coli Outbreak (2024) – CDC Overview
Kristin mentioned this outbreak was tied to slivered onions on McDonald's Quarter Pounders. It resulted in over 100 illnesses and one death, highlighting the risk of contamination in fast food supply chains and the importance of upstream safety controls.NotPetya Cyberattack – Wired
Brian referenced this attack when discussing the global ripple effects of cyber incidents. NotPetya began as a targeted attack on Ukraine but quickly spread, shutting down shipping giant Maersk and affecting food and seafood shipments worldwide.NotPetya & Maersk Supply Chain Impact – Control Engineering
An in-depth look at how NotPetya disrupted global logistics, causing massive economic losses and underscoring the vulnerability of supply chains that include critical goods like food.Cyberattacks on Ukraine's Power Grid - Reuters
Discussed are instances where cyber warfare targeted critical infrastructure, leading to significant blackouts and highlighting the vulnerabilities in national energy systems.Impact on Ukraine's Food Supply – EU Council
Mentioned in the context of how the conflict has disrupted agricultural production and exports, exacerbating global food security concerns.
Deployment of Fiber-Optic-Controlled Drones in the Ukraine Conflict – RFE/RL
Mentioned in the context of technological advancements in warfare, drones controlled via fiber optics are utilized to evade electronic jamming.
Disruption of the Global Wheat Market Due to the Ukraine Conflict – ScienceDirect
Discussed as a significant consequence of the war, where the invasion led to a surge in wheat prices, exacerbating global food insecurity, especially in import-dependent countries
🏛️ Organizations & Events:
Purdue University – Brian is completing his PhD on embedded system cybersecurity, bridging multiple critical sectors.
Industrial Control Systems (ICS) Cybersecurity Conference – The event where Kristin and Brian first connected; focused on OT, ICS, and critical infrastructure cybersecurity.
_______________________________________________
💡 Animal Agriculture Alliance’s 2025 Stakeholders Summit
If you enjoyed our episode on agroterrorism and cyber threats to farms, featuring the Animal Agriculture Alliance, here’s another opportunity to explore critical conversations about our food system. And if you haven’t listened yet, check it out here:
🎙 Episode Link: Agroterrorism & Cyber Threats – How Farms Are Under Attack
📢 Listen on Apple Podcasts | Spotify
The 2025 Stakeholders Summit, happening April 30 – May 2 in Arlington, VA, will bring together industry leaders from farms, food processing, retail, and more to discuss sustainability and the future of animal agriculture. This year’s theme, “Food for Thought: Dishing on Sustainability,” focuses on collaboration and innovation to shape the future of food production.
Reserve your seat at the table—register by April 25!
🔗 Learn more and register: 2025 Stakeholders Summit
🔗 About the Animal Agriculture Alliance: AnimalAgAlliance.org
_______________________________________________
🎤 Bites and Bytes Podcast Info:
Website: Explore all our episodes, articles, and more on our official Website. Visit Now
Merch Shop: Show your support with some awesome Bites and Bytes gear! 🧢👕 Shop Now
Blog: Stay updated with the latest insights and stories from the world of cybersecurity in the food industry. Read Our Blog
Audience Survey: We value your feedback! Help us make the podcast even better. Take the Survey
Schedule a Call with Kristin: Want to share your thoughts? Schedule a meeting with Kristin! Schedule Now
Listen to full episode :
Episode Guide:
00:00:25) – Welcome to Bites and Bytes Podcast
(00:00:49) – Episode Overview
(00:01:07) – Guest Welcome & Food Memory Prompt
(00:01:26) – Brian’s Favorite Food: Breakfast Burritos
(00:02:00) – Ponchos Buffet & Sopapillas Story
(00:04:21) – “Salt, Sugar, Fat” Book Mention
(00:06:10) – “Poisoned” Documentary Mention
(00:06:42) – Brian’s Career Introduction
(00:10:00) – Guest Disclaimer
(00:10:21) – Doctoral Research on Embedded Systems
(00:14:41) – Agriculture and Defense Industry Parallels
(00:17:00) – Caterpillar’s Security Strategy
(00:19:50) – Solar Flare & Precision Farming
(00:21:01) – Strategic Resource Threats
(00:23:09) – Food & Ag Designation as Critical Infrastructure
(00:24:50) – Secret Data in the Food Industry
(00:29:43) – Peanut Corporation of America Case
(00:30:45) – Food Safety and Cyber Incidents
(00:31:56) – Community Impact of Food Facility Closures
(00:33:20) – Systems Thinking and Global Supply Chains
(00:34:14) – STPA-Sec Framework Mention
(00:34:48) – “The Power of Habit” Book Mention
(00:36:18) – Cybersecurity Funding Parallels to Safety
(00:37:54) – Safety-Security Integration
(00:38:04) – Cyber PHA and Scenario Planning
(00:40:08) – Business Continuity and Food Defense
(00:41:10) – OT/ICS Community Importance
(00:42:00) – Cybersecurity Storytelling
(00:43:42) – Inclusive Risk Exercises
(00:45:20) – Tailored Risk Assessments
(00:46:39) – Glenda Snodgrass Mention
(00:50:57) – Policy, Context & Analogies
(00:52:00) – Krispy Kreme Hack
(00:52:21) – McDonald’s Onion Incident
(00:53:00) – Ukraine & Wheat Market Disruption
(00:54:30) – War, Food, and Fiber-Optic Drones
(00:56:10) – P.A.V.E. Podcast Mention
-
00:00:25 Kristin Demoranville
Hi everyone and welcome back to another episode of the Bison Bytes Podcast. I'm your host Kristin Demoranville. Today we're talking about cyber security, food systems, defense, inspired thinking and breakfast burritos. I am joined by Brian Schleifer or as he goes by Schleif, a season cybersecurity Professional with a background in defense and systems security engineering.
00:00:49 Kristin Demoranville
In this episode, we will talk about the intersection of military, cyber strategy or defense strategy and what it means for protecting our Food and Agriculture systems. Is a smart, grounded conversation that connects real world risks to the systems that feed us every day. Thanks for tuning in and let's jump into it.
00:01:07 Kristin Demoranville
Well, now that we've basically just spent 45 minutes chatting without recording, I decided I should probably hit the record. Brian. Brian, thanks for being here. So we're going to jump straight into it. Favorite food and favorite food memory. They do not need to be the same thing.
00:01:19 Brian Schleifer
Yeah. Thanks for having me on. So I think my favorite food all time, everywhere I go, I'll try it.
00:01:26 Brian Schleifer
Now, breakfast burrito, breakfast burritos. Huge deal. But one of the paramount things that has to be part of this breakfast burrito is a homemade flour tortilla. You have to have that on, and that ties into two different memories, 1 so growing up in Texas, Small Town, Texas, they actually used to create and make breakfast burritos at gas stations. And that's some of the.
00:01:46 Brian Schleifer
Best breakfast burritos you will ever have in your.
00:01:49 Brian Schleifer
Entire life one.
00:01:50 Brian Schleifer
Of the other instances because I was thinking about this as a food memory, San Antonio, TX about an hour and a half from where I grew up used to go with my grand grandparents place called Ponchos.
00:02:00 Brian Schleifer
And.
00:02:01 Brian Schleifer
A couple of people have heard of it. I think it's closed down or closing down at some point. But the coolest part was at tables. They had these little flags so rather than like having a flag down literally flagged down a waitress or waiter, you would have these little flags and you would just basically send the flag up the pole and they come back and they used to have commercials and they'd be like, so Papias. And if anybody knows, the sopapillas.
00:02:21 Brian Schleifer
Or they're sort of like a beignet, but but not they're the the Mexican third version of that, and you bite off the corner and squirt honey in it and eat.
00:02:28 Brian Schleifer
That way, and I remember going and I, you know, I was a not not skinny child. So I used to love to eat and they would have a buffet and that was the biggest thing. Ponchos was this huge Mexican buffet. And I'm sure it was just as good as like go into a lunch room in any elementary school out there. But they had cheese and salatas and it was just like corn with the, like, canned Nacho cheese.
00:02:49 Brian Schleifer
You know, I'm talking about that. They beat up at, like any kind of sports event and pour over. But I remember going and eating like 10 of those bad boys. And I was like, it was a huge accomplishment as a child of 10 or whatever it was at the time and eating those. So breakfast burrito, favorite food all.
00:03:03 Brian Schleifer
Time and memory was ponchos in San Antonio.
00:03:07 Kristin Demoranville
Texas ID or like Mexican food, and I have had the privilege of having it in Mexico, not just on holiday. I was in Mexico City and it changed my life like it's an incredibly we have over processed in the US, but it is an amazing we have authentic and style. Yeah, it really is.
00:03:21 Brian Schleifer
It's a game changer. That's a game changer, Sam.
00:03:23 Kristin Demoranville
Watching I was at a food market because I did a.
00:03:27 Kristin Demoranville
The tour Food St. Tour, and I remember watching Grandma making the tortillas and then it was just a little cheese and then it was a squash blossom was in the the quesadilla. And I thought this is weird, but I'm not. We're not something I have this right. Yeah, it's amazing. It changed my life. It was amazing. I can't even. I haven't had anything since that even.
00:03:46 Kristin Demoranville
Comes close to it in terms of that.
00:03:47 Kristin Demoranville
Type of food and it was so good. So I completely understand the nostalgia around homemade.
00:03:54 Brian Schleifer
It's super interesting because I, you know, doing some research and articles just for some other courses I've done and watching a bunch, you know, like Netflix pumps out all these foods.
00:04:03 Brian Schleifer
And it's documentaries. And it was like, hey, we like, literally the population of the Earth couldn't handle organic food because we can't make enough at this time. And that was sort of some of the initiation or how some processed food came to fruition. And I read what is it called salt, sugar, fat.
00:04:21 Brian Schleifer
I don't know.
00:04:21 Brian Schleifer
If you ever heard of that book and they talked about.
00:04:23 Brian Schleifer
Like margin or whatever the government was gonna try to make all fake butter be painted pink or something and labels like imitation. It was very interesting book. It was very eye opening about the big conglomerates coming in and saying, hey.
00:04:35 Brian Schleifer
We have to have these parts, right? They do and they still do this with the mouth feel and doing testing of all that, right. So how does it feel in your mouth and then that balance with the salt and sugar and fat, of course, right. And anything else, if you go look, I had to write. It was like third grade. Had to write a paper or something. And we looked at the differences between like normal cheese and like fat free cheese.
00:04:55 Brian Schleifer
And if you go look at to this day, go look at labels. Anything that takes away something adds somewhere else. So if you go look and it's higher in fat because it's real.
00:05:04 Brian Schleifer
These and you go look at low sodium, for instance, cheese or whatever. It'll be higher in like sugar or something else to try to achieve that same taste balance. And that's the same for bread and everything else. So I thought that was quite interesting of going back to the.
00:05:16 Brian Schleifer
Process food perspective.
00:05:17 Kristin Demoranville
I learned something recently at the West Globe Awards about how the food industry has learned to market so well to us, that different sensory which you just mentioned is a really big factor into marketing, but Sony?
00:05:29 Kristin Demoranville
Marketing. So like hearing like snap, crackle, pop, you know exactly what I'm talking about. And I say that right, the rice crispy treats are Rice Krispies in general. And the fact that that's a big importance.
00:05:35
Mm-hmm.
00:05:39 Kristin Demoranville
Like the crunch.
00:05:40 Kristin Demoranville
Or healthy like, interact with it. But are the problem with processed food and I'm not picking on anybody at all for this. We're saying, and I think people know this is a lot of.
00:05:48 Kristin Demoranville
It's soft and if we went to actually back to organic or like eating in more of that level, everything would be crunchy and our teeth and our jaws would be really hurting because of it. So you'd have to like ease your way into it, cause everything we eat is soft for the most part.
00:06:02 Brian Schleifer
Or the blender market would do really.
00:06:04 Brian Schleifer
Well, yeah, I.
00:06:05 Kristin Demoranville
Mean. Let's be real. Let's be real.
00:06:07 Brian Schleifer
Want to talk to us?
00:06:08 Brian Schleifer
No, thank you.
00:06:10 Kristin Demoranville
Yeah, it's, it's such a fascinating thing. Netflix documentary. I'm just going to have a shameless plug here for my friend, Doctor Darren Detwiler. He was on the documentary, poisoned, and I had her come in watching that one. If you get a chance, it's talking about the food system.
00:06:22 Kristin Demoranville
And how where it's at with food safety and things like that. And it was very eye opening, especially as an OT ICS person because you they actually showed you some of the behind the scenes and like your hearts are still like palpated a little bit when you see like them showing like.
00:06:22
Absolutely.
00:06:34 Kristin Demoranville
The systems that.
00:06:35 Kristin Demoranville
Are working and you're like, no, no show.
00:06:36
Those things because that people know.
00:06:40 Kristin Demoranville
But it's quite interesting besides the context.
00:06:42 Kristin Demoranville
The actual documentary, which is an award-winning documentary that may actually. So yeah, thanks for that, Brian. But let's introduce you. So everybody, me, Brian, Brian, introduce yourself.
00:06:46
Yes. Yeah.
00:06:52 Kristin Demoranville
Please.
00:06:53 Brian Schleifer
Hello, my name is Brian Schleifer. I go by schleife. I have worked and the defense industry. Oh, goodness gracious. Coming up on almost 25 years now, we're almost getting there 24/7. In 25 years, one end of the year 4. Well, OK. So I'll just go back just a tiny bit just to think, oh, so this small town Texas parents owned a bowling center. This is important because of food and growing up around food.
00:07:13 Brian Schleifer
Bowling center, which people may or may not realize, like some of the people used to be like man bowling centers, have the best food. My parents did Bing up job making food in the bowling center.
00:07:22 Brian Schleifer
Onion rings, man. Phenomenal. We used to get these giant onions delivered and they would make these big rings and we do the whole like flour, milk, flour, milk, flour, milk fry. Just absolutely amazing how I lived through all that grease. I don't know at the time, but grew up there. Then there was a a tipping point. And myself and my mother both pointed. Hey, you need to do something.
00:07:43 Brian Schleifer
College was not quite there yet, so let's go into the Air Force. So I joined the Air Force and went in. First base was in Virginia and then I was very fortunate. I got to go to Germany right after that. I lived in Germany 3 1/2 years, played rugby for a local team there. Why is that important to the food industry? I had some amazing Jager Schnitzel. I like German.
00:08:02 Brian Schleifer
Food at the German like the Christmas markets are absolutely from phenomenal. Amazing. I learned that not everybody has like refrigerators because a lot of their stuff is different. Like their eggs. They don't put in refrigerators necessarily. They have like farmers market. And it's more just a normal thing and how they've.
00:08:17 Brian Schleifer
Grown up there, but some of.
00:08:18 Brian Schleifer
Best food I lived right next to this building as I drove back from the base of my house and it had. It was three. It was separated into three sections. It had a bread maker, a meat market and alcohol. So you can literally go get everything you needed within these three stores back-to-back to back. It was awesome. So from there from Germany, I went to England.
00:08:38 Brian Schleifer
And I got to live in England for three years, completely different food profile. By the way, love you England. But sometimes the brunches I was like, there's no flavor. But I do love blood pudding. Yorkshire, Yorkshire. You know, what is it? Yorkshire pudding as well. If I'm not mistaken.
00:08:42 Kristin Demoranville
Mm-hmm.
00:08:50 Kristin Demoranville
Yeah. Which is a pop over in the US if you need to compare.
00:08:53 Brian Schleifer
Nice and yeah, like, yeah. But so I I loved all that stuff. It was great. So did England. And of course, through these times traveled around the world for deployments and so on. And then I landed back after England to Nevada and the states lived up in Vegas for, I think it was like 3:00-ish years or so, 3-4 years and then ended up in Florida, retired out of Florida. And then.
00:09:13 Brian Schleifer
Went to a company right after that. So as a DoD defense contractor, then part of that for like I said, coming up almost on six years now in June, working in the cyber security arena. So during the Air Force career, traveling around experiencing all that cold food.
00:09:28 Brian Schleifer
I was very fortunate and I got to dabble anywhere from like putting CAT5 cables and you know, the dirt in Iraq to helping design buildings to, I mean, you name it, right, desktops, servers all the way into cyber physical systems which we're working for UAV's and things like that. After the retirement, more so into like the munitions and then even doing some.
00:09:48 Brian Schleifer
We're testing facilitating that, not hands on keyboards, so just clarify doing that for again munitions and aircrafts and so on. And so they're doing that for for a while now. I will say this is the time I'll go and say this that.
00:10:00 Brian Schleifer
I am speaking for myself, not the Department of Defense, nor the company I currently work for, or the government customers I support. Speaking from my own opinion and for myself. But that's that's a little bit of my background and then just to add on to that sort of how we got in conversations and where we met and the industrial control system, cyber Security conference in Atlanta was I am currently working on my.
00:10:21 Brian Schleifer
Doctorate through Purdue University and in doing so, looking at embedded systems.
00:10:25 Brian Schleifer
For security, what I started to notice was that there's a lot of similarities from the weapon system and the defense industry side to all these other industries, whether that's medical, agricultural, robotics, maritime, you name it, railway. All of these things are very similar. Some have progressed because money has been invested in those instances.
00:10:46 Brian Schleifer
Some threats are different in certain industries, and so you'll see that. But I was noticing I'm like, Oh my gosh, wow, we have all these, you know, our particular company and other people have these skill sets that can transverse. And so that's why we're here, to be honest with you, is is just trying.
00:11:00 Brian Schleifer
Help everyone out and recognize and realize the things that we can do to better not only help secure our systems, but make it safe overall because safety and security are blended. As I'm sure you're.
00:11:09 Kristin Demoranville
Well aware. Yes, of course. Thank you for that. That's awesome. And I even learned a.
00:11:13 Kristin Demoranville
Little bit thank.
00:11:14 Kristin Demoranville
You, Brian and I spent actually quite a bit of time chatting, and it was actually quite funny how we originally met at the conference.
00:11:20 Kristin Demoranville
If I remember correctly, it was a lot of alcohol, not me. I was actually quite sober.
00:11:25 Kristin Demoranville
And I think you were too. Actually it was just everybody else around us. But I remember. I remember sitting. It was the military table, if you will. And I am not a military person. I am. I am engaged to a military ex military man. But it is quite funny to me. I've ever sitting down and I was immediately accepted. There was no questions and.
00:11:27 Brian Schleifer
I need.
00:11:28
More than I.
00:11:44 Kristin Demoranville
It was just you're part of the crew. Welcome. Here you go. Let's talk. And it was.
00:11:48 Kristin Demoranville
I don't think I've laughed. Belly laughed like that in a long time, so I definitely appreciated, you know, the encouragement and to sit and just and chat at the end of the evening when everybody was trying to wrap up and or move on.
00:12:01 Kristin Demoranville
To their next event, yeah.
00:12:01 Brian Schleifer
Yeah, well, you know, and the military, we're all about burning calories. So you know, laughter. What is the 5 calories? We just we have to test your diaphragm out, right. That's the whole in like, as long as your diaphragm is working and we.
00:12:08
That's true.
00:12:11 Brian Schleifer
Have that nice.
00:12:12 Brian Schleifer
You know, wow. Laugh or or things like you're trying to hold it in. And they're shooting from different areas of your body then you know you're.
00:12:19 Kristin Demoranville
Well, I used to sing opera so my diaphragm.
00:12:21 Kristin Demoranville
'S pretty good so.
00:12:23 Kristin Demoranville
But yeah, it's.
00:12:24 Kristin Demoranville
It was a great time and it was. It was nice to have a different perspective at ICS. I think a lot of times we kind of get caught up in our own stuff and to be honest and I think having diversity of thought, whether that's you cover of a different walk of life, you're a different type of person.
00:12:38 Kristin Demoranville
Or you just coming from a different angle is really super important. And so I appreciated the challenges that you were mentioning and establishing what we're talking, especially since you've taken on the.
00:12:48 Kristin Demoranville
The crazy task of getting a pH D full stop regardless of what the subject matter is, and the fact that you're doing in a better systems and you have a systems thinking approach about it and you realize the things are interconnected. I mean that we need more people to connect the dots, especially in both private and public sectors and it's so.
00:13:02 Kristin Demoranville
Thank you. Thanks for doing that work. I think it's great.
00:13:19 Kristin Demoranville
There just jumping in for a quick break and to say a big thank you. Firstly we've made it to 30 episodes of the show. Wow, that's 30 episodes of conversations about agriculture and food technology and the people working hard behind the scenes to keep us safe. Thank you all for being part of this journey. If you haven't already. Please like comment and share.
00:13:40 Kristin Demoranville
Podcast it really does help spread the word and the.
00:13:43 Kristin Demoranville
Mission on a more personal note, I want to take a moment to say thank you to all who reached out recently after the passing of my cat Kai. She was 20 1/2 years old, which is 103 in human years. Obviously she was a huge part of my life and this show since she's been present through all 30 episodes behind the scenes recording and editing.
00:14:04 Kristin Demoranville
Your messages, text emails, pet stories, and photos that have been sent along the way in the last week or so have meant more to me than I could put into words. Brief is a complex creature. A community makes it more bearable, so thank you.
00:14:19 Kristin Demoranville
Surely this community is incredible and I'm so grateful you're here. Thank you so much. All right, back to the episode.
00:14:34 Kristin Demoranville
So now that we've, we've definitely gone through your background in defense and advanced systems, you know in general security.
00:14:41 Kristin Demoranville
How familiar are you with the agricultural and the food sector and critical infrastructure?
00:14:46 Brian Schleifer
Yeah, sure. So part of the studying was looking at that right for some of the courses and that's when I was, it was really eye opening and even looking at now like industry, industrial Technology, 4.0 and the irony is just before I go a little bit backwards. But the irony is I'm currently I have two courses that have started.
00:15:01 Brian Schleifer
May and one of them is strategic management and information technology, I believe. And funny enough, it's it's honed in on industry, technology, 4.0.
00:15:10 Brian Schleifer
So I get to.
00:15:11 Brian Schleifer
Dive in even more, and so again everything like you said, weaves together. So to be honest with you, right. Am I like completely, 100% immersed in agricultural cybersecurity? No. Have I read a ton of articles and like we talked about a little bit before the recording and learned more about the digitization of not only, you know, the data, but also the autonomy of certain agricultural.
00:15:33 Brian Schleifer
Things like tractors and so on, irrigation, all of those was very eye opening to me. Drones looking at the the soil and doing soil.
00:15:40 Brian Schleifer
Every so learning and just saying like holy cow, like we're everywhere, right? Like as far as technology goes, it's everywhere to help speed up things, to make it more efficient and bring profitability to, you know, farmers and so on. And so that's, that's my my level, if you will. And then also like I said, realizing Ohh well some of those things that they are implementing are utilizing very similar hardware software.
00:16:01 Brian Schleifer
Firm where that I have witnessed and or, you know, been studying for my degree.
00:16:06 Kristin Demoranville
I like that you've already made the connections, especially with understanding there there does you have to.
00:16:11 Kristin Demoranville
Protect it. Like that's you. You made that connection in your mind. You didn't have to be walked there. You already did it on your own. I find a lot of times I'm spending a lot of energy and awareness which isn't a bad thing, like talking to people about things. That's fine because we're so far removed from our food system and we've made it the most complex system on the planet. That it's people just don't want to.
00:16:31 Kristin Demoranville
Go near it.
00:16:31 Kristin Demoranville
Because it's like trying to find that needle in haystack, literally. Or it's a ball of string there don't want to have to.
00:16:37 Kristin Demoranville
Travel and the cat is still messing with it.
00:16:39 Kristin Demoranville
You know what I mean? It's definitely difficult.
00:16:40 Brian Schleifer
Yeah. Yeah, it's funny. I so I used to travel to Tucson, AZ. Why? And there's a lot of people from Caterpillar there a lot. It's one of their proving grounds. And man, it was eye opening. Just hearing some of their conversations they're taking. They're global, right. They're all over the place. And how much they're looking at cyber security. In fact, there was a gentleman I met at the conference there from.
00:17:00 Brian Schleifer
Killer here's the cool part. You know, hashtag shout out Caterpillar if you have. This is a job available. What? So here's why I like about that. There is cyber security in every aspect of that company. They have enterprise, right? IT they have the manufacturing side and they have the product side. They have literally every component.
00:17:07
Shameless.
00:17:21 Brian Schleifer
If you will respectively from a discipline and focus in that company. So and I thought that was fascinating to me because depending on who you talk to and even the agricultural side, right, they they may have two or three of those those bits, right. If you look at like a John Deere or something like that.
00:17:36 Brian Schleifer
But because they'll tie in, maybe they they do it all and they're trying to incorporate like what we talked.
00:17:41 Brian Schleifer
About the ohh.
00:17:42 Brian Schleifer
You're gonna crack me smart for me. No precision farming.
00:17:44 Brian Schleifer
Precision farming, yeah.
00:17:47 Brian Schleifer
But they're trying to tie that into their equipment so they can provide it to the farmers because they know it's beneficial to them. But I will tell you after reading it and this is the part going back to like what I know or whatever the tie in was, I didn't really consider.
00:17:57 Brian Schleifer
The data, the protection of the data, proprietary data, what is going to help increase and help the farmers out. I didn't really put that together and I was like ohh, they actually have that entity or focus that they're looking at. That's important to them as.
00:18:12 Kristin Demoranville
Well, there's a lot of data in precision farming because everything is all the decisions are made.
00:18:17 Kristin Demoranville
With the data from precision farming, part of the reason why Caterpillar fun fact? Part of the reason why caterpillars become such a powerhouse since our security is because they had a potential vulnerability in their software back in 2021 and they did notify DHS about it, and they worked through it.
00:18:35 Kristin Demoranville
And they all they were contacted. So they take it very seriously, which is great because that's what we need proactiveness not like reactiveness, if you will, Grant said. It was reacting to a vulnerability. However, it was being proactive by letting people know it was happening. So I'm not surprised to hear that at all, Brian, like, they, they definitely were going through it. You know, when that situation.
00:18:55 Kristin Demoranville
Rather, I think the data for me as well was a very big eye.
00:18:58 Kristin Demoranville
Opener years back when I was.
00:19:00 Kristin Demoranville
For a bakery company and realizing that we actually have a lot of secret data on the proprietary data and nobody was talking about it or thinking about it and this was like pretty cloud, so everything was still kind of on Prem, but it was sort of starting to migrate to the cloud and the food industry is really interesting because they've done a good job of migrating some things to cloud. But other things not yet. It's interesting like it's a.
00:19:20 Kristin Demoranville
The evolving process that's happening, but in terms of farmers and equipment, that's autonomous, you have to think about how are they getting their updates, who comes out to fix their equipment.
00:19:29 Kristin Demoranville
Do they have right to repair some? And this is obviously a debate. It's now good put to bed. Thankfully they do have right to repair, especially John Deere, but how do we deal with that updating and so I don't know if you heard about this Brian Bradley because you live in Florida and it didn't affect you, but in the Midwest, the northern Midwest.
00:19:50 Kristin Demoranville
And Canada, they had a solar flare incident, which isn't a cyber security incident, but it knocked out the GPS on their tractor.
00:19:57 Kristin Demoranville
And in order to do precision farming, they need GPS to have the coordinates that is pre programmed by, you know, obviously data and all these things to be able to plant properly and when that was knocked out granted it was like, you know, an act of God. So it was not. We can't really do anything about that.
00:20:05
Alright.
00:20:11 Kristin Demoranville
It caused a.
00:20:12 Kristin Demoranville
Lot of havoc and people who had only learned how to farm in that precision.
00:20:17 Kristin Demoranville
Technology era. We're like, I can't do this. I cannot harvest. I can't do this stuff and it's like the old boys and girls. How to come out of like, retirement, teach them how to.
00:20:27 Kristin Demoranville
Actually harvest properly via analog, so I still got done. It just wasn't done and it's like efficiently it again. That's the word I would say. And it's interesting because it's like the lesson in, you know hacking. Why would that stop a hacker? And they just now know how disruptive that is, whether it's disruptive or financial. Either way, that's the two things we're most worried about.
00:20:47 Kristin Demoranville
And the food industry in general.
00:20:49 Brian Schleifer
Well, Kristin like to me. So one of the things I I think about often, right is there's always the financial aspect, right. So holistically speaking, I think of it from a, I'm gonna say safety and strategic stand.
00:21:01 Brian Schleifer
Point if I were, you know, like playing like a kid, playing risk or something, right? Back in the day, the board game risk. But if I were to try to do something malicious and have that intent in that mindset, what would I do? And one of the things I I like to talk about because they do the military exercises is you take away resources, right? You have psych warfare.
00:21:21 Brian Schleifer
Resources and those are two big deals. How? How do people operate on a day-to-day basis? They need their resources, they need water and they need food. So what can you do? You can look at taking down irrigation and you know farming equipment and where the capabilities that they utilize to do those respective.
00:21:38 Brian Schleifer
And to make the water drinkable and potable for for humans and or the food necessary. And is that the long the long game? Maybe right? If I'm already taking down things like, you know, banking and the health industry and like, now I'm starting to push you back into the, you know, the quote, UN quote, dark ages, if you will. Right now, I'm taking away. I have to go back to the.
00:21:58 Brian Schleifer
Old school farming, as you said, maybe the equipment doesn't exist or they have to try to find pieces and parts that get that back running because any kind of books, fiction, non-fiction that you read, it's a it's a time game, right? It's this whole length of time. So that's just a plan in it, right. There's the whole like, D-Day. And then you go -1 week, two weeks, so, so on and so forth. So you put that strategy.
00:22:17 Brian Schleifer
Really in there. So it's like it's a concern that you look at all these advanced persistent threats that are in these devices that people are fighting and you go, OK, when is that gonna? When are they gonna push that button for a tractor or a food processing plant or you name it right? Anything else? I mean, if they take down the finance industry, how many people that work for respective farmers?
00:22:32
Yeah.
00:22:38 Brian Schleifer
The agricultural business are going to go in on day-to-day work because now they don't have the money to supply back to pay for whatever, right? So there's it's a whole team of events and it's very interesting to think about that from an event phase perspective.
00:22:50 Kristin Demoranville
Especially since the critical infrastructure sectors are actually created based on the military right? You need these things that are to move and.
00:22:57 Kristin Demoranville
If you will, and obviously the betterment of society as a whole, like a country, you can't function without these particular items and the critical 16, we're actually the critical 15 until 2020 when the attitude and act finally which.
00:23:09 Kristin Demoranville
Is like what?
00:23:11 Kristin Demoranville
What took so long for us to put that on the list, I don't know. And again, I really wish somebody would tell me because I really.
00:23:16 Kristin Demoranville
Want to know? I'm very curious about this.
00:23:18 Kristin Demoranville
However, the interesting thing about the food and ag industry is it still lasts at the table for funding. It's very heavily privately owned. We know this and it's because again, it comes into a lot of different human factors, you know, shame.
00:23:33 Kristin Demoranville
The admitting and then something happened. Customer perception. What's going to happen to the shareholders if it causes a foodborne illness? If it kills anybody, those kind of things are all these factors that are in it that aren't good feeling. So we're instead of actually dealing with in a productive manner, we're just.
00:23:49 Kristin Demoranville
Going to kind of ignore.
00:23:49 Kristin Demoranville
That and and I think as.
00:23:52 Kristin Demoranville
Our security professionals, OSS, any of the people that are in these particular critical.
00:23:57 Kristin Demoranville
Structures. It is our obligation. If you see something you need to say something, I go back to boars head for example, because that's one of the latest and greatest disastrous things ever. You can tell me that we wouldn't have seen something because we're in everything. We know what's going on. And and again I will say this, that it sees everything. So it is security. We see everything. We see cameras.
00:24:17 Kristin Demoranville
We see who people are walking in and out. We see the firewalls, we see it all. We can probably tell you if there's a spill before you even announced to your supervisor, there's been a spill or something else has happened. We have an.
00:24:30 Kristin Demoranville
As a human to report when we see something that happens, especially when it comes to this data situation and learning how to tackle it, and whereas in what's important and what's secret, we need to acknowledge that there's secret special data in the food industry. I was on a podcast on a couple years back, Brian. The conversation came up with the the host literally said there's nothing secret.
00:24:50 Kristin Demoranville
And the food.
00:24:51 Kristin Demoranville
History and instead of like, you know, beating them up on air, which I did not do, I said, hey, what's your favorite snack? And you mentioned a very heavily processed snack. I was like, oh, hey, did you happen to notice that the the flavor has changed with the the filling and the the actual pastry a couple years back? He's like, yeah, I totally did it. I said, yeah, one more banana 4 than vanilla for it. Right. And.
00:25:11 Kristin Demoranville
He goes. Yeah, that's weird. How do you know that? I said yeah, because my company had bought it. But I was working for, and they used to make it like the filling. Specifically, I said you can't tell me that. That's not. He was like what?
00:25:20 Kristin Demoranville
Do you mean? Doesn't everybody have access to that recipe? I said no.
00:25:24 Kristin Demoranville
Because like you.
00:25:26 Kristin Demoranville
At the beginning here things change. You add a little bit, you take a little bit, you know, a little less little that you know and it it's and all the quality work that goes into it and all the marketing that goes into that, all the things that's covered it, that's secret, that's safe. You know, we need to know this and This is why. And I know you heard me say this many times already when we specially when.
00:25:46 Kristin Demoranville
You need to understand the industry that you are assigned to protect. If you do not understand that industry, you need to leave that industry and go to the industry that you know or learn more, one or the.
00:25:56 Brian Schleifer
Other has happened. I like the second part. I like the. I like the learning more.
00:25:58 Kristin Demoranville
Yeah, I really want.
00:26:00 Brian Schleifer
You know that's, that's why, yeah. And and like, the whole Doctor, Carol Dweck, wrote the book called Mindsets. And they talk about growth mindset and fixed mindset. And it's not only.
00:26:00 Kristin Demoranville
Stay curious, right?
00:26:06
Mm-hmm.
00:26:09 Brian Schleifer
Like what you would?
00:26:10 Brian Schleifer
See at face value of just learning it, it's actually like taking the time and understanding the resources and putting those in place so you can learn. So there's a little bit more as far as the intrinsic motivation goes for that.
00:26:20 Brian Schleifer
But to be honest with you, I I completely agree. And again right, one of the reasons I'm pursuing this terminal degree is to to continue learning. I think that's so important. Things evolve so quickly and again it it's everyone has different mindsets. You stated this a little bit before, but I'm a very much I want a big picture so I can focus on a small piece of that pitch.
00:26:39 Brian Schleifer
I think if you just use small picture or like a very niche area and not understand everything else, you're doing yourself a disservice. So while people like you were there, right, you're at the industrial control system, right? So you got you got way more right. There was a ton of people there from other areas in the industrial industrial area. And so I think that's imperative because if you just stove pipe.
00:27:00 Brian Schleifer
So you're missing out on the opportunity to have conversion.
00:27:03 Brian Schleifer
A great example, right? I was. I was talking a little bit about this in my presentation and we've had a follow up meeting, but there's a group of 60 folks in water, wastewater down in Texas and they do this free event and they invite people that to come over and just have conversations in these areas that they're struggling and whether that could be risk assessment, risk management, penetration testing, you name it, right.
00:27:23 Brian Schleifer
And they have these subject matter experts come in and have that conversation, and they're not able to learn and say, just like you did, right. And this may be more internal. That's OK. Hey, you're on the struggle bus with this. So are we. How do we solve that? Well, we have some people, some experts come and chat with us or we found someone that we can actually learn from.
00:27:40 Brian Schleifer
Right. That we just do some training or something like that. And and honestly, like you said, This is why insurance exists and other people make profit and don't care about reputation is you have to have the buying of leadership or you're not going to have the funding and resources. And if you don't have that, you're not going to have people that care, right. And so they're going to eat it whether.
00:28:00 Brian Schleifer
At the end of the day, if that's their job, right? I thought that was really important. You're talking about distribution of things like solar winds, right? Solar winds is big. Everybody heard about it? I was like, oh, my gosh, we were aghast about that. The big thing was that I forget if it was the size or somebody CIO knew about it, still did it. And then he lost.
00:28:17 Brian Schleifer
His job, like and as he actually got sued, if I'm not mistaken by the government or someone else. That's where the teeth comes in. You see that in the medical industry? In fact, it was just the FDA was like section 704B or whatever. Said medical devices have to have reasonable cybersecurity, which that's talk about policy. I think when you have that subject, we'll talk about what reasonable means I throw up.
00:28:19
Yeah.
00:28:37 Brian Schleifer
Tell me. Hear that word?
00:28:38 Brian Schleifer
By the way, sorry for.
00:28:39 Brian Schleifer
People but anyways. Ohh I I was like, what does that mean? But now there's some war coming out. There's some more direction about medical devices and so on which like I said, it came out like a week ago. There's just more and more more coming out that's pushing that. And you have to follow that documentation and people need to realize.
00:28:56 Brian Schleifer
That on the C-Suite all the way down to the people that are implementing it and because it gets lost in between and again, that's the biggest thing about policy is that middle ground people can write it, talk about it, people know how to implement it with. They're losing that middle ground because that has to do with resource allocation. And then like the true understanding of, like, what do we implement? Right. There's the how I got that.
00:29:16 Brian Schleifer
Just what do we implement? Because reasonable doesn't mean anything, and that's the medical right. I mean, name it that you can throw. Throw it out there. It's across the board.
00:29:19
Yeah.
00:29:23 Kristin Demoranville
I think a lot of the reason why I really I really enjoy working for this are working in food and AG in general as a cybersecurity professional or OT whatever you're calling is they go through the same things that we go through in terms of risk assessments, posture, evaluating, quantifying all these things. They're doing the same thing.
00:29:43 Kristin Demoranville
Just doing it from the food side, right? I challenge anybody who's listening, and I definitely would suggest you look this up too. Is the Peanut Corporation of America. Do you want to talk about really messed up situation with food and allergens?
00:29:58 Kristin Demoranville
And people being hurt just because there was a corrupt head of leadership, there is your 1, I believe he's.
00:30:05 Kristin Demoranville
Still in jail, actually.
00:30:07 Kristin Demoranville
Also two I I said this, I've said this a couple times and I and I I need to find a better way to say it.
00:30:07
Yes.
00:30:12 Kristin Demoranville
Brian, so maybe.
00:30:13 Kristin Demoranville
With your system thinking mindset, maybe you can help me come up with a better way to say it.
00:30:19 Kristin Demoranville
I really, really wish that the the sea suites would take food safety and cybersecurity seriously in the.
00:30:25 Kristin Demoranville
Breath test the cyber physical systems that you mentioned at the beginning and when we start talking are connected to food safety systems and are part of the food safety process and that goes from agriculture all the way into like production. And I don't think any leadership ever wants to get the call that is cyber security incident affected food safety.
00:30:45 Kristin Demoranville
Cause of foodborne illness or any of that right there are recalls that have happened obviously and people catch that which is great, but could you imagine having to be whether you're a CISO, a CIO or CTO, any of the type role?
00:31:00 Kristin Demoranville
And have to call your CEO or your shareholders and your board or anybody and say hey, just so you know this this is what caused this issue like like that's this is this is the disconnect between our industries, everybody's really focused on data and that's great. It has to be protected and glad and we've got enough issues with it, right. And it's definitely the new warfare in a lot of ways.
00:31:07
Yeah.
00:31:08
Yeah.
00:31:22 Kristin Demoranville
And will continue to be, but we are not just dealing with data, we are dealing with safeguarding lives like we are legitimately dealing with things that could end lives, devastate communities.
00:31:32 Kristin Demoranville
Cause more issues environmentally beyond any of that stuff. We just want people to be able to go home at night from their job and also keep their family safe and anyone else in the community around it, right? Yeah. Every time there's a disaster, it's a community issue, right? So when, like, boys, had had a close that plant because they have this awful food safety situation happened and people got sick. And if you.
00:31:52 Kristin Demoranville
Who passed that affected that community? That was 500.
00:31:55 Kristin Demoranville
People who lost their jobs.
00:31:56 Kristin Demoranville
Now I was so messed up I was so avoidable right in a lot of ways. Same with Peanut Corporation of America, same concept. I'm really worried about what it's going to take for people to start paying attention because policy is not being written about cybersecurity in the agricultural space. Yeah, there's the farm and cybersecurity bill that's out there, but it's it's not enough. They want you to do.
00:31:59
Uh-huh.
00:32:16 Kristin Demoranville
Exercises and tabletop exercises every three years to test your resilience.
00:32:21 Kristin Demoranville
Every three years. Are you joking? Like that should be quarterly and minimum in my opinion. Well, it's about priorities, right? Can you roll it into your food defense budget? Can you allocate it to production? Can you do other things right? It's all about how you creatively think about the problem and how you're thinking about the solution, because a lot of times we are focused.
00:32:36
Yeah.
00:32:41 Kristin Demoranville
On the problem.
00:32:42 Kristin Demoranville
And it needs to be more about the solution. What is the solution here? Education, awareness, understanding. Connecting dots systems thinking all these things because the food industry is so interconnected with all these other industries.
00:32:54 Kristin Demoranville
I mean, how are we going to move away from oil and gas? We're going to use it. We're going to use food. We're going to do biofuels, we're going to create things with more organic substances because we have to have a solution because we're eventually going to run out of all that, you know what I mean? And we're going to come back to soy is going to be.
00:33:10 Kristin Demoranville
The big premiere, it's.
00:33:11 Kristin Demoranville
Still, it is today already and I think that.
00:33:13 Kristin Demoranville
People need to start taking a look at that. It may not affect your generation and right now, but it's gonna affect kids, grandkids.
00:33:20 Kristin Demoranville
And future generations. And if you don't care about any of that, OK, maybe.
00:33:26 Kristin Demoranville
No, I I just. I really think that people need to start realizing that it's the betterment of humanity and it's for the greater good. And that's something that is really hard for people to wrap their heads around because that's a larger, you know, outside of their their scope because we forget that we're world citizens too or not.
00:33:43 Kristin Demoranville
West American citizens, or wherever you come from.
00:33:46 Kristin Demoranville
Or world citizens.
00:33:47 Kristin Demoranville
Yeah. And I think, yeah.
00:33:47 Brian Schleifer
You reminded me I'm sorry. Go ahead. Yeah, you reminded me of something. So I was talking to my wife last night.
00:33:54 Brian Schleifer
And it's it's it has to do with this right? Cause everywhere I've gone. In fact, Jacob, the guy brought to the last conference was super surprised. And I said, man, I've been. I've heard that this at the conference the last three years I've gone the resource allocation, the C-Suite, how do we get people to understand it by this end? And like I've studied, you know, like company and somebody understand, but who is it's called STP.
00:34:14 Brian Schleifer
System theoretical process analysis and there's one with cyber security and it started off in safety with Nancy Levinson and MIT. And then a gentleman, William Young, goes by dollar, did it for the same security side of the house anyways.
00:34:28 Brian Schleifer
The point being is it's a different way to think about it, and it stemmed from safety and he learned I can utilize a lot of stuff that was used for safety and the security. So I'm going to just tell, you know, talk about two things, if you don't mind. There's a great book called The Power of Habit by Charles Dunham. I always pronounce his last name incorrectly, so my apologies. But one of the chapters.
00:34:48 Brian Schleifer
Or to talk about an aluminum factory. I can't remember. It's it's all real stuff. They were having safety issues like life loss issues and they're trying to figure out how to fix it. And so one of the the guys, you know, they went to the stakeholder meeting, they're pretty.
00:35:01 Brian Schleifer
Excited about learning?
00:35:02 Brian Schleifer
About you know this this new profitability and the guy said.
00:35:06 Brian Schleifer
We're not talking about any kind of stakeholder information. We're not just talking about price. We're going to talk about safety. We are going to prioritize safety and everyone's like, oh, what we want to know about our numbers and how much we're making and all this stuff. And he said, no, we're going to focus on it and.
00:35:18
Yeah.
00:35:22 Brian Schleifer
He started implementing.
00:35:23 Brian Schleifer
Things and putting stuff in place. Some of those were, hey, I'm going to put these suggestion boxes.
00:35:27 Brian Schleifer
Down on the floor. Right and.
00:35:29 Brian Schleifer
How people start writing about how can how we can make things safer.
00:35:33
Well.
00:35:33 Brian Schleifer
They started to do this and I'll make this short. They started to do that, but it actually started to make things more efficient as well. So you're saving lives. You're making it more efficient. Which, oh, by the way, gives you higher profitability because now you're sustaining something longer and it's more efficient. So you're doing more X, you know.
00:35:49 Brian Schleifer
Making whatever kind of aluminum widgets, if you will, and the same amount of time than you did, and there was a point where in there he said that one of the gentlemen got word of the suggestion.
00:35:58 Brian Schleifer
And and one of the things he said was if any board member gets it, it must be presented that you can't ignore it. And one of them did and he fired him on the spot, which I thought was crazy. But what it made me think about with all these things, as you said, the interweaving is, you know, when did OSHA get stood up? When did safety start, and how did that start? Because we're at the point now where.
00:36:18 Brian Schleifer
Cyber security does create.
00:36:20 Brian Schleifer
Of life, I would say more indirectly with the food, right, but directly as an equipment, right? Whether that's a pressurization thing, something failing, creating a fire, you know, direct life of loss, life, loss of life.
00:36:35
So you might.
00:36:35 Kristin Demoranville
Well, yeah, it's the cyber physical.
00:36:37 Brian Schleifer
Yeah, but what I mean by that is I think we're at that time period now.
00:36:42 Brian Schleifer
I think you know, I was asking my wife who was in medical like when did they start? Like, how much? How many resources were allocated to you for safety right in the medical community, when you looked at your budget, did they say 10 or 12% or whatever is for PPE and other safety measures, right? Because that's literally what they do, right? The Checklist Manifesto is a great book talking about some small things that.
00:37:02 Brian Schleifer
Increased, you know, saving lives and it's like how much funding goes to that because now it's like we're looking at that from a cyber security person.
00:37:10 Brian Schleifer
You know, there's these separate organizations that are getting funded in communities because we have safety organizations and you name it, any industry, when are we going to have the funding and out the resource allocation for separate cybersecurity organizations and all those because they're not doing it. They're picking somebody to save face. They're saying, hey, we're going to hire cybersecurity so we can, I hate to say.
00:37:28 Brian Schleifer
This this is pretty.
00:37:29 Brian Schleifer
Whatever. Hey, you know, there's the scapegoat, right? Stuff goes down. It's the same security guy or girl. The guy out, see? Yeah, thanks. You know, thanks for being there and filling that position because they're asking for it, right? They're looking at stuff going around. And this is, by the way, cross industry. And you can go back and look at some history of some people that chose to lose, leave their jobs because they kept asking for things and they weren't getting it.
00:37:50 Brian Schleifer
And it's like, hey, at at the end of the day, it is just as important as safety.
00:37:54 Brian Schleifer
Security and safety are blending together. They make sense. You need to allocate those resources as necessary in both those fields. That's I mean that's where we're.
00:38:04 Kristin Demoranville
At with that, yeah, I mean and that's that's why, you know, PHA's to focus on looking at safety of a facility as well as cyber security is super important. I mean not shameless.
00:38:14 Kristin Demoranville
What my product hands and OT does that and we know a few other people that are focused on that, I do think that people need to start looking at things in parallel because they are similar and this is what's important.
00:38:31 Kristin Demoranville
We found our.
00:38:32 Kristin Demoranville
Episode on Agroterrorism featuring the Animal Agricultural Alliance, insightful. Here's another opportunity to explore more important conversations about our food system, and if you haven't already listened to that episode yet, I would highly recommend it.
00:38:47 Kristin Demoranville
Speaking of important conversations, inspiration comes in countless forms. It's a thought, a conversation, a connection, a chain reaction. We never know exactly how inspiration will hit, but we do know this when ideas and perspectives are shared across the table. They don't just add.
00:39:06 Kristin Demoranville
Multiply at the animal AG Alliance 2025 stakeholder summit happening April 30th through May 2nd in Arlington, VA hundreds of food chain partners will come together to tackle one of the biggest topics in the industry, sustainability.
00:39:23 Kristin Demoranville
This year's theme food for thought, dishing on sustainability. It's all about bringing together a diverse group of decision makers from farms and ranches to restaurants and retailers to discuss the future of how we raise and distribute animal protein with a dash of innovation and a heaping serving of collaboration.
00:39:46 Kristin Demoranville
The summit is where meaningful conversations happen, shaping the future of our food system for generations to come.
00:39:52 Kristin Demoranville
Register by April 25th to reserve your seat at the table. For more details visit animalagalliance.org or check out the link in the show notes.
00:40:08 Kristin Demoranville
I think people need to take a step back and realize that again, like food, defense for protection, people in general and fighting the same fight as them security, they're just doing it on the food side. But the technology they use is the stuff that we're supposed to be protecting, if that makes sense.
00:40:23 Kristin Demoranville
So business continuity, disaster recovery off to be included in these conversations and we're doing so many things in silos, Brian, I know you know this that we're missing the ability to go across and I've said it before and I'll continue saying it disruption.
00:40:37 Kristin Demoranville
We need people to come across it and say.
00:40:39 Kristin Demoranville
Hey, just let you know these.
00:40:40 Kristin Demoranville
People over here in Silo are doing the same thing you're doing in silo D like, let's have you talk to each other. To me, finding that common ground where people can stand together as you know, individuals as well as a community is super important. And this is what I love about the OT ICS environment and I'm sure.
00:40:57 Kristin Demoranville
You can speak to this very clearly to where you know we really are a community in ourselves, as if you take it like it's a cybersecurity community is a large I love our niche, I love, I love being in the OT ICS space because.
00:41:10 Kristin Demoranville
We really do get that we're doing more for humanity than just making sure you can send emails and they don't get attacked, you know, and.
00:41:19 Kristin Demoranville
It really it really.
00:41:20 Kristin Demoranville
Brings a sense of of meaning and purpose to your job in a different way as well. You know, making sure that people understand that we are interconnected. We are constantly working. That's why I do the presentations.
00:41:31 Kristin Demoranville
Do about the soybean, how we're all interconnected and how this little plant brings us all into a full circle. And I think that if people started looking at it, not just in their own little environment and get stuck on it, it would probably alleviate some.
00:41:44 Kristin Demoranville
Stress and we start to.
00:41:46 Kristin Demoranville
See that you know. Hey, you got.
00:41:47 Kristin Demoranville
A whole support group behind you and.
00:41:48
You get all.
00:41:48 Kristin Demoranville
These people that are with you so that that's good.
00:41:50 Brian Schleifer
I think cyber security professionals wear many hats, not only in their complete discipline in the service area, but they're also part time PMS and part time storytellers, right? So so you have to go in with the mindset of like being able to story tell and be able to present data appropriately at any given time according to your audience.
00:42:00 Kristin Demoranville
That's.
00:42:10 Brian Schleifer
Right. And what I mean by that is then you get into the PM arena of looking at numbers, right? So I was fortunate, I, you know just through my path or whatever I did some, some some school work and finances.
00:42:21 Brian Schleifer
And not not the big finances. Just, you know, courses or whatever, but it's very eye opening because that that enables you from like you know project management perspective to go in and look at the resource allocation. So you can start going and looking at your companies resource allocation and start funding that out like you know again like hey 20% year over year whatever to add to your cybersecurity needs.
00:42:41 Brian Schleifer
If you will, but the biggest thing is, like you said, having the buy in from those other people and not being a stove pipe. And what I mean by that is a lot of.
00:42:49 Brian Schleifer
The things that we.
00:42:49 Brian Schleifer
Do like if you at all like we we do like mission based risk assessments, right? So it's a little bit.
00:42:55 Brian Schleifer
We're mostly stringent, but more focused and I like it a little bit better than a typical cyber tabletop, so it was so important because we did have.
00:43:04 Brian Schleifer
The right people.
00:43:04 Brian Schleifer
In the room we have the logisticians, we have the like the the war fighter, the operator. We have the people that are responsible for the finances in the room.
00:43:15 Brian Schleifer
Right. We have the decision makers. We have the cyber hacker, ethical professionals in.
00:43:20 Brian Schleifer
The room, they're all.
00:43:22 Brian Schleifer
Sit around talking about that to that same goal at the end of the day, the same goal, which is, you know, again the mission that could be the mission of safe and secure food. It could be the mission of safe power grids, you know, to supply safe water, you know, wastewater, whatever occurring. That's the same goal. And you have to sit in there because then you can.
00:43:42 Brian Schleifer
Hear their perspective.
00:43:43 Brian Schleifer
And you're able to get that you go. OK, awesome. And at the end of the day now, when you're going up that.
00:43:47 Brian Schleifer
That next Echelon, or level or leadership in your?
00:43:50 Brian Schleifer
Asking and you go listen. This is like across.
00:43:52 Brian Schleifer
The board I'm.
00:43:53 Brian Schleifer
Not seeing doing any like paper document where you go sign all the different organizations you know, they're leans on it, but now they all understand. So if you're sitting in the boardroom or another room together with one of those leaders, you all start to get the head nods and you go, hey, remember, Bob, when we were talking about that and, you know, actually how we're getting that supply in.
00:44:10 Brian Schleifer
And how that's such a big deal to you, right. And then. Ohh, yeah. Hey, Jake, remember when we talked about the the need and like, hey, if if it fails then now we're gonna be put back two weeks. Which according to Jane it means now we're gonna losing you know a revenue of $2,000,000. So like you have all the people in the room.
00:44:15
MHM.
00:44:27 Brian Schleifer
You're tying it all in so.
00:44:29 Brian Schleifer
And you have the data and the data. It is so hard. Every leader I've ever gone to, it doesn't matter what kind of personality, because some people like pictures, some people like or some people like numbers. If you show them that data like you've done the research, it is very, very difficult for them to dismiss that. It is very difficult and that's proven out. Go away with your idea, your emotion.
00:44:49 Brian Schleifer
Is your Skype screen person but have the data to back what you're talking about.
00:44:53 Brian Schleifer
Have those use cases like you just mentioned and some other ones I found in that Article I sent to you that are out there and show those people that because sometimes like you said, they're either buried in, like, trying to make profit for their stakeholders or doing something else and they don't see all those things occurring because as you.
00:45:09 Brian Schleifer
Know.
00:45:10 Brian Schleifer
They're not necessarily always publicized in mainstream media.
00:45:13 Brian Schleifer
So very good stuff there. So anyways, I just wanna prove a point like, hey, what's filling your need and sense of purpose and and satisfaction like, you know?
00:45:20 Brian Schleifer
We're doing it globally.
00:45:20 Kristin Demoranville
For all the people around the world. Yeah. And I I think you're right. You know, you have to quantify it and you have to get people to build community together like common ground. That's what those exercises are.
00:45:31 Kristin Demoranville
Or I call them extended security assessments extended risk assessments, rather so ERA's as I call them. And I think it's super important to get everybody from different functions and room together to be able to figure out the common goal of, hey, let's keep the company running, keep it working, keep them safe and then obviously keep make a product that's not going to hurt people kind of thing.
00:45:51 Kristin Demoranville
I think those are super important. I think moving forward though, we need to find a way to do that on a grander scale. I do think that there needs to be better regulated.
00:46:00 Kristin Demoranville
Does that serve better purpose? I do think that we need to have policies that make sense for all these stakeholders in these facilities. There isn't a cyber security, food and agricultural framework yet, but we need to have, I think we need to have a little bit more industry specific frameworks to help people because ultimately what happens is people just need to know.
00:46:20 Kristin Demoranville
How do I not have this happen? What do I do when this happens and how do I prevent this from happening so building of resilience right?
00:46:25 Brian Schleifer
So it's so Frank, listen, that you said that. So this is something I've been thinking about, especially in my new position. So I do security control assessing right, which is think of any kind of nest, you have a security control or some instance. You know the framework is.
00:46:39 Brian Schleifer
More overarching, but then they they they point to controls, right? Security controls and then OK, now the you go to the narrative. You're like, how do I enter these controls? Something I see missing. And I had a young lady, Glenda Snodgrass. So she did a presentation, the same place I did. And the new CMC directive coming out. I don't know if you've seen or heard about it. Probably it's not in your space.
00:47:00 Brian Schleifer
Necessarily, but it has to deal with NIST 171, which are.
00:47:02 Brian Schleifer
A bunch of.
00:47:03 Brian Schleifer
Controls. They're all very similar, by the way. Across the board you need.
00:47:06 Brian Schleifer
But she had some examples in her presentation. She had examples of some some good examples and bad examples of how to actually answer these security controls and.
00:47:15 Brian Schleifer
I thought how.
00:47:16 Brian Schleifer
Important and how imperative that is, because this goes back right. This is that education piece and it's sort of a swinging pendulum, if you will, is if I have a good example, I understand.
00:47:26 Brian Schleifer
Stand. But I can't just rely on a Windows or Linux operating system or something along those lines. Or, you know, VX works or something to protect my system. I can't just say the operation operating system is protecting it. I need to understand that those respective FPGA's or other things in the PLC or SCADA system.
00:47:46 Brian Schleifer
Have more configuration.
00:47:48 Brian Schleifer
This hopefully and things I can do to protect my system and holistic holistically the system of systems.
00:47:54 Brian Schleifer
Right. And and.
00:47:55 Brian Schleifer
Also, good goodness gracious, I've written some papers. I OT holy cow, talk about you do all this protecting and the weakest link is, you know, one of your third party vendors just coming in like straight access and then it just feeds everything. But like you really have to look at that and have a good understand.
00:48:10 Brian Schleifer
I mean, and I think using examples is a great idea. You can write a ton of policies and people are gonna interpret it, and then you're they're still gonna fail at the end of the day, they need to have some good examples and use cases specific. No, it doesn't mean like, hey, I write this really, you know, big thing about, you know, the ex works. And this is how this works here. And I'm using something else similar. But it's like it gives you a really good idea. Right. And the people that can read between the lines.
00:48:32 Brian Schleifer
You will have a better understanding right. You know, separation rules, whatever it may be in these these respective instances, they get an understanding like ohh OK, that's what I need to do that.
00:48:41 Brian Schleifer
Answer is that and that should get the wheel spinning and you don't see that that often because I do agree that there's such a gap between these large policies and then the procedures and then the implementation.
00:48:52 Kristin Demoranville
Well, the problem is is that the the policies need to be written at a baseline like this is the bare minimum. You need to do the bare minimum to be secure. I'll just say that air quotes and then.
00:49:03 Brian Schleifer
And that's very subjective.
00:49:04 Kristin Demoranville
And then from there, the industry can add whatever they want on.
00:49:09 Kristin Demoranville
Top of that.
00:49:09 Kristin Demoranville
Right. And I'm saying this because I wrote global policy for a large company. I had to write over multiple languages, multiple cultures, multiple restrictions, multiple laws. All these other things. So we just came up with the absolute minimum and then the operating companies.
00:49:25 Kristin Demoranville
Right, whenever they want on top of it and make it special. It's kind of like the United States has to do the minimum and the federal level, and then the states can do whatever they want at that point. I think that that's how we have to kind of.
00:49:35 Kristin Demoranville
Approach it where here is your minimum cybersecurity.
00:49:38 Kristin Demoranville
Policy and then the industries can add on to it safety. Different. Other regulations need to go on whatever. I think that that's how we have to start approaching it more so than we already are. But again that gets convoluted and then you can have like 15,000 policies and all these regulations that it's going to cause to be ridiculous. I don't think there's one ring to rule them all that.
00:49:58 Kristin Demoranville
Brian, there's no way, right? There's no.
00:50:00 Kristin Demoranville
Way and I think.
00:50:00 Brian Schleifer
Have you ever noticed like?
00:50:02 Brian Schleifer
When you talk to people.
00:50:02
Hmm.
00:50:03 Brian Schleifer
Like since like what I have seen, sit and resonate for long periods of time is a story that uses a real example, right? So I think having policies is absolutely necessary and needed 100%. So please don't take that the wrong way 100%. But I also like an example right and I don't know if this is necessary or not. And who would take this on but it's like hey, when I'm writing these policies and procedures and implement.
00:50:24 Brian Schleifer
Like I'm following a an example system. I mean you name it, it could be a tractor, it could be whatever fits into that space. It could be a manufacturing plant, something along those lines. But I get to follow what that means through those respective steps and levels of documentation. And I mean it's it's out there, right? You really have to hunt it down, but it would be nice if I got to follow that along. And I I don't know if people just.
00:50:45 Brian Schleifer
Choose not to do that on purpose, or if it's too much work or they haven't thought about that, but it's nice, right? Here's an example. Here's my what's that?
00:50:50 Kristin Demoranville
So I follow you.
00:50:52 Kristin Demoranville
I'm following you. I think. I think really what you need is you need a.
00:50:55 Kristin Demoranville
Scenario and along with whatever.
00:50:56 Brian Schleifer
That's exactly right.
00:50:57 Kristin Demoranville
It is. Yeah. So that's that's what the cyber PHA assessments do. They actually write in scenarios. So I think again.
00:51:04 Kristin Demoranville
I completely understand this and not shameless plug. Again that answer them to use the scenarios as.
00:51:09 Kristin Demoranville
Well, but that's all.
00:51:10 Brian Schleifer
By the way, I'll just pass something for you.
00:51:11 Kristin Demoranville
Yeah, I know. You actually just lined me up. You're so funny. Yeah, but it's it's. You're right. And I think that is why you and I resonate as people together because we both speak in analogies. We need to have.
00:51:14 Brian Schleifer
Softball.
00:51:24 Kristin Demoranville
Contacts with our terminologies. We need to have an understanding of how things work and that I find that I learned that back in the day because I've had a very long career, that when I was helping people troubleshoot issues and users and maybe hopping mad or.
00:51:39 Kristin Demoranville
Or just generally like, why is this woman talking to me? I don't understand her technical terminology. I had to find a way to communicate to people where they were. So now which has worked really great. I still find myself doing that and it works really well in C-Suite levels and boards. You have to be able to speak in a way that resonates. And you're right, we're missing that that piece of resonation.
00:52:00 Kristin Demoranville
I think it was a couple of months back. Do you remember when Krispy Kremes got hacked? It was a third party pop and you were talking about third parties. It made me laugh because for the first time in a while I saw the cyber community actually talking about Food and Agriculture on that level because the food industry was in the news and it made me kind of go. You need to have Donuts.
00:52:17 Kristin Demoranville
To have a problem in order to get you to pay attention.
00:52:21 Brian Schleifer
Like that's real, man.
00:52:21 Kristin Demoranville
It was sort of I I was sort of irritated actually. It was really irritating. And then actually a few people when McDonald's went through their issue with the onions that people were sending me all these articles. And I'm like, I know I I'm talking to the experts that are on the news that are informing these articles. Like I know what's happening.
00:52:38 Kristin Demoranville
And and they're like, well, why does this keep happening? And I said because you don't know what it is and what it isn't like. So let's go through this exercise.
00:52:45 Kristin Demoranville
Again, and at the beginning of our conversation, Brian, you were talking about when you lived in Europe and you were talking about eggs. Part of the reason why the United States is so different when it comes to a lot of food things is we live in a very.
00:52:57 Kristin Demoranville
Big country, we have a lot of.
00:52:59 Kristin Demoranville
Space and we have a lot of people so they.
00:53:01 Kristin Demoranville
Don't necessarily have to refrigerate their eggs.
00:53:04 Kristin Demoranville
Because they're not moving them.
00:53:05 Kristin Demoranville
Across vast miles, we refrigerate and wash our eggs because they're in transport. The eggs that get to your shelf for probably several months.
00:53:14 Kristin Demoranville
Old I know people are like, oh, no, don't forget, it's fine. It's it's the food safety ways. It's fine. But in Europe, they don't necessarily have to do that because you could just go maybe a mile to the restore and that egg house was next door, if you will. We have to be careful with apples and oranges here and to use another food and allergy that we have different things.
00:53:34 Kristin Demoranville
Going on here, we have different miles of things travel and because.
00:53:38 Kristin Demoranville
Our.
00:53:38 Kristin Demoranville
Food system is so complex we can get avocado shipped in from XYZ.
00:53:43 Kristin Demoranville
Or we can.
00:53:43 Kristin Demoranville
Get tuna shipped from Japan and it will arrive and you will have it on your plate by your lunch, you know.
00:53:49 Brian Schleifer
Yeah, Kristin, which is so funny. You bring that up because.
00:53:51 Brian Schleifer
I wrote a.
00:53:51 Brian Schleifer
Paper on on another course. Gosh, I can't remember the name of it, but it was with port security and how like they're they're starting to sneak illegal stuff in. But how you know they're going to databases and changing numbers so that they're not tracked or accounted for, but they're putting these big X-rays in so that the trucks that take off the big sea containers, you know, the cargo containers.
00:54:09 Brian Schleifer
The ships will go through this X-ray to find whatever is.
00:54:12 Brian Schleifer
Going in it.
00:54:13 Brian Schleifer
You know, when there was the big thing in the book. Oh, my brain. Just sand worms, you know, and they talked about the petman, non Petan. And they brought down the the port in Holland. And you think about that you're like, OK now my food is sitting somewhere. For how long? Right potentially. Like if there's something going down on the port. So it's like you just said there's all these things in the supply chain.
00:54:33 Brian Schleifer
And all these things that interweave that have such an effect, right, and now those respect the farmers or whoever else are starting.
00:54:40 Brian Schleifer
You know, they're kind of, you know, the money, or at least some point in that supply chain. They're losing money. So there's that cybersecurity that ties all the way back, just like you said, you know, I'm really looking for my tuner from Japan, and it's stuck in a port for however long. So by time I get it. It's.
00:54:54 Brian Schleifer
Not so great.
00:54:56 Kristin Demoranville
Yeah, and that's.
00:54:57 Kristin Demoranville
Why people don't realize the implications of supply chain in general? Because the ports are going to strike again, it's probably going to happen to this recording they have not, but people don't realize what comes off very quickly in these ports. It has to get to the grocery store and hit our supply chain first. Berries.
00:55:13 Kristin Demoranville
Bananas. I'm allergic to bananas, so I'm all four bananas not making it, but it's really interesting because people don't realize we don't have any seasons in grocery stores anymore. Brian, we can get pretty much what we want. We want it, right? But this is a global thing. This is why we've encouraged people to eat on more seasonal basis because it helps with sustainability.
00:55:17 Brian Schleifer
Doing that before I remember that before. How dare you.
00:55:34 Kristin Demoranville
But what people don't realize is how interconnected we are to the supply chain. If we have another issue like JBS, you know our attracting supply chain, we're not going to have beef moving or we're going to have problems with our beef and things like that. There's so much interdependency.
00:55:47
Right.
00:55:50 Kristin Demoranville
Delete all over the place and start unraveling it. Like I said at the beginning, it's like a both string that is just really large and it's really ridiculous and the cat is still knocking it around.
00:56:00 Brian Schleifer
Well, I think like you said, so I was reading up like it, you know, just to be fair, I was reading up and while you would think like, hey, I can knock down the power grid or something as like you said, the agriculture is a little bit behind that. So they're gonna look at, you know, the lowest hanging fruit. And if agriculture hasn't put the resource time and money into the cyber security, that's a lot easier to put a ransomware attack or something along those lines that ends up affecting, you know, the cyber physical system.
00:56:21 Brian Schleifer
Down the chain than it is trying to strike it more. Maybe a larger company that is supplying power to that respective manufacture.
00:56:28 Brian Schleifer
And plant or supply chain because they have the funding and they have, you know, a stronger protection and higher levels of protection. So again you know low low hanging fruit and ministry.
00:56:38 Kristin Demoranville
All the puns. We're here for all the puns. I was actually just thinking. I was just thinking low hanging fruit. I was about to say the meat and the.
00:56:44 Kristin Demoranville
Potatoes of it.
00:56:45 Kristin Demoranville
Is we go. This is let's really get into it. You know, what really struck me years back was when I went to a food safety conference for the first time and I really had that conversation with the people that.
00:56:46 Brian Schleifer
What we're doing?
00:56:56 Kristin Demoranville
Were going through.
00:56:57 Kristin Demoranville
Things same things we were going through, but.
00:56:58 Kristin Demoranville
From the food side.
00:57:00 Kristin Demoranville
So working in within the food industry years back or even being in the food industry as a server or serving coffee or serving meals, you really start to look at how things are so interdependent and interconnected. And then we had Russia invading Ukraine and they took out power and act first and that this is the way warfare will be. I mean, we're watching.
00:57:20 Kristin Demoranville
Our first cyber warfare really in real time, I mean they're laying fiber optic cables so they can just send out drones. It's it's a lot of things. We don't need to get into all the details. However, it crushed the market for wheat because they couldn't sell.
00:57:34 Kristin Demoranville
And then they were a high producer. But I think what's interesting is that people need to start making those connections, that it's not just about the hackers with the financial and you've you've already alluded to this or we're talking. It's also nation state threat actors. If you were going to take down another country just like risk or civilization or any of those games that we played when we were younger or still play to this day, for that matter, what are you going to go after first?
00:57:56
You're going to.
00:57:57 Kristin Demoranville
Go after electricity and you're going after food.
00:57:59 Kristin Demoranville
And water isn't there as well. Of course, you could take the water out. That would affect the food as well. I think people need to not panic and not think it's a, you know, a disaster catastrophe. Move. Truthfully, it's going to come down to water and food. You got to secure those two things. People in theory can be OK with electricity for an extent, depending on what's going on in their lives and situations.
00:58:20 Kristin Demoranville
But we can't function without food and water. We will have total anarchy, chaos, the whole we will displace and breakdown governments very quickly as well, because they can't take.
00:58:29 Kristin Demoranville
Other people. So this is what this is where I struggle with is we've just added IO T we've added cyber physical systems into these places, right? They're not even made securely. So that's problem. #1 again, product security people. You have my heart. I feel for you, but we haven't created a way for people to take their daily lives like a farmer.
00:58:49 Kristin Demoranville
Just a random farmer to be able to work with those products to feel secure about it and not worry about where their data is going because the cloud is the cloud, right? But how do we not and how is that data not intercepted?
00:59:02 Kristin Demoranville
How do we deal with that? We're already watching some of this happening with a lot of other things that are going on that are in the auxiliary or fires, things like that, people using drones, getting it caught in planes and other things we need to start thinking a little bit more broader, I think.
00:59:18 Kristin Demoranville
In in terms of.
00:59:19 Kristin Demoranville
Hey, if I do something like this, here is the ramifications, and that's for the scenario.
00:59:23 Kristin Demoranville
Girls, that's where those tabletop exercises. That's where those tabletop conversations happen. When we meet each other. Brian, you know, with conferences and stuff, and we have these, like, deep dive conversations.
00:59:33 Kristin Demoranville
Coulda, shoulda, woulda or. How do we move past the problem and get to that solution? We need to do that more, I think. And you're right. Those analogies, those conversations of storytelling, needs to come forward. But a lot of it is embarrassing or we don't want to talk about the shame of something happening. And This is why I say that cyber security is a lot about.
00:59:52 Kristin Demoranville
Chain mitigation as well as risk because we need to get people to move past their feelings, we need to get past the feelings part and start to get to the sense part. Like let's get to the sense conversation. These are the things that matter and this is what happened. And I I don't care. Like I don't care exactly what happened. I just want to get to the part where we make it OK again.
01:00:11 Kristin Demoranville
And that's that's.
01:00:12 Kristin Demoranville
The really important part of what it means to work in these critical infrastructures and sectors, Ryan, thanks for being here. I really I really enjoyed it. You you made me question some things and made me rethink some things and I appreciate that. I love it when guests do that. They challenge me when I'm talking to them in a way. You're right. We need better storytelling.
01:00:31 Kristin Demoranville
We need more analogies. We need to start thinking about things differently, but also not.
01:00:35 Kristin Demoranville
Make a big fuss about.
01:00:36 Kristin Demoranville
Like we don't need to make it a big deal. We just need to start start, you know, and do things that are going to be more proactive. So as we're leaving, I want to make sure that you give a plug out to your podcast and anything.
01:00:47 Brian Schleifer
Else you want to say before we close the show. Yeah. Yeah. First off, you know, thanks for having me on. It was a pleasure. Honor. I 100% getting TLC in.
01:00:54 Brian Schleifer
Person again, at some point at another conference.
01:00:57 Brian Schleifer
Where that is, I don't know just yet, but I really appreciate you having on I I am glad that this is getting out and being shared amongst multiple communities and industries and I think that's very important. Again, just researching and seeing it across the board and striking and I'm so happy that you have a voice out in that community and you're you're the right person to have that.
01:01:16 Brian Schleifer
Yeah, ironically, and funny enough, I do have a YouTube channel podcast that is on also on Apple Podcast on Spotify. It's called people add value, experience and the funny part I said ironically is I don't really talk about cybersecurity. I talk about interesting.
01:01:36 Brian Schleifer
People and small business and entrepreneurship. So while the focus is not cyber security, you know it does come up as far as protection of people and data.
01:01:44 Brian Schleifer
So on, but a lot of it is, you know how people are standing up and protecting their people just in general and how they're surviving as a community. And you know, I do have some restaurant people on and people from the entertainment industry and other other places because again, it's really that tie in across the board. So whatever that may be. So again, I really appreciate.
01:02:04 Brian Schleifer
You taking the time to do this and I'm really excited for this episode to come out. I'm looking forward to feedback because I like to learn and grow. As you stated earlier on. And yeah, I I hope this community continues to learn and again appreciate you taking the time and effort to do this.
01:02:29 Kristin Demoranville
To wrap on today's episode with Bites and Bytes Podcast, I want to say a big thank you to Brian for joining me and sharing his thoughtful insights on cybersecurity leadership and how we think about risk in our global sleep supply. Also, we discussed a lot in this episode. I did my best to put all the links to those topics in the show notes.
01:02:48 Kristin Demoranville
And of course, thank you for listening, supporting and being part.
01:02:51 Kristin Demoranville
Of the community.
01:02:53 Kristin Demoranville
If you enjoyed this episode, don't forget to like, comment and share it with friends and colleagues who might find it valuable until next time, stay safe, stay curious, and we'll see you on the next one. Bye for now.