Richard Stiennon is the chief research analyst for IT-Harvest, the firm he founded in 2005 to cover the 2,600+ vendors in the IT security industry. He has held leadership positions at PricewaterhouseCoopers, Webroot and Fortinet. Previously, he was a research VP at Gartner for their IT Security Research Practice and held CMO and CSO roles.
Richard Stiennon, a research analyst and the author of Security Yearbook 2021: A History and Directory of the IT Security Industry, weighs in on the recent Colonial Pipeline attack.
“[U.S. critical infrastructure] is extremely vulnerable. A targeted attacker that was at least as knowledgeable as the NSA could figure out what needed to be done to cause tremendous havoc. A pipeline is one thing, a power station, the signals for trains, the air traffic control system. … Everything that makes our lives move smoothly, is connected to control systems, which are run by essentially mini-computers that are completely vulnerable.”
In this episode of Cybersecurity Unplugged, Stiennon discusses:
- The vulnerability of U.S. critical infrastructure;
- The possible motivations behind the attack;
- How we should respond to our adversaries.