Nozomi Networks’ Roya Gordon On Latest OT, IoT Threats From Ransomware To Hacktivism

February 15, 2023 at 2:11 p.m. EST

Roya Gordon, Security Research Evangelist at Nozomi Networks, speaks about the company’s latest OT and IoT Threat Report and its efforts to promote diversity, inclusion and belonging during a CRN interview for the Channel Women in Security series.

Roya Gordon, a security research evangelist at Nozomi Networks, began her career as an intelligence specialist for the US Navy.

Years later, she made the transition to cybersecurity as a cybersecurity analyst for control systems at the Idaho National Laboratory.

She also made a career stop at Accenture before assuming her current position at the San Francisco-based company about a year ago.

Here’s a look at some interviews she did for CRNtv’s channel Women in Security series. During the interview, Gordon spoke about the Nozomi Network’s 2022 research report, Labs Latest OT/IoT Security Report: A Deep Look Into the ICS Threat Landscape, and their efforts to promote diversity, inclusion, and belonging.

What are some of the key takeaways from the report?

I’ve written a lot of other things, contributed to other reports, but this one was the most enlightening one for me because I’m like, ‘If I were an industry, how would this be valuable to me?’

Critical infrastructure companies not only have to worry about nation-state threat actors, China, Russia and Iran targeting them, they also have to worry about ransomware threat actors.

And now we have to deal with hacktivists as well.

Noticing this trend in 2022, I felt it was important to include it in the report so that people finally know that it doesn’t even matter what the threat actor’s motive is, because they are all using the same tactics and they all are cause disruptions.

There were other parts of the report where we included telemetry solely from our customer environment, solely from our honeypots, which you can’t get anywhere else. And how threat actors are targeting IoT devices and industrial control systems.

I was watching some of the webinars you presented in late January and you said there are more attacks in transportation and healthcare.

I understand these are very vulnerable sectors. Railroads, transportation, they don’t have much guidance, and now we’re seeing the United States come out with guidance to help them secure their fortunes. And then hospitals, they focus on patient care, patient data and not necessarily the cybersecurity of the systems that run the hospital. So it really makes sense, but I think these attacks underscore the need for stronger politics in these industries, and we’re starting to see that.

Based on the report’s findings, what is your advice for customers going forward this year?

So I would say take the report and then you find – we like to call it “actionable threat intelligence”.

We add: These are the common credentials attackers use to attack devices. These are the common malware categories. These are the usual warnings. These are the tactics that threat actors use. So, looking at the report now, you understand, “Oh, threat actors are targeting this way, let me make sure I’m following the recommendations needed to protect against these types of attacks.”

And if we switch a bit, I know that you lead the DEI initiatives at Nozomi. can you talk about it

Yes, so I was really excited when they approached me last year, August 2022, to lead the Diversity, Inclusion & Belongings team. So let’s call it DIB. It’s like, OK, what can the organization do to make employees feel included? So, from an internal and external perspective, how can we work with partners and customers who have D&I and do things together to educate other people and nurture the hiring of diverse talent?

I’ve been in positions where I was considered non-technical, not smart enough, not taken seriously, and there wasn’t really a culture to help me work my way through. So if I can help create that kind of culture, that safe space for other diverse people in the company, then I want to do that. It doesn’t matter how busy I am, DIB has to be my priority.

What advice do you have for other women involved in cybersecurity?

Be loud, because then you will remember. Once you have your own voice, you already know the work, you’re already smart, everything else will follow.