Stranger than Fiction: 3 Essentials of an Industrial Network Security Strategy with Chase Cunningham
“You must remember … as many times as we win, the bad guys only get better. Our battles are just beginning!” These words conclude a graphic novel by Dr. Chase Cunningham and coauthor Heather Dahl. In “The Cynja: Volume 1,” the protagonist is the evil Botmaster. His thick, purple tentacles; sharp, black claws; and digital-looking scythe try to take down networks in the time it takes to turn the page. The concept is scary real. We sat down with Cunningham for our blog, “Stranger than Fiction: Exploring the New Battlefield at the Industrial Edge with Chase Cunningham (Part 1),” where we explored the rise of cyber threats on the industrial edge and why turning things on, crossing your fingers, and hoping your network stays safe is antiquated and risky. Cunningham, a former U.S. Navy officer who worked in cryptology with National Security Agency and Forrester street cred, now consults with international companies and public organizations. His military experience taught him two things. First, small businesses are targets for nation states because of their connective links to other things (the nature of technology is that attackers get past defenses and sprawl; it’s the difference between a break-in and a break-in-and-move-into-every-room scenario). Second, if you fail to plan, you plan to fail, underscoring Cunningham’s favorite wrong to right. He maintains that operational leaders should remove trust inside the network, first and foremost. Here, we give you three essentials for your network security strategy at the industrial edge, directly from Dr. Zero Trust himself. Essential #1: Offense Wins For OT (operational technology) leaders seeking to protect edge infrastructure, an offensive strategy increases your odds of staying secure. Dramatically. Cunningham’s perspective is clear: the advantage belongs to those who think like attackers. “Are you willing to engage in a red team operation … and let a group of hackers essentially come at you and tell you where you’ve got vulnerabilities?” If the answer is no, then he says there’s an issue right there. For Cunningham, an offense-minded strategy starts with confronting reality and actively probing for security weaknesses the same way an adversary would. That mindset is critical because, in his words, “how can you possibly defend what you don’t know about?” Industrial environments are often sprawling, with unseen or unmanaged assets. Without full visibility, attackers will exploit your most vulnerable gaps first. He frames out the risk in real time. “I could breach these folks in about 25 minutes.” The “folks” Cunningham refers to are fuel centers talking to the internet that he has, with a few clicks, identified. Even more concerning, “a lot of these have crappy usernames and passwords like admin passwords. I could go in there and change fuel controls.” The takeaway isn’t theoretical. Attackers win because they take direct, simple paths into exposed systems. Organizations that take a defensive stance, he says, don’t test potential paths themselves. Instead, they wait for an attacker to do it for them. Cunningham is equally blunt about why traditional approaches fail. “Security by obscurity is not going to keep you safe.” Piling on tools doesn’t solve it either. “If the dart board is continuously moving,” he says, “the odds of me hitting that bullseye is pretty slim.” Reactive defense cannot keep pace with adaptive threats. “Getting breached is not the big problem,” Cunningham adds. “Someone will find a way to get past whatever defense you’re putting in front of them.” If compromise is inevitable, then success depends on how quickly you detect, isolate, and respond. These safeguards come from understanding how attacks actually unfold. In industrial operations, offense wins. Organizations that continuously test, expose, and reduce vulnerabilities don’t wait for a real attacker to do it for them. Essential #2: Zero Trust Protects the Entire Network Dark actors target ICS (industrial control systems) and OT environments. Why? As mentioned in part 1 of this series, industrial infrastructure has evolved rapidly with many more entry points because of today’s ultra-connected world. The cloud, internet and mobile workforce have expanded the attack surface. As a result, attackers don’t look for targets, they look for vulnerabilities. No one is too small or too big. Successful network security strategy means moving beyond legacy perimeter security to dynamic, zero-trust strategies governed by “never trust, always verify.” The goal is to protect the entire network and build resilience against evolving threats so disruptions are eliminated. “A lot of people have been burned without a clear ROI,” Cunningham says. “There’s a unique space around IoT, IT/OT and binary-type applications. OT devices are only supposed to do one or two things and pull up data. The OT space fits well into the strategic side of the equation.” Understanding and knowing what’s going on with your devices is a good start. To Cunningham, security is much bigger than one organization. After leaving the NSA he was assigned a project around zero trust that was already underway at Forrester. He quickly realized that if he was a bad guy, zero trust would have made his life miserable. His thinking around security quickly changed. “I built a framework. I have kids. I really think that in a world where everyone is digital and in a space where we have … access to the internet and all these other things, operating securely is a fundamental human right.” Essential #3: Make Your Network Invisible Through a Zero Trust Mindset Attackers can’t exploit a network they cannot see. Yet, according to Cunningham, there’s a critical step before you get to actual technology tools: embracing a zero-trust mindset so people inside your organization become, well, skeptics. Zero trust is not a single product or model, but a mindset that removes implicit trust from all relationships inside your network. Start with the basics. Define maximum control. What control do you have right now? Where are the gaps? Minimize lateral movement. Do third-parties have access? Does your security allow people to move around easily within your network once they are in? Don’t empower adversaries. Are you thinking offensively? What
The Overlooked Value of Microsegmentation in OT Security
Scott Alldridge, CEO of IP Services, likens microsegmentation to a hotel experience. “You go to the front counter. You present your ID. They authenticate you,” he explains. “They give you a key card. You can go into the exercise center, sometimes a lounge, but you can’t go into other guest bedrooms or the back office. They’re really controlling for a point in time.” Controlling access case by case, he says, restricts “east-to-west” movement within a network. If a breach occurs, the intruder’s ability to move laterally is severely limited. And moving they are. According to The Hacker News, “over 70% of successful breaches involving attackers moving laterally.” This, they say, is causing “organizations to consider rethinking how they secure internal traffic.” Enter microsegmentation and zero trust. Microsegmentation Comes of Age Alongside Zero Trust A regular contributor to Forbes, Alldridge’s passion for technology hails from his high school days where he hid a Commodore 64 underneath his bed in case friends stopped by. At age 19, he started a software company, then reinvented network integration and IT security for MicroAge Inc., a company on the Fortune 500 list the final five years of the last century. Alldridge’s experience comes by way of deep learning through his IT Process Institute, a research organization that studies IT values. One of his chief findings: 70% to 80% of downtime correlates due to unauthorized change, the core battle zero trust is known to win. Microsegmentation, Alldridge points out, is central to zero trust, which takes a “never trust, always verify” approach to eliminating and reducing attacks. Before 2020, he says, perimeter-based security was widely adopted. By 2024, as Alldridge was making his final edits on his 468-page book “The Visible OPS Cybersecurity: Enhancing your Cybersecurity Posture with Practical Guidance” (more than 400,000 copies sold) zero trust was gaining broader adoption. Still, in OT environments, microsegmentation was sorely needed but not exactly wanted. Granular security in an environment requiring 24/7 uptime was perceived as complex and risky. Many industrial devices and systems were not designed with security in mind. Plus, there were legitimate barriers to contend with: the constraints of legacy equipment, patches bridging gaps with modern technology, increased number of devices, and an outdated assumption that operations are off the radar of dark actors. “And so what we’re learning is how to protect those systems,” he says. “Some are SCADA, they’re dated, and a lot of them don’t have the ability to put proper security in place. In a lot of the industrial applications of technology, they’re using third parties to use specific machines, from water pump monitoring devices to CNC machines that cut wood and cabinets to logging and tractors that are in the field. They haven’t thought about the security aspects. Much like we’ve made progress on the electrical grids and the dams and the municipalities to some degree, they’re still working on it, though.” A zero-trust approach, combined with microsegmentation, allows organizations to “apply policies and add procedures … to basically block access, make it impenetrable – unless you allow and open up access to a specific person, individual, a particular network point, or a particular workload or application,” he adds. Used with permission. All Rights Reserved. Microsegmentation Keeps AI in Check While AI has been around since the 1950s, it is now the go-to for many – from the curious retiree to employees using “shadow” AI to write emails and strategic plans to students looking for a good introduction for their research paper. In his Forbes article “How AI Isn’t Just Improving Attacks, But Making Them Continuous.” Alldridge warns of AI’s security risks with the same urgency as Paul Revere’s midnight ride. An excerpt from his article bears why: “By enforcing least privilege communication at the workload, application, and data layer, microsegmentation turns a single compromise into a contained incident instead of an enterprise-wide event. It doesn’t rely on signatures. It doesn’t wait for alerts. It simply makes movement impossible unless explicitly allowed. That’s the key shift: from detection-based defense to architectural containment. When microsegmentation is combined with zero-trust principles, attackers can still get in, but they can’t spread. And in the age of AI, stopping spread matters more than stopping entry.” Alldridge differentiates between generative AI (GenAI) and agentic AI, explaining that while GenAI is popular for creating content, agentic AI refers to intelligent agents capable of autonomous actions within networks. Agentic AI, he says, could identify vulnerabilities, such as open network ports or improperly protected application programming interfaces (APIs), and potentially exploit them. He points out that agentic AI can act quickly, communicating across the network to find and create new breaches or move laterally – that “east-to-west” direction mentioned earlier – within the network. Microsegmentation and zero-trust principles, which both reduce the attack surface and limit the blast radius, counteract AI-driven threats that can create more sophisticated cybersecurity problems. AI agents are “going to be very intelligent,” he explains. “They may see something is open over here and there’s some ports open on the network that should have been shut down on the firewall of the switch or whatever.” If AI sees an application like an API that’s not properly protected, an application interface, or a non-human interface, AI agents could communicate internally, educate themselves, and create a new breach or move quickly east to west along the network. If you think ambitious AI agents sound like science fiction, take a look at this example Alldridge shares. A midsize parts manufacturer recently implemented AI-driven production scheduling and supplier integration tools. In so doing, they exposed several APIs to connect their ERP system to logistics partners and automated warehouse robots. One weekend, an AI agent embedded in a compromised third-party vendor application began scanning internally. Not good. It detected an open management port on a network switch that had been left exposed after a firewall rule change during maintenance. It also found an internal API used for machine telemetry that lacked proper authentication between non-human service accounts. The rogue AI
The Importance of Data in the Life of Bees
Have you heard the buzz? Data is everywhere, informing, influencing and affecting the direction and decisions of our lives daily. Due to modern technology, we now have access to a world of knowledge that was otherwise unavailable just 50 years ago. This data is gold, and when we intentionally utilize technology to mine and refine it, we can create a more sustainable world. Industrial internet of things (IIoT) technology makes a sizable and sustainable difference in multiple industries – including apiculture, the business of beekeeping. Much to my surprise, I learned that taking an intentional approach to data collection and distribution profoundly impacts the lives of bees and surrounding societies. Data and beekeeping In 2019, I went on a mission with my company ModuSense to create an IIoT solution that could aid specific industries with several deployed assets in need of environmental monitoring. After exploring applications in forestry and horticulture, our journey led us to apiculture farming and the high value commodity of honey. I believe in fully immersing myself in business and technology, so I became a beekeeper to understand the complexity of the apiculture industry better. Beekeeping is a high-value asset in New Zealand and Australia, almost exclusively because of the manuka honey variant. While traditional clover or bush honey may earn between $4-6 dollars a kilo, manuka honey can earn as high as $200 a kilo, making every drop critically important. Proper hive monitoring is essential for quality production, but beehives (especially the manuka variant) often grow in difficult terrain within remote locations, making them challenging and expensive to access regularly. Without IIoT technology, beekeeping is a naturally complicated process. Oftentimes, beekeepers must utilize helicopters to deploy and check on their hives, which is time-consuming, expensive and challenging. However, with the right IIoT solutions, such as sensors that monitor hive conditions, the beekeeping process is simplified, increasing productivity and overall harvest quality. With access to the right data, beekeepers don’t have to check on the internal conditions of their hive manually; instead, they can manipulate and control the hive’s environment from afar through sensors to create optimal conditions for production.This IIoT technology is helping us augment the beekeeping process through effective data monitoring, which is ultimately creating a simpler and more sustainable approach to hive operations. Simple solutions In many ways, beekeeping is quite similar to dairy farming, meaning better environments create better products. When cows receive access to the best pastures, they inevitably produce better milk which then creates better dairy products for us to consume. The same is true in the life of bees. When bees intentionally receive access to the best environmental conditions and quality nectar, they are able to become high-strength, crop-ready colonies which naturally produce a high-quality harvest. Effective regulation of the bees’ environment is critical to ensure the best yield, and this is where IIoT technology is making a world of difference in the apiculture industry. Bees are incredibly sensitive to barometric pressure, humidity and temperature, all of which play a role in their ability to produce as a colony; bees also need to maintain a central weight to operate at peak performance. As such, the best way to ensure a quality harvest from a beehive is to maintain the colony’s weight and manage the hive’s temperature. With proper data insights, we can do this remotely by studying and monitoring the internal collective health and conditions of the hive. Without lifting the hive’s lid, which disrupts the harvest process, we can virtually control the bees’ environment without the extra cost or time of added deployments. These insights are easy to monitor from a single pane of glass, making critical information accessible faster than a bee can fly (which is pretty fast at 20 mph!). Integrating special IIoT sensors, we developed the HiveBeats Environmental Monitoring Sensor, HiveScale V5 and Brood Monitoring Sensors that now provide precise insights into the life of a bee, which ultimately determine if and when human intervention is needed. This allows for significantly fewer errors to occur and saves time and money along the way. Data connects life – for bees and people At ModuSense, we are proud to develop timely IIoT solutions, including sensor devices, cloud-based data routing, data storage, analysis platforms and connectivity hardware to provide solutions that are easily deployed and ready to fit for purpose. In partnership with FreeWave, we are committed to accelerating hardware and software IIoT development capabilities in meaningful and immediately measurable ways for remote industries around the globe. As the CEO of ModuSense, I am proud of the work we have done to create real-life change in the world of apiculture. Our special sensors enhance the hive cultivation process by extracting critical internal data insights, all while creating a culture of industrial sustainability for beekeepers along the way. We are creating a new way forward by leveraging the power of IIoT technology to monitor data and using that insight to respond with actionable execution. Sustainability is about finding ways to use less to do more and our ModuSense sensors are doing just that for beekeepers around the globe. Today, technological intervention plays a significant role in the efficiency and sustainability of our work. When we remove the guesswork from our labor, we can respond with intention and precision, creating better work environments and industry performance worldwide. I am proud to contribute to this type of change in the life of bees and beyond.