[Israel Business Series] Cybersecurity Solutions for Safeguarding Control Systems With Yair Attar

Yair Attar is the Co-founder and CTO of OTORIO, a platform designed to facilitate the implementation of a comprehensive security strategy for industrial control systems and cyber-physical systems. He is a former senior officer in the Israel Defense Forces’ Cyber Command who headed the military’s Incident Response and Threat Hunting division to defend national mission-critical systems.

With over 15 years of experience in cybersecurity, software engineering, and risk management, Yair focuses on safeguarding industrial and critical infrastructure against cyber threats. His ultimate goal is to simplify operational technology cybersecurity and provide the next generation of OT security and digital risk management solutions.

Here’s a glimpse of what you’ll learn:

• [03:19] Yair Attar shares his journey offering cybersecurity solutions for industrial and critical infrastructure
• [11:34] Cybersecurity risks in industrial settings and control systems
• [13:47] How OTORIO was formed
• [16:40] Instances of real cyber attacks
• [20:04] Yair explains how OTORIO help companies with cybersecurity issues
• [22:52] When is the right time to hire cybersecurity help?
• [26:57] Mistakes companies make with cybersecurity preparations
• [31:54] OTORIO’s steps for reducing cybersecurity risks for clients
• [35:24] Yair talks about growing through partnerships
• [40:16] The value of joining EO as an entrepreneur
• [43:23] How Yair achieves work-life balance

In this episode…

As technology continually advances, cyberthreats are becoming more and more prevalent. Cybersecurity is a critical concern for businesses and individuals alike. So, how can you remain vigilant in protecting your assets and information from cybercriminals looking to exploit vulnerabilities in your system?

According to Yair Attar, control systems are among the most significant cybersecurity risks. These systems help manage critical infrastructure such as power grids, water treatment plants, and transportation systems. If these systems are compromised, it could result in significant disruption and potential danger to the public. Therefore, it is crucial to have measures in place to protect these control systems from cyberattacks. The main one he recommends is hiring a firm that offers cybersecurity solutions for industrial and critical infrastructure.

In this episode of Inspired Insider Podcast, Dr. Jeremy Weisz sits down with Yair Attar, Co-founder and CTO of OTORIO, to discuss his entrepreneurial journey offering cybersecurity solutions for industrial and critical infrastructure. Yair talks about cybersecurity risks in industrial settings and control systems, the formation of OTORIO and how it helps people, mistakes companies make with cybersecurity preparations, and entrepreneurial growth through partnerships.

Resources mentioned in this episode:

• Yair Attar on LinkedIn
• OTORIO

Special Mention(s):

• Daniel Bren on LinkedIn
• ANDRITZ on LinkedIn

Related episode(s):

• “[Top Israel Leader Series] Engineering the Autonomous Revolution with Rabbi Mois Navon of Mobileye” on the Inspired Insider Podcast
• “[Israel Business Series] Crafting a Great Brand Story: Tips and Tricks With Nir Zavaro” on the Inspired Insider Podcast

Quotable Moments: 

• “Cybersecurity in general, is like a rotating wheel, everything is changing all the time both from defender perspective and attacker perspective.”
• “You need to start protecting your environment a bit better than others.”

Episode Transcript

Intro  0:01

You are listening to Inspired Insider with your host, Dr. Jeremy Weisz.

Jeremy Weisz  0:22

Dr. Jeremy Weisz, your founder of inspiredinsider.com I talk with inspirational entrepreneurs and leaders today is no different. I have Yair Attar of otorio.com and they protect everything you operate. Right. Okay, so cybersecurity solutions. We’re gonna go into it what they do. But Yair, I always like to point out other episodes people should check out of the podcast. And because this is part of my top Israel business leaders series, there was a really good one I did with Mois Navon of Mobileye, who was one of the founding engineers and they talked about the journey of being acquired by Intel for $15.3 billion. So it was a pretty crazy journey. I had also a fellow EO Israel member of the Yair, Orit Oz, she’s run an agency for over 25 years in the b2b space helping companies with global expansion. I had EO Israel member Amit Oestreicher of Xtras in G-nie talk about how he lost all of his clients overnight, not once, but twice, crazy journey and how he bounced back, Nir Zavaro wrote, F*ck The Slides, excuse my French. And he talked about storytelling and branding. And Ran Gave a founder of webz.io helping protect brands from the dark web and brand protection, and many more, so check those out on inspiredinsider.com. And this episode is brought to you by Rise25. At Rise25 we help businesses give to and connect to their dream 100 relationships. And we do that by helping you run your podcasts are an easy button for a company to launch and run a podcast and we do the strategy, the accountability and the full execution. Yair we call ourselves the magic elves that work in the background and make it look easy for the hosts in the company to create great content and create great relationships. For me, the number one thing in my life is relationships. And I’m always looking at ways to give to my best relationships. And I found no better way over the past decade to profile the people in companies I most admire and share with the world with their work. And so if you’ve thought about podcasting, you should if you have questions, go to rise25.com to learn more. I am excited to introduce you a Yair Attar. He’s the CTO and co-founder at OTORIO which is a cyber-physical system cybersecurity company and they help organizations with a safe and secure digitalization journey. And prior to OTORIO will call it will say major Attar led the Israeli Defense Force incident response and threat-hunting cybersecurity divisions. He has over 15 years of experience in cybersecurity software engineering, risk management with a focus on protecting industrial and critical infrastructure from cyber threats. So Yair, thanks for joining me.

Yair Attar  3:07

Thank you for having me.

Jeremy Weisz  3:08

So talk about how did you get on this journey to help protect people from this industrial and critical infrastructure from cyber threats?

Yair Attar  3:19

Okay. So first, like on my personal journey, I started as a software engineer within the Israeli Defense Forces. And I really had the honor and opportunity to do various positions and which led to my previous world, which was, as you mentioned, leading Israel nation-state incident response and threat hunting units. And as we know, unfortunately, Israel has a lot of attention towards us. So I think cybersecurity domain is something that you learn best from experience. This is one of the reasons why Israel is such a, from a cybersecurity perspective, such a strong nation, we learn at a very young age. And I think also the Israeli Defense Forces is a great melting pot sorry, from like society perspective, right? Because you get people that are being screened from the whole society and population of Israel. And you get this culture that developed at a very young age that you can do everything right. I remember even situations with my own soldiers, that something needs to be done by I don’t know, it’s kind of weekend for beginning quake and like, the soldier never did it before. And he’s telling me like, I have no clue and I’m like, okay, I mean, I don’t care. Make it happen, right. So you develop like, and you’re successful, one time after another, and you develop this mentality like that everything is possible. And I think, by the way, this is one what something that also leads to like this thing called startup nation and things like that, because at a very young age, and then you go out from the Israeli Defense Forces, with this type of mentality, and you believe in yourself, and you start building things. And I also think that something that about me in general, but I think also represents to some extent, the Israel philosophy, most things were small, but we’re agile, and we fast and we adapt. And we understand. And I think, too, in order to win, or in a lot of areas in life, you need to be able to do that. I even have, like, for example, one of the things that I had opportunity, and this was in the newspaper, so I can talk about it. But before I finished my military service, there was sort of like a capture the flag, multinational exercise, being led by Israel, and the Cyber Command and NSA. And I won’t forget the moment where I brought like, I lead the Israeli Blue team, and I brought like, around 20, young soldiers that from different like areas within the Army, like the army, from the Navy, from the Air Force, and whatever, that didn’t even work with each other before. And then I get a tour to the US side, and I get to a huge hall with like, 200 people, and everyone are so experts at what they do. Like they did it for many years. And I’m like, getting back to my room with my tea. And I’m like thinking to myself, oh, shit, no way. No way. And but I can show it right? So I’m telling to my team, we’re going to win this, we’re going to take it and whatever the exercise starts, and then I, then I get it. We have to have, we say, this is what needs to be done. Everyone knows what they need to do, go do it, you trust each other you there’s accountability. And there’s no need for additional approvals or additional processes, which are important to in your bigger organization. But when you’re small, and you want to move fast, it just don’t work. So I think this is what really helped us, then we won. But this is really what clicked my mind that one of our uniqueness is that we are first learners, and we can adjust and build fast things to make it a win wherever we are. And I think this is something that then when I finished my military service, so I went and opened authorial and I had also the opportunity with the experience, I got to meet my co-founder, Danny Bren, which she established the Cyber Defense Command in these rare defense forces. So he was a big name. And we started our journey together. And I think it was a really good match, both from personal and professional perspective. And what we understood, I think there were some events throughout our service that led us to the understanding what risk management is all about. And I think there was like, one time there was, and I won’t share the full details, but let me just say that there are two systems. One is the mailing service, and everyone are impacted, it’s not working. And you get the chief of staff office calling immediately, right, this needs to be fixed now. And then in part of there’s a critical system operational system that is not working. And nobody noticed. And by luck, we didn’t need it, specifically at the time, but it was only by luck. And the whole organization was focused on the mailing service. And I think this is what led us to the understanding that there’s a need for non-experts, not for cybersecurity or it or technical people, for business stakeholders to understand what the digital risks and how they reflect on the operational business. So when we went basically to Delta Ward and start seeing the market, it was clear that we want to do something in cybersecurity and risk management and we saw what’s happening in the operational side. It’s not just industrial because today everything is becoming more connected. We’re talking about from smart warehouses and logistics and cameras and buildings. And so everything is becoming more and more connected, that there was a solution that in the market, back then there were like multiple companies, but they were doing more of the same, which is and detecting of a threat when the attacker is within the network. Now, this was based on a novel you could say right in, about like 13 years ago, there was like a major event called Stuxnet, that maybe we’ll get back to it. But basically, this was one of the first times and it had a lot of I would say echo around it, that a nation was able with code to effect a physical process. In this case, it was an Iranian nuclear facility, enriching uranium for building an atom bomb. And basically, with code that was written somewhere in the world, was able to affect and actually stuck and or reduce the creation of sentry foods. And this cause, like everyone to understand, okay, oh, no, like, something like this can happen to us. Since then, I think the whole market evolved significant…

Jeremy Weisz  11:25

So, whoever was behind that was trying to stall the manufacturing of nuclear weapons.

Yair Attar  11:32

Correct. But one of the challenges with that, is that once it was published, it became an open source. So think about it. Now you have such a weapon that any hacker, it doesn’t need to be an expert can start using and targets, other types of organizations. And this whole threat landscape is just changing and evolving. Another just example is that during COVID, there was a new marketplace, called RAAS reservoir as a service, you get to the dark web, you ask, I want you to go and run some of these company. And I offer five bitcoins or whatever, some specific amount of money, and someone jumps and say, I can do that. And all of a sudden, you have a platform in marketplace, for basically targeting different entities and organizations around the world creating impact. And what we start seeing is that also impact on operations impact on physical operations is happening. And I think, to some extent, what led us to the understanding, again, that, as I mentioned before, from a risk management perspective, right, is that our markets, needs to be able to manage this risk proactively. There’s a lot of today, trends around industry 4.0, from predictive maintenance, and basically doing more with less. So thinking about this concept, just from a cybersecurity and digital risks perspective, how can I proactively take actions that will reduce the potential of my organization being impacted, and unfortunately, today, every other week, you will hear this thing happening. And one last thing, which was very helpful for our journey that actually really helped us to boost our journey to some extent. We met and industrialist we met someone that has a vision of autonomous manufacturing. And this man, Dr. Wolfgang Lightner, which is the majority stakeholder of a company named Andritz, which they are an industrial engineering, global company, which what they do is they basically build plans, machineries for different types of industries. Every time they want to talk to customers of them, they like they said, okay, this is a great idea, but what do you do about cybersecurity? This is when he understood that he needs to do something about cybersecurity. And we partnered with them at the beginning of 2018. We’re basically together we established auditorium to serve also them as a customer and also leverage them as a partner to their end customers. But also, of course, we are working directly with today, many global organizations everywhere. But this really helped us to boost our reach to the market and also our understanding of what does it mean In a manufacturing site operations, working with automation engineers, and helping us really to build a solution that really fits those complex use cases, because one of the challenges as well. And today, the IT security space is very well established. Everyone knows exactly, there’s a very clear understanding what needs to be done, what type of solutions out there that are needed, et cetera. This space, OT cyber, CPS or Cyber Security systems, like different names, but it’s still evolving, it’s still maturing, and a lot of organizations don’t always have the understanding what they need to do. And sometimes even you seek clash of different cultures. And within an organization, IT security teams and operational members that didn’t talk to one another for a very long time, blue colors, white colors. And this, now with the digitalization causes them that they need to start talking together because things are being connected to the cloud and sensors and whatever and IoT and IoT. And this is what’s happening in the market. So this is in a nutshell, our journey.

Jeremy Weisz  16:13

Yeah. So the OT side is basically operational technology and protecting. And I know you work with a lot of manufacturers, there was in attacks like this can cause chaos, digital or cyber-attacks can cause real physical issues. And there was something that happened with there was no gas in certain areas. What happened with that?

Yair Attar  16:38

Yeah, so I think this is a good example. So a few years ago, there was a cyber-attack, I think one of the attacks that caused significant damage in the US on the Colonial Pipeline Company, which basically have gas pipelines and distributes at the end of the day, gas to different places. And due to a cyber-attack, they stopped their operations for about a week. And this cause like panic in many places, because there was no gas in gas stations and things like that. And what was interesting with this use case, is that’s what’s known today is that there was an attacker that reached the IT organization, but because they could they took a decision, they took a decision to stop operations. Because think about it, if you have an attacker within your pipelines, it can actually cause much more damage from explosions, to stopping things and cetera. So safety related, environmental related. So they took a decision to drop everything down and stop operations. And if they had a chance to understand they really had the visibility of how the environment is security, and how hard it is to actually cause this type of damage. Maybe they could have taken a different approach or decision. So this is just one example. And unfortunately, again, we hear almost every week now, there’s a big one that was happening a few months ago, Clorox company, the one responsible for manufacturing of like different cleaning materials and things like that we’re talking about, they’re now reporting their q1, some of the revenues within the last quarters. And we’re talking about more than $300 million losses. And this is what at least we know, one of the challenges also what happened with it. So actually quite similar to some extent to Colonial Pipeline where basically they will get hit, again, when you don’t have proper visibility into your digital operational environments, and how well they are connected, and you are immediately afraid. And so they also took a decision in some places to just stop operations. And unfortunately, by the way, think about it when you have materials that sometimes are they serve pharmaceutical, for example, whatever, so they are regulated. If the operational process stops, then you need to stop everything, clean everything and do everything from the beginning. And this is just one use case within the pharmaceutical and food but also food beverages and things like that. So the whole operations become much more complex, much more digitalized. And again, over there, they just stopped operations because of this attack, because the significant impacts.

Jeremy Weisz  18:11

So from OTORIO’s perspective, what would you have done, or what would have been in place that would allow them to maybe do something differently?

Yair Attar  20:04

So I think that’s today, a one off. So first of all, what we’re seeing here is almost as a pattern, that the most significant and scarier attacks are run Somers, because it’s the easiest to some extent, the easiest attack like you don’t need to invest a lot. Once you’re you get one foothold within the organization, you basically it spreads. And it causes the most significant impact on those types of environments and those types of organizations. And what we do, which is quite different today, with what we’re seeing in the market, is we’re helping those organizations to understand proactively, where are those gaps. And one of the challenges in general in cybersecurity is that when you see everything, you’re overwhelmed, because you’re not an expert always, and you don’t know where to start, and you don’t know what decisions to take, that will create the most significant impact from a risk reduction perspective. So what we’ve built, we have a solution that basically helps to take them to this journey. And it’s a journey, by the way, we accompany them throughout this journey. And it’s not just, here’s the product or technology, and that’s it And goodbye and talk to us when you renew. But it really is a journey, that we work with them to help them build the workflows and processes around that because again, this is still maturing and evolving. But at the end of the day, it really helps them to take the best call to action. And leverage already compensation controls they invested in the past, and hopefully do more with less. Because again, we know that some of the biggest challenges is in general, but in cybersecurity specifically, is manpower skill set. And especially, those sophisticated people will not always go and work for, I don’t know, an energy utility, they will go to work for IT or advanced technology companies. So we know that we address the markets where there’s not a lot of people over there dealing with this. And there’s not always the skill set, and we need to help basically support them upskill them and accompany them in this journey. And then they help them be protected.

[Continue to Page 2]