Ep. 038 - Electric Utility Lessons for Food & Ag with Kylie McClanahan

00:00:00 Kristin Demoranville

So I should probably be pretty honest with the listeners.

00:00:03 Kristin Demoranville

We're recording on a Friday the 13th and we have managed to lose internet connection like 6 times and my air conditioning is not really working.

00:00:11 Kylie McClanahan

I lost my headphones.

00:00:12 Kristin Demoranville

You lost your headphones.

00:00:14 Kristin Demoranville

It's been a lot of like, what is going on?

00:00:17 Kristin Demoranville

So we're just going to like chuck it up to the cosmic universal rays of this is ridiculous.

00:00:21 Kylie McClanahan

Yeah.

00:00:22 Kristin Demoranville

But that's okay because that's for humans.

00:00:24 Kylie McClanahan

We're humans.

00:00:24 Kristin Demoranville

This is what happens, right?

00:00:26 Kristin Demoranville

And we're just talking what it was like to be humans and trying to like plan for things.

00:00:30 Kristin Demoranville

and contingency with human things.

00:00:31 Kristin Demoranville

And how do we share legacy knowledge?

00:00:33 Kristin Demoranville

We're just resilient.

00:00:34 Kristin Demoranville

We just roll along with it.

00:00:35 Kristin Demoranville

You know, it's fine.

00:00:36 Kristin Demoranville

I'll just cry about it in post-op.

00:00:38 Kristin Demoranville

It's fine.

00:00:39 Kristin Demoranville

Post-production, I'll just cry.

00:00:40 Kristin Demoranville

No, I won't.

00:00:41 Kristin Demoranville

I'll be fine.

00:00:58 Kristin Demoranville

Welcome back to the Bites and Bytes Podcast.

00:01:00 Kristin Demoranville

I am your host, Kristen Amaranville, and this is the show where we explore the connections between food, agriculture, technology, cybersecurity, and so much more.

00:01:10 Kristin Demoranville

Today's episode is about lessons the electrical utility world has already learned and how they matter for farming and food.

00:01:17 Kristin Demoranville

My guest is Kylie McClanahan.

00:01:20 Kristin Demoranville

She brings her perspective from years in the electricity sector and connects it straight to agriculture with chicken houses, GPS tractors, rural broadband, and why people, not just the technology, are what make resilience real.

00:01:34 Kristin Demoranville

You're going to get a lot out of this one, so let's get started.

00:01:39 Kristin Demoranville

I am excited about this guest because first of all, she just got a PhD.

00:01:42 Kristin Demoranville

So we'll talk about that in a few minutes because that's epic.

00:01:45 Kristin Demoranville

But before we go into introductions or anything, Kylie, what's your favorite food and your favorite food memory?

00:01:50 Kristin Demoranville

They do not need to be the same thing.

00:01:51 Kristin Demoranville

Cool and good because they aren't my favorite food.

00:01:54 Kylie McClanahan

My favorite food is sour gummy worms.

00:01:57 Kylie McClanahan

I have a bag of them.

00:01:59 Kylie McClanahan

I have this is my office.

00:02:01 Kylie McClanahan

I have a snack drawer and one of these giant family sized bags stays in it at all times.

00:02:07 Kylie McClanahan

Pretty much at a time where there's a Walmart right

00:02:09 Kylie McClanahan

below our office because Arkansas.

00:02:11 Kylie McClanahan

And so when we run out, I just send upstairs and buy some more.

00:02:15 Kristin Demoranville

Well, that's your dealer.

00:02:16 Kylie McClanahan

You have a dealer downstairs.

00:02:18 Kylie McClanahan

As far as...

00:02:19 Kylie McClanahan

Favorite food memory?

00:02:21 Kylie McClanahan

I would probably have to say.

00:02:23 Kylie McClanahan

So last year, early last year, I went to Kona, Hawaii for an academic conference.

00:02:29 Kylie McClanahan

Oh, I had to go.

00:02:31 Kylie McClanahan

Had to go.

00:02:31 Kylie McClanahan

Yeah, we had to go.

00:02:32 Kylie McClanahan

Then we had, you had to go present in person.

00:02:34 Kylie McClanahan

And so my husband and I got to go on a tour of a Kona coffee.

00:02:38 Kylie McClanahan

I've just forgotten the word.

00:02:40 Kristin Demoranville

Plantation, coffee plantation.

00:02:42 Kylie McClanahan

Thank you.

00:02:43 Kristin Demoranville

I got you.

00:02:43 Kylie McClanahan

Yeah, got to go on a tour of a, we got to go on a tour of a Kona coffee plantation.

00:02:48 Kylie McClanahan

And because of like timing and

00:02:49 Kylie McClanahan

in the time of year.

00:02:50 Kylie McClanahan

It was like January.

00:02:51 Kylie McClanahan

So there was nobody else on this tour.

00:02:54 Kylie McClanahan

And at the end, we got to go roast coffee beans and Kona beans and then take them home with us.

00:02:59 Kylie McClanahan

I mean, that's something I've never, I'd never done before is roast coffee.

00:03:03 Kylie McClanahan

But the guy, rather than like just our tour guide going down, you know, 8 to 10 people saying like, here's what you do next.

00:03:09 Kylie McClanahan

We got like his absolute full focus.

00:03:12 Kylie McClanahan

And I don't think any coffee beans have ever gotten that much attention before.

00:03:15 Kristin Demoranville

And it was good, it was good coffee.

00:03:17 Kristin Demoranville

Kona coffee is actually one of my favorite for us.

00:03:19 Kristin Demoranville

varieties of coffee, beans that are on the planet.

00:03:22 Kristin Demoranville

And I've also had the privilege of going through a coffee plantation in Hawaii.

00:03:25 Kristin Demoranville

So when I was in Kauai, not Kona itself.

00:03:27 Kylie McClanahan

Oh, nice.

00:03:28 Kristin Demoranville

Yes, and I completely understand.

00:03:30 Kristin Demoranville

It's just something about that place as well that just makes it super magical when it comes to agriculture.

00:03:36 Kristin Demoranville

And you're the first person who's ever set a beverage as their favorite and a snack as their favorite.

00:03:41 Kristin Demoranville

So congratulations for being a first year on the show.

00:03:44 Kristin Demoranville

Wow, amazing.

00:03:45 Kristin Demoranville

I also really like sour things like that.

00:03:47 Kristin Demoranville

So I completely understand.

00:03:48 Kristin Demoranville

I am one of those people

00:03:49 Kristin Demoranville

that has to have Sour Patch Kids in the movie theater.

00:03:52 Kristin Demoranville

It's great.

00:03:52 Kristin Demoranville

It's a salty sweet with you having with the popcorn and stuff.

00:03:54 Kristin Demoranville

Absolutely.

00:03:55 Kristin Demoranville

I'm big on salty sweet.

00:03:57 Kristin Demoranville

Yes, that's great.

00:03:58 Kristin Demoranville

Thank you.

00:03:58 Kristin Demoranville

And I love Hawaii, so I'm so glad that you get to go.

00:04:01 Kristin Demoranville

It was beautiful.

00:04:02 Kristin Demoranville

It was the back at some point.

00:04:03 Kylie McClanahan

Yeah, that was the first and only time that I've been.

00:04:07 Kylie McClanahan

And I'm not even, like, I'm not a swimming person.

00:04:09 Kylie McClanahan

I'm not a beach person.

00:04:11 Kylie McClanahan

Just beautiful.

00:04:12 Kristin Demoranville

You don't even have to be like a beach person or a swimming person to go there because there's so much to do there that's not the beach necessarily.

00:04:20 Kristin Demoranville

And especially there's tons of like hiking and there's, I mean, let me be honest, what I did on, this was years ago.

00:04:25 Kristin Demoranville

I ATV'd after the day after a rainstorm through all of the, through a sugar plantation into a tunnel that opened up into where the opening scene for Jurassic Park was, the first Jurassic Park, the original, the OG.

00:04:38 Kristin Demoranville

And they have some of like the filming towers are still there.

00:04:40 Kristin Demoranville

And I was so soaking wet from the amount of mud that was on top of me that like I was like dumping my boot out.

00:04:46 Kristin Demoranville

It was a lot of things going on with that.

00:04:48 Kristin Demoranville

Should have brought a change of clothes,

00:04:49 Kristin Demoranville

kind of gross, but it was, it's quality like Hawaiian mud.

00:04:52 Kristin Demoranville

It's fine.

00:04:53 Kristin Demoranville

It probably had some kind of like exfoliating effect.

00:04:55 Kristin Demoranville

I've also done a helicopter tour around the Seven Sister waterfalls in Kauai, which is amazing.

00:05:00 Kristin Demoranville

If I ever did that again, I would definitely do them without the doors because the doors are cumbersome and they get in the way of, you know, photography.

00:05:05 Kristin Demoranville

What else have I done?

00:05:06 Kristin Demoranville

Nepali coast tour and it was a whale watch and it was the first time I would, you're not really allowed to get close to whales.

00:05:12 Kristin Demoranville

I think everybody kind of knows that.

00:05:13 Kristin Demoranville

You got to give them their birth.

00:05:14 Kristin Demoranville

But when you went in January, that's actually calfing season.

00:05:17 Kristin Demoranville

So the babies are there with the mamas.

00:05:19 Kristin Demoranville

And the males are teaching the babies how to breach and socialize and stuff like that around them.

00:05:25 Kristin Demoranville

So I was watching them learn how to breach for the first time, like, I don't know, 1000 yards in front of me.

00:05:31 Kristin Demoranville

So of course, naturally I was weeping in my guava boost, but like I was really happy.

00:05:36 Kristin Demoranville

So if you ever go to Hawaii, like these are the experiences you may have.

00:05:40 Kristin Demoranville

And they're all local driven, so you're definitely pouring into the economy.

00:05:43 Kristin Demoranville

So it feels really good.

00:05:44 Kristin Demoranville

Guava farm, it was great to go there.

00:05:47 Kristin Demoranville

The agriculture there alone is epic.

00:05:49 Kristin Demoranville

Yeah, and Kauai also has like wild chickens.

00:05:53 Kristin Demoranville

It's like Lord of the Flies with chickens all over the place.

00:05:55 Kristin Demoranville

They don't care.

00:05:56 Kristin Demoranville

They will stand in your car and try to attack you.

00:05:59 Kristin Demoranville

So just be prepared.

00:06:00 Kristin Demoranville

If you're scared of birds, it's not the place for you.

00:06:03 Kristin Demoranville

But yeah, it's such an amazing island.

00:06:06 Kristin Demoranville

I hope you get to go back because that is so cool.

00:06:08 Kristin Demoranville

And you would for like an academic thing, which is like pretty ****** too.

00:06:11 Kristin Demoranville

So it's great.

00:06:12 Kristin Demoranville

So why don't you go ahead and introduce yourself to everybody and please make sure you use your full title because you can say you're a doctor now.

00:06:18 Kylie McClanahan

I will.

00:06:18 Kylie McClanahan

I'm Dr.

00:06:19 Kylie McClanahan

Hiley McClanahan, hashtag not that kind of doctor.

00:06:22 Kristin Demoranville

Yes.

00:06:23 Kylie McClanahan

I am the I'm the CTO of the STASO.

00:06:27 Kylie McClanahan

We do remediation management for critical infrastructure.

00:06:31 Kylie McClanahan

I finished my PhD this past May was graduation and I am so relieved to be done.

00:06:39 Kristin Demoranville

That's got to feel really good.

00:06:40 Kristin Demoranville

And then you have a background in an OT as well, or is it more just computer science related?

00:06:46 Kristin Demoranville

Walk me through that just a little bit.

00:06:47 Kylie McClanahan

Yeah, both.

00:06:49 Kristin Demoranville

So I.

00:06:49 Kylie McClanahan

I grew up in the space, and I do mean that literally.

00:06:53 Kylie McClanahan

My dad worked for an electric cooperative for 40 years, his entire career.

00:06:57 Kylie McClanahan

It's amazing.

00:06:58 Kylie McClanahan

And so I grew up in the halls and then went to school, did undergrad, a degree in physics and a degree in computer science.

00:07:05 Kylie McClanahan

Not really sure which one I wanted to focus on and then moved into computer science for grad school right at the time that some Department of Energy money was coming in to look at the cybersecurity of power systems.

00:07:16 Kylie McClanahan

So I joined a project looking at that

00:07:19 Kylie McClanahan

particularly in your compliance in your CIP space.

00:07:23 Kylie McClanahan

And then we were able to take the research that we had done and commercialize it.

00:07:28 Kylie McClanahan

And that became the Staza.

00:07:30 Kristin Demoranville

That's, talk about full circle moments for you.

00:07:32 Kylie McClanahan

Like you've had so many and that's so wild.

00:07:36 Kristin Demoranville

Like, sorry, I always think it's cool whenever I heard you tell the story.

00:07:38 Kristin Demoranville

It's just like, wow, it's almost a Cinderella story.

00:07:41 Kylie McClanahan

I love it.

00:07:42 Kylie McClanahan

And like one of the things I like that's really fun about it is like now, dad's retired and, but I will still go to conferences and people will say,

00:07:49 Kylie McClanahan

McClanahan.

00:07:50 Kylie McClanahan

That's not a very common last name.

00:07:53 Kylie McClanahan

And I'm like, are you related to Bob McClanahan?

00:07:57 Kylie McClanahan

Like, I am his eldest daughter.

00:07:59 Kylie McClanahan

And so, like, it's nice.

00:07:59 Kylie McClanahan

It's nice to have been able to kind of make my own space, but to also have that connection back.

00:08:04 Kristin Demoranville

Dad knows what you do.

00:08:05 Kristin Demoranville

Like a lot of our parents, it's very hard to explain what we do to them.

00:08:08 Kristin Demoranville

I can't explain it to my parents.

00:08:10 Kristin Demoranville

I think it just really flies over their head.

00:08:13 Kristin Demoranville

Other than they understand it's something to do with civil service and doing the right thing, since they came from a firefighter family.

00:08:18 Kristin Demoranville

So, like, they get that part.

00:08:19 Kristin Demoranville

But the rest of it is like, I don't know what you're doing.

00:08:22 Kristin Demoranville

And that's okay.

00:08:25 Kristin Demoranville

Exactly.

00:08:26 Kristin Demoranville

What I think is really cool is you have this really unique lens in looking at OT.

00:08:29 Kristin Demoranville

And because you have this physics background, and granted that wasn't like your total passion, but you still did it anyways.

00:08:34 Kristin Demoranville

Computer science, you came from in your dad's perspective, because then you already were like kind of pre-learned in a little bit.

00:08:40 Kristin Demoranville

What has really shaped your approach when it comes to security and like critical infrastructure, especially in these OT environments?

00:08:45 Kristin Demoranville

Like what do you think is different in the way that you look at it than everybody else does?

00:08:50 Kristin Demoranville

Yeah.

00:08:51 Kristin Demoranville

I think that growing up in a cooperative, especially.

00:08:55 Kylie McClanahan

Not just in a utility, but in a cooperative owned by the members has really influenced a lot of the ways that I think about the and experience the industry.

00:09:03 Kylie McClanahan

Because, everyone has staffing issues.

00:09:06 Kylie McClanahan

Everyone has budget limitations, right?

00:09:08 Kylie McClanahan

No matter where you are, no matter how huge your company is, you have a budget.

00:09:11 Kylie McClanahan

And if you need more, you're going to have to convince someone to give it to you.

00:09:15 Kylie McClanahan

But when you're when you're in something like a cooperative or a municipal,

00:09:19 Kylie McClanahan

When increasing budgets is a rate increase, and for cooperatives in rural areas, you're talking a meaningful difference in the ability of your members to meet their monthly bills.

00:09:35 Kylie McClanahan

And I think you start to look at scarcity of resources in a different way.

00:09:41 Kylie McClanahan

I would say that the other piece of that, and this partially comes from the physics and partially comes from the upbringing, digging into water.

00:09:49 Kylie McClanahan

why and digging into consequences.

00:09:52 Kylie McClanahan

I was the how and why and in what way.

00:09:56 Kylie McClanahan

I remember at what point growing up, how does the water get into our house?

00:10:00 Kylie McClanahan

Dad's like, rather than tell me, oh, well, it's the angels pouring a watering can.

00:10:06 Kylie McClanahan

I don't know.

00:10:06 Kylie McClanahan

He'd be like, well, it comes from the pumping station.

00:10:08 Kylie McClanahan

I'd be like, where does the pumping station get it?

00:10:11 Kylie McClanahan

Oh.

00:10:12 Kylie McClanahan

And so this kind of like cause and effect chain of events became the way that I started to think about things.

00:10:18 Kylie McClanahan

And I think that's really, really served me well.

00:10:21 Kristin Demoranville

I think curiosity for you, I think that's where how we really get along so well.

00:10:24 Kristin Demoranville

And I should be forthcoming with the listeners.

00:10:26 Kristin Demoranville

I've known Kylie for a bit here.

00:10:28 Kristin Demoranville

But it's the curiosity that constantly drives me.

00:10:31 Kristin Demoranville

Like, I really want to understand that.

00:10:33 Kristin Demoranville

Why is that the way it is?

00:10:34 Kristin Demoranville

And why aren't we doing it this way?

00:10:35 Kristin Demoranville

Or what is this?

00:10:37 Kristin Demoranville

Why does this pipe go this way?

00:10:39 Kristin Demoranville

What's in this pipe?

00:10:40 Kristin Demoranville

Like, I don't, or I'll be like, wouldn't it make more sense to put something over this way because you don't have to bring a cable across the whole floor?

00:10:46 Kristin Demoranville

Like, I don't understand.

00:10:47 Kristin Demoranville

But like these kind of things, like that observation

00:10:49 Kristin Demoranville

I was also very much the same type of a child.

00:10:52 Kristin Demoranville

I'm sure I drove everybody crazy.

00:10:53 Kristin Demoranville

I probably still do.

00:10:54 Kristin Demoranville

Yeah.

00:10:55 Kristin Demoranville

I just always wanted to know more and more.

00:10:56 Kristin Demoranville

Like, what is that?

00:10:57 Kristin Demoranville

I don't understand.

00:10:58 Kristin Demoranville

Or if nobody would tell me, I would sit there and try to figure it out.

00:11:02 Kristin Demoranville

I'm sure you did too.

00:11:03 Kristin Demoranville

You just stare at it.

00:11:04 Kristin Demoranville

Yeah.

00:11:04 Kristin Demoranville

It's kind of like, it's kind of like, yes.

00:11:06 Kristin Demoranville

It's like that puzzle when they, with kids, like unravel the string, if you will.

00:11:10 Kristin Demoranville

Some of my brain fell tackling all these problems.

00:11:13 Kristin Demoranville

But I love that because you talked about, it's more about community.

00:11:16 Kristin Demoranville

And that's kind of what you grab too, is that it's not just

00:11:19 Kristin Demoranville

just one single organization.

00:11:21 Kristin Demoranville

It's about the whole system and the systems thinking aspect.

00:11:24 Kristin Demoranville

And this is again, why I love us OT people is we're systems thinkers too, because we have to be because we know what's going to happen if we don't think in a systems way.

00:11:31 Kristin Demoranville

But the fact that you brought up community and how important it is to your lens and your worldview with when it comes to OT is amazing.

00:11:39 Kristin Demoranville

And that's exactly what happens in the ag space.

00:11:41 Kristin Demoranville

It's so much about community.

00:11:42 Kristin Demoranville

It's and you know this, you live and you live where you live and it's very huge agricultural community there.

00:11:47 Kristin Demoranville

In fact, I was just talking to a farmer from there.

00:11:49 Kristin Demoranville

couple days ago.

00:11:50 Kristin Demoranville

It's very predominantly ingrained in your DNA, very much so.

00:11:55 Kristin Demoranville

Right.

00:11:55 Kristin Demoranville

And I love that because the community is always first.

00:11:58 Kristin Demoranville

It's not just like the individual.

00:12:00 Kristin Demoranville

And I think that's a super important lens to have inside of this entire industry because it's probably what separates a lot of us from the rest of the groups because if it's not going to benefit at the hold, then why are we bothering if it's not?

00:12:12 Kristin Demoranville

Right.

00:12:13 Kristin Demoranville

Yeah.

00:12:13 Kristin Demoranville

And I've heard you talk about this on stage a couple times, talking about what really matters and all the

00:12:19 Kristin Demoranville

different alerts that everybody gets or what should we pay attention to?

00:12:23 Kristin Demoranville

And I think you called it fatigue.

00:12:24 Kristin Demoranville

Did I get that correct?

00:12:26 Kylie McClanahan

Yeah, alert fatigue or even into like decision fatigue.

00:12:29 Kylie McClanahan

Oh, yeah, It's if everything's on fire, nothing's on fire.

00:12:34 Kylie McClanahan

Except not also not because things are still on fire.

00:12:37 Kylie McClanahan

But it's not everything can be now.

00:12:40 Kylie McClanahan

And this comes in so many areas, right?

00:12:42 Kylie McClanahan

If you're trying to prioritize in your life, you can't do everything right now.

00:12:46 Kylie McClanahan

If you're trying to prioritize in your job, you can't do everything right now.

00:12:49 Kylie McClanahan

And it's the same with vulnerability management.

00:12:52 Kylie McClanahan

There's been a trend just from the sheer number of vulnerabilities published.

00:12:57 Kylie McClanahan

More of them are going to be marked as critical if we keep the fractions the same.

00:13:01 Kylie McClanahan

If we see about this percent are critical, we're going to have more of them.

00:13:05 Kylie McClanahan

And when you get to the point, there was a point where teams could say, even if there was a security team doing vulnerability management, and in a lot of cases, you're lucky if you have that.

00:13:14 Kylie McClanahan

But even if there was a team, they could say, well, we're going to do the critical CVSS scores, and that's going to be how we prioritize.

00:13:19 Kylie McClanahan

And then you got to the point that you couldn't handle all the criticals.

00:13:23 Kylie McClanahan

Okay, so then what do you do, right?

00:13:24 Kylie McClanahan

And so I think trying to give people the information that they need to effectively prioritize is a huge part, a huge part of this process.

00:13:32 Kylie McClanahan

And it's a lot of what we look to do, you know, kind of in my day-to-day.

00:13:36 Kristin Demoranville

I think I've spent a bit of my career, especially when I was first starting in cybersecurity.

00:13:40 Kristin Demoranville

I kind of did one of those like IT to OT to security to security to OT.

00:13:45 Kristin Demoranville

I kind of jumped around a little bit.

00:13:47 Kristin Demoranville

But I completely get the fatigue, even as a

00:13:49 Kristin Demoranville

as a cyber person, like, and then on top of it, you have to test and verify.

00:13:54 Kristin Demoranville

But how do you test and verify all of these criticals?

00:13:57 Kylie McClanahan

Exactly.

00:13:58 Kylie McClanahan

And on top of that, you have to constantly be vigilant for zero days.

00:14:02 Kylie McClanahan

And so you as a, you know, there's so much pressure on an individual security analyst or practitioner, you know, whatever your title is, there's so much pressure on you to get it right.

00:14:12 Kylie McClanahan

And from the electric sector side, when you bring in compliance and you say, hey, if you miss one, not only is that more risk, you don't have a violation.

00:14:19 Kylie McClanahan

It burns, it burns people out.

00:14:21 Kristin Demoranville

That's so much.

00:14:23 Kristin Demoranville

I mean, I understand like creating severity around things to make sure stuff gets done.

00:14:27 Kristin Demoranville

Like I understand regulation for that aspect, but I can understand these utilities don't have full staffs.

00:14:32 Kristin Demoranville

They have small staff.

00:14:34 Kristin Demoranville

So you can't expect one person or four, a group of four to just do this all the time.

00:14:39 Kristin Demoranville

That's stressful as hell.

00:14:40 Kristin Demoranville

Like I couldn't imagine that.

00:14:42 Kylie McClanahan

It's interesting to look at it from, you can see the electric industry compared to other industries and you can see that the bar is high.

00:14:49 Kylie McClanahan

higher because the regulations required it.

00:14:52 Kylie McClanahan

Yes.

00:14:53 Kylie McClanahan

And I also know from riding in the car with dad exactly how excruciating the implementation was.

00:15:00 Kylie McClanahan

And some of that, there's a lot of my minutia, one of the things about the SIP standards is that they're industry written, federally approved, but industry written.

00:15:09 Kylie McClanahan

But even then you have your cooperatives and your municipalities and you have your investor owned utilities who are often much larger.

00:15:16 Kylie McClanahan

And so you have, even within the industry written, you have these

00:15:20 Kylie McClanahan

these competing or almost at odds in motivations of tell me exactly what to do so I can request a budget for it versus tell me the outcomes and let me figure it out myself.

00:15:31 Kylie McClanahan

And so you get this kind of mix of both in the actual outcome where neither side really gets what you wanted.

00:15:37 Kylie McClanahan

And a lot of the utilities have found their ways to manage it.

00:15:41 Kylie McClanahan

Some are sustainable, some are not.

00:15:42 Kylie McClanahan

And there's a lot of things that have gotten better over the past decade.

00:15:46 Kylie McClanahan

But the problem still stands.

00:15:47 Kylie McClanahan

It's still an issue.

00:15:58 Kristin Demoranville

Quick pause for today's episode.

00:16:00 Kristin Demoranville

And first, I would like to thank you for spending your time here with me.

00:16:03 Kristin Demoranville

If you're enjoying the conversation, the best way to support the show is simple.

00:16:07 Kristin Demoranville

Give it a follow, leave a quick review, or share it with someone you think should hear it.

00:16:13 Kristin Demoranville

And thank you to everyone who's sent a message or come up to me at a conference to say you listened to the show.

00:16:19 Kristin Demoranville

I'm honestly still very much blown away by all the support, and those moments fuel me to keep this show going.

00:16:27 Kristin Demoranville

I love hearing from you, and I appreciate it when you take a minute to stop by and chat or send me a message.

00:16:32 Kristin Demoranville

All right, let's get back to the episode.

00:16:39 Kristin Demoranville

Agriculture is not regulated when it comes to cybersecurity.

00:16:42 Kristin Demoranville

Right.

00:16:42 Kristin Demoranville

I've often, and I know people have tried, they've raised bills up, people have had conversations, and I appreciate the effort.

00:16:47 Kristin Demoranville

I'm never gonna not say thank you for trying.

00:16:50 Kristin Demoranville

Yeah.

00:16:50 Kristin Demoranville

What I do think we should take a lesson from the industries that are heavily regulated, like electricity, like automotive, oil and gas, to take a bead on what's working for them and what's not.

00:17:00 Kristin Demoranville

And because farming in general or agriculture in general is in this weird kind of evolving state now where we need more first gens, we are bringing tech in.

00:17:10 Kristin Demoranville

We're doing all this other stuff.

00:17:11 Kristin Demoranville

Right.

00:17:11 Kristin Demoranville

Where do we create regulations that aren't going to hinder the farmer any more than they're already being hindered?

00:17:16 Kristin Demoranville

Because trust and believe there's so much pushback right now in certain sectors of the world.

00:17:20 Kristin Demoranville

We need to reach these sustainability goals and we have to check more technology at it.

00:17:24 Kristin Demoranville

Here you go, farmer, go do this stuff.

00:17:26 Kylie McClanahan

Toodle-oo.

00:17:27 Kristin Demoranville

Right.

00:17:28 Kristin Demoranville

And I'm worried about that.

00:17:29 Kylie McClanahan

Yeah, you know, so in being in Arkansas, not just the home of Walmart, but the home of Tyson, so if you go drive around where I'm at,

00:17:39 Kylie McClanahan

You'll see a lot of chicken farms.

00:17:41 Kylie McClanahan

My first SANS ICS, there was a practical demonstration.

00:17:46 Kylie McClanahan

They were showing how you could get into a device and essentially enable security features to lock out the intended user.

00:17:55 Kylie McClanahan

The scenario they were posing was a chicken that you could lock them out of the atmosphere, atmosphere controls.

00:18:03 Kristin Demoranville

The environmental controls, yeah.

00:18:05 Kylie McClanahan

Thank you.

00:18:05 Kylie McClanahan

And they, to drive this point home, they put

00:18:10 Kylie McClanahan

in a toaster oven and turned it on.

00:18:11 Kylie McClanahan

So there was a video feed on the peeps and a video feed on them and a video, like a video feed of them sharing their screen.

00:18:19 Kylie McClanahan

And so they were like, these peeps were just charred.

00:18:22 Kylie McClanahan

The whole place smelled like burnt sugar.

00:18:25 Kylie McClanahan

But I'm going to be honest, it worked.

00:18:26 Kylie McClanahan

I still remember it.

00:18:28 Kylie McClanahan

And just thinking about like the people who run these chicken farms are not IT experts, much less OT experts, much less cybersecurity.

00:18:37 Kylie McClanahan

And how do you go to all of your, you know, if you're

00:18:39 Kylie McClanahan

Tyson, your individual chicken farmers, they need to be concerned about this.

00:18:43 Kristin Demoranville

So interesting that you bring up that because I know that Tyson's is very proud of the fact that they've digitally transformed and all of their chicken houses are being remotely monitored and managed.

00:18:53 Kylie McClanahan

Which in your brain, in my brain, we both went, no, I mean, that's cool, but oh no.

00:18:59 Kristin Demoranville

Right.

00:19:00 Kristin Demoranville

And I also, nobody's really been able to answer this question for me.

00:19:03 Kristin Demoranville

So if anybody knows anybody, please let me know.

00:19:05 Kristin Demoranville

Were they given 5G repeaters or were they, are they going off of the barn or the house Wi-Fi?

00:19:12 Kristin Demoranville

Like I don't, where's the connection to the internet here?

00:19:14 Kristin Demoranville

Or is it some type of a satellite link?

00:19:16 Kristin Demoranville

Nobody's been able to explain that to me.

00:19:18 Kristin Demoranville

And granted, maybe it's like secret safe information.

00:19:20 Kristin Demoranville

I don't know.

00:19:21 Kristin Demoranville

But to me, if it's attached to the house, what if you have a 15 year old kid that's playing like PlayStation, that throttles at all ridiculous.

00:19:29 Kylie McClanahan

And there's still a lot of Arkansas that doesn't have stable broadband access.

00:19:34 Kylie McClanahan

There was a program that got canceled not long ago that was intended to increase broadband service in Arkansas and other rural areas that now is left in the lurch.

00:19:45 Kylie McClanahan

And so even if it's attached to the home Wi-Fi, what bandwidth do they actually have?

00:19:49 Kylie McClanahan

It's not gigabit.

00:19:50 Kristin Demoranville

No, and I completely hear this.

00:19:52 Kristin Demoranville

And I think everybody at some point should have an experience in a rural area with the internet because it's really like humbling and reminds you of what it was like when dialing.

00:19:59 Kristin Demoranville

develop was around.

00:20:00 Kristin Demoranville

I was living in Kentucky and I had to use the cell phone tower connection essentially and it was abysmal.

00:20:05 Kristin Demoranville

But I will say that it was definitely an experience of learning how to be more tolerant of things and streaming was like out of the question for the most part when it came to TV and all that stuff.

00:20:15 Kristin Demoranville

So I think people take for granted the internet because a lot of us live in around cities, but these farms don't have access to the internet as fast as people think they do.

00:20:24 Kristin Demoranville

So what's concerning to me is how do they have access to it and when do they have access to it?

00:20:29 Kristin Demoranville

Because that is going to be something a hacker would be looking for as well, or any bad actor or nation state or whoever wants to mess with. And then the tractors that are out there running autonomously are using satellite signal. Yes. I mean, has anybody verified that the software updates are okay? I mean, we've already learned from Microsoft and CrowdStrike last year that maybe that's not a good idea.

00:20:48 Kylie McClanahan

Yeah.

00:20:49 Kristin Demoranville

That scares me.

00:20:50 Kylie McClanahan

Yeah, when you pair this with a general, I don't know how this is manifesting in the ag space, but with a general consumer trend of like your car door is

00:20:59 Kylie McClanahan

no longer manual, it's a button that sends a digital signal to open the door and they're not being a, quote unquote manual override. If you no longer have that, have that signal, are you left with a very expensive prick? Can you still use your tractor if you can't get satellite signal? I would sure hope so.

00:21:19 Kristin Demoranville

Yeah, it's, you just have to listen to the beeping basically is what it is. And it's funny because I, again, I've had this conversation with several farmers and they literally say, if my GPS tractor's not working,

00:21:29 Kristin Demoranville

working is beeping at me. I'm still going anyways. Like, they don't care. They got to get it done. It's too bad. You know, it's one of those things, well, I got to go. The gaslight might be on, but I got to go. And I think precision farming is cool because I'm a geek. I like tech. I think it's interesting, you know, but not the expense of the people that have to purchase these ridiculously expensive things and then have to figure out how to use them. Who's going to train the median average farmer who's like, what, between 58 and 63 to do this? No, I could see a total middle finger up and like, I do what I want, you know, don't tell me what I don't need to know.

00:21:59 Kristin Demoranville

But then you have something that happened like last year, and I don't know if you knew about this, Kyle, like the solar flares that hit last year, they knocked out the GPS in Canada and the Midwest and took out the tractors during harvest season. That sucks.

00:22:12 Kylie McClanahan

I did hear about that.

00:22:13 Kristin Demoranville

Yeah. And so I bring this up because everybody's like, it's not a cyber event. I'm like, but it could be mimicked because we know hackers are. They'll just do whatever they got to do. It could be mimicked. If something happens in nature, we'll figure out how to exploit it on a human level. And I'm worried about what that means on a large scale because in my

00:22:29 Kristin Demoranville

that if all the tractors are rendered unable to work, that would be really bad. That would be really bad. Or if there was one particular attack that wiped out the chicken houses in one state or one region, that's bad too. Or, you know, whatever. They could turn up the feed levels. They could do all kinds of things to these chickens. It's like that hack that happened in North Carolina, the one, the guy who got into the OT system for the chemical spray, for the cleaning. Yeah. And then he actually wouldn't have manipulated. He was a previous employee. And his boarding was bad.

00:22:59 Kristin Demoranville

bad, of course, because again, small staffs or too much turnover. You can't catch everybody. I'm not making excuses. It's just reality here. Yeah. I don't want chemicals in chicken. Thanks. Right. I don't want the chemicals that are bad in my chicken. Right.

00:23:14 Kylie McClanahan

Everything is chemicals, but not those chemicals, please.

00:23:16 Kristin Demoranville

Yeah. And I really think that these like little things that have been coming up more and more lately, I've noticed that people, everybody sends me stuffs. They're like, Chris, did you see this?

00:23:25 Kristin Demoranville

Did you see this thing that happened? And I'm like, yes, I have a Google alert, but I don't want to be rude about it. I got a Google alert. I know what happened. But at the same time, it's like, I'm really excited that people are excited about incidences that are happening because they are aware of them now. So you can tell a friend to tell a friend, right? Have you had anything like that with you and your side with the energy space?

00:23:44 Kylie McClanahan

The Spain and Portugal disrupts the number of questions. It's cyber. It's cyber. No, okay, listen, we don't know. It's too soon. It's too soon. Oh, it's cyber.

00:23:55 Kylie McClanahan

Okay, let's take a deep breath. And it does look very much like it was an operational, there was not a cyber component. I think there is and has been and continues a tendency to say if we see an operational disturbance in energy or otherwise, oh, it's cyber. And I think to some degree, it starts to reveal the level of baseline anxiety that is there in general. Like you said, like about the tractors, like if we see this,

00:24:20 Kylie McClanahan

Could someone, could someone mimic it in a cyber sense? I don't see why not, but I don't know the, I don't know the likelihood of it, but it feels like it could be mimicked to something that. Right. And you know, I really, I don't personally have data to talk to say like, is this an increase in things or are we more aware? Can we talk about like diagnoses? Is this chain of thought comes up a lot? It's like, do we actually have more people with autism or are we better at recognizing the signs of autism?

00:24:50 Kylie McClanahan

And I think you can see something similar with cyber events. The companies that publish the most advisories doesn't mean they're the most, doesn't necessarily mean they're the most insecure. Maybe they're the best at looking. Siemens is a great example. They publish a lot of stuff. And if you go by numbers, you'd say, what is going on with Siemens devices? They're looking. I think it's the same with, to some degree, with incidents.

00:25:12 Kylie McClanahan

are we, are we looking, like people are starting to recognize this is a problem. They're looking for signs and they're finding stuff because there are, there are things to be found. But I, can't, I can't be upset about a greater awareness that there are a threat.

00:25:26 Kristin Demoranville

No, I will never be upset at the general public for being curious. You know, it's just where they take that curiosity that becomes my problem. But. Well, true. It's just, and you made me think about it when you're talking about Spain and Portugal that when the incident happened in Heathrow Airport with the transformer and it was.

00:25:42 Kristin Demoranville

It's a cyber incident. We're like, no, stop. How can, I mean, are you, what are you doing? Are you watching too much sci-fi? Like, that's what I wanted to say to people. Like, I understand that you would like maybe think that, or it's that it's a terrorist attack immediately, because that's where everybody runs to. But I remember, I remember talking and, you know, we're both part of beer ISAC and it was the whole thread on that was like, people need to calm down. Like, just take it, go touch some grass, take it easy. It's okay. We don't need to get twisted up about this because right now we don't know what's going on.

00:26:12 Kristin Demoranville

And I think this is the thing that's the most important that I've noticed lately is people want to jump on the bandwagon of an incident or whatever's happening really fast. And then they spread more disinformation about it or they let their emotions run with it. And I don't like talking about active instances that are happening. I want to wait till there's at least some kind of report that comes out or the company is officially filed or SEC that says we had, I don't want to talk about it beyond that.

00:26:38 Kristin Demoranville

Because what happens is people just start panicking. And this as well as I do. You and I work in a space or spaces that are very big, very, very big. And they change a lot and they grow and they evolve and they're adapting and they're getting through stuff because it's critical infrastructure and that's what has to happen. To explain the one incident is affected the whole in terms of like not thinking about disruptions in supply chain. The supply chain is ginormous. We have done this to ourselves. It is the most complicated system on the planet.

00:27:08 Kristin Demoranville

And I'm not just talking about the food side. I'm talking about just generally supply chain. And if someone says that they're a supply chain expert, I always be like, well, which aspect? Because that's really big. That's really big. Are you okay? Like, that's my next thought. Are you okay? Like, do you have a headache? Do you want something to drink? Like, what's going on? Right.

00:27:23 Kylie McClanahan

Do you need to lie down?

00:27:24 Kristin Demoranville

Yeah. So I guess what I'm wondering is, do you think in that there's like some blind spots? Like, are we not covering all our bases well within certain sections? Because like your industry is important to

00:27:38 Kristin Demoranville

to the food and ag industry, as much as water is important to both of us, right? As transportation is, the things are, we're all interconnected. Is there any blind spots or overlooked risks you think that's repeatedly happening a lot more now? You've named like too much security awareness, like overly done security awareness. I don't, I mean, that is maybe a risk. Yeah, so I think

00:27:59 Kylie McClanahan

when, last summer, I was up in Idaho with Virginia Wright, Ginger, at Idaho National Labs, and

00:28:08 Kylie McClanahan

some others in industry and academia. And we were talking about CIE, cyber informed engineering, which is one of the programs that INL does. We're talking about taking CIE principles and getting them into two and four year education programs. So if you're looking at a technical or like associate's degree, and you're gonna be, you know, if you're gonna be a technician, how do we start thinking about cybersecurity and cyber informed engineering as part of that?

00:28:38 Kylie McClanahan

And one of the days we got on a bit of a tangent, but when do you, when don't we? And we were talking about up and downstream effects. I think there's a tendency among across industries to be like, we are the most important one, kind of like among the natural sciences. Like, well, everything is physics. Well, everything is chemistry. Well, everything's actually.

00:28:59 Kristin Demoranville

You know, I have hung out with those nerds.

00:29:01 Kylie McClanahan

It's really difficult to listen to that sometimes. I mean, yeah. But if the power goes out,

00:29:07 Kylie McClanahan

It's going to cause consequences across the board. If you're a power company and the water goes out, can you cool your plant? Because the inability to get water and the inability to cool your plants then impacts your ability to produce power. Thinking about not just if we have a problem, who do we notify, which is an absolutely critical part of

00:29:30 Kylie McClanahan

of response planning. How do we, do hospitals have backup generators? Do we have things on, and I'm going to forget the term, it's going to be really embarrassing, like critical paths, critical circuits, but also thinking about what are our upstreams, because there are.

00:29:47 Kylie McClanahan

If there is a food shortage, is that going to impact our personnel who then come and run the plants and thinking not without catastrophizing, without spinning into like, and the whole world is ending and there's zombies saying, you know, saying like, what, how do we start, how do we start to handle this? How do we plan for things that aren't our fault, but cause us problems regardless?

00:30:09 Kristin Demoranville

The fact that you're even thinking about workers and how they have to probably go on 24 to 48 to 72 hour shifts and have to be fed and watered and

00:30:17 Kristin Demoranville

at least have a little rest. It's really important in business continuity planning. And I think we forget about that. I was having a conversation with a farmer the other day, and he was telling me about his workers. He grows a lot of tomatoes. And I was like, and me being ignorant me, because I'm a podcast host, I'm trying to lighten it up a little bit. I said, I really love the smell of tomato vines. I do. I think they smell really fresh. It's nostalgic. I think of my grandfather. That's basically the end of it. Yeah. So he goes,

00:30:47 Kristin Demoranville

I know they're poisonous, right? Like a nightshade plant. I said, yes, I did know that. And he goes, and I understand they cause rashes off people's arms that pick them. So he's actually looking at incident response and business continuity to help his workers not be sick from picking tomatoes. And my first thought was, well, why would they put gloves on? But then I'm like, oh my goodness, they harvest in the middle of summer. That would be awful. I mean, they might have like little gloves on, but like not like big honking like up to your arms. Yeah. And then so he's thinking about, you know, creating, you know, using drones a little bit more.

00:31:17 Kristin Demoranville

often, especially when it comes to things like watering and stuff like that. And I thought, we really do a lot of stuff in OT, especially around factories and productions and things like that, where the equipment is actually created for employee safety over everything else. And I keep thinking about how do we build that into our business continuity? Do we build that in our incident response planning about the people? And then I had to think about it, because you definitely got me thinking about it, and you just made me think about it again, that I don't think we really do. I think we just kind of focus

00:31:47 Kristin Demoranville

focus on the equipment and uptime, but to hell, we got to get this up. So everybody's on board. And so what if you pass out because you're starving to death? You know what I mean? It's almost like some of these companies need to like, I don't know, find out where the warehouses are before they go to the grocery stores where all that food is stored and have some kind of like contingency plan put into place in case something does go down. Or what happens if there's actually a local disaster and like a tornado or hurricane, a train derailment? I mean, I've deemed things have happened recently. Like what happens? Do we

00:32:17 Kristin Demoranville

Do we know? Because again, as a good friend of mine, Kyle points out all the time, that when disasters happen, they're local. They're not regional and countrywide and global. They're local first, and they always will be local in a critical or skewed sense. So that's a really good shout out, Kylie.

00:32:33 Kylie McClanahan

Yeah, well, and like one of the things, one of the things that I love about the electric utilities and the cooperatives is mutual aid.

00:32:40 Kristin Demoranville

Yes.

00:32:41 Kylie McClanahan

If there's, even before something's hit, if there's plans for a hurricane and you drive on an interstate, you're going to see

00:32:47 Kylie McClanahan

Caravans of bucket trucks heading for the planned strike zone. Here for response. And it's not, you know, there's, it's not a, oh, we gotta go out to, God, they have another hurricane. Why do people live in North Carolina? It's, okay, let's **** **.

00:33:04 Kristin Demoranville

Don't care.

00:33:04 Kylie McClanahan

Got to throw my boots on.

00:33:05 Kristin Demoranville

I'm going.

00:33:06 Kylie McClanahan

They have, they have hurricanes. We have tornadoes. They came to help us.

00:33:09 Kristin Demoranville

Yep. It's kind of like, it reminds me a lot about when I was a kid. I grew up in New England. Yeah. Northeasters, storms, snowstorms.

00:33:17 Kristin Demoranville

whatever. I'm not afraid of them. They just are there as part of life. I remember you always knew when there was a storm coming, even if you didn't catch the news, because the plows would be sitting on the highway, ready to go on the on-ramps, completely loaded with salt, ready to go, and to start preemptively striking. And then I move outside of New England, and nobody knows how to deal with snow, except for like the Midwest. They're okay. They got their stuff together. But I remember my first time really being in Lake Virginia, and it was like, what are you doing? Why you don't salt, you don't salt

00:33:47 Kristin Demoranville

shovel. Like, it was just like, what are you doing? You're throwing salt on top of the snow. And I'm like, I don't understand. And then there was a running joke that I needed to run like a snow removal course for people who are not from. And I was like, I'm not, I'm not teaching people how to shovel snow. It's not going to happen. But watching people deal with their snow is one of the funniest things I'd like to do in the winter. And I don't, I'm not, no disrespect to anybody who lives in the South. I also wasn't, I was in Atlanta during the snowstorm that shut everything down. And it took me an hour to get home.

00:34:17 Kristin Demoranville

It was only like 4 miles away. Like, hello?

00:34:19 Kylie McClanahan

Yeah, yes. My husband spent part of his childhood in Colorado. And I've Arkansas born and raised. And so he does get a hoot about of watching our neighbors flip and slide on any slip.

00:34:35 Kristin Demoranville

It's so avoidable. And that's the thing. But it goes back to the point of, do you think those guys are upset for being in the cabs of those plows? I mean, they might be a little irritated, but they're making money. They're making a lot of money plowing.

00:34:47 Kristin Demoranville

Everybody I knew how to plow. My dad plowed, like is just part of the job. Like people need to get out. People need help. They go, they just go.

00:34:56 Kylie McClanahan

Right. We need more of that. There was a plant in Arkansas and I can't remember exactly when. There was a plant in Arkansas that had to shut down for a while. So they, you know, had to lay off the staff of the plant. But a few years later, they were ready. They were in a spot that they could reopen it. And they went back to the employees.

00:35:17 Kylie McClanahan

and said, listen, no pressure, but we would like to offer you before we go to anybody else who'd like to offer you the job that you had. Smart of them. Most of them came back. And that's, you know, like I can wax poetic about the cooperative model, but I think even outside of cooperatives, you can build an environment where you treat your employees well and with dignity, and you plan for business continuity around your employees' needs. I remember Megan Samford and the ICS

00:35:47 Kylie McClanahan

for ICS, the incident command system, for incident control systems, which I can't believe I said correctly, go me. I remember in like at S4 one year, she was, they were talking about, they were kind of doing a tabletop walk through it. And she or one of the other people walking through it was like, and someone's in charge of ordering pizza. And I was like, that is, I would never, I would never have thought like, and someone's job needs to be, they can have other roles too, but their job needs to be and it's time to order food.

00:36:15 Kristin Demoranville

Yeah, I mean,

00:36:17 Kristin Demoranville

I think about it. The first breach I experienced as a leader was on a Friday after late afternoon and we were stuck there for a while. And I don't think anybody ordered food until someone was like, I got to order food. That's right. Like, I'm starving. I don't even, I want to say it was like one of the VPs just had it and couldn't do it anymore and was getting grumpy and said, I'm like, basically he's like, I'm bored of getting a Twix kind of moment, you know? But I was like, not you when you're hungry. I mean, I didn't get home too, late that night, thank God, because there wasn't much to do, thankfully, in that situation.

00:36:47 Kristin Demoranville

But the ones that you have to be there for days because you got to unravel, like the pipeline is an example. Or granted, yes, there's a lot of debate on that one, but it's an example. Yeah. Can't imagine if there was an incident that created a food safety incident that led to a foodborne or a recall. Like I would fully expect the OT security teams and the security teams to be right alongside those teams helping out if it was in that regard. Yeah. Are they part of that business continuity situation? I hope so.

00:37:17 Kristin Demoranville

I know the food defense teams put us as part of it. So that's good news. But I think there's so many things that are, it's about a mindset though. It's about getting your, like we just really talked about this. It's really about a mindset about what we need to do to protect the credible assets, which includes the people, because they're critical too, especially that tribal legacy knowledge. I know you know what I'm talking about because there's someone that's been there for 40 years and they know how to like hit something with a wrench and it just fixes it magically. And then when they walk away, it's over, you know, and

00:37:47 Kristin Demoranville

So it was really good on that company to hire back those workers because that's legacy knowledge coming back in. It is. That's something that I'm interested to see what's going to happen. But again, with that mind shift, do you think that there's some fundamental changes that need to happen other than add employees into those situations within our realms of like critical infrastructure? And I realize that's a really loaded question, especially right now when we have a lot of uncertainty in our country specifically with what's actually going to happen. And I'm not, we're not going down a political road. We just don't know what we don't know yet.

00:38:17 Kristin Demoranville

Right.

00:38:18 Kylie McClanahan

it's obviously, I mean, I agree with you. It's a huge question, but I'll tell you, I'll continue our thread of, you know, institutional knowledge and I'll make a small scale analogy in that I am by no means comparing myself to a power plant, but I have a team of developers. I've been working on this since we started the research. There's a lot of the knowledge about, well, why did we set up this code this way? Why did we choose to do something like X that has been in my head?

00:38:47 Kylie McClanahan

because what if I had the time to write it down? And one of the lessons that I have been learning for myself as a professional growth and personal growth is how do I build time into my life to get institutional knowledge out of my head? I don't think this is a personal problem. I think it's a structural problem, but I'm making an analogy here. For me, the method has been, I just call it brain dumping, where I just, whether I'm talking to someone or just out loud,

00:39:17 Kylie McClanahan

record myself and then have the transcript of what I said.

00:39:29 Kristin Demoranville

Hi, we're Ans and Sage. And if you're in food production, agriculture, and even running a zoo or an aquarium, you need to talk. Because let's be honest, your operation relies on a lot more technology than most people realize.

00:39:43 Kristin Demoranville

rain dryers, hatchery controls, life support systems for animal habitats, all connected, all critical, all often overlooked when it comes to cybersecurity. That's where we come in.

00:39:56 Kristin Demoranville

At Anson Sage, we help industries that grow, feed, and inspire the world, manage cybersecurity and operational risks. Without the fear tactics, the fluff, or the 200-page audit, you'll never read. Whether you're producing milk, processing seafood, or running life support systems, we focus on what matters, keeping your operations safe, your people protected, and your business running, even when things go sideways. And hey, we know not everyone on your team speaks cyber. And because not everyone on your team speaks cyber, we've

00:40:26 Kristin Demoranville

We've created a free resource library at anzandsage.com.

00:40:29 Kristin Demoranville

Inside you'll find sector-specific infographs built for teams in agriculture, seafood, zoos and aquariums.

00:40:36 Kristin Demoranville

They're clear, practical, a little witty, and designed to help frontline teams understand their risks without needing a translator.

00:40:43 Kristin Demoranville

No logins, no e-mail required, no catch.

00:40:46 Kristin Demoranville

There's usable tools that make cybersecurity stick.

00:40:49 Kristin Demoranville

If you're responsible for keeping food moving, animals safe, and systems online, Anz and Sage is your partner in real-world resilience.

00:40:56 Kristin Demoranville

audience.

00:40:56 Kristin Demoranville

Visit ansonsage.com to download your free infographs, book a consult, or just learn more about how we're helping critical infrastructures secure what matters most.

00:41:06 Kristin Demoranville

Ans and Sage, helping the industries that grow, feed, and inspire the world manage cybersecurity and operational risks.

00:41:16 Kristin Demoranville

So we're going to go through a bit of a wrap up here.

00:41:18 Kristin Demoranville

This has been such a cool conversation because even though we weren't totally focused on food and agriculture, we were definitely focused on critical infrastructure.

00:41:24 Kristin Demoranville

Yes.

00:41:25 Kristin Demoranville

I love learning new things and you gave me so many things to think about.

00:41:28 Kristin Demoranville

So thank you for that.

00:41:28 Kristin Demoranville

Same.

00:41:29 Kristin Demoranville

Because that helps me doing as a podcaster because I don't want to do this if I don't learn something because I learn with the audience.

00:41:36 Kristin Demoranville

So that makes it fun for me.

00:41:37 Kristin Demoranville

And so I do appreciate it.

00:41:39 Kristin Demoranville

So if you had an opportunity to shift mindset of anyone about critical infrastructure and what's like the one fundamental change that you would help them shift their mindset on?

00:41:49 Kristin Demoranville

And I know that's a loaded question and that's why it's for last.

00:41:51 Kristin Demoranville

Yeah, I'm going to give a little bit.

00:41:53 Kylie McClanahan

It's A cop-out answer.

00:41:54 Kylie McClanahan

It's a real answer.

00:41:55 Kylie McClanahan

It's just not necessarily an implementable one.

00:41:58 Kylie McClanahan

And I would say that passion is everything.

00:42:01 Kylie McClanahan

When we talk about critical infrastructure and you see careers in the decades and you see people who have hopped between organizations but have stayed in the industry, go to a conference and you go talk with folks at a beer ISAC meetup, you see a lot of community and you see a lot of passion.

00:42:20 Kylie McClanahan

I think that when we talk about future threats, when we talk about what's coming, there's a

00:42:25 Kylie McClanahan

education to be done, obviously.

00:42:27 Kylie McClanahan

There's ways to improve.

00:42:29 Kylie McClanahan

Of course, we can always raise the bar.

00:42:32 Kylie McClanahan

But I think that, people talk about humans being the weakest link, and to some degree I understand, but I think they're also your strongest line of defense.

00:42:39 Kylie McClanahan

And the best way to strengthen that is to give them A cause and to give them a mission and to give them passion.

00:42:45 Kylie McClanahan

And I think that starts with treating your employees well.

00:42:47 Kylie McClanahan

And I think that's something that is overlooked in a lot of this.

00:42:50 Kylie McClanahan

And we've hit on that more than once, community and resiliency, but I think it's a big one.

00:42:56 Kristin Demoranville

I think that is so spot on personally, and I've said this on air on many shows, not just mine, but I think the operational technology security professionals, we are, we're the best niche inside of cybersecurity.

00:43:08 Kristin Demoranville

Because honestly, it's not about the data for us, it's about safeguarding lives, right?

00:43:12 Kristin Demoranville

That's a mission.

00:43:13 Kristin Demoranville

That fuels us.

00:43:15 Kristin Demoranville

What can I do to make sure everybody goes home safely to their families?

00:43:17 Kristin Demoranville

What can I do to make sure that this company is standing because the employees are still here?

00:43:23 Kristin Demoranville

Equipment can be rebuilt, a building can be fixed, but having to call someone and say, hey, you know, this cyber incident and it costs people's lives, I don't want to be on the receiving end of that, nor do I want to give that phone call out.

00:43:34 Kristin Demoranville

And I think a lot of us think about that as we go through.

00:43:37 Kristin Demoranville

And it's not just because some of us wear hard hats and steel-toed boots, like some of us do, some of us don't.

00:43:42 Kristin Demoranville

Or the fact that I put dirt on my pants visiting a

00:43:45 Kristin Demoranville

farm or whatever.

00:43:46 Kristin Demoranville

I think that it's about why we, industries that we serve and why we serve them.

00:43:51 Kristin Demoranville

And we all are really geeky passionate about whatever division we're in.

00:43:55 Kristin Demoranville

We really are.

00:43:55 Kristin Demoranville

We're total nerds.

00:43:57 Kristin Demoranville

And it's, but we don't, what I love about it is we can all still sit together and still have a common conversation like we're having today.

00:44:03 Kristin Demoranville

I'm not an expert in electrical.

00:44:05 Kristin Demoranville

I don't know NERSC SIP.

00:44:07 Kristin Demoranville

I will throw my hand up.

00:44:08 Kristin Demoranville

But I don't need to know it.

00:44:09 Kristin Demoranville

I just need to know it exists.

00:44:10 Kristin Demoranville

I don't need to know anything more than that.

00:44:11 Kristin Demoranville

But I also know that if I have a question, I can go ask

00:44:15 Kristin Demoranville

And that's fine.

00:44:16 Kristin Demoranville

And there's curiosity.

00:44:17 Kristin Demoranville

And it's not like, oh, you don't know that you're such a loser.

00:44:20 Kristin Demoranville

It's not that, you know, it's not like typical cybersecurity shenanigans.

00:44:24 Kristin Demoranville

And that's something I love about our community.

00:44:25 Kristin Demoranville

And I love the, I love our humor.

00:44:28 Kristin Demoranville

And I love just the joy we all give each other.

00:44:30 Kristin Demoranville

And I think that that's the point, right?

00:44:33 Kristin Demoranville

You have to find your people, find your tribe, whoever says that all the time, I forget.

00:44:37 Kristin Demoranville

But that's really what it comes down to.

00:44:38 Kristin Demoranville

And it doesn't necessarily have to be like something super organized like beer ISAC or whatever.

00:44:42 Kristin Demoranville

I do love hanging out with the water people because they're my people.

00:44:46 Kristin Demoranville

I get so excited about what they do for their profession and how it impacts what I do.

00:44:51 Kristin Demoranville

And then they get excited about what I'm doing because I advocate for them and wherever space I'm in.

00:44:56 Kristin Demoranville

And it just creates this like positivity bubble, which I really feel, especially with what we deal with, because we are dealing with life and death.

00:45:03 Kristin Demoranville

There's no question about it.

00:45:04 Kristin Demoranville

Like it's very serious, but we have a good time and we have this just really clicked in sense of purpose and empathy.

00:45:14 Kristin Demoranville

And I think

00:45:15 Kristin Demoranville

I think that's what drives us in a different way in terms of mindset is that empathy for others.

00:45:19 Kristin Demoranville

And you've said it multiple times in different ways while we've been talking.

00:45:22 Kristin Demoranville

So for me, I cannot agree more that that's where we're at.

00:45:27 Kristin Demoranville

And because that community is so strong and we need to, because we really go through stuff that, I mean, I've seen some things I know you have too, that have definitely left an impression on my soul.

00:45:36 Kristin Demoranville

And I'm not being overdramatic by saying that.

00:45:39 Kristin Demoranville

They just, it really has.

00:45:40 Kristin Demoranville

Or I've heard stories from others that have impacted me just as much, especially now that I've claimed my niche as the last few years, I hear more stories now that make me so proud to be part of OT, but at the same time, we've got

00:45:57 Kristin Demoranville

a long way to go to make sure that all the critical infrastructures are represented in, at least in a somewhat of a balanced way.

00:46:03 Kristin Demoranville

Because right now there's too much money in certain ones that should be in other places.

00:46:07 Kristin Demoranville

And we could get on a whole thing on that alone.

00:46:10 Kristin Demoranville

But ultimately,

00:46:12 Kristin Demoranville

I think that the people that are out there are doing the best they can and the people who are in these industries need to work and tell us more of their stories.

00:46:19 Kristin Demoranville

And I'm not talking about like your story of how you got to your job.

00:46:21 Kristin Demoranville

Tell us what you do.

00:46:22 Kristin Demoranville

That's a story.

00:46:24 Kristin Demoranville

And I think if we can get more of that conversation going, we can build better plans around that for people and help them to be able to do what they do for as long as they can without any fear of safety concerns.

00:46:35 Kristin Demoranville

I think that's what I love about this the most is the community.

00:46:38 Kristin Demoranville

And thank you for reminding me about that again today because Friday the 13th,

00:46:42 Kristin Demoranville

can get a little weird.

00:46:43 Kristin Demoranville

So we've definitely had that moment.

00:46:44 Kristin Demoranville

Yeah, it's been a weird week.

00:46:46 Kristin Demoranville

But I don't lose faith in humanity because of the OT teams that are around me.

00:46:51 Kristin Demoranville

I know that we're all trying to do the right things, and that's what really matters a lot to me.

00:46:55 Kristin Demoranville

Kelly, thank you so much for being here.

00:46:57 Kristin Demoranville

Before we come off and having me.

00:46:58 Kristin Demoranville

Of course, you're welcome back anytime.

00:47:00 Kristin Demoranville

Do you want to close us out?

00:47:01 Kristin Demoranville

Anything you want to say before we blast off here for the weekend?

00:47:05 Kylie McClanahan

Yeah, well, I mean, I feel like I have to give the come check out what we're doing at Bastazo, looking at particularly remediation.

00:47:12 Kylie McClanahan

remediation management, looking at what you can do.

00:47:14 Kylie McClanahan

It's something I do really enjoy doing and I'm always down to talk about it.

00:47:18 Kylie McClanahan

But it's been absolutely a joy to be here.

00:47:22 Kylie McClanahan

Love talking with you.

00:47:23 Kylie McClanahan

Thanks for having me.

00:47:24 Kristin Demoranville

Absolutely.

00:47:24 Kristin Demoranville

And all your contact information, your company's information will be below.

00:47:27 Kristin Demoranville

But please reach out.

00:47:28 Kristin Demoranville

She literally will answer your messages.

00:47:29 Kristin Demoranville

She's not one of those people that will be like, who are you?

00:47:32 Kristin Demoranville

Why are you messaging me?

00:47:32 Kylie McClanahan

Yeah, find me on LinkedIn, send me an e-mail.

00:47:34 Kylie McClanahan

Don't be a stalker.

00:47:36 Kristin Demoranville

Thanks, Kylie.

00:47:37 Kylie McClanahan

Thanks.

00:47:37 Kristin Demoranville

Have a good one.

00:47:47 Kristin Demoranville

That's it for today's episode of the Bites and Bites podcast.

00:47:50 Kristin Demoranville

Massive thanks to Kylie for sharing her insight, wisdom, and for all of you for listening.

00:47:56 Kristin Demoranville

If this episode got you thinking, the best way to support the show is to like it, comment, share, and subscribe.

00:48:03 Kristin Demoranville

It helps get those stories in front of more people who need to hear them.

00:48:06 Kristin Demoranville

Awareness is key to creating a more resilient food and agriculture sector.

00:48:11 Kristin Demoranville

Stay safe, stay curious, and we'll see you on the next one.

00:48:15 Kristin Demoranville

Bye for now.