The Aerospace Village at the RSA Conference is more than just a space for enthusiasts to gather; it is a hub of innovation, collaboration, and inspiration.
Guest: Steve Luczynski, Chairman of the Board for the Aerospace Village [@secureaerospace]
On LinkedIn | https://www.linkedin.com/in/steveluczynski/
On Twitter | https://twitter.com/cyberpilot22
____________________________
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
In a recent conversation between Steve Luczynski and Marco Ciappelli, the essence of the Aerospace Village came to life as they shared their experiences, vision, and passion for cybersecurity in the aviation and space industry.
A Meeting of Minds and Hearts
The conversation between Steve and Marco at Broadcast Alley, during RSA Conference 2024, revealed a deep connection between ITSPmagazine and the mission and vision of the Aerospace Village. Steve's military pilot background and transition into cybersecurity, combined with Marco's genuine curiosity and enthusiasm, set the stage for a rich discussion on the importance of bridging the gap between different sectors and inspiring the next generation of cybersecurity leaders.
The Heartbeat of the Aerospace Village
Steve and Marco's conversation highlighted the core values of the Aerospace Village—building relationships, fostering collaboration between government, private sector, academia, and students, and showcasing the cutting-edge work in aviation cybersecurity. The volunteer-driven effort emphasizes the power of collective intelligence and the impact of sharing knowledge and expertise in a transparent and open manner.
Nurturing Innovation and Education
The Aerospace Village's focus on STEM programs, outreach to schools, and engaging with the broader community demonstrates a commitment to nurturing innovation and education in cybersecurity. By bringing real-world scenarios, like flight simulator vulnerabilities and supply chain risks, to life, the Aerospace Village creates a dynamic learning environment that inspires participants to think critically and creatively about cybersecurity challenges.
Looking Towards the Future
Steve's wishlist of three key aspirations for the Aerospace Village—seeking more help and talent, expanding educational initiatives, and fostering partnerships for secure innovation—reveals a vision rooted in collaboration and growth. The idea of bringing in aviation and space equipment for demonstrations not only ignites curiosity but also showcases the practical applications of cybersecurity in high-stakes environments.
A Call to Action
As a reader, you are invited to join the Aerospace Village in their mission to push the boundaries of cybersecurity in aviation and space. Whether through volunteering your time, sharing your skills, or contributing to their initiatives, you can play a vital role in shaping the future of cybersecurity and inspiring the next generation of cybersecurity professionals.
The Aerospace Village at the RSA Conference represent innovation, education, and collaboration in the realm of aviation and space cybersecurity. Through the dedication and passion of volunteers like Steve and Marco, the Aerospace Village continues to pave the way for a more secure and interconnected future in the aerospace industry.
Be sure to follow our Coverage Journey and subscribe to our podcasts!
____________________________
Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage
On YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS-B9eaPcHUVmy_lGrbIw9J
Be sure to share and subscribe!
____________________________
Resources
Learn more about RSA Conference USA 2024: https://itspm.ag/rsa-cordbw
____________________________
Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverage
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast
To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast
Are you interested in sponsoring our event coverage with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc
Want to tell your Brand Story as part of our event coverage?
Learn More 👉 https://itspm.ag/evtcovbrf
Passion and Purpose Behind the Aerospace Village | A Broadcast Alley Conversation at RSA Conference 2024 with Steve Luczynski | On Location Coverage with Sean Martin and Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00] Steve Luczynski: We're ready. Can we go?
[00:00:05] Marco Ciappelli: Hello everybody, I am back here on Broadcast Alley, ITSP Magazine. We booked a few guests. In these days we've been very busy and uh, today I ran into the man that wasn't supposed to be here. That is true. As a matter of fact I said to you That is true. You are not here, but you are, and I'm glad you're here, and I'm
[00:00:28] Steve Luczynski: very grateful to Lusinski
[00:00:29] Marco Ciappelli: from the Aerospace Village, as you can see from the clear advertisement, so, uh, I love to talk to you guys, I love to talk to you in particular, and, uh, What do you want to talk about today?
[00:00:43] Steve Luczynski: Yeah, well, I am very grateful to be out here, and I'm glad you guys came by to visit, seeing us once again, the fact that we have Bravo. The aerospace village here at RSA is the aerospace sandbox. Um, but being able to team up with you all and, uh, catch you up on what we've been doing and what we were thinking about in the future.
[00:01:02] Marco Ciappelli: Yeah. And we had a nice conversation pre event with Henry and Lise. So they kind of like, you know, the energy was great. You know,
[00:01:11] Steve Luczynski: if you guys don't know Henry, you need
[00:01:12] Marco Ciappelli: to meet Henry. It's a good podcast to watch. Uh, but I spoke with you many, many times, so we go way back, and this is what I want to do, like, a little bit about who you are, to start, and I want to take five minutes of the history of the Aerospace Village.
[00:01:31] Steve Luczynski: Yeah, yeah, absolutely. So, let's go with that. So, I'll start with the village, uh, cause I'm just one part of it. Uh, basically, if you've been to other conferences, right, just like Arce, you have your main track talks, and you have these little specialty areas. Defcon, biggest hacker conference. Uh, it's exactly that way.
And we were born out of that as the Aviation Village in 2019. Now we're the Aerospace Village, both aviation and space, cyber security. And the idea is, the way we say our mission is, building relationships, government, uh, private sector, academia, students, all those interested parties, inspiring the next generation of leaders, so they get into cyber security because we need it.
We really want them to get in the aviation and space side. And just promoting all the great work that's going on out there. We know folks and they bring us stuff. We connect with them and we get to show off what they're doing. And so the beauty of it is it's totally a volunteer effort. So when I say, you know, like, where do I fit in?
I am one of the folks, I had a military pilot background, got into cyber security. So I get to bring both of those fun things that I like to do into this effort as a volunteer. Uh, we have other commercial pilots, private pilots, we have, uh, deep security researchers that come in, and again, private sector government, and they bring all of their technical expertise, their policy expertise, and we get to participate in events like this.
We get to grow opportunities and projects to, again, we want to get people interested, we want to get them engaged, and uh, I'm just, I'm so happy to be a part of it, I'm very proud of the work we do. Again, being able to sit here and talk through it all is just awesome. I really appreciate it.
[00:03:16] Marco Ciappelli: Yeah, it is awesome because I got to meet with With you guys the first time and many other villagers at DEF CON a few years ago And that's where I really got in love with just talking to you guys because you're not selling anything You're not selling a product.
You're selling what you believe in We're all selling something, right? But when you're passionate about something, thank God, just by walking today, I see you guys, and, again, the energy is just incredible. And I've got that from the AppSec Village, and, you know, the IoT, uh, and all the other villages that are there.
So, why is the Aerospace Village important?
[00:04:02] Steve Luczynski: Yeah, that's a good one. I mean, there are You have three hours, girl. Exactly. There, there's so many cyber concerns, cyber security concerns, right? Healthcare side, industrial control systems, things that have direct impacts on our lives every day. Aviation and space, sometimes they have that direct impact.
And, you know, when you're flying on an airplane, it is very direct that you want it to be secure in the cyber sense. The things we use in our daily lives. The GPS systems that are part of financial transactions. Synchronizing everything so we can get our money, so we can do farming. We have safety systems and communications.
It's those types of things that people don't always know about it. And so maybe it doesn't have that daily in your face. And it may, at times, not be quite as important. But it still has an area where we need to focus. It's easy in the sense that people really like airplanes and spaceships and satellites and things like that.
So it's great to bring that crowd and show them another area that they can focus on and go, Oh, I can do cyber in that area in something that I like in addition to that. So it just, it adds to that. And I think that's the energy where, uh, I will always sell, bring me volunteers and they come in and they bring that energy because they're motivated to do that because there's a mission.
And it's very interesting in all those aspects. Yeah.
[00:05:29] Marco Ciappelli: Yeah. And then you connect, of course, with people in the government, ISAC and all of that. Yeah.
[00:05:37] Steve Luczynski: Yeah.
[00:05:38] Marco Ciappelli: So the, the energy, I want to talk about that because I got to talk with Sean on a podcast, uh, with, uh, Tim Fowler and he's super passionate, super technical.
And then, uh, because I was on the show, we started talking about, uh, What do we bring from space to our society? And he's like, don't make me go there. I'm like, no, I'll make you go there. You'll come back to a show with me. How long is your podcast?
[00:06:05] Steve Luczynski: Exactly.
[00:06:05] Marco Ciappelli: And we talked about all of that. Like if the GPS goes off.
I mean, we use it every day. It's on our phone. And all that kind of stuff. Where are we now with cyber security? You know, legal and government and I mean, do you feel like a lot of steps have been done where you brought it together?
[00:06:27] Steve Luczynski: Um, yeah, I think that's always been the case to some extent. What I've enjoyed is my previous background working in government, being in the military, seeing what was happening behind the scenes.
Sometimes classified, sometimes not. But there was a lot of activity there, but it wasn't always talked about.
[00:06:48] Marco Ciappelli: And then as you start
[00:06:49] Steve Luczynski: looking at these other sectors, private sectors, same thing. The activities are there, but everybody's kind of hidden and didn't want to talk about it. And I'd say that's how cyber security's been.
So over time, especially in the village, being able to say, Oh, that person's doing this, that person's doing this, we should be talking about it. And that's one of the things that we are very driven by is giving people a platform, finding them and bringing them in, saying, Please. That's what it is. Tell people what you're doing.
Let's talk about it because you're doing good work, and instead of hiding it, hoping nobody will discover it, let's get others involved. Let's get other ideas. Don't put it under the rug, right? And so the beauty is, again, when I say, I think it's always been happening, but now where we can help people show that off, show their skills, and again, inspire those others to come in and join, that's been the awesome part of just having this group.
Getting others interested to bring that work out for everybody to learn from.
[00:07:47] Marco Ciappelli: And I hear a conversation in general about sharing Intel, sharing intelligence. You know, it's not just, yeah, you can think from a commercial perspective as a company, if you know what other people don't know, but you know, let's do it for society, for, for ourselves.
And that's what you guys do. You get together. You have no flags, you have no colors, you just come together. That, that's the beauty. And even
[00:08:14] Steve Luczynski: industry has moved from the, instead of squirreling away the intel, let's all collect it together, which only helps our effort and other efforts be better.
[00:08:23] Marco Ciappelli: Yeah. So tell me what has been going on at the Village here at RSA Conference.
Yeah, absolutely. So, so anybody who saw
[00:08:30] Steve Luczynski: the podcast, Henry has been leading the team. Uh, we have a flight simulator, our friends at Pentest Partners. They support us, they build a flight simulator, and they use that to show a vulnerability that causes a problem in what the pilots use for their takeoff speed.
Takeoff too slow, they could crash. Takeoff too fast, they could damage the aircraft. So it's, it's showing that connection between a cyber vulnerability and the physical outcomes. Uh, Henry himself, he's part of Cal Poly, and uh, he has brought in a CubeSat, which And the demonstration of how that system works, how you can see the time that the trout, the signal travels and, and orbitology and just getting people who've never been around that it's, it is magic, no doubt about that.
But when you have somebody like him explain what's going on, you're like, Oh, that's not so bad. Can't say I understand it, but I at least appreciate what you're doing to educate folks. You got, you got the one on one,
[00:09:31] Marco Ciappelli: right?
[00:09:31] Steve Luczynski: Yeah. And it's the one on one, the engagement and interaction. Uh, our friends at CISA, Cyber Security Infrastructure Security Agency, they are demonstrating supply chain and vulnerabilities, and they're using the context of an aviation supply chain.
So things that we can bring that get people to come in, and again, it's educating this audience, giving them a little bit more of a technical background, where they don't always have that sometimes. And uh, again, the sandbox is such a great area with all the other, Villages and sandboxes and what they bring and then the talks that we get to put on also.
[00:10:08] Marco Ciappelli: Yeah, uh Henry and Lise worked and were on the show and they told me about the talk that they were gonna have which I think has Happened by now. Yeah. Yeah
[00:10:18] Steve Luczynski: And I can't remember if it'll be recorded if it'll be available for folks to watch. But yeah, so you have A former lawyer at the Atlanta airport who, Liz Wharton, lived through the ransomware attack, so she knows all that behind the scenes.
Uh, Casey Ellis, who's one of the founder, I think maybe the founder of BugGrout, a bug bounty company. And then Richard Szymborski from Air Canada. So the discussion was what Air Canada did to bring in a vulnerability disclosure program and a bug bounty program. And that's not easy for any company. It's certainly not easy for an airline that has direct customer.
Why would I want to let hackers in and have this situation? But the story and hearing of, well, we were told we were very secure, no problems. We paid a lot of money and these folks came in and found some major problems in our financial system, in our ticketing system. It was such a great example of. The crowd sourcing and the talent that's out there and bringing them together, and then the three of them, the discussion was just awesome.
I've, I've heard this story, but I was so glad to hear it again. I wish
[00:11:29] Marco Ciappelli: I could, uh, I could be part of that. Um, yeah, so I want to highlight again this idea of what happened in the family stays in the family. I'm bringing the Italian in me right now, right? But what happened in the company stays in the company.
But with that comes so much risk that you take on yourself, because eventually, something is going to happen. Yeah. So this idea that now companies are using, from even a branding perspective, the fact that they're like, look, it's more transparent, and we are trying to prevent problems from happening. This is what pen testing is, red team, and all of that, so it's not something you should be ashamed of.
Yeah. That's right. I, as a Somebody that is going to fly here in Canada, I'm going to appreciate that.
[00:12:19] Steve Luczynski: Exactly.
[00:12:20] Marco Ciappelli: Because actually, better to know.
[00:12:22] Steve Luczynski: Yeah, absolutely. And like even in that example of a vulnerability disclosure program, a bug bounty program, it's not willy nilly come in and hack everything. It's certainly not come hack an airplane.
That is not what's going on. No. Nobody's doing, nobody's doing that openly. There's plenty of testing behind the scenes because that was what needs to happen. It's done in a very smart way and, like you're saying, we're all going to have some kind of breach. The company, big or small, no matter how much money, something's going to happen.
So why not take the extra help, especially in a, you know, maybe not necessarily Air Canada, but we see all these other smaller companies. We see in the supply chain folks who can't afford these sophisticated programs. How do you bring in that talent? How do you talk about it? How do you learn from others experience?
And that's, again, things that we see as you bring the, you get that conversation out in the open, and you get people talking.
[00:13:19] Marco Ciappelli: And as a big fan of the history of NASA, we know that a lot of things, again, that we use nowadays, in our everyday life, has been tested from the space program. Maybe we didn't have the, we don't have the billions that they had, but at least we got the results of that, part of it, right?
That we carry with us. So I want to go another couple of minutes, um, and talk about your vision for the future. Like if you could, uh, you know, just three wishes for, for the team. I mean, I know you have a strong team, but is there ever
[00:13:59] Steve Luczynski: We always want more. Exactly. So
[00:14:01] Marco Ciappelli: let's go with three wishes. Yeah, yeah,
[00:14:03] Steve Luczynski: gosh, three wishes, that's it.
So I'll go crazy town. The simple one I'll say is, we always want help. We are not limited. There's plenty of things to do. There's big jobs, there's small jobs. And I do all of them on any given day, just like any of our volunteers. Um, there's things that we need talent. You want to come in and help us run our website.
You want to help us do video editing after a conference. Um, things that we want to grow. We have projects that we, uh, build out for STEM programs. So can, can we use this Lego airplane? And a simple representation of a flight control system. Can we build that out? Can we make more of them so we can scale it and send it to conferences?
Send a volunteer to a school to teach this to kids? And give them an idea of, we want to grow into that. We do in the sense like, when we're at a conference and there are kids present, parents will bring them up. Of course. They're so much fun. And, uh, matter of fact, one of the guys who designed our Lego kit example demo.
I was just at a conference with him in Baltimore, and his son is explaining it to people as they come up, and I'm like, Dude, I don't know it, like, what you're talking about. So, like, okay, it's worked with him now. Granted, he's very close to his dad doing this awesome work, but it's things like that where we want to find a way from the simple, new person, all the way to the most complex hacker, we want to have something to deliver to all of them.
So, if you have ideas like that, You want to bring those in, please come talk to us. You want to donate your time, your skills, absolutely, please come talk to us. The, uh, you know, I'll never turn down any donations as a non profit. If somebody wants to bring it on in, I'm happy to talk about that. And again, that supports us being able to travel to events like this, getting our volunteers out and about.
Um, this year already we've covered an event at Embry Riddle Prescott. Talking about aviation cybersecurity. B Sides Charm in Baltimore. Um, we're going to have one of our volunteers go out to InfoSec Europe. So the RSA over in London coming up in a month. I'll be there. So it's things like that, that we get to get out and talk and engage and build these partnerships.
And the final one, when I say I'll go crazy town. You think you have some piece of aviation or space equipment? You want to bring something in and you want to find talented people who can connect you and get the smart folks that want to help you secure that, we can help with that. If you want to bring it in just to demonstrate and show what goes on but you don't want people hacking on it, we can help with that.
All of those things, when SpaceX brought a rocket motor to DEF CON last year, that's just awesome. We're not hacking on that thing, that's just cool to go, there's a rocket motor right here in our village. Uh, you know. If we could roll in an airplane someday or a helicopter, I mean, that's my wish list of cool things that people see, you know, if they can get their hands on it and help out, that's even better.
Any of those things are a benefit because it just gets people talking and it gets them meeting each other. And again, those engagements, so many things grow out of that. So there's my, uh, there's my three wishes.
[00:17:20] Marco Ciappelli: It's not that crazy. It's
[00:17:21] Steve Luczynski: a small lift. Not asking much. It's not that
[00:17:23] Marco Ciappelli: crazy. I think they're all feasible.
I think that people are listening right now. Somebody may have a connection that hopefully will make it happen. Yeah,
[00:17:32] Steve Luczynski: absolutely.
[00:17:33] Marco Ciappelli: But I have to say that the idea of the engine, right, at the village. I mean, you float, you know, expensive piece of, of airplanes. A little bit of time, yeah. When I happen to see, I don't know, the Endeavor in LA, the space shuttle, you just saw it.
[00:17:54] Steve Luczynski: Yeah, it's awesome. For real. It just
[00:17:55] Marco Ciappelli: changed your life.
[00:17:56] Steve Luczynski: It is. You're like, oh my god, this thing see that. Exactly. And I'm like, I'm right back to all the space shuttle stuff I grew up around.
[00:18:04] Marco Ciappelli: Yeah.
[00:18:05] Steve Luczynski: I love going there in space. It's all of those things. And that, again, it gets people motivated. Yeah,
[00:18:09] Marco Ciappelli: well. I feel like I am an honorary member.
I just made myself of the Aerospace Village. I am passionate about helping you out to spread the word out there. I know Sean, same thing. It's just, you know, we're more comfortable talking in two. But I know he's jealous not to be here for this conversation. And, um, I want to thank you for all you guys do.
Thank you for finding the time. Thank you for being here even when you're not here. Yes, I know. I am very
[00:18:38] Steve Luczynski: grateful. I am very grateful. Bye. The company was very gracious, so, and again, I appreciate it, and it's, this is on behalf of all of our volunteers, just getting to represent them and all the hard work they do.
[00:18:48] Marco Ciappelli: Absolutely. Alright, well that's it.
[00:18:51] Steve Luczynski: Yeah. Thank you everybody. Really appreciate it. And support
[00:18:54] Marco Ciappelli: the Aerospace Village. Thank you.
[00:18:58] Steve Luczynski: Awesome.