@BEERISAC: CPS/ICS Security Podcast Playlist

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Raphael Arakelian on Operation Grim BeeperPub date: 2026-03-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRaphael Arkelian, the OT/IOT cybersecurity manager at Accenture, joins the Nexus Podcast to discuss his research into Operation Grim Beeper, the name given to a two-day attack in 2024 in the Middle East where explosives were introduced into pagers and walkie-talkies favored by Hezbollah. The explosions injured more than 1500 and killed dozens. Raphael's research looks at several aspects of this attack and shares lessons and security gaps that can be applied across the OT and supply chain ecosystems. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Exploited: The Cyber Truth Episode: AI vs. Vulnerabilities: Who Really Wins?Pub date: 2026-03-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationArtificial intelligence is transforming cybersecurity but not in the way many expect. While defenders are using AI to accelerate detection, triage, and threat hunting, adversaries are leveraging the same tools to scale reconnaissance, automate exploit development, and dramatically increase the speed of attack. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Joe Slowik, Director of Cybersecurity Alerting Strategy at Dataminr, to discuss one critical question: Does AI actually reduce vulnerability risk or just accelerate the conflict? With a background including MITRE ATT&CK, Dragos, Los Alamos National Laboratory, and U.S. government offensive operations, Slowik offers a dual-lens perspective on how AI is reshaping both sides of cybersecurity. Together, they explore: How AI is increasing the velocity of vulnerability discovery and exploitationWhy attackers may benefit from “good enough” AI outputs, while defenders require precisionThe rise in CVEs and why more vulnerabilities doesn't necessarily mean worse securityThe growing risk in OT, IoT, and unmanaged edge devicesWhy AI is a powerful tool—not a magic bullet—and what that means for defenders From enterprise security teams to critical infrastructure operators, this episode breaks down what security leaders must understand to stay ahead in an AI-accelerated threat landscape.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CYBR.SEC.CAST (LS 25 · TOP 10% what is this?)Episode: ICIT's Val Moon: Fixing Cybersecurity's Workforce Problem is Essential for National SecurityPub date: 2026-03-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, hosts Michael Farnum and Sam Van Ryder sit down with Valerie Moon, Executive Director of the Institute for Critical Infrastructure Technology (ICIT) for a wide-ranging discussion about cybersecurity policy, workforce development, and the growing threats facing critical infrastructure.Things Mentioned:Website for ICIT: https://www.icitech.org/Upcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4CzCYBR CLAY SHOOT: https://www.linkedin.com/posts/cybr-sec-careers_cybrclayshoot-cybersecurity-cybercareers-activity-7435353518951084033-1iw9Proceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com Keep up with CYBR.SEC.CON.:LinkedInXFacebookInstagramKeep up with CYBR.SEC.Media:LinkedInXFacebookInstagramCheck out our Conferences and Events:CYBR.SEC.CON.OT.SEC.CON.CYBR.HAK.CON.EXEC.SEC.CON.CSC User GroupSupport CYBR.SEC.Careers Non-Profit EffortsCYBR.SEC.CareersApply to the CYBR.SEC.Careers ScholarshipTaylor Austin Broussard Memorial ScholarshipListen to our other show:CYBR.HAK.CASTThank you to our Media Partners:CYBR.SEC.CON. and OT.SEC.CON. OGGN (Oil & Gas Global Network)UtilSecCYBR.SEC.CON. and CYBR.HAK.CON. BarCode PodcastCyber Distortion PodcastThe podcast and artwork embedded on this page are from CYBR.SEC.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Bites and Bytes PodcastEpisode: Plot Twist: I Wrote a Book | Kristin King & Securing What Feeds UsPub date: 2026-03-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationShe's back. And she brought a book.After a quieter stretch on the feed, Kristin King returnsto the Bites & Bytes Podcast with a solo episode to announce what she's been building behind the scenes: Securing What Feeds Us: Cybersecurity in Food and Agriculture, published by Wiley and available for pre-order now, with an official release date of September 29, 2026.In this episode, Kristin breaks down what's inside the nearly 500-page book, from precision agriculture and operational technology to aquaculture, agroterrorism, food science innovation, and the human layer that runs through all of it. She makes the case for why food and agriculture deserve the same cybersecurity attention we give to the power grid or financial sector and explains who this book is really for (spoiler: it's anyone who eats).She also talks about where the podcast is headed next andmakes one clear ask of the community that helped get her here.Here are the “Securing What Feeds Us: Cybersecurity in Food and Agriculture” book Pre-Order Links:

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Adm. Michael Rogers on his time as NSA DirectorPub date: 2026-03-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationFormer NSA Director and Commander of U.S. Cyber Command Adm. Michael S. Rogers (Ret. USN) joins the Nexus Podcast. Rogers spoke in advance of an RSA Conference panel discussion today with the other living NSA directors, Keith Alexander, Paul Nakasone, and Tim Haugh, a rare time when the four can be in the same room. Rogers describes the principles that guided his time as director of these intelligence agencies, how the role changes as administrations change, and some of the core strategies that led to success. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Two Major Cybersecurity Shifts the Industry Isn't Prepared For with Simon ChassarPub date: 2026-03-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino Busalachi sits down with Simon Chassar, former Chief Revenue Officer at Claroty and current OT cybersecurity advisor and investor, to explore the evolution and future of industrial cybersecurity. Simon shares insights from his decade-long journey in the space, discussing how OT asset visibility has become commoditized and why the industry is experiencing two major shifts: moving right toward threat-led SOC services and perimeter protection, and moving left toward secure-by-design approaches and attack simulation. They dive into the persistent challenge of self-performing versus partnering with specialized integrators, the critical skills shortage commanding 30-40% salary premiums, and why AI is both accelerating security challenges and offering new solutions. Simon reveals how private equity firms are finally prioritizing OT cybersecurity at the board level, discusses the emerging OT SOC landscape, and explains why the traditional IT security budget model is failing operational technology environments. The conversation addresses the disconnect between IT leadership and the OT ecosystem, the proliferation of unmanaged remote access technologies, and the urgent need for manufacturers to engage their trusted system integrators and OEMs as cybersecurity partners before the next major incident occurs.Chapters:(00:00:00) - Meet Simon : From Claroty's Hypergrowth to OT Security's Next Chapter(00:02:00) - The Commoditization of OT Asset Visibility(00:04:00) - Two Major Industry Shifts: Right and Left(00:07:00) - The Self-Performing Problem: Why OT Security Becomes Shelfware(00:10:00) - IT/OT Convergence and the Skills Gap Crisis(00:13:00) - Secure by Design and the AI Leapfrog(00:15:00) - AI Uncovers Hidden OT Vulnerabilities and Risks(00:18:00) - Funding Models and Private Equity's Cybersecurity Awakening(00:22:00) - Why the OT Ecosystem Must Drive Its Own Security Strategy(00:25:00) - M&A Activity and Consolidation in OT Cybersecurity(00:27:00) - The Rise of OT SOCs and MSP PartnershipsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: The Striker Attack: What It Reveals About OT Cybersecurity and Why Tabletop Exercises MatterPub date: 2026-03-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCyberattacks don't just test your systems - they test your preparedness. In this episode of Protect It All, host Aaron Crow breaks down key lessons from the Striker attack and what it reveals about today's evolving threat landscape across IT and OT environments. From energy and healthcare to manufacturing systems, attackers are increasingly using sophisticated techniques like “living off the land” - blending into normal operations instead of deploying obvious malware. Aaron takes this beyond theory, focusing on what organizations must do before an attack happens. A major theme? Tabletop exercises. Not as a compliance activity - but as a critical tool for building real incident response readiness, improving team coordination, and exposing gaps that tools alone can't catch. You'll learn: What the Striker attack teaches about modern cyber warfare How living-off-the-land tactics bypass traditional defenses Why tabletop exercises are essential for real-world readiness The role of threat hunting and collaboration across teams How attackers exploit weaknesses in both IT and OT environments Why small, consistent actions can dramatically improve resilience Whether you're defending critical infrastructure, leading a cyber team, or just starting your security journey, this episode delivers practical insights you can apply immediately. Tune in to learn how to prepare before the next attack - not react after it - only on Protect It All. Key Moments:  04:59 "Modern Warfare: Cyber and Beyond" 08:47 "Security Risks of Remote Wipe" 10:31 "Living Off the Land Tactics" 13:11 "Balancing Power and Security" 19:12 "Vulnerabilities Demand Swift Action" 20:21 Prioritize Risk, Justify Investment 25:04 Practice Preparedness Before Crisis 26:48 Weak Links Threaten Cybersecurity Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Accionesde Auditoría de seguridad OTPub date: 2026-03-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se propone un rediseño de las auditorías modernas, planteando el uso de simulación de escenarios y «gemelos de incidentes» como evidencias de confianza. Explica la importancia de integrar la seguridad industrial con la seguridad funcional y la continuidad operativa para gestionar el riesgo sistémico de forma integral.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Michael Pyle on Securing Internet-Facing OT and ICS AssetsPub date: 2026-03-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMichael Pyle, Director of Product Cybersecurity at Schneider Electric, joins the Nexus Podcast to discuss Internet Exposure Prevention, a new SE approach to preventing illicit connections to operational technology and industrial control systems that are insecurely connected to the internet. Attackers are adept at enumerating exposed devices and leveraging OT and ICS to access process and corporate networks. Pyle explains that Internet Exposure Prevention drops inbound traffic that the asset did not initiate. Checks are made on the IP address initiating the connection and whether it's a routable source IP, and an allow/deny decision is made. Pyle explains the risk to exposed devices, and the need to shut down illicit connections. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Cyber-Informed Engineering: Moving Beyond the FirewallPub date: 2026-03-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationFor the last episode of season 5, host Bryson Bort sat down with Andrew Ohrt, Resilience Director at West Yost Associates. A civil engineer specializing in water infrastructure, Andrew bridges the gap between traditional engineering and digital risk. Andrew walks us through the "invisible" nature of water systems, the impact of data centers on utility resilience, and how Cyber-Informed Engineering (CIE) protects our most essential resource. How did a drive under a rebuilt bridge in Minneapolis pivot Andrew's career toward critical infrastructure? Why did a single wastewater release shut down Waikiki Beach for an entire week? And what happens when a cybersecurity team finds a client's PLC exposed on the open internet? “To me, the integration of understanding cyber or digital risk in our critical infrastructure, the engineers picking that understanding up, building awareness, building skill sets, figuring out how to manage that risk, is one of the most important things that we've been working on,” he said. Join us for this and more on this episode of Hack the Plan[e]t.  The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers.  Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CYBR.SEC.CAST (LS 25 · TOP 10% what is this?)Episode: Episode 64: Rob LeePub date: 2026-03-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDragos CEO and U.S. National Guard Lt. Col. Rob Lee joins hosts Michael Farnum and Sam Van Ryder to discuss why he returned to military service, the growing cyber threats to critical infrastructure, and the role exercises like Cyber Fortress play in preparing both government and private sector operators for real-world cyber incidents. SHOW NOTES:Things Mentioned:Cyber Fortress 2026: https://va.ng.mil/Cyber-Fortress/Upcoming CYBR.SEC.Community events: https://www.cybrsecmedia.com/conference/CYBR.SEC.Careers: https://www.linkedin.com/company/cybr-sec-careers/about/ fundraisers:Cards for a Cause: https://www.linkedin.com/posts/cybr-sec-careers_cybrseccareers-nonprofit-cybersecurity-activity-7436794892787359744-v4CzCYBR CLAY SHOOT: https://www.linkedin.com/posts/cybr-sec-careers_cybrclayshoot-cybersecurity-cybercareers-activity-7435353518951084033-1iw9Proceeds support CYBR.SEC.Careers mission is to build a strong, diverse workforce by providing career exposure, access to education and certifications, and mentorship for students and veterans pursuing careers in cybersecurity.Episode 64 Timestamps:6:48 – Why Lee returned to military serviceLee explains how calls from government and military leaders prompted him to return to the National Guard to help address unresolved questions around defending operational technology (OT) during conflict.9:33 – Role in the 91st Cyber BrigadeLee describes his position as executive officer and the mission of the Army National Guard's cyber brigade.14:52 – Cyber Fortress exercise explainedLee walks through the origins of Cyber Fortress and how it evolved from a state-level exercise into a broader operational technology training environment.17:53 – How Cyber Fortress worksThe exercise combines training, red-team simulations, and participation from infrastructure operators to practice responding to real OT cyber incidents.20:10 – Cyber conflict and civilian infrastructureLee discusses the growing risk of state actors targeting hospitals, utilities, and other civilian infrastructure.24:23 – Cyber attacks that lead to loss of lifeLee argues the cybersecurity community must acknowledge that cyber operations have already contributed to real-world deaths.27:04 – The role of cyber in modern warfareThe discussion explores how cyber capabilities are increasingly intertwined with traditional military conflict.Do you have a question for the hosts? Reach out to us at media@cscgroupllc.com The podcast and artwork embedded on this page are from CYBR.SEC.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: The Hard Reality of Patch Management in OT Networks | OT Security Made SimplePub date: 2026-03-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJoin Klaus Mochalski and Westermo's CISO Niklas Mörth to explore why OT patch management differs from IT. Discover the challenges of safety, the importance of system baselines, and alternative mitigations like zero trust to keep your critical infrastructure secure.You can find more information on OT Security Made Simple at rhebo.com or send us your ideas, questions, or guest suggestions at podcast@rhebo.com. The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: The Connected Plant Floor: What S4X26 RevealedPub date: 2026-03-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino recap their experience at S4X26, the leading global OT cybersecurity conference in Miami.They discuss the conference's "connected" theme and how AI is creating an inflection point in industrial cybersecurity, driving unprecedented connectivity between IT and OT environments.The hosts explore the challenges of the "silver tsunami" as experienced engineers retire, how AI-powered tools are being embedded directly into edge devices and industrial products from vendors like Cisco and Fortinet, and why the regulatory landscape in Europe is advancing faster than other regions.They emphasize the importance of connecting with peers and partners in the OT security community, highlight key vendors and technologies showcased at the event, and explain why both IT and OT professionals should attend S4X together to bridge the knowledge gap.The episode concludes with details about next year's expanded conference in Tampa, February 8-11.Chapters:(00:00:00) - Random Encounter with Team USA Hockey in Miami(00:01:00) - S4X26 Conference Kickoff: The "Connected" Theme(00:03:00) - AI as the Inflection Point for OT Connectivity(00:05:00) - AI Embedded in Edge Devices and Vendor Technologies(00:07:00) - First-Time Attendee Experiences and Key Takeaways(00:10:00) - Europe's Cyber Resiliency Act and Regulatory Advancements(00:12:00) - Vendor Presence and the OT Technology Marketplace(00:14:00) - S4X27 Moving to Tampa: February 8-11, 2027(00:16:00) - AI's Role in Addressing the Silver Tsunami(00:18:00) - Final Thoughts: Why IT and OT Teams Should Attend TogetherLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: OT Under Siege: How to Defend Critical Infrastructure From Nation-State Cyber ThreatsPub date: 2026-03-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationGlobal conflicts are no longer confined to physical battlefields - they're spilling into cyberspace. In this urgent episode of Protect It All, host Aaron Crow breaks down the rising wave of cyber threats targeting critical infrastructure, from energy and water utilities to manufacturing and transportation systems. Drawing on recent global events and real-world incidents, Aaron explores how nation-state actors, hacktivists, and advanced adversaries are increasingly targeting operational technology environments. These attacks often rely on “living off the land” techniques - leveraging existing tools and access inside networks rather than deploying obvious malware. But this episode isn't about panic. It's about practical defense. Aaron outlines the immediate steps OT security teams can take to strengthen resilience - even with limited resources and tight budgets. In this episode, you'll learn: Why global instability increases cyber risk for critical infrastructure How attackers exploit existing tools using living-off-the-land tactics The importance of vigilance, monitoring, and patching in OT environments Why access control and identity management are critical defenses How organizations can improve security posture without massive investments The role of collaboration and awareness in defending essential systems Whether you operate power systems, water facilities, industrial plants, or transportation infrastructure, this episode provides real-world guidance to help you stay ahead of evolving threats. Tune in to learn how OT teams can strengthen defenses and protect the systems society depends on - only on Protect It All. Key Moments: 03:41 "Rising Cyber Threats Amid Tensions" 08:24 Nation-State Cyber Threats Unveiled 11:23 "Advanced Cybersecurity and Monitoring" 14:24 Prioritizing and Addressing Security Risks 17:24 Practical Steps for Cybersecurity Improvements 19:34 "Focus on Resources and Action" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis de Auditoría de seguridad en OTPub date: 2026-03-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se cuestiona si las organizaciones actuales auditan controles teóricos o su capacidad real de resistir incidentes industriales. Se explora la paradoja de las empresas que, a pesar de superar auditorías, siguen siendo frágiles ante amenazas, y se analiza el peso de la cultura de decisión frente a la arquitectura técnica.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Gus Serino on a Massachusetts Water Cybersecurity CollaborativePub date: 2026-03-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationGus Serino, President of I&C Secure, joins the Nexus Podcast to discuss the formation and evolution of an ongoing water utility cybersecurity collaborative that leans on a collective defense model to share resources and threat intelligence among six water & wastewater companies in the commonwealth. Serino helped put together this coalition, and he explains how a feasibility study came together resulting in a shared grant that member utilities can use to improve their security programs. Gus talks about the origins of this collaborative and how other utilities can follow this model to improve cybersecurity in this struggling, resource-strapped critical infrastructure sector.Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Fortinet Cybersecurity Podcast (LS 26 · TOP 10% what is this?)Episode: Brass Tacks S2E06 – Fighting Cybercrime at Global ScalePub date: 2026-03-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybercrime runs like a business, fast, scalable, and hard to stop. Jürgen Stock, Former Secretary General INTERPOL, explains how criminal networks work, why basic cyber hygiene still blocks many attacks, and how police, companies, and governments must share data to keep pace as AI speeds crime up. Watch or listen to the episode, and read the blog to understand how cybercrime works at scale. https://www.youtube.com/watch?v=NOLgv_a2w6oThe podcast and artwork embedded on this page are from Fortinet Cybersecurity Podcast, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: The Hidden Cost of Siloed OT Security ToolsPub date: 2026-03-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAs we lookback, Craig and Dino tackle a critical disconnect in industrial cybersecurity: the failure to share OT security tool data with the people who actually need it.They explore why IT teams often purchase and deploy OT IDS platforms without engaging plant floor teams, system integrators, and OEMs who are actively working in manufacturing environments.The conversation reveals that 85% of data collected by these tools is meant for OT teams to act on, yet it rarely reaches them.They discuss the consequences of this siloed approach—including system integrators bringing their own tools to fill the gap—and provide practical advice on achieving true IT/OT convergence.The episode emphasizes the importance of working with partners who can "build the car" rather than just "sell the car," and challenges organizations to evaluate whether they're truly practicing IT/OT convergence or just paying lip service to it.Chapters:(00:00:00) - The Data Sharing Problem in OT Cybersecurity(00:01:00) - Why System Integrators Can't Access Security Tool Data(00:04:00) - Who's Keeping the Data and Why(00:08:00) - The IT/OT Oil and Water Problem(00:11:00) - When System Integrators Bring Their Own Tools(00:14:00) - Questions to Ask Your Cybersecurity Partners(00:17:00) - The Car Analogy: Buyers vs. Builders(00:19:00) - Who Asset Owners Really Trust(00:21:00) - The Three-Legged Stool of OT Security(00:23:00) - The Path to True IT/OT ConvergenceLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Exploited: The Cyber Truth Episode: AI Wrote the Code—Who Owns the Risk?Pub date: 2026-03-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and embedded systems expert Jacob Beningo to explore how AI is changing the software development lifecycle for embedded and firmware teams. Together, they unpack the risks and responsibilities that come with AI-generated code. While AI can accelerate development and automate tedious tasks, it can also introduce defects, expand the attack surface, and create a dangerous illusion of completeness. Unlike human engineers, AI cannot explain intent, reason about long-term system behavior, or take accountability when systems fail. Joe and Jacob discuss how engineering teams can safely integrate AI into development workflows without sacrificing security, reliability, or accountability, especially in systems that must operate safely for years in the field. In this episode, they explore: Why AI-generated code can introduce hidden vulnerabilities and complexityThe accountability challenge: who owns the risk when AI writes the code?How AI output should be treated as untrusted code by defaultWhy rigorous testing, validation, and security reviews still matterPractical ways engineering teams can use AI responsibly in embedded development For engineers, security leaders, and product teams navigating AI adoption in embedded systems, this episode offers practical insights into how to move faster with AI without weakening trust in the systems you build.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Poland's Power Grid Cyberattack What It Teaches Us About OT Security and Renewable Energy RisksPub date: 2026-03-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhat happens when attackers target the systems that keep the lights on? In this episode of Protect It All, host Aaron Crow breaks down the December 2025 cyberattack on Poland's energy infrastructure, where coordinated attackers disrupted wind farms, solar installations, and heat and power plants - impacting nearly half a million people. This real-world incident highlights the growing risks facing distributed energy resources (DER) and modern power grids. As energy systems become more connected and decentralized, the attack surface expands - often faster than security programs can adapt. Aaron walks through what actually went wrong: default passwords, unpatched devices, and weak network segmentation that allowed attackers to brick OT equipment and blind operators to what was happening in their own systems. You'll learn: How attackers targeted renewable energy infrastructure at scale Why edge devices and distributed assets create new vulnerabilities The importance of eliminating default credentials and poor configurations Why network segmentation and secure remote access are essential What grid operators and OT teams must prioritize immediately How lessons from Poland apply to power grids worldwide For engineers, operators, and cybersecurity leaders responsible for critical infrastructure, this episode delivers practical insights on defending modern energy systems before attackers strike again. Tune in to understand what Poland's grid attack reveals about the future of OT security - only on Protect It All. Key Moments:  04:57 "Corrupted Firmware Disables System Control" 10:01 DER Risks and Scaling Threats 10:55 Risks of Expanding Energy Grids 16:30 OT Security Vulnerabilities and Risks 18:34 Prioritize OT Security Systems 23:06 Change Default Passwords Immediately 24:49 "Critical ICS Security Measures" 30:15 "OT Cyber-Physical Response Plan" 32:56 "Critical Security Steps for Resilience" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4 The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 1/4 Contexto de Auditoría de seguridad en OTPub date: 2026-03-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se aborda la transición necesaria de la auditoría documental clásica a la evaluación del comportamiento real de los sistemas industriales. Analiza los errores críticos al intentar aplicar metodologías IT en plantas de producción y cómo cambiar la perspectiva cuando el activo a proteger no es un servidor, sino el proceso físico que […]The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Dan Ricci on Four Years of the ICS Advisory ProjectPub date: 2026-03-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIndustrial cybersecurity expert Dan Ricci, the founder and maintainer of the ICS Advisory Project, joins the Nexus Podcast to discuss the evolution of the industry's premier ICS and OT security advisory repository as it turns 4 years old. Dan talks about the impact of the project on OT security teams, the dashboards he's created to better parse the volume of data on the site, and unique use cases that asset owners and operators have for this critical information. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 82: Kerberos in OT: RC4 Downgrade AttacksPub date: 2026-03-04Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKerberos, a decades-old authentication protocol, creates hidden risks in OT environments. Dor Segal, security researcher team lead at Silverfort, discusses delegation abuse, cipher downgrade attacks, and person-in-the-middle threats—highlighting why legacy encryption, patching challenges, and operational constraints make identity security critical in industrial networks.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: The Blind Spots Putting Manufacturers at Risk: WEF 2026 Global Cybersecurity OutlookPub date: 2026-03-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationLuRae Lumpkin, Producer of Industrial Cybersecurity Insider, sits down with industrial cybersecurity expert Dino Busalachi to break down the 2026 World Economic Forum Global Cybersecurity Outlook Report and what it really means for manufacturers. While the report surveyed nearly a thousand CEOs, CIOs, and CISOs, Dino reveals a critical blind spot: industrial control systems and OT environments are being left dangerously exposed. They discuss how AI is becoming a double-edged sword for attackers and defenders, why supply chain vulnerabilities remain unaddressed, the shocking lack of cybersecurity skills on plant floors, and why most companies still aren't conducting incident response exercises. Dino shares real-world insights from working in nearly 2,000 plants over four decades, explaining why IT and OT remain disconnected, how remote access creates massive security gaps, and why outdated equipment with decades-old vulnerabilities sits unpatched in critical manufacturing environments. The conversation reveals that while enterprises focus on IT security, the plant floor—where revenue is actually generated—remains critically vulnerable, with potentially catastrophic consequences for businesses, supply chains, and even national GDP. Chapters: (00:00:00) - Introduction and Overview of WEF 2026 Cybersecurity Report (00:01:00) - Where Cybersecurity Funding Actually Goes: IT vs OT Reality (00:03:00) - The Myth of Disconnected Legacy Equipment (00:05:00) - AI as a Double-Edged Sword in Industrial Environments (00:08:00) - The Vulnerability Crisis: Thousands of Unpatched Systems (00:09:00) - Third-Party and Supply Chain Security Gaps (00:12:00) - Remote Access: The Hidden Attack Vector (00:14:00) - Critical Supplier Dependencies and Decentralized OT (00:15:00) - The Skills Gap: Why Industrial Cybersecurity Expertise is Scarce (00:19:00) - The Shocking Truth About Incident Response Exercises (00:22:00) - Real-World Impact: When Manufacturers Get Hit (00:24:00) - Getting All Stakeholders in the Same Room (00:28:00) - Insurance vs Prevention: The True Cost of Cyber Incidents (00:29:00) - Final Thoughts: Who Should Own OT Cybersecurity? Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: NIS-2 kompakt: Was für Unternehmen zählt | OT Security Made SimplePub date: 2026-03-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKlaus Mochalski und Rechtsanwalt sowie Partner Thomas Schmeding (BBH Consulting) klären die wichtigsten Fragen zu NIS-2: Wer ist durch die neuen Schwellenwerte betroffen? Welche Haftungsrisiken kommen auf die Geschäftsleitung zu und wie gelingt die Umsetzung? Ein Pflicht-Update zur Cybersicherheit.Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen, Fragen oder Gastvorschlägen an podcast@rhebo.com.  The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: IT SOC vs OT SOC How & Why They're DifferentPub date: 2026-02-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino tackle the critical differences between IT and OT Security Operations Centers, revealing why traditional IT-centric SOCs are failing to protect manufacturing environments.Drawing from real-world examples, including a global beverage company that discovered they were only monitoring one-third of their OT assets, the hosts expose the fundamental disconnect between IT security teams and operational technology environments.They discuss why IT SOCs struggle with OT visibility, the challenges of asset inventory in dynamic manufacturing environments, and the critical importance of localization in security operations.The conversation covers practical barriers like line changeovers, PLC modifications, remote access vulnerabilities, and the need for OT-specific incident response protocols.Craig and Dino emphasize that effective OT security requires IT teams to become embedded in plant operations, working collaboratively with OEMs and system integrators, and understanding the unique operational context of manufacturing assets.This episode is essential listening for CISOs, plant managers, and security professionals trying to bridge the IT-OT security gap.Chapters:(00:00:00) - The Two-Thirds Problem: When Your SOC Can't See Your Plant Floor(00:01:00) - The OT SOC Asset Visibility Problem: A Case Study(00:03:00) - Why IT SOCs Can't Manage OT Assets(00:05:00) - Line Changeovers and Operational Context(00:07:00) - First Responders and Incident Response Challenges(00:10:00) - The WannaCry Response Gap(00:12:00) - Asset Inventory and Baseline Challenges(00:15:00) - Incident Response and Phone Trees(00:17:00) - Organizational Accountability Problems(00:19:00) - Greenfield Opportunities and Standardization(00:22:00) - The IT-OT Collaboration Challenge(00:24:00) - Think Global, Act Local: Embedding IT in PlantsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Safe AI Automation for Cybersecurity: Practical Workflows Without the RiskPub date: 2026-03-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAI can accelerate cybersecurity - or accidentally expose it. In this solo episode of Protect It All, host Aaron Crow breaks down how cybersecurity professionals can safely integrate AI into their IT and OT workflows. As tools like ChatGPT, Copilot, and enterprise AI platforms become part of daily operations, the question isn't whether to use AI - it's how to use it responsibly. Aaron moves beyond buzzwords to focus on practical, everyday applications: automating reports, summarizing threat intelligence, drafting policies, enhancing documentation, and streamlining repetitive tasks. At the same time, he tackles the real concerns leaders face - data privacy, compliance, policy alignment, and shadow AI risks. You'll learn: Where AI delivers immediate value in cybersecurity workflows How to automate without exposing proprietary or regulated data The difference between enterprise AI tools and public platforms How to align AI usage with corporate security policies Practical ways CISOs and analysts can boost productivity safely Why governance and awareness matter as much as innovation Whether you're leading a security program or working hands-on in IT or OT environments, this episode delivers actionable strategies to use AI smarter—not riskier. Tune in to learn how to automate with confidence and stay ahead of the curve—only on Protect It All. Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 4/4 Desenlace de Orquestando de la seguridad OTPub date: 2026-03-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se exploran las capacidades futuras que necesitarán los responsables de ciberseguridad OT para orquestar y no solo reaccionar. Analiza cómo convertir NIS2 e IEC 62443 en motores de madurez y no en una carga. Propone el primer paso realista para avanzar hacia la orquestación de la seguridad OT.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Security Weekly Podcast Network (Audio) (LS 47 · TOP 1% what is this?)Episode: OT Security/business resilience, lack of incentives for securing software & the news - Ben Worthy - ESW #448Pub date: 2026-03-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationInterview - Ben Worthy from Airbus Protect The current state of OT security and business resilience In this episode of Enterprise Security Weekly, we sit down with Ben Worthy, OT Security Specialist at Airbus Protect, to explore the evolving landscape of business resilience in safety-critical sectors. With over 25 years of experience across aerospace, nuclear, water, oil & gas, and other industries, Ben shares insights on how organizations are adapting to the surge in disruptive cyberattacks—from ransomware targeting operational technology to GPS spoofing and supply chain incidents. We discuss major cases including the Boeing/LockBit ransom demand, the Jaguar Land Rover production shutdown, and the SITA passenger data breach, examining how aviation and other critical infrastructure sectors are separating safety risk from business continuity risk. Ben also breaks down the regulatory changes reshaping the industry, including EASA's October 2025 and February 2026 deadlines that tie cyber assurance directly to safety oversight, and what ENISA's latest numbers reveal about hacktivism and ransomware trends. Whether you're in aviation, nuclear, or any safety-critical sector, this conversation offers practical lessons on building resilience that keeps operations moving while addressing threats in real time. This segment is sponsored by Airbus Protect. Visit https://securityweekly.com/airbusprotect to learn more about them! Topic: Where are the business incentives to build secure products and software? "It's the right thing to do," so of course businesses will make their products secure, right? Well, it turns out that breaches and vulnerabilities don't traditionally hurt financial performance all that much. Stocks recover, insurance covers the bulks of the losses, fines are paid, and lawsuits are settled. Most businesses can comfortably absorb the impact, so the threat of reputational harm or financial losses just aren't slowing them down. In the case of Ivanti, where the reputational harm was extreme, the company's companies continue to get hacked as critical vulnerabilities keep getting discovered in their products. https://www.bloomberg.com/news/features/2026-02-19/vpn-used-by-us-government-failed-to-stop-china-state-sponsored-hackers In this topic segment, we don't aim to provide solutions to this problem, just the awareness that ethics, doing the right thing, and even signing the Secure by Design pledge don't seem to be enough to change vendor behavior when it comes to securing products. The Weekly Enterprise Security News Finally, in the enterprise security news, RSA Innovation Sandbox hot takes Did AI solve cyber? fundings and acquisitions a free app to warn you about smart glasses deep thoughts about OpenClaw replacing US tech with EU equivalents is hard should you turn off dependabot? accidentally taking over 7000 robot vacuums the director of AI Safety at Meta loses her email somehow should you go back to using a blackberry? All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-448The podcast and artwork embedded on this page are from Security Weekly Productions, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Dan Gunter on Creating Malicious OT Test Data to Train Security ToolsPub date: 2026-03-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationInsane Cyber CEO and founder Dan Gunter joins the Nexus Podcast in an episode recorded live at the S4 Conference in Miami. Dan explains a process for generating malicous OT data in order to test the efficacy of an organization's intrusion detection and other security products. Generating such data has its barriers, but it's crucial, he said, in order to train products and security analysts how to spot malicious and anomalous traffic. Dan talks about using emulators and achieving success on a relatively small budget. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Exploited: The Cyber Truth Episode: From NIST to Nation-State: Securing Embedded Systems through Compliance and TrustPub date: 2026-02-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Cordell Robinson, CEO of Brownstone Consulting, to explore how security frameworks like NIST 800-53 are evolving from paperwork exercises into real drivers of security maturity. From continuous monitoring and secure-by-design development to Software Bills of Materials (SBOMs) and vulnerability transparency, the conversation examines what it takes to build trust in embedded and operational technology (OT) systems, especially as regulators sharpen their focus and nation-state threats grow more sophisticated. Together, they explore: Why compliance should cover people, processes, and technology—not just policiesHow NIST frameworks are shifting from checklists to operational rigorThe growing importance of SBOMs in supply chain transparencyHow AI is reshaping both cyber defense and attacker capabilityWhat new regulatory pressure (including the EU Cyber Resilience Act) means for manufacturers Whether you build embedded systems, ship software to government agencies, or manage critical infrastructure, this episode offers practical insight into building compliance programs that strengthen security and earn trust.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Automation World Gets Your Questions Answered (LS 26 · TOP 10% what is this?)Episode: How ABB Is Digitally Transforming Legacy Control Systems Without Disrupting ProductionPub date: 2026-02-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, we connect with Stefan Basenach, senior vice president of automation technology at ABB, to learn how ABB's new dual-environment architecture, called Automation Extended, enables the integration of AI, predictive maintenance and cybersecurity upgrades while protecting reliable core control functions in the distributed control system.The podcast and artwork embedded on this page are from Automation World, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Digitalization Tech TalksEpisode: Episode 62: The hidden phase of industrial cyberattacks and how to spot it earlyPub date: 2026-02-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn the 62nd episode of Digitalization Tech Talks, hosts Jonas Norinder and Don Mack kick off a two‑part series on the evolving state of industrial cybersecurity. They uncover what's really happening inside OT networks long before a cyber incident hits the plant floor including why over 80% of adversary behavior occurs months before impact, why air‑gaps no longer provide real protection, and how legacy vulnerabilities continue to be actively exploited. As guest Adam Robbie puts it “OT security is no longer a hidden problem — it's a visibility problem.” This episode is essential listening for anyone navigating IT/OT convergence, looking for ways to improve industrial defenses, or preparing for emerging cyber risks. The insights come directly from a new white paper supported by a commercial and research partnership between Palo Alto Networks and Siemens, together with Idaho National Labs as the third-party research partner. Show Notes:Research Paper (S4 Conference): Intelligence-Driven Active Defense Report 2026 (https://sie.ag/416Tgm)Website (Palo Alto): OT Security Insights 2025 (https://sie.ag/2ZcgDY)Website (US Department of Energy): Cybersecurity for the Operational Technology Environment (https://sie.ag/5p9z6a)Website (Siemens): Industrial cybersecurity solutions | Siemens (https://sie.ag/4HJ8L4) Contact us:Adam Robbie email (arobbie@paloaltonetworks.com), LinkedIn (https://www.linkedin.com/in/adamrobbie/)Tilo Pinkert email (tilo.pinkert@siemens.com), LinkedIn (https://www.linkedin.com/in/tilopinkert/)Priyanjan Sharma email (priyanjan.sharma@siemens.com), LinkedIn (https://www.linkedin.com/in/priyanjansharma/) Don Mack email (mack.donald@siemens.com)Jonas Norinder email (jonas.norinder@siemens.com)The podcast and artwork embedded on this page are from Siemens, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Mike Holcomb on the Intersection of Hacktivists, State ActorsPub date: 2026-02-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMike Holcomb joins the Nexus Podcast to discuss a Converged Actor Framework he developed and presented at the S4 Conference. The framework delineates  groups such as hacktivists and state threat actors based on the impact and frequency of their activity. State actors are leveraging hacktivist groups with greater frequency, and this convergence must be considered as defenders tasked with protecting OT and cyber-physical systems strategize around security. Subscribe and listen to the Nexus Podcast here. Subscribe to Mike Holcomb's YouTube channel here.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Fortinet Cybersecurity Podcast (LS 26 · TOP 10% what is this?)Episode: Brass Tacks S2E01 – Cyber Conflict and the Risk to Critical InfrastructurePub date: 2026-02-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCyber attacks are used to strain states, disrupt power grids, and shake public trust. In this episode, Annita Sciacovelli, Cybersecurity Advisor and Professor of International Law at the University of Bari, explains how digital attacks target essential services, why societies are the pressure point, and how international law draws the line between cyber operations and armed response. Watch or listen to the episode, and read the blog to dig deeper into the legal and societal impact. Read the Fortinet blog: https://www.fortinet.com/blog/industry-trends/when-cyber-conflict-targets-society Watch on YouTube: https://www.youtube.com/watch?v=WGnJHB5NdAwThe podcast and artwork embedded on this page are from Fortinet Cybersecurity Podcast, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Government Information Security Podcast (LS 27 · TOP 10% what is this?)Episode: The Danger of IT, OT, Medical Device Cyber Turf WarsPub date: 2026-02-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhat often appears to be turf wars between healthcare technology management, facilities OT staff, IT departments and security teams are often the result of unclear ownership and accountability for device security. And that presents safety risks to patients, says Mohamed Waqas, CTO of Armis.The podcast and artwork embedded on this page are from GovInfoSecurity.com, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Compliance Isn't Security: NERC CIP 15 and the Real Gaps in OT Network MonitoringPub date: 2026-02-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationPassing an audit doesn't mean you're secure. In this episode of Protect It All, host Aaron Crow dives into one of the biggest misconceptions in operational technology: the belief that compliance equals protection. Using NERC CIP 15 as a real-world case study, Aaron explores why meeting regulatory requirements is only the starting point - not the finish line. A major focus of this conversation is OT network monitoring, especially the often-overlooked east-west traffic inside your environment. Many organizations monitor perimeter traffic while internal blind spots remain wide open. You'll learn: Why compliance frameworks don't automatically create security The real challenges of implementing NERC CIP 15 at scale Why internal network visibility (east-west monitoring) matters How to establish meaningful baselines in legacy OT environments The difference between audit success and operational resilience Why architecture, tooling, and skilled personnel must work together Whether you're working in utilities, manufacturing, or critical infrastructure, this episode provides practical guidance on how to move beyond checklists and build security programs that truly reduce risk. Tune in to learn how to transform compliance requirements into real operational protection - only on Protect It All. Key Moments:  00:00 OT Security Blind Spots 05:15 "OT Security and Monitoring Challenges" 10:41 Aging Switches and Monitoring Challenges 13:16 OT Protocols and Infrastructure Challenges 15:42 "IT vs OT: Complexity Challenges" 18:03 "Balancing Compliance and Security" 21:57 Securing Critical Infrastructure Spaces Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Acciones de Orquestando de la seguridad OTPub date: 2026-02-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se abordan retos reales de integrar la seguridad OT y los errores más comunes en ese proceso. Aborda cómo la automatización del cumplimiento libera a los equipos para tareas de mayor valor. Explica cómo la remediación basada en esfuerzo e impacto cambia la forma de trabajar de OT y seguridad.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: Warum die Integration von Security Events in Leitwarten entscheidend ist | OT Security Made SimplePub date: 2026-02-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDirk Lüders, Director of Marketing & Sales International bei Jungmann Systemtechnik, spricht mit Host Klaus Mochalski über seine mehrjährigen Erfahrungen als Turnkey-Solution-Anbieter für Leitwarten, welche Vorteile KVM-Systeme bieten und was für Herausforderungen durch verstaubte DOS-Altlasten sowie streng regulierte Maustreiber entstehen. Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen, Fragen oder Gastvorschlägen an ⁠podcast@rhebo.com⁠. The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 81: Root of Trust: Why Security Now Starts in SiliconPub date: 2026-02-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRising software complexity in safety-critical industries is forcing cybersecurity requirements on systems previously not thought about before.  David Sequino, CEO of OmniTrust (formerly ISS), talks about the need to secure digital certificates on life critical systems like cars and planes and the challenges in doing so.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Your OT Cybersecurity Strategy Is Failing: Here's WhyPub date: 2026-02-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino and Craig reunite to tackle the shifts occuring in industrial cybersecurity in 2026.They discuss how OT-focused IDS software companies are shifting away from managed services to partner with systems integrators who understand the plant floor.The conversation explores the challenges manufacturers face—from aging infrastructure spanning decades to flat layer-2 networks that give remote vendors unrestricted access.They emphasize that IT departments cannot effectively manage OT assets they don't own or understand, especially when dealing with equipment older than their cybersecurity staff.The episode covers the pitfalls of penetration testing in live manufacturing environments, the reality of shadow IT versus shadow OT, and why EDR solutions struggle in control system environments.Dino and Craig stress the importance of treating cybersecurity as a marathon rather than a sprint, starting with basic asset inventory and microsegmentation.They call on manufacturing leaders to stop deferring to IT for OT security, attend industry-specific conferences like S4X26, and partner with systems integrators who have deep automation expertise.With threats mounting, the time for action is now—not next quarter.Chapters:(00:00:00) - Welcome & What We've Been Up To(00:00:48) - The Big Shift: Why OT IDS Companies Are Backing Away From Managed Services(00:03:00) - The Shelfware Problem: When Security Tools Sit Unused(00:04:12) - Why Pen Testing Can Be Disruptive (or Dangerous) in Manufacturing Environments(00:05:54) - The Reality of Legacy Infrastructure: Equipment Older Than Your Cybersecurity Team(00:07:43) - Who Can Actually Patch Your Control Systems?(00:09:04) - Supply Chain Vulnerabilities: You're Only as Strong as Your Weakest Link(00:11:01) - The Last Mile Challenge: Asset Inventory, Microsegmentation & Starting Small(00:13:55) - The Shelfware to Tool-Switching Problem: Why Companies Are Reconsidering Their First Choice(00:16:18) - Shadow IT vs. Shadow OT: Who Really Owns Plant Floor Security?(00:19:00) - Why EDR Struggles in Control System Environments(00:21:35) - Time to Step Up: Why Manufacturing Leaders Can't Defer to IT Anymore(00:23:00) - Where to Learn: S4, Automation Fair, and Why You Need to Attend Industry Conferences(00:25:00) - Finding the Right Partner: Systems Integrators Who Speak Automation and Cybersecurity(00:27:00) - Final Thoughts: The Time for Action Is NowLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: OT Cybersecurity That Works: Tabletop Exercises, Critical Controls & Building TrustPub date: 2026-02-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationYou can't secure OT environments with checklists alone - you secure them with trust, clarity, and focused action. In this episode of Protect It All, host Aaron Crow sits down with OT security expert Dean Parsons to unpack what actually improves cybersecurity maturity in manufacturing, water, and wastewater environments. From remote access blind spots to outdated network architecture, they explore the practical gaps many organizations face - and how to fix them without massive budgets. A central theme? Tabletop exercises. Not as a compliance checkbox - but as a powerful tool to build collaboration between IT and OT teams, clarify roles, and stress-test real incident response plans before a crisis hits. You'll learn: Why tabletop exercises accelerate OT maturity The importance of trust between engineers and IT teams How focusing on the SANS 5 Critical Controls drives meaningful progress Why visibility and architecture matter more than shiny tools How to improve OT security without overwhelming teams or budgets The human and process factors that determine response success Whether you're leading OT security, managing critical infrastructure, or trying to bridge IT and engineering teams, this episode delivers practical, experience-backed strategies you can implement immediately. Tune in to learn how to strengthen OT security through people, process, and purposeful action - only on Protect It All. Key Moments:  03:57 "Improved IT-OT Collaboration Tabletops" 08:57 "ICS Security Priorities" 12:16 "Accelerating ICS Cybersecurity Programs" 15:07 Trusted Expertise Builds Credibility 17:28 "Engineering Role in Incident Response" 20:53 "Cybersecurity: Tabletops Gain Traction" 26:34 "Control Systems, Protocol Abuse Insights" 27:51 Secure Architecture Enables Network Visibility 33:07 "Targeted Network Monitoring Essentials" 35:23 Prioritize Critical Assets Strategically 37:50 "Bridging IT and OT Expertise" 41:56 Critical Infrastructure Security Risks 44:30 ICS Leadership and Threat Strategy 48:14 "Power Plant Walkthrough Insights" 52:02 Critical Cyber Asset Management 57:29 "SANS Courses: Essential and Valuable" About the guest :  Dean Parsons is a SANS Principal Instructor and the CEO and Principal Consultant of ICS Defense Force. Over the past two decades, Dean has built and led industrial cyber defense programs, conducted incident response and digital forensics in live plants and partnered with operators and engineers to maintain both safety and uptime across major industrial sectors. He helps organizations align investment and policy decisions with operational priorities, developing risk metrics and tabletop exercises that unify operations, engineering, and cybersecurity so organizations in any industrial sector can prioritize and measure what matters. How to connect Dean : https://www.linkedin.com/in/dean-parsons-cybersecurity Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Systems Engineering for Survival: A Physician's Guide to Emergency ManagementPub date: 2026-02-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationOur host Bryson Bort welcomes Dr. Natalie Sullivan, Medical Director of the Emergency Response Medical Group and an emergency medicine physician at a D.C. area hospital. Trained in EMS and disaster and operational medicine, Natalie turned her attention to the critical intersection of clinical medicine, patient safety, and cybersecurity resilience after experiencing a prolonged ransomware attack on a major hospital. Dr. Sullivan lays out the disaster preparedness cycle, and the many vectors of risks for hospitals. How does a cyberattack on one hospital lead to increased cardiac arrest mortality at the hospital three blocks away? Why is a generation of "digital native" doctors a hidden vulnerability in an analog emergency? And what happens when a hospital's reliance on these "tightly coupled" systems—like water, power, and the Medical IoT—collapses during a ransomware event?“We are critical infrastructure, but we're deeply, deeply dependent on the surrounding critical infrastructure,” Dr. Sullivan said. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis de Orquestando de la seguridad OTPub date: 2026-02-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se analiza la diferencia entre mostrar información y facilitar decisiones reales en ciberseguridad OT. Aborda cómo priorizar el riesgo por impacto operativo y de negocio sin generar alarmismo. Explica por qué el exceso de alertas y ruido puede ser más peligroso que la falta de visibilidad.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Today with ISSSourceEpisode: AI Boosts Functional SafetyPub date: 2026-02-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationFacing a serious crunch of safety experts leaving the manufacturing industry and not enough coming in to fill the void, and add in a complex and more connected digital environment, the sector could use a technological boost. Artificial intelligence could be the answer.The podcast and artwork embedded on this page are from Gregory Hale, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: CISA's Matthew Rogers on Secure OT Protocol CommunicationPub date: 2026-02-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMatthew Rogers, ICS Cybersecurity Lead at the Cybersecurity Infrastructure and Security Agency (CISA) joins the Nexus Podcast to discuss new guidance published by the agency to help manufacturers and asset owners move toward more secure OT communication protocols. Legacy protocols that contain little to no basic security capabilities are still prevalent in OT environments today. Rogers explains the risk and why manufacturers should begin their journey away from proprietary protocols and toward open standards. According to CISA's guidance, operators want authentication and integrity capabilities to protect process data, but need to understand the value and business impact of doing so. Download CISA's guidance here. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Bites and Bytes PodcastEpisode: Danielle Jablanski on Food & Ag, OT Security & Everything in BetweenPub date: 2026-02-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDanielle Jablanski isn't your typical OT security expert… she studied genocide in Rwanda, analyzed future water wars for her master's thesis, and once received a phishing text inviting her to eat grilled crocodile on the beach. Now leading STV's OT cybersecurity consulting program and teaching at both Middlebury Institute and Dallas College, Danielle brings policy depth, technical expertise, and genuine curiosity to oneof the most wide-ranging conversations we've ever had.We chase every rabbit worth chasing, smart greenhouses, vulnerabilities, food monopolies, insects, data integrity risks, geopolitics, and how food travels. Danielle shares lessons from nuclear security, explains why compromised data is scarier than loss of control, and makes the case for why more security pros should care about what ends up on our plates.This is exactly how Kristin and Danielle talk when the mics aren't rolling… except this time they were.---------------Episode Key Highlights00:01:03 — Creative Phishing Texts00:10:27 — How Kristin and Danielle Met00:17:08 — Insects and the Food Chain00:28:05 — Monopolies and Single Points of Failure00:30:32 — Rat Trap Sensors vs. Robot Pickers00:33:46 — Centralization Risk00:44:25 — Data Integrity vs. Loss of Control00:55:30 — Food as Critical Infrastructure01:06:30 — Global Supply Chain and Ports01:15:45 — China, Soybeans, and Soft Power---------------

Podcast: Energy TalksEpisode: #120: Use of Deception Solutions in Energy Sector CybersecurityPub date: 2026-02-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDiscover how digital twins of online infrastructure can be used to fool attackers In this episode of Energy Talks, host Simon Rommer, OT Security Consultant at OMICRON, and his guest. Christoph Kukovic, Chief Information Security Officer at Verbund AG, Austria's leading energy company and one of the largest producers of hydroelectricity in Europe, discuss the critical roles of IT and OT in power systems cybersecurity, focusing on the use of deception solutions. Deception solutions aim to create realistic online environments for attackers. The idea is to challenge them with a digital twin of the online infrastructure so that they attack the deception solution instead of the real infrastructure. Christoph shares his insights with Simon into his personal cybersecurity journey, the challenges faced in implementing innovative cybersecurity measures, and the development of his company's own deception solutions. The conversation delves into the importance of collaboration, the need for realistic simulations, the difference between honeypot and deception solutions, and testing deception solutions in real-world scenarios. Get more information about OT cybersecurity for power grids . We welcome your questions and feedback. Simply send us an email to podcast@omicronenergy.com. Please join us to listen to the next episode of Energy Talks.The podcast and artwork embedded on this page are from OMICRON electronics GmbH, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Exploited: The Cyber Truth Episode: The OT Mistakes Attackers Count On—And How to Fix Them Before They DoPub date: 2026-02-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joseph M. Saunders and OT/ICS security expert Mike Holcomb, founder of UTILSEC, for a candid discussion about the weaknesses attackers exploit inside industrial environments. Mike shares what he repeatedly finds during assessments of large OT and ICS networks: no effective firewall between IT and OT, flat networks with little segmentation, stale Windows domains, shared engineering credentials, exposed HMIs, and OT protocols that will accept commands from any reachable host. He explains how attackers move from IT into OT using familiar enterprise techniques before pivoting into PLCs, RTUs, safety systems, and historians. Joe outlines why secure-by-design practices, higher software quality, and “secure by demand” procurement are critical to long-term resilience—especially as cloud connectivity and AI accelerate modernization in industrial environments. Together, they explore: Why a missing or misconfigured IT/OT firewall remains the most common and dangerous gapHow micro-segmentation and unidirectional architectures reduce blast radiusThe risks of web-enabled HMIs and long-lived legacy systemsWhy monitoring PLC programming traffic and historian queries mattersHow the Cyber Resilience Act is reshaping accountability for OT vendors If you're responsible for industrial operations, plant uptime, or product security, this episode shows how attackers actually move through OT environments—and how to eliminate the mistakes they depend on.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Former NSA now Founder & CTO Breaks Cybersecurity Down: Satellites to ManufacturingPub date: 2026-02-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino sits down with Dick Wilkinson, CTO and co-founder of Proof Labs, to explore the intersection of space technology and industrial cybersecurity.Dick shares his 20-year journey in the U.S. Army with the National Security Agency, transitioning from signals intelligence to becoming a CISO for critical infrastructure organizations, including New Mexico's Supreme Court and the Albuquerque water authority.The conversation dives deep into the challenges of securing satellite systems with onboard intrusion detection and the persistent gap between IT and OT security teams. We also explore why the "castle wall" perimeter security model is dangerously outdated.Dick reveals how AI is lowering the barrier to entry for both attackers and defenders, and discusses the real-world applications of satellite communications in oil and gas operations.He also introduces a revolutionary physical layer-one air gap device called Goldilock Secure, which could transform how we protect remote industrial assets.This episode is essential listening for CISOs, CTOs, and security leaders looking to understand emerging threats in space-based infrastructure and practical solutions for securing distributed industrial environments.Chapters:(00:00:00) - Dick's Journey: From NSA to Space Cybersecurity(00:04:32) - What is Proof Labs and Why Space Security Matters(00:08:15) - Satellites as OT Assets: Oil, Gas, and Critical Infrastructure(00:12:47) - How Onboard Intrusion Detection Works in Spacecraft(00:16:23) - The Castle Wall Problem: Moving Beyond Perimeter Security(00:19:41) - IT vs OT: Bridging the Gap in Manufacturing Cybersecurity(00:24:18) - AI's Impact: Lowering the Barrier for Attackers and Defenders(00:27:35) - The Visibility Challenge: Why Most Plants Don't Know Their Assets(00:30:12) - Goldilock Firebreak: A Physical Air Gap Device That Changes Everything(00:35:20) - Real-World Applications for Remote Industrial Asset ProtectionLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Dick Wilkinson on LinkedInProof Labs WebsiteIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Pen Testing Reality Check: Why Cybersecurity Fundamentals Still Matter More Than AIPub date: 2026-02-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationShiny tools don't break attackers in basic mistakes. In Episode 92 of Protect It All, host Aaron Crow sits down with Corey LeBleu, founder of Relix Security and seasoned penetration tester, for a candid look at what actually causes organizations to get compromised and why fundamentals still matter more than the latest security trends. Drawing from years of red-team and penetration-testing experience, Corey shares real stories from the field: forgotten printers, unmanaged IoT devices, legacy systems no one owns anymore, and misconfigurations hiding in plain sight. Together, Aaron and Corey unpack why asset visibility, patching, and change management continue to be the weakest links - even as AI and automation enter the security conversation. You'll learn: Why old printers, IoT devices, and “temporary” systems are prime attack paths What most organizations misunderstand about pen testing and red teaming How poor asset inventory and change management undermine security programs The real risks behind shadow IT and unmanaged tools Where AI helps in pen testing and where experience still wins Why mastering the basics beats chasing new security gadgets every time Whether you're a security professional, IT leader, or someone looking to break into cybersecurity, this episode delivers practical, no-nonsense lessons from the front lines - focused on what actually reduces risk. Tune in to hear why cybersecurity success still starts with the fundamentals - only on Protect It All. Key Moments:  03:57 Critical Infrastructure: Finding Vulnerabilities 06:44 "Cyber Risks from Hidden Devices" 11:25 Cybersecurity: Focus on Basics 16:09 Complex Systems Demand Continuous Testing 18:17 Understanding Complex System Security 22:54 "Testing: External vs. Internal" 24:12 Enterprise Challenges with AI Integration 27:40 AI Lowers Barriers for Hacking About the guest :  Corey LeBleu has built a career around application security testing, becoming deeply involved in integrating vulnerability assessments throughout the software testing lifecycle. Noticing shifts in industry practices, Corey observed major international financial institutions moving to routinely pentest every application- even legacy IBM systems - leading the way in robust cybersecurity practices. In contrast, Corey also highlights the challenges faced by manufacturing, where operational technology often suffers from outdated, vulnerable systems. Corey's experience showcases the evolving landscape of application security, emphasizing the need for continuous testing and vigilance across diverse industries. How to connect Corey : https://www.linkedin.com/in/coreylebleu/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.