@BEERISAC: CPS/ICS Security Podcast Playlist

Podcast: Industrial Cybersecurity InsiderEpisode: Reflections from the Front Lines of Industrial Cyber FailuresPub date: 2025-06-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this rewind episode, cybersecurity leaders revisit some of the hardest-hitting truths about protecting critical infrastructure in an increasingly converged IT/OT world. This conversation explores the disconnect between IT theory and OT reality, from the real-world fallout of the CrowdStrike disruption to the challenges of virtual patching, insider threats, and the cloud's role on the plant floor. The discussion exposes how legacy systems, poor collaboration, alert fatigue, and vendor dependency continue to sabotage industrial cybersecurity. They discuss tactical strategies for improving, from asset inventory and patching hygiene to choosing the right partners and walking the plant floor.Chapters:00:00:00 - Cyber threats are moving faster than your patch cycle00:00:47 - Crowdstrike, Virtual Patching and Industrial OT Environments with Debbie Lay, TXOne Networks00:07:48 - The #1 Myth Putting Your Industrial OT Assets at Risk00:15:01 - Patch Management and Software Updates: IT versus OTLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Control Amplified: The Process Automation Podcast (LS 25 · TOP 10% what is this?)Episode: Modern SCADA: ensuring safety, relevance and conveniencePub date: 2025-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSCADA applications are responsible for far more than facilitating real-time process monitoring and alarm management. The process history they compile over time is critical to providing the data-driven insights that industry relies on when optimizing their systems to control costs, maximize uptime and increase the life of infrastructure. Modern SCADA systems must ensure data is safe, relevant and easily shareable with a company's own team or third-party reporting solutions, business systems and artificial intelligence (AI) platforms. Control Amplified talked to Chris Little, media relations director, Trihedral Engineering, about straightforward principles to ensure that your SCADA data is ready to go to work.The podcast and artwork embedded on this page are from ControlGlobal, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 64: Volt TyphoonPub date: 2025-06-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhile cybersecurity threats targeting critical infrastructure, particularly focusing on the vulnerabilities of operational technology (OT) and industrial control systems (ICS).mostly originate on the business or IT side, there's increasing concern about attacks crossing into OT, which could result in catastrophic consequences, especially in centralized systems like utilities. Michael Welch,  managing director from MorganFranklin Cyber, discusses how Volt Typhoon and other attacks are living off the land, and lying in wait.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: KBKAST (LS 31 · TOP 5% what is this?)Episode: Episode 314 Deep Dive: Imran Husain | Cybersecurity Threats in the Manufacturing WorldPub date: 2025-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, we sit down with Imran Husain, Chief Information Security Officer at MillerKnoll, as he discusses the evolving landscape of cybersecurity threats in the manufacturing sector. Imran explores the challenges that arise as manufacturing increasingly integrates with online technologies and IoT, highlighting the unique vulnerabilities posed by legacy systems and operational technology (OT). He shares insights on high-profile incidents like the Norsk Hydro ransomware attack, emphasizing the importance of cyber resilience, data backup, and incident recovery. Imran also offers a candid look at why critical tasks like backing up data are often neglected, the complexities of securing aging infrastructure, and the need for creative solutions such as network segmentation and IT/OT convergence. A dedicated and trusted senior Cyber security professional, Imran Husain has over 22 years of Fortune 1000 experience that covers a broad array of domains which includes risk management, cloud security, SecDevOps, AI Security and OT Cyber practices. A critical, action-oriented leader Imran brings strategic and technical expertise with a proven ability to build cyber program to be proactive in their threat detection, identifying and engaging in critical areas to the business while upholding their security posture. He specializes in Manufacturing and Supply Chain Distribution focusing on how to best use security controls and processes to maximize coverage and reduce risk in a complex multi-faceted environment. A skilled communicator and change agent with bias to action who cultivates an environment of learning and creative thinking, Imran champions open communication and collaboration to empower and inspire teams to exceed in their respective cyber commitments. He is currently the Global Chief Information Security Officer (CISO) at MillerKnoll, a publicly traded American company that produces office furniture, equipment, and home furnishings.The podcast and artwork embedded on this page are from KBI.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 24 · TOP 10% what is this?)Episode: Breaking In to Break Things: Practical Paths to Hardware Hacking and IoT SecurityPub date: 2025-06-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHash Salehi, Reserve Engineer and Founder of RECESSIM, joins host Philip Wylie to demystify the world of hardware hacking and security, highlighting niche but critical vulnerability research in IoT and embedded devices. Through recounting his own experiences, from customizing low-cost fault injection attacks on automotive microprocessors to reverse engineering smart meters, Hash shares both successes and frustrations from the front lines of hands-on security assessment. The conversation aims to inspire and equip listeners who want to explore or deepen their understanding of hardware security by surfacing resources, communities, and the mindset necessary to uncover vulnerabilities beyond software.Links:http://www.recessim.com/https://wiki.recessim.com/https://www.youtube.com/c/RECESSIM Let's connect about IoT Security!Follow Phillip Wylie at https://www.linkedin.com/in/phillipwyliehttps://youtube.com/@phillipwylieThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Old Systems, New ThreatsPub date: 2025-06-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBryson Bort is joined by Jim Montgomery, Director, Industrial Cybersecurity Solutions at TXOne Networks. TXOne provides network-based and endpoint-based products to tackle security vulnerabilities across industrial environments. With decades of IT security experience, Jim now leads TXOne's work protecting Operational Technology environments across critical sectors like automotive, oil and gas, pharma, manufacturing, and semiconductors.How can we defend against threats that are already embedded within our systems? What are the most immediate and significant risks facing our critical infrastructure today? And how can operators begin to secure their networks? “Let's start with the basics. Let's start with understanding. Let's start with making it hard to get into your environment, and let's start discouraging that type of behavior from attacking your environment,” Jim said. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: From Y2K to 2038: Uncovering Time Bombs in OT and ICS Systems with Pedro UmbelinoPub date: 2025-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Protect It All, host Aaron Crow welcomes Pedro Umbelino, Principal Research Scientist at BitSight, for an insightful and lively conversation recorded shortly after they met at RSA. Pedro shares stories of his early days in computing, from scavenging parts as a kid to teaching himself programming on a ZX Spectrum. The discussion quickly dives into critical cybersecurity issues across the interconnected worlds of IT and OT, focusing on dramatic vulnerabilities in Automatic Tank Gauges (ATGs) at gas stations—exposing ways attackers could cause significant physical damage and even spark major operational disruptions, all through insecure legacy protocols.   Pedro also brings attention to a ticking time bomb: the “Year 2038” problem, where millions (if not billions) of 32-bit systems might fail due to an epoch time rollover—an issue that could have consequences reminiscent of Y2K, but on a potentially broader scale, especially for OT and critical infrastructure.   Throughout the episode, Aaron and Pedro share practical strategies, lessons from the field, and the sobering reminder that many of these vulnerabilities are still lurking below the surface. The conversation highlights the importance of awareness, collaboration across industry and ISPs, and a proactive approach to understanding and hardening both new and legacy systems. Whether you're an OT engineer, a security researcher, or just curious about what it means to truly “protect it all,” this episode offers a fascinating look at the evolving landscape of digital and physical security risks.   Key Moments: 06:37 Letting Go of Old Memories 15:12 Refueling Spill Risks Concern Technicians 17:37 Understanding Risks Beyond Fear 23:24 Internet Exposure Risks for OT Devices 32:17 Global Cyber Incident Response Challenges 35:30 Legacy System Challenges 39:19 Unidentified Cyber Assets Risk 48:41 "Understanding the Apocalypse Project's Challenges" 49:31 Testing System Vulnerabilities at Scale 55:12 Tech Vulnerabilities Analogous to Y2K 01:03:08 Challenges in OT Modernization   About the Guest: Pedro Umbelino currently holds the position of Principal Research Scientist at Bitsight Technologies and brings over a decade of experience in dedicated security research. ⁤His eclectic curiosity has led to the uncovering of vulnerabilities spanning a gamut of technologies, highlighting critical issues in multiple devices and software, ranging from your everyday smartphone to household smart vacuums, from the intricacies of HTTP servers to the nuances of NFC radio frequencies, from vehicle GPS trackers to protocol-level denial of service attacks.  Pedro is committed to advancing cybersecurity knowledge and has shared his findings at prominent conferences, including Bsides Lisbon, DEF CON, Hack.lu and RSA. How to connect Pedro : LinkedIn: https://www.linkedin.com/in/pedroumbelino/X: https://x.com/kripthorWebsite: https://www.bitsight.com/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis Incorporando ciberseguridad en el diseño de tecnología industrialPub date: 2025-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSe analiza cuáles son los principales momentos del ciclo de vida del desarrollo de una tecnología industrial y cuándo se debe incorporar la ciberseguridad y otros requisitos.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: What Every CISO Gets Wrong About OT SecurityPub date: 2025-06-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Dino and Craig tackle one of the most misunderstood topics in industrial cybersecurity: IT/OT convergence. But is it truly convergence or more of a collision? Drawing from real-world experiences, they challenge the idea that OT is a “shadow IT group” and argue that operational technology deserves distinct governance, funding, and strategic influence. From secure-by-design to system integrators' evolving role, this conversation is a call to action for CISOs, CIOs, and engineering leaders to rethink how they build cybersecurity partnerships across the plant floor.Chapters:00:00:00 - Opening Shot: Who's Really in Charge—CIOs or the Plant Floor?00:00:57 - Collision Course: IT and OT Can't Keep Dodging Each Other00:01:52 - Two Worlds, One Mission: Why OT Isn't Just “IT in a Hard Hat”00:04:07 - When Convergence Fails: What's Missing in the Middle00:05:54 - Breaking Silos: Why Cybersecurity Demands True Collaboration00:08:22 - Real Talk: What Cyber Protection Looks Like on the Plant Floor00:10:46 - OT's Tipping Point: Will the Next Move Come from IT, or the Shop Floor?00:17:32 - Your Move: What Leaders Must Do Next (Before It's Too Late)Links And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: What do we need to deter insider threats? | OT Security Made SimplePub date: 2025-06-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMandana White, CEO of Smart Grid Forums, talks about the rise of insider threats to a company's cybersecurity and what it has to do with the cost-of-living crisis as well as the Western Robin Hood mentality. Diving a bit into societal psychology and politics there might even be a bit to learn from – of all places – Dubai to get IT and OT cybersecurity working in both companies and society.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Building Trust and Bridging the Gap in OT and IT CybersecurityPub date: 2025-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow sits down with Dean Parsons, one of the most recognized names in the OT and industrial control systems (ICS) security world, for a candid and insightful conversation.   Join Aaron and Dean as they explore what it truly takes to bridge the worlds of IT and OT. Drawing from decades of industry experience, their discussion covers everything from building trust across teams, to the superpower of understanding both operational technology and cybersecurity. Expect real-world stories, practical advice on breaking into OT cybersecurity, and memorable lessons from the plant floor to the boardroom.   They also break down what makes OT security fundamentally different from traditional IT approaches, why risk-based strategies are essential, and how building relationships, sometimes over donuts and coffee—can be just as important as deploying firewalls and patching systems. Whether you're new to ICS and OT security, or a seasoned defender looking for fresh perspective, this episode brings actionable tips, honest assessments, and inspiration to help you better protect what matters most.   So grab your hard hat (and maybe a box of donuts!), and get ready for a masterclass on collaboration, building skills, and why trust is the real currency in the fight to secure our critical infrastructure.   Key Moments:    05:32 Listening Over Speaking in Legacy Spaces 07:01 IT Security Teamwork and Trust 11:21 Cost-Efficient ICS Security Solutions 15:42 Converging Skill Sets in IT Security 17:36 OT vs IT: Different Risks 22:28 Prioritizing Post-Assessment Actions 23:20 Prioritize SANS ICS Critical Controls 29:31 Engineering Perspective on Critical Assets 30:47 Detecting Misuse of Control Systems 35:52 Collaborative Incident Response Dynamics 39:03 Remote Hydroelectric Plant Journey 40:45 Building Trust with Baked Goods 44:55 "Safety Crucial in Facility Disruptions" 48:50 ICS Security: Closing Safety Gaps 53:37 Enhancing ICS Security Controls 57:18 "ICS Summit and LinkedIn Activities"   About the guest :  Dean is the CEO and Principal Consultant of ICS Defense Force and brings over 20 years of technical and management experience to the classroom. He has worked in both Information Technology and Industrial Control System (ICS) Cyber Defense in critical infrastructure sectors such as telecommunications, electric generation, transmission, distribution, and oil & gas refineries, storage, and distribution, and water management. Dean is an ambassador for defending industrial systems and an advocate for the safety, reliability, and cyber protection of critical infrastructure. His mission as an instructor is to empower each of his students, and he earnestly preaches that “Defense is Do-able!”    Over the course of his career, Dean's accomplishments include establishing entire ICS security programs for critical infrastructure sectors, successfully conducting industrial-grade incident response and tabletops, ICS digital forensics, and ICS/OT Cybersecurity assessments across multiple sectors. As a SANS Principal Instructor, Dean teaches ICS515: ICS Visibility, Detection, and Response, is a co-author of the SANS Course ICS418: ICS Security Essentials for Managers and an author of SANS ICS Engineer Technical Awareness Training. Dean is a member of the SANS GIAC Advisory Board and holds many cybersecurity professional certifications including the GICSP, GRID, GSLC, and GCIA, as well as the CISSP®, and holds a BS in computer science. When not in the field, Dean spends tine chasing icebergs off the coast of Newfoundland on a jetski, or writing electric 80s inspired electronic music in this band Arcade Knights.   Resources Mentioned:  5 ICS Cybersecurity Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls/ SANS ICS Cybersecurity Summit: https://www.sans.org/cyber-security-training-events/ics-security-summit-2025/ How to connect Dean:  https://www.linkedin.com/in/dean-parsons-cybersecurity/ https://www.sans.org/profiles/dean-parsons/ Dean's Book: https://www.amazon.com/ICS-Cybersecurity-Field-Manual-EXCLUSIVE/dp/B0CGG6GMHW/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CiberAfterWork: ciberseguridad en Capital RadioEpisode: Episode 298: The Blackout, Critical Infrastructures, and CybersecurityPub date: 2025-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThis episode discusses the major power blackout in Spain, analyzing if it could have been caused by a cyberattack, although market consensus discards this possibility. It also reflects on the vulnerability of critical infrastructures to such events. The program also details the rapid appearance of cyber scams related to the blackout, demonstrating the adaptability of cybercriminals. Subsequently, the program presents a DNS-based security solution (Flash Start) to protect web browsing in companies and on devices, emphasizing its ease of installation and customization. Finally, it reports on a ransomware cyberattack on the Ayuntamiento de Badajoz and the dismantling by the FBI of a "Fishing as a Service" platform, highlighting the importance of prevention, detection, and response in cybersecurity. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/The podcast and artwork embedded on this page are from psaneme, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CiberAfterWork: ciberseguridad en Capital RadioEpisode: Episodio 298: El Apagón, las Infraestructuras Críticas y la CiberseguridadPub date: 2025-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se habla del gran apagón que sufrió España y se analiza si pudo haber sido causado por un ciberataque, aunque el consenso del mercado lo descarta, y reflexionando sobre la vulnerabilidad de las infraestructuras críticas ante tales eventos. También se detalla la rápida aparición de ciberestafas relacionadas con el apagón, demostrando la adaptabilidad de los ciberdelincuentes. Posteriormente, el programa presenta una solución de seguridad basada en DNS para proteger la navegación web en empresas y dispositivos, enfatizando su facilidad de instalación y personalización. Finalmente, se informa sobre un ciberataque de ransomware al Ayuntamiento de Badajoz y el desmantelamiento por parte del FBI de una plataforma de "Fishing as a Service", resaltando la importancia de la prevención, detección y respuesta en ciberseguridad. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/The podcast and artwork embedded on this page are from psaneme, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 1/4 Contexto Incorporando ciberseguridad en el diseño de tecnología industrialPub date: 2025-06-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se presenta el contexto del caso: datos del entrevistado y cuál es el contexto del entorno y cuáles son los desafíos de incorporar ciberseguridad en el desarrollo de las tecnologías.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Conservas Guillén by Trend MicroEpisode: Conserva #38 con Maria Penilla (ZIUR) - CRA (Cyber Resilience Act).Pub date: 2025-05-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn Conservas Guillén abrimos una nueva lata para hablar con María Penilla (Directora General de la Fundación ZIUR, Centro de Ciberseguridad Industrial de Gipuzkoa) para hablar de la CRA (Cyber Resilience Act) y como desde la Fundación están ayudando al tejido empresarial / industrial de Guipuzkoa y Euskadi. Conservaciones de 30 minutos, aproximadamente, en lenguaje entendible y coloquial.The podcast and artwork embedded on this page are from Trend Micro Iberia, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Megan Stifel on the Impact of the Ransomware Task ForcePub date: 2025-05-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMegan Stifel, Chief Strategy Officer for the Institute for Security and Technology, joins the Nexus Podcast to discuss the four years of progress and challenges experienced by the Ransomware Task Force. The RTF was created days before the Colonial Pipeline ransomware incident and in a landmark report, laid out 48 recommendations to the industry that included a framework for critical infrastructure organizations that could help deter and disrupt the operations of ransomware gangs. Stifel covers the growth of the task force and which the of the 48 recommendations have been tackled and which remain. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 63: Chief Hacking OfficerPub date: 2025-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThis is a story about a Chief Hacking Officer who draws on his expertise in physical and virtual security assessments—along with some intuitive AI-driven coding—to safeguard Operational Technology. Colin Murphy of Frenos and Mitnick Security talks about how some of his early assessment work with Kevin Mitnick is helping him with OT security today.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: OT Security in Hindsight: Visibility, Authority, and the Executive DisconnectPub date: 2025-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this special rewind edition of Industrial Cybersecurity Insider, we revisit some of the most powerful insights shared on how to elevate OT cybersecurity across complex, distributed environments. From budget allocation strategies to disaster recovery frameworks and the nuances of executive engagement, this episode distills frontline lessons into a compact, high-impact listen. Whether you're navigating remote access risks, managing hybrid architectures, or striving to align plant managers with corporate cybersecurity goals, these reflections are a roadmap for driving resilience and maturity in your OT security strategy.Chapters:00:00:00 - Rewind Kickoff: From Blind Spots to Bold Predictions00:00:46 - The A-Z of Industrial Cybersecurity for OT Environments with Industry Expert Bryson Bort00:10:57 - Gartner, DOGE, and the Future of OT Cybersecurity Policy00:21:38 - Uncovering Blind Spots in OT CybersecurityLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 24 · TOP 10% what is this?)Episode: Real-World Cyber Threats in Healthcare: Balancing Tech, Training, and Human SafetyPub date: 2025-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybersecurity in healthcare is facing heightened challenges as regulations shift, IoT devices proliferate, and ransomware attacks become increasingly devastating. Josh Spencer, Founder, and CIO at FortaTech Security and with over fifteen years in the field including time as CISO/CTO at UT Southwestern, explores why HIPAA changes are necessary, the high stakes of securing medical devices, and how both technology and culture play roles in protecting patient data and safety. The conversation breaks down risks, practical mitigation strategies, and the ongoing evolution of both threats and defensive tools -- including AI --  and covers the evolving HIPAA landscape and the move from “addressable” to required controls, ransomware's impact on hospitals and patient safety, challenges and best practices in securing connected medical (IoT/OT) devices, the importance of real-world risk assessment and penetration testing in healthcare, and human factors, including security awareness training and leveraging AI both for defense and as a threat. Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: From Plant Operator to OT Security: Stories of Failures and BreakthroughsPub date: 2025-05-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow dives deep into the intersection of IT and OT cybersecurity with special guest Gavin Dilworth—a plant operator turned automation engineer and cybersecurity expert. Listen in as Gavin shares his candid and often humorous journey from factory floors to global consulting, including how a workplace near-miss sparked his “lightbulb moment” about the similarities between health and safety and cybersecurity. Aaron and Gavin discuss everything from operators' creative workarounds on the plant floor, to the importance of trust and rapport between IT and OT teams, and why having hands-on experience is key to building effective cybersecurity programs in critical infrastructure environments.  You'll also hear real-world stories of technology mishaps, the critical role of plant culture, and the practical challenges organizations face in securing legacy systems while keeping operations running. If you want honest, relatable insights and actionable advice on bridging the IT-OT divide—and a few laughs along the way—this episode is for you. Key Moments:  10:12 Operator Rounds and RFID Challenges 12:56 Operators' Ingenuity and Knowledge 21:29 IT vs. OT: Firmware Update Challenges 26:49 Understanding and Accepting Risk 28:12 Standards, Frameworks, and Continuity 33:08 High Voltage Safety Precautions 40:41 Bridging OT and IT Skills 43:46 Cybersecurity Cross-Training Surge 52:38 CISO Knowledge Gap in OT Security 54:32 "Experience: Essential for Understanding" 01:03:34 DCS System Configuration Challenges 01:06:52 Neglecting Redundancy Risks Operations 01:11:00 Optimizing Underutilized IT Resources 01:20:04 "Understanding Systems Before Advice" 01:22:06 Old Cables Remain Untouched About the guest :  Gavin Dilworth's career took an unconventional path. As a plant operator, he was tasked with keeping production running smoothly and monitoring sensor readings, both on the computer and around the factory. However, Gavin was never quite the model operator—rather than dutifully making rounds and comparing readings, he often found himself absorbed in books, dreaming of a future in IT. Though he laughs about being a “pretty terrible operator,” Gavin's story reflects his early drive to pursue his true interests in technology, even when duty called elsewhere. How to connect Gavin :  Linkedin : https://www.linkedin.com/in/gavin-dilworth/ Website: https://assessmentplus.co.nz/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Michal Shlomo Head of cyber-Insurance @Howden Insurance Brokers IL on insurance role & cyber attackPub date: 2025-05-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationאחת המחלוקות הגדולות בין אנשי המקצוע בסייבר היא נושא ביטוח הסייבר. כן צריך, לא צריך, האם המוצר הביטוחי מצדיק את ההוצאה והאם הוא נותן פתרון אמיתי בזמן משבר. הדס תמם בן אברהם סגנית הדיקן בקריה האקדמית אונו ונחשון פינקו יועץ ואוונגליסט סייבר מארחים את מיכל שלמה ראש מחלקת ביטוחי סייבר בסוכנות הביטוח האודן, בשיחה על ביטוחי סייבר ומה האמת למול השמועות. האם ביטוח סייבר באמת יקר האם ברגע שיש אירוע סייבר, חברת הביטוח לוקחת את המושכות ומנהלת את המשבר גם אם בניגוד לדעת הלקוח האם ביטוח סייבר הוא במקום התקשרות מבעוד מועד עם חברת איי.אר ועוד One of the most significant disputes among cyber professionals concerns cyber insurance. Is it necessary? Does the insurance product justify the expense? Does it provide a real solution during a cyber crisis? Hadas Tamam Ben Avraham, Vice Dean at the Ono Academic College, and Nachshon Pincu, cyber evangelist and consultant, host Michal Shlomo, Head of the Cyber Insurance Department at Howden Insurance Brokers Israel, in a conversation about cyber insurance and the truth in the face of rumours. Is cyber insurance costly? Does the insurance company take the reins and manage the crisis as soon as a cyber event occurs, even if contrary to the customer's opinion? Is cyber insurance a substitute for a contract in advance with an IR company? And moreThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 4/4 Desenlace Gestionando Ciberresiliencia en un entorno industrialPub date: 2025-05-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se muestra el papel que juegan la cultura organizacional y la concienciación del personal de operación en la resiliencia frente a ciberincidentesThe podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: How to build a SIEM SOC in OT? | OT Security Made SimplePub date: 2025-05-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationZeek Muratovic, Director of Security Operations at Landis+Gyr talks about the first steps to build a SIEM SOC in OT environments. Being a pragmatist, he proposes a step-by-step approach that prevents OT operators from overkilling their budget AND workload.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The Industrial Security Podcast (LS 36 · TOP 3% what is this?)Episode: Lessons Learned From Incident Response [The Industrial Security Podcast]Pub date: 2025-05-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHow did they get in? How did we find them when they got in? What can we do in future to clean up the mess faster? Chris Sistrunk reflects on a decades' industrial cyber incident response experience at Mandiant (Google).The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Bridging the IT-OT Divide with AI-Powered InsightPub date: 2025-05-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino and Craig tackle one of the most misunderstood challenges in cybersecurity for industrial environments. The persistent disconnect between IT-led cybersecurity tools and operational technology realities.They explore the concept of "shadow OT," as well as the limits of traditional IDS deployments.They discuss why visibility is key to protecting critical systems. Vulnerability scanning alone isn't enough.Real world case studies reveal how failing to engage OT teams derails cybersecurity strategies. One case involved rogue servers causing daily production failures. Another featured misconfigured modules choking brewery operations. These examples show that even the most advanced strategies fail without OT team involvement.For leaders in manufacturing, utilities, and critical infrastructure, this is a must-listen conversation. It's about redefining risk management through OT-first thinking.Chapters:00:00:00 - When Machines Stop, Money Bleeds: The Downtime Dilemma00:00:47 - Shadow IT or Ingenious OT? Rethinking Rogue Tech00:02:29 - Cybersecurity Isn't Enough: The OT Risk You're Missing00:04:37 - Server Ghosts & Brewery Blunders: Fixing What IT Can't See00:06:41 - Visibility is Power: Using the Tools You Already Own00:09:50 - IT vs. OT: Breaking Silos, Building Alliances00:13:28 - Final Thoughts: Who Really Owns OT Security?Links And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Why Cybersecurity Is More Than Just Technology and Tools with Paul MarcoPub date: 2025-05-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow welcomes lifelong cybersecurity professional Paul Marco to the podcast. Fresh off of a fun, bourbon-fueled appearance on Paul and Evan's podcast, Cyber After Hours, Aaron and Paul sit down for a candid conversation that covers everything from the pitfalls of shiny new cyber tools, to the real-world challenges of defending both networks and people.   Tune in as they discuss the importance of making the most of what you already have, the realities of cyber as a “cost center,” and how availability increasingly trumps confidentiality in today's threat landscape. Paul shares powerful insights from decades in cyber operations, the difference between theory and real value, and why storytelling and business skills are now just as vital as technical chops.   From protecting small businesses to demystifying the impact of AI and quantum computing on everyday cybersecurity, this episode is packed with practical advice, plenty of war stories, and even a few laughs. Whether you're a seasoned security pro or just starting out, you won't want to miss this lively and wide-ranging discussion on how to protect it all.   Key Moments:  05:38 Tech Rationalization Over Product Dependence 10:42 "Cybersecurity: A Costly Necessity" 17:44 Privacy Is Obsolete 25:51 Cyber Crime Funds Dark Activities 26:39 "Preventing Cyber-Facilitated Crime" 37:50 "Exploiting AI: Ethics Versus Greed" 46:44 Understanding Business Elevates Cybersecurity 48:01 Broadening Skills Beyond Cybersecurity 54:19 CISOs Need More Than Tech Skills 58:56 "Tech Threatens Critical Thinking"   About the guest :    Paul is the Co-Founder of TALAS Security and the Co-Host of the Cyber After Hours Podcast. With over twenty years of experience in IT and Cybersecurity, Paul is a senior cybersecurity leader who has built, maintained, and operated enterprise-grade Cybersecurity programs in highly complex environments. His expertise lies in taking a "controls first" approach to Cybersecurity. He specializes in designing programs that maximize the use of existing capabilities to balance both defense and compliance to accelerate organizational maturity. He creates sustainable solutions that enable organizations to effectively manage their cybersecurity risks and is committed to staying ahead of the curve in an ever-evolving cybersecurity landscape and helping organizations securely achieve their business objectives. How to connect Paul:  LinkedIn: https://www.linkedin.com/in/pm01/ Talas Security: https://www.talas.io/ Cyber after Hours Podcast: https://www.cahpodcast.com/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Acciones Gestionando Ciberresilienca en un entorno industrialPub date: 2025-05-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se revisan las medidas concretas recomendadas en una organización para fortalecer la ciberresiliencia en las operaciones industriales.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Cyber Focus (LS 24 · TOP 10% what is this?)Episode: The One-Way Street of Digital Transformation: OT Cybersecurity with Nozomi's Edgard CapdeviellePub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this special RSA Conference edition of Cyber Focus, host Frank Cilluffo sits down with Edgard Capdevielle, President and CEO of Nozomi Networks, to unpack the evolving landscape of operational technology (OT) cybersecurity. Together, they explore how digital transformation and the convergence of IT and OT are reshaping the threat environment for critical infrastructure. Capdevielle outlines the three major phases of the OT security market, reflects on the role of AI and legacy systems, and explains why visibility remains foundational to cybersecurity. The conversation also highlights the growing risk from nation-state actors, the breakdown of air gap assumptions, and the tangible steps owner-operators must take to build resilience. Main Topics Covered: Defining the three phases of OT cybersecurity market maturity The impact of digital transformation and IT/OT convergence Why visibility remains the top concern for infrastructure operators The role of AI in passive detection and firmware profiling Nation-state threats, air gap fallacies, and Volt Typhoon's implications Practical steps for operators to improve risk visibility and resilience Key Quotes: “Digital transformation is a one-way street. We're only going to automate more — automate everything — and IT and OT are only going to converge more.” — Edgard Capdevielle “You cannot protect what you can't see. So having a layer of visibility is number one.” — Edgard Capdevielle “Air gapping has been our number one enemy because it's not real… It's brought a level of comfort that is not good for us.” — Edgard Capdevielle Relevant Links and Resources: Nozomi Networks Guest Bio: Edgard Capdevielle is President and CEO of Nozomi Networks, a global leader in OT and IoT cybersecurity. He has a background in computer science and more than two decades of experience in cybersecurity and enterprise technology. Prior to joining Nozomi in 2016, he held leadership roles at Imperva and EMC (including post-acquisition work with Data Domain) and has served as an investor and advisor to several successful startups in the security space.The podcast and artwork embedded on this page are from McCrary Institute, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Joe Slowik on Identifying Truly 'Critical' InfrastructurePub date: 2025-05-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSecurity researcher Joe Slowik joins the Nexus Podcast to discuss the broad interpretation of what critical infrastructure entities are truly "critical," and how that creates an ethical wedge between protecting the well-resourced and those that are resource-strapped. Slowik acknowledges that while calling everything "critical" ensures that nothing is critical, serious discussions must be had about getting the most return in terms of defensive resources while recognizing the ethical dilemmas that some entities cannot be left behind because they're not as important to overall national and economic security. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Bites & Bytes PodcastEpisode: AI, Consumer Behavior, and the Future of Food with Andreas DuessPub date: 2025-05-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhy do most new food products fail, and what does AI have to do with it? In this episode of the Bites and Bytes Podcast, you host, Kristin Demoranville,  is joined by Andreas Duess, co-founder of GoCPG and CEO of 6 Seeds, to unpack what's really driving the food and beverage industry right now.   Spoiler: it's not just taste trends or fancy branding.  Its behavior, data, and decisions are made without proper insight. We talk about: How AI is helping food brands try to understand real consumer behavior The say-do gap: why people don't buy what they say they want How Uber Eats data, smart fridges, and strained supply chains shape product development Why big brands are suddenly out-innovating startups What GLP-1 drugs mean for food categories And why rebuilding communities around food matters more than ever Whether you're in food, tech, or cybersecurity, or just curious about the systems behind what we eat, this episode pulls back the curtain on where the industry is headed. _____________________________________ Andrea Duess's contact information & companies: Andrea's LinkedIn Personal Site 6 Seeds is the Communication and Innovation Consultancy for today's agri-food Brands goCPG is an AI-powered platform that helps food entrepreneurs and consumer packaged goods (CPG) brands grow by providing personalized insights, mentorship, and tools to turn their ideas into successful businesses. _____________________________________

Podcast: HOU.SEC.CAST.Episode: OT Security with Watch Mr. Wizard Star Sean CurryPub date: 2025-05-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMichael and Sam are catching up with Principal Consultant and Co-Founder at Cavalry Solutions, Sean Curry! Sean talks about his transition from the military to the private sector, the importance of standards like IEC 62443 for OT security, and the best way to align IT and OT teams.Things Mentioned:·      New study reveals 92% of industrial sites at risk from unsecured remote access - https://www.securityinfowatch.com/critical-infrastructure/press-release/55262827/new-study-reveals-92-of-industrial-sites-at-risk-from-unsecured-remote-access?utm_campaign=4532845-%5BSocial%5D+News+Mentions,+Articles,+and+Bylines&utm_content=323098968&utm_medium=social&utm_source=linkedin&hss_channel=lcp-12898104·      Sean's Talk: https://youtu.be/Lv6ppq6ZaBs?si=IlBtkFJSEuDshGwF Do you have a question for the hosts? Reach out to us at podcast@houstonseccon.com Keep up with HOU.SEC.CON:·      LinkedIn·      Twitter·      Facebook·      Instagram·      YouTube·      Bluesky Check out our other show:·      CyberSundayCheck out our Conferences and Events:·      HOU.SEC.CON.·      OT.SEC.CON.·      EXEC.SEC.CON.·      HSC User GroupSupport or apply to our Scholarship Program:·      TAB Cyber FoundationIn this episode:·      Host: Michael Farnum·      Host: Sam Van Ryder·      Guest: Sean Curry·      Production and editing: Lauren Lynch·      Music by: August HoneyThe podcast and artwork embedded on this page are from Michael Farnum and Sam Van Ryder, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 62: Defending the Unknown in OT SecurityPub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationROI is always a tricky subject in cybersecurity. If you're paying millions of dollars in securing your OT networks, you'd want to be able to show that it was worth it. Andrew Hural of UnderDefense talks about the need for continuous vigilance, risk management, and proactive defense, acknowledging both the human and technological elements in cybersecurity and how just because something didn't happen doesn't mean that it didn't.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: The Truth About OT VulnerabilitiesPub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBryson Bort sits down with Adam Robbie, Head of OT Threat Research at Palo Alto Networks, to pull back the curtain on OT threat research. With a background in electrical engineering, Adam's first job in cybersecurity was at an IT help desk. He now leads a team dedicated to identifying, analyzing, and mitigating cyber threats targeting Operational Technology (OT) environments.What are the top threats Adam is seeing in OT attacks? Why is manufacturing such a vulnerable sector? And if he could wave a magic, non-Internet connected wand, what would he change? “I really would love to have more experts in OT,” Adam said. “The more knowledge…and the more experts we have, it will fasten this process [of innovation].” Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 24 · TOP 10% what is this?)Episode: Securing the Foundation: Cyber Strategy in the Age of Smart InfrastructurePub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybersecurity is redefined as a discipline for the curious and adaptable, with a focus on continuous learning, imagination, and embracing change. On location at the RSA Conference, host Phillip Wylie and Anand Singh discusses the evolving challenges of IoT and OT security, the rapid integration of AI, and how organizations must address overlooked endpoints and fragmented infrastructures. There is an emphasis on practical advice for CISOs and cybersecurity practitioners, underscoring the importance of foundational security practices, data visibility, identity management, and mental well-being in high-stress leadership roles.The role of curiosity and adaptability in cybersecurity careersOverlooked risks and challenges in IoT and OT device securityThe transformative impact of AI and the importance of securing AI adoptionPractical strategies for asset, identity, and data managementMaintaining work-life balance and resilience for CISOs and security leaders Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Visibility Revisited: Trends Shaping the Future of OT CybersecurityPub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this special rewind episode we highlight outside influences shaping control system integrity, the impact of AI, emerging technologies, and the dynamics of building a career in OT cybersecurity.Drawing from frontline experiences and industry events like the S4 Conference, the discussion explores the growing organizational shift toward dedicated OT cybersecurity roles.We address the critical need for alignment between capital and operational expenditures, and the importance of selecting technologies that provide actionable visibility across diverse plant environments. Listeners will gain strategic guidance on integrating cybersecurity into capital planning, addressing asset variability across sites, and implementing scalable, non-disruptive security frameworks. From OT-specific IDS deployment to balancing remote access with zero-trust principles, this episode offers practical, forward-looking advice.Whether you're a practitioner or a decision-maker, focused on securing extended IIoT environments while maintaining operational resilience, this episode covers practical and relatable challenges and solutions.Chapters:00:00:00 – A Strategic Rewind: Exploring the Emerging Roles, Budget Realities, and Lessons Learned in OT Cybersecurity00:00:41 - Gartner, DOGE, and the Future of OT Cybersecurity Policy00:12:12 - The Future Looks Bright : Building a Career in OT Cybersecurity00:22:44 - AI, Global Trends, and More: A Glimpse into the Future of OT Cybersecurity with ClarotyLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Building Trust in OT Cybersecurity: Patching, Communication, and Personal Branding for SuccessPub date: 2025-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by his longtime friend and fellow OT (Operational Technology) aficionado, Oren Niskin. Oren dives into his unconventional journey from Navy electrician to offshore rig automation, through to OT cybersecurity consulting—sharing the highs, the lessons learned, and the unique perspective gained from crawling through the “belly of the ship” rather than a college lecture hall. Aaron and Oren discuss the real-world value of hands-on experience versus formal education, the evolving relationship between IT and OT teams, and why personal branding and communication skills are key for career growth in the cybersecurity field. They unpack the challenges and misconceptions around patching in the OT environment, and Oren reveals practical advice from his recent presentation on how organizations can dramatically reduce their vulnerability management workload while maintaining operational safety. Tune in for thoughtful reflections, war stories from the rig, and actionable tips for aspiring and seasoned cybersecurity professionals alike—plus a heartwarming nod to inspiring the next generation. Whether you're just getting started in OT or looking to take your cyber game to the next level, this episode is packed with honest advice and community spirit. Key Moments:  05:58 College: Not the Ultimate Answer 08:26 Consulting Perspective Accelerates Career Growth 13:36 "Building Value with Personal Branding" 16:49 "Everyone's a Salesman Everywhere" 19:44 "Patching Essential for System Health" 21:14 Firmware Updates Resolve Most Issues 26:18 Robots Dominate Manufacturing Line 28:08 Prioritizing Critical Drilling Vulnerability Fixes 33:29 "Prioritizing Business-Critical Systems" 36:57 Cyber-Resilient Tech Design 39:20 "Virtualization Best Practices: Snapshot Safety" 41:18 OT Cybersecurity: Focus on Basics 44:37 Unexpected Changes Disrupt Startup Plans 47:44 "Building Trust in Business" 50:52 "IT-OT Collaboration Importance" Oren Niskin – From the Navy to OT Cybersecurity: Bridging the Gap Between the Plant Floor and Secure Operations Oren Niskin is an OT cybersecurity consultant with over two decades of hands-on industrial experience spanning the U.S. Navy, offshore drilling operations, and global OT network management. His career began not in a classroom, but aboard the USS Harry S. Truman, where he served as an electrician and shutdown reactor operator after enlisting in the Navy post-9/11. Since then, he's steadily climbed the OT ranks—from maintaining electrical systems at sea to managing IACS networks for a global fleet of drilling rigs, and now, advising critical infrastructure on how to secure their operational environments. Oren brings a rare combination of deep technical insight and real-world plant floor experience to the evolving challenges of OT cybersecurity. He holds a Bachelor's degree in Nuclear Engineering Technology and a Master's in Information Security Engineering from the SANS Institute. Oren is passionate about translating complex OT security needs into practical outcomes—turning big visions into tangible progress. Connect with Oren on LinkedIn at https://www.linkedin.com/in/orenniskin/ or catch him in person at HouSecCon this September. Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis Gestionando Ciberresilienca en un entorno industrialPub date: 2025-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se analiza el impacto que pueden tener los ciberincidentes en la cadena de valor y la confianza del sistema eléctrico considerando el equilibrio necesario al protegerse frente a ciberamenazas con las exigencias de disponibilidad y eficiencia del negocioThe podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: EPRI CurrentEpisode: 51. Lights out! Understanding the Iberian Peninsula BlackoutPub date: 2025-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarization  More than 52 years after EPRI was born as a result of a massive North American blackout, EPRI Current host Samantha Gilman speaks with Eamonn Lannoye, Director, EPRI Europe  and Sean McGuiness Senior Technical Executive, EPRI Europe, to discuss the recent power blackout in Spain, Portugal and parts of France. The whole system went down in five seconds.  What do we know about why it happened?  What do we not yet know, and why can it take time to fully understand the root causes?  Are  observers jumping to conclusions before all the data is in? Lannoye has been a frequent contributor to international media stories about the event. He and McGuiness share their expertise on the series of events and caution about drawing conclusions too quickly. For more information about the blackout, see this recorded webinar: EPRI Webcast of Initial Findings from April 28, 2025 Iberia Blackout   If you enjoy this podcast, please subscribe and share! And please consider leaving a review and rating on Apple Podcasts/iTunes.    Follow EPRI: LinkedIn https://www.linkedin.com/company/epri/  Twitter https://twitter.com/EPRINews    EPRI Current examines key issues and new R&D impacting the energy transition. Each episode features insights from EPRI, the world's preeminent independent, non-profit energy research and development organization, and from other energy industry leaders. We also discuss how innovative technologies are shaping the global energy future. Learn more at www.epri.com       The podcast and artwork embedded on this page are from EPRI, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Danielle Jablanski on Critical Infrastructure ProtectionPub date: 2025-05-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDanielle Jablanski, Industrial Control Systems Strategist & Subject Matter Expert at CISA, joins the Nexus podcast to discuss her perspectives on critical infrastructure protection and government's role as a cybersecurity partner on implementation guidance and enablement. Danielle touches on a number of areas of CI security and protection, ranging from the challenges arising from the high percentage of private sector ownership of critical infrastructure, to the assistance available from CISA and other agencies to lesser-resourced entities in the 16 CI sectors. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Government Information Security Podcast (LS 27 · TOP 10% what is this?)Episode: Mature But Vulnerable: Pharmaceutical Sector's Cyber RealityPub date: 2025-05-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationPharmaceutical companies typically have more mature cyber programs than other healthcare factions, but these firms also face unique risks involving their large attack surfaces, complex manufacturing, supply chains and sensitive intellectual property, said Joshua Mullen of Booz Allen Hamilton.The podcast and artwork embedded on this page are from GovInfoSecurity.com, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrie neu gedacht - ein Tech-Podcast von Bosch RexrothEpisode: Cyber Resilience Act (CRA) - no time to waitPub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe CRA is keeping the industrial sector busy. We speak to two experts: Michael Langfinger and Sebastian Krauskopf. They both work for Bosch Rexroth and explain to us what machine builders need to look out for. More about the topic: https://www.boschrexroth.com/en/de/industries/hydrogen/ Do you already know the Rexroth blog If you have any questions, please contact us: vertrieb@boschrexroth.de Produced by Bosch Rexroth AG, Sales Europe Centre Susanne NollThe podcast and artwork embedded on this page are from Bosch Rexroth AG, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Cassie Crossley on Hardware Security, HBOMsPub date: 2025-05-07Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSchneider Electric Vice President of Supply Chain Security Cassie Crossley joins the Nexus Podcast to discuss the nuances of hardware security and the growing need for hardware bills of materials (HBOMs) within critical infrastructure.Cassie covers the use cases and features that matter most within an HBOM, some of the threats and weaknesses they can illuminate for users, and how they can change the current status quo for CI sectors that have concerns about the provenance of hardware components and the threats they pose. Cassie is an experienced cybersecurity technology executive in information technology and product development and author of “Software Supply Chain Security: Securing the End-to-End Supply Chain for Software, Firmware, and Hardware.”Listen and subscribe to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: How to implement Zero Trust in OT environments? | OT Security Made SimplePub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationZero Trust expert Stefan Sebastian talks us through the process of Zero Trust in critical OT networks like substations - and explains why this will be the make segmentation obsolete.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Automation World Gets Your Questions Answered (LS 24 · TOP 10% what is this?)Episode: How Digital Twins and Cybersecurity Impact Safety Risk AssessmentsPub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAndrew Harris with system integrator ACS explains how cybersecurity fits in with equipment safety as part of a risk assessment, and the use of digital twin tech and safety PLCs as part of the safety risk assessment process.The podcast and artwork embedded on this page are from Automation World, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrie neu gedacht - ein Tech-Podcast von Bosch RexrothEpisode: Cyber Resilience Act (CRA) - keine Zeit zu wartenPub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDer CRA beschäftigt die Industrie. Wie sprechen mit zwei Experten: Michael Langfinger und Sebastian Krauskopf. Sie arbeiten beide für Bosch Rexroth und erklären uns, worauf Maschinenbauer achten müssen, wie Bosch Rexroth unterstützt. Kennen Sie schon den Rexroth-Blog Wenn Sie Fragen haben, dann wenden Sie sich gerne an: vertrieb@boschrexroth.de Produziert von Bosch Rexroth AG, Vertrieb Europa Mitte Susanne NollThe podcast and artwork embedded on this page are from Bosch Rexroth AG, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Open Source Security (LS 38 · TOP 2% what is this?)Episode: Embedded Security with Paul AsadoorianPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRecently, I had the pleasure of chatting with Paul Asadoorian, Principal Security Researcher at Eclypsium and the host of the legendary Paul's Security Weekly podcast. Our conversation dove into the often-murky waters of embedded systems and the Internet of Things (IoT), sparked by a specific vulnerability discussion on Paul's show concerning reference code for the popular ESP32 microcontroller. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2025-05-embedded-security-with-paul-asadoorian/The podcast and artwork embedded on this page are from Josh Bressers, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Stuxnet to Colonial Pipeline What Have We Learned & What's on the Horizon?Pub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino sits down with Mike Holcomb, Fellow and Director of ICS/OT Cybersecurity at Fluor, to explore the critical, and often overlooked challenges in securing operational technology. From his early fascination with hacking culture to leading OT security for one of the world's largest engineering firms, Mike shares personal insights and lessons learned. The conversation covers the delayed cybersecurity maturity in OT environments and the lasting impact of the Colonial Pipeline breach.They address the crucial role of visibility, engineering partnerships, and cultural buy-in when building secure industrial systems. Whether you're managing pipelines, power grids, or manufacturing floors, this episode delivers actionable insights and strategic foresight for leaders protecting our most vital infrastructure.Chapters:00:00:00 - Why OT Security Still Falls Behind00:01:03 - Mike Holcomb's Unlikely Path to Cybersecurity00:01:23 - Hacking Curiosity and a Love for Breaking Things00:02:16 - From Network Admin to OT Defender00:03:08 - Stuxnet, Colonial, and the Wake-Up Calls We Ignored00:06:18 - When OT and IT Don't Speak the Same Language00:12:14 - Threats Are Getting Smarter — Are We Keeping Up?00:26:29 - Evolving the Culture of Cyber Hygiene00:32:14 - Final Takeaways for Security LeadersLinks And Resources:Mike Holcomb on LinkedInIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Beyond Compliance Cybersecurity Insights With Blake Hoge and Aaron CrowPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crowe sits down with cybersecurity professional Blake Hoge for an unscripted deep dive into the world of IT, OT, and everything in between. In this engaging conversation, Aaron and Blake share their personal journeys through the cybersecurity landscape—from consulting roots and data center audits, to navigating third-party risk, compliance programs, and even some unforgettable experiences in global call centers and power plants.   This episode goes beyond the technicalities, exploring the importance of hands-on assessments, the unexpected vulnerabilities that linger in even the most sophisticated environments, and why fresh eyes are crucial for spotting hidden risks.  Aaron and Blake also open up about their favorite use cases for AI—both on and off the job, and how these evolving tools are reshaping everything from incident response planning to everyday productivity.   But it's not all about cyber threats and compliance checklists. The conversation takes a thoughtful turn as the two discuss the vital role of mental health, physical wellness, and community in sustaining long careers in high-pressure fields. From rucking at dawn and cycling in Moab to decompressing at cyber shootouts and embracing new technologies, Aaron and Blake remind us that protecting it all starts with taking care of ourselves and each other. Join us for a lively, candid episode packed with actionable insights, relatable stories, and a reminder that cybersecurity is, above all, a people business.   Key Moments:    09:47 Power Plant Fire Recovery Chaos 13:36 Infrastructure Maintenance & Security Compliance 16:10 Access Control Testing Concerns 23:22 "Design Process: Theory vs. Reality" 31:22 Dynamic Incident Response Planning 33:07 Commitment to Security and Transparency 39:21 Customized Consultancy for Unique Needs 47:05 "Understanding Contract Essentials" 50:42 In-House AI to Safeguard Data 57:47 AI Simplifies Search and Booking 59:13 Mental Wellness Strategies in Tech 01:03:52 Fitness and Energy Through Activity 01:10:44 "Business is a People Endeavor"   About the guest :  Blake Hoge leads third-party security at Airbnb, strengthening partnerships, and founded AmplifyGRC to support small businesses in building security and trust. At Instacart, he developed and scaled security and trust programs and compliance programs. At Salesforce, he managed security for global data and call centers. With over a decade in governance, risk, and compliance, Blake holds CISA, CDPSE, and PMP certifications, reflecting his expertise. Blake lives in the greater Austin, Texas area, and enjoys connecting with other professionals locally.   How to connect Blake:  Linkedin page: https://www.linkedin.com/in/blakehoge/ Company website: https://www.amplifygrc.com/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 1/4 Contexto gestionando Ciberresilienca en un entorno industrialPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se presenta el contexto del caso: datos del entrevistado y cuáles son los desafíos de la ciberresiliencia en un entorno industrial.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Christiaan Beek on Ransomware's Evolution and EconomicsPub date: 2025-04-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRapid7 Senior Director of Threat Analytics Christiaan Beek joins the Nexus Podcast to discuss the technical evolution and economic models that maintain ransomware's viability among threat actors. Ransomware became a for-profit threat more than a decade ago and has progressed into the No. 1 threat facing many critical infrastructure organizations. In this episode, Beek covers extortion characteristics, the stealthiness of some attacks, and how the future may include hardware-based ransomware that maintains indefinite persistence. Follow and subscribe to the Nexus Podcast. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 61: Applying Zero Trust to OT systemsPub date: 2025-04-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationZero Trust is a security model based on default-deny policies and fine-grained access control governed by identity, authentication, and contextual signals. For RSAC 2025, John Kindervag, Chief Evangelist of Illumio and the creator of Zero Trust, talks about introducing a "protect surface" into legacy OT systems —isolating critical data, applications, assets, or services into secure zones for targeted Zero Trust implementation.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.