@BEERISAC: CPS/ICS Security Podcast Playlist

Podcast: The Industrial Security Podcast (LS 36 · TOP 3% what is this?)Episode: Managing Risk with Digital Twins - What Do We Do Next? [the industrial security podcast]Pub date: 2025-09-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAsset inventory, networks and router / firewall configurations, device criticality - a lot of information. How can we USE this information to make useful decisions about next steps to address cyber risk? Vivek Ponada of Frenos joins us to explore a new kind of OT / industrial digital twin - grab all that data and work it to draw useful conclusions.The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: AI, Quantum, and Cybersecurity: Protecting Critical Infrastructure in a Digital WorldPub date: 2025-09-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by Kathryn Wang, Principal of Public Sector at SandboxAQ, for a wide-ranging and candid conversation about the critical role AI and quantum technology are playing in today's cybersecurity landscape.  Kathryn and Aaron break down complex concepts like quantum cryptography and the growing risks of deepfakes, data poisoning, and behavioral warfare - all with real-world examples that hit close to home. They dig into why cryptographic resilience is now more urgent than ever, how AI can both strengthen and threaten our defenses, and why your grandma shouldn't be left in charge of her own data security. From lessons learned in power plants and national defense to the nuances of protecting everything from nuclear codes to family recipes, this episode dives deep into how we can balance innovation with critical risk management.  Kathryn shares practical advice on securing the basics, educating your network, and making smart decisions about what truly needs to be connected to AI. Whether you're an IT, OT, or cybersecurity professional—or just trying to keep ahead of the next cyber threat - this episode will arm you with insights, strategies, and a little bit of much-needed perspective. Tune in for a mix of expert knowledge, humor, and actionable takeaways to help you protect it all.   Key Moments:    04:02 "Securing Assets in Post-Quantum Era" 07:44 AI and Cybersecurity Concerns 12:26 "Full-Time Job: Crafting LLM Prompts" 15:28 AI Vulnerabilities Exploited at DEFCON 19:30 AI Data Poisoning Concerns 20:21 AI Vulnerability in Critical Infrastructure 23:45 Deepfake Threats and Cybersecurity Concerns 28:34 Question Everything: Trust, Verify, Repeat 33:20 "Digital Systems' Security Vulnerabilities" 35:12 Digital Awareness for Children 39:10 "Understanding Data Privacy Risks" 43:31 "Leveling Up: VCs Embrace Futurism" 45:16 AI-Powered Personalized Medicine About the guest :  Kathryn Wang is a seasoned executive with over 20 years of leadership in the technology and security sectors, specializing in the fusion of cutting-edge innovations and cybersecurity strategies.    She currently serves as the Public Sector Principal at SandboxAQ, where she bridges advancements in post-quantum cryptography (PQC) and data protection with the mission-critical needs of government agencies. Her work focuses on equipping these organizations with a zero-trust approach to securing sensitive systems against the rapidly evolving landscape of cyber threats.   During her 16-year tenure at Google and its incubator Area120, Kathryn drove global efforts to develop and implement Secure by Design principles in emerging technologies, including Large Language Models (LLMs) and Generative AI.   How to connect Kathryn :  https://www.linkedin.com/in/kathryn-wang/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis aplicando NIS2 en un entorno industrialPub date: 2025-09-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se profundiza en lo que supone realmente la NIS2 en el sector industrial: sujetos obligados, obligaciones específicas y gobernanza.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: FBI Alerts, OT Vulnerabilities, and What Comes NextPub date: 2025-09-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Craig and Dino break down the FBI's latest cybersecurity advisory and what it means for industrial organizations. From Cisco hardware vulnerabilities on the plant floor to the widening gap between IT and OT security teams, they address the critical blind spots that attackers often exploit. They discuss why manufacturing has become ransomware's “cash register,” the importance of continuous monitoring and asset visibility, and why every organization must have an incident response plan in place before a crisis. This episode is packed with real-world insights and actionable strategies. It's a must-listen for CISOs, CIOs, OT engineers, and plant leaders safeguarding manufacturing and critical infrastructure.Chapters:00:00:52 - Welcome to Industrial Cybersecurity Insider Podcast00:01:21 - A New FBI Advisory on Nation-State OT Threats00:02:37 - Cisco Hardware on the Plant Floor Targeted in Advisory00:03:18 - The IT/OT Disconnect: OT Assets are Often Invisible to InfoSec Teams00:04:19 - The Awareness Gap: Critical Security Alerts Fail to Reach OT Operations00:04:54 - The OT Cybersecurity Skills Gap and Cultural Divide00:07:32 - Why All Manufacturing is Critical, Citing the JBS Breach00:08:37 - The Staggering Economic Cost of OT Breaches00:09:33 - The "Cash Register" Concept: Why Attackers Target Manufacturing00:10:29 - OT as the New Frontier for Attacks on Unpatched Systems00:11:28 - The "Disinterested Third Party": When OEMs See Security as the Client's Problem00:12:31 - The Foundational First Step: Gaining Asset Visibility & Continuous Monitoring00:13:53 - The Impracticality of Patching in OT Due to Downtime and Safety Risks00:15:25 - Academic vs. Practitioner: Why High-Level Advice Fails on the Plant Floor00:18:25 - The Minimum Requirement: A Practiced, OT-Inclusive Incident Response Plan00:18:58 - Why CISOs Must Build Relationships with Key OT Partners00:22:46 - Practice, Partner, and Protect NowLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP70: Securing Medical Devices You Might Not Have Thought to SecurePub date: 2025-09-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHealthcare organizations are prone to the same weaknesses that any other office or manufacturing site may have. Sonu Shankar, Chief Product Officer at Phosphorus Cybersecurity, explains how the devices you might not suspect might be the ones to bring down your organization if they're not secured. That includes the printer used to print patient wristbands.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Bridging IT and OT Cybersecurity: Lessons from the Field with Patrick GillespiePub date: 2025-09-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWelcome to another episode of Protect It All, where we dive deep into the world of IT and OT cybersecurity! In this episode, host Aaron Crow sits down with Patrick Gillespie, OT Practice Director at GuidePoint Security, for a candid conversation that's as insightful as it is relatable. Patrick, whose journey has taken him from working in manufacturing and building freight trains to leading OT security initiatives, shares real-world stories about the challenges and realities of protecting operational technology.  Together, Aaron and Patrick discuss the blurred lines between IT and OT, the importance of understanding business priorities in security, and why collaboration rather than heavy-handed mandates makes all the difference in securing critical infrastructure.  Whether you're a seasoned professional or just getting started in cyber, you'll come away with practical insights on risk management, building trust with operations teams, and the vital role of mentorship in developing the next generation of OT security experts.  Stay tuned for a grounded, actionable conversation that reminds us all: when it comes to securing the intersection of IT and OT, it's about more than just technology -it's about people, process, and the bigger business picture. Key Moments:  05:53 IT and OT System Confusion 07:43 Implementing Fortigate and Managing Risks 11:21 Outdated Systems and Patch Challenges 15:43 Comprehensive Onsite Assessment Toolkit 17:56 AI or Traditional? Balancing Approaches 21:16 "Securing OT: Remote Access and Training" 25:47 Cybersecurity Skill Growth Forecast 26:38 "Mentorship in Cybersecurity Careers" 30:22 Understanding Your Network Setup 35:39 Balancing Security and Accessibility 36:09 Leveraging Operational Team Buy-In 39:27 IT Budget Prioritization for OT Needs 42:44 Challenges in OT Security Adoption 46:56 Tech Growth & Infrastructure Expansion About the Guest :  Patrick Gillespie has spent over 15 years immersed in the world of cybersecurity, with the last three and a half years serving as the OT Practice Director at GuidePoint, a leading value-added reseller specializing in cybersecurity products.  At GuidePoint, Patrick leads a dedicated team of OT engineers focused on securing both operational technology (OT) environments and the rapidly growing array of IoT devices. Recognizing that clients often CISOs may not directly own OT assets or remediation processes, Patrick excels at bridging the gap between IT security leaders and their operational counterparts, such as plant managers and controls engineers.  Through his work, Patrick guides organizations to understand and address the unique challenges of OT security, helping them build collaboration across teams to strengthen their overall cyber defenses. How to connect Patrick :  GuidePoint Security University: https://www.guidepointsecurity.com/gpsu/ MilMentor: https://www.milmentor.com/ Linkedin:  https://www.linkedin.com/in/cpgillespie/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4  The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 1/4 Contexto Aplicando NIS2 en un entorno industrialPub date: 2025-09-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se presenta el contexto del caso: datos del entrevistado y situación del marco de la NIS2, pero especialmente en su impacto industrialThe podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Conservas Guillén by Trend MicroEpisode: Conserva #43 con Edorta Echave (Grupo ARANIA) - Formación en Ciberseguridad IndustrialPub date: 2025-08-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn Conservas Guillén abrimos una nueva lata para hablar con Edorta Echave García, Director de Ciberseguridad Industrial en el Grupo ARANIA y profesor de FP y la Universidad de Mondragón, el tema del día es la formación en Ciberseguridad Industrial y porque necesitamos una aproximación distinta a la tradicional. Conservaciones de 30 minutos, aproximadamente, en lenguaje entendible y coloquial.The podcast and artwork embedded on this page are from Trend Micro Iberia, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Pankaj Goyal on Cyber Insurance Coverage for OT EnvironmentsPub date: 2025-09-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationPankaj Goyal, Chief Operating Officer at Safe Security, joins the Nexus Podcast to discuss the challenges cyber insurance carriers and brokers have in determing and providing coverage for asset heavy operational technology (OT) and cyber-physical systems (CPS) environments. Underwriters have prolific amounts of historical data and experience in calculating risk and exposure around IT, but cannot say the same for OT. Goyal discusses how fragmentation in the OT ecosystem, along with an ever-expanding attack surface, is contributing to the challenges around properly insuring these environments. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CyberBytes: The PodcastEpisode: AI Meets OT: The New Frontier in Cyber Defence - Nozomi NetworksPub date: 2025-08-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationLive from BlackHat 2025, we sit down with Edgard Capdevielle, CEO of Nozomi Networks, the company leading the charge in protecting the world's most critical infrastructure. OT security has grown from an obscure niche into a global priority, and Nozomi has been at the center of that transformation.In this episode, Edgard shares his journey from data management and web security into the high-stakes world of industrial cybersecurity, where a single breach can cost hundreds of millions of dollars or even lives. He explains why AI has been in Nozomi's DNA from the very beginning, how the company scaled from just eight employees to more than a thousand customers worldwide, and what the future of IT and OT convergence really looks like.Whether you are a CISO battling alert fatigue, a tech enthusiast curious about the AI-driven future of cyber defence, or simply want to understand the invisible systems that keep our world running, this episode delivers rare insights from one of the industry's most influential leaders.Edgard's LinkedIn - https://www.linkedin.com/in/edgardcapdevielle/?miniProfileUrn=urn%3Ali%3Afs_miniProfile%3AACoAAAAAFkYBfxPianxXZTy82duLTUxc6z3fZ18Nozomi Networks - https://www.linkedin.com/company/nozomi-networks-sa/Ben's LinkedIn - https://www.linkedin.com/in/ben-gascoigne-aa973317b/Aspiron Search - https://www.linkedin.com/company/aspiron-search/The BlackHat Edition of CyberBytes is proudly sponsored by Marketbridge - a unique blend of strategic growth consultancy and top-tier marketing agency. Marketbridge drives accelerated performance with zero signal loss, seamlessly connecting GTM strategy to in-market execution.Marketbridge: https://www.linkedin.com/company/marketbridge/The podcast and artwork embedded on this page are from Powered by Aspiron Search, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Shlomo Eshed Founder & CEO @Romtrex about Industrial Automation OT cyber & Secure Remote AccessPub date: 2025-08-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationאני יכול להגיד בביטחון שמרבית אנשי הסייבר שעוסקים במערכות תפעוליות מגיעים ממערכות המידע ולמדו את תחום הבקרה, ללא הבנה של תחום הבקרה לעומק ההגנות יהיו מתוך התפיסה של מערכות מידע טעות מוכרת של הרבה מנהלי מערכות מידע ומנהלי אבטחת מידע בסביבות תפעוליות. משב רוח מרענן הם אנשי בקרה שנכנסו גם לתחום הסייבר, במסגרת המסע שלי למציאת פתרונות גישה מאובטחת מרחוק למערכות תפעוליות מצאתי פתרון נפלא אבל יותר חשוב מצאתי מומחה בקרה שטבל את ידיו בקלחת הרותחת של סייבר כדי לתת פתרון ללקוחותיו כבר משלב התכנון ועד סיום הביצוע. נחשון פינקו מארח את שלמה אשד מייסד ומנכ"ל רומטרקס בשיחה על סייבר בעולמות התפעולים מנקודת מבט של מומחה בקרה והצורך בפתרונות הגנה ייעודיים. Most cyber professionals who deal with operational systems come from information systems and studied the control field. Without an in-depth understanding of the control field, defenses will be based on the perception of information systems —a common mistake among IT managers and information security managers in operational environments. A refreshing breath of fresh air are control professionals who have also entered the cyber field. As part of my journey to find secure remote access solutions for operational systems, I found an excellent solution. Still, more importantly, I found a control expert who has dipped his hands into the boiling cauldron of cyber to provide a solution to his clients from the planning stage to the end of execution. Nachshon Pincu hosts Shlomo Eshed, founder and CEO of Romtrex, in a conversation about cyber in the world of operations from the perspective of a control expert and the need for dedicated protection solutions. And more ועודThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S2 E2: Securing the Grid: Substation SecurityPub date: 2025-08-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Simply ICS Cyber, Don C. Weber and Tom VanNorman sit down with Chris Sistrunk to dive into the challenges and realities of Substation Security.  Chris, now a Technical Leader at ⁨Mandiant⁩ & Google Cloud Security, brings years of experience from his time at Entergy, where he specialized in Transmission & Distribution SCADA systems and cybersecurity labs. He's a recognized leader in ICS/OT security and an active contributor to the community through events like DEF CON's ⁨ICS Village⁩ and BEER-ISAC.  Join us as we discuss securing critical infrastructure, modern threats to substations, and what defenders need to know to stay ahead.  Tune in to get expert insights into protecting the grid.  Connect with Chris on LinkedIn: https://www.linkedin.com/in/chrissistrunk Episode Links: https://cloud.google.com/blog/topics/threat-intelligence/securing-protection-relays-modern-substations https://techcrunch.com/2025/07/14/mark-zuckerberg-says-meta-is-building-a-5gw-ai-data-center/ Connect with your hosts on LinkedIn:- Don https://linkedin.com/in/cutaway- Tom https://linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================Presented by Simply Cyber Media Group=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/SocialsThe podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: Wie steht es um die OT-Sicherheit in der Wasserwitschaft? | OT Security Made SimplePub date: 2025-08-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationGeschäftsführer des Kompetenzzentrums digitale Wasserwirtschaft (KdW), Ronald Derler, skizziert die besonderen Herausforderungen in der OT-Cybersicherheit in Wasserbetrieben. Als Direktor des Lagezentrums Cybersec@Wasser spricht er über die Entstehung und Herangehensweise der Institution, Best Practices für die Branche und die Bedeutung von CRA und NIS2.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: AI, Phishing, and the Future of Industrial Cyber DefensePub date: 2025-08-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this week's rewind episode, Dino Busalachi is joined by Gary Kneeland from Claroty. With over nine years of experience at Claroty, Gary discusses the evolution of OT security, the convergence of IT and OT, and the growing importance of cybersecurity in protecting critical infrastructure. The conversation touches on how regulatory changes, ransomware threats, and AI advancements are shaping the industry. Whether you're dealing with outdated systems or navigating complex industrial environments, this episode provides practical insights into the challenges and opportunities ahead.Chapters:00:00:00 - Pandemic's Impact on Critical Infrastructure00:01:08 - Introduction to Gary Neelan and Claroty00:01:41 - Gary's Role in OT Cybersecurity00:02:49 - Evolution of OT Cybersecurity: From Compliance to Strategy00:05:23 - IT and OT Convergence: Securing Cyber-Physical Systems00:09:46 - Addressing Complex Challenges in OT Cybersecurity00:11:56 - OT Cybersecurity Talent Shortage and Managed Services00:13:01 - Future of OT Cybersecurity: Adapting to New Threats00:14:36 - Modernizing Manufacturing Systems for Enhanced Security00:15:52 - Global Cybersecurity Trends in Critical Infrastructure00:18:01 - Regional OT Cybersecurity Challenges and Responses00:25:01 - The Role of AI in Defending OT Environments00:28:19 - Final Thoughts on OT Cybersecurity's FutureLinks And Resources:Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityGary Kneeland on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 25 · TOP 10% what is this?)Episode: Bridging Worlds: The Evolving Landscape of IoT Security and RegulationPub date: 2025-08-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAseem Jakhar, Cybersecurity Entrepreneur, Technologist, and Founder of EXPLIoT, joins Phillip Wylie to address the current state and evolution of IoT and hardware security, examining why security has lagged in this sector compared to other technological advances. By exploring regulatory changes, practical security considerations for both researchers and consumers, and the expanding avenues for learning, Aseem emphasizes the urgent need for awareness, compliance, and practical know-how. The conversation also highlights the importance of AI in enhancing security research and provides actionable guidance for securing connected environments. Let's connect about IoT Security!Follow Phillip Wylie at https://www.linkedin.com/in/phillipwyliehttps://youtube.com/@phillipwylieThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Lessons From 34 Years in OT Cybersecurity: Growth, Challenges, and Leading Change with Scott RosenbergerPub date: 2025-08-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow sits down with longtime friend and colleague Scott Rosenberger, the cybersecurity leader for Vistra Corporation's generation fleet. Together, they take a deep dive into Scott's fascinating journey from an engineering background in nuclear power to overseeing cybersecurity across a sprawling, nationwide utility portfolio. You'll hear insightful stories from the early days of OT cybersecurity - before most of today's tools even existed - and how foundational principles like alignment, engagement, and standardization have driven years of progress.  Scott and Aaron reflect on the importance of building cross-disciplinary teams, developing strong communication strategies, and embracing the reality that real security is about continuous improvement, collaboration, and sometimes learning from mistakes. From tales of rolling out firewalls at power plants and negotiating with skeptical vendors, to lessons in leadership, trust-building, and the ever-evolving challenges of protecting critical infrastructure, this episode is packed with practical wisdom, industry anecdotes, and a look at what's coming over the cybersecurity horizon. Whether you're just entering the field or a seasoned pro, grab your headphones - you won't want to miss this candid, insightful conversation. Key Moments:  04:37 Bridging IT and Cybersecurity 08:40 Revolutionizing Program Development Together 10:08 Building Consensus Through Communication 12:33 "Business Insights and NERC SIP Evolution" 17:18 Utility's Major Implementation Challenge 20:08 Corporate Cybersecurity Challenges Uncovered 21:58 "Automated Inventory and Cybersecurity Insight" 27:21 Optimizing Cybersecurity and Metrics 30:56 Essential Infrastructure Basics Lacking 34:17 "Identifying and Resolving Hidden Issues" 37:21 Encouraging Change in Industrial Practices 42:11 "Finding the Right Team Mindset" 46:11 "Importance of Pre-Job Briefs" About the guest:  Scott Rosenberger is currently the manager of Operational Technology for Luminant.  He developed the Luminant program to address the reliability, security and ongoing maintenance of Operational Technology for Luminant's Fossil Generation Fleet.  He has a Bachelor of Engineering from Stevens Institute of Technology and is a registered professional Engineer in Texas.  In his 23+ years with Luminant he has worked in nuclear and fossil plants, many corporate roles and for 3 years as Director of IT Security and Compliance.  Scott also spent 3 years as a member of the NERC CIP drafting team. Links to connect Scott:  https://www.linkedin.com/in/scottrosenberger/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Rui Ataide on Navigating Ransomware NegotiationsPub date: 2025-08-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRui Ataide, Managing Security Consultant at GuidePoint Security, joins the Nexus Podcast to discuss his experiences negotiating with ransomware gangs on behalf of victimized organizations. Ataide covers the nuances, processes, and methodology of negotiating with groups. He also explains how extortion and data theft has changed the risk management calculus for victims, and how cybersecurity insurance figures into negotiations. Listen and subscribe to the Nexus PodcastThe podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Energy TalksEpisode: #109: Offensive Cybersecurity Practices for the Power IndustryPub date: 2025-08-21Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationLearn how to take an offensive security approach to protecting power plants from cyber attacks In this episode, OMIRCON OT Security expert **Simon Rommer **speaks with Thomas Weber, who is an Embedded Security Specialist at CyberDanube , a developer of customized security testing solutions based in Vienna, Austria. Thomas shares his extensive experience in offensive security, particularly in operational technology (OT) environments. Simon and Thomas discuss the challenges and methodologies involved in testing critical infrastructure such as power plants, emphasizing the importance of understanding device vulnerabilities, network segmentation, and the implications of physical access to devices. Thomas also describes how to uncover even the most hidden vulnerabilities, including zero-day threats and blind spots, for ensuring robust protection of OT systems and infrastructures. The conversation also highlights the significance of thorough reporting and vulnerability disclosure in enhancing overall cybersecurity. For more information about advanced cybersecurity for OT environments, please visit our website . We welcome your questions and feedback. Simply send us an email to podcast@omicronenergy.com. Please join us to listen to the next episode of Energy Talks.The podcast and artwork embedded on this page are from OMICRON electronics GmbH, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT For All Podcast (LS 40 · TOP 2% what is this?)Episode: Bringing LPWAN to Industrial IoT | Miromico's Liliane Paradise & Alex Raimondi | Internet of Things PodcastPub date: 2025-08-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of the IoT For All Podcast, Liliane Paradise and Alex Raimondi, COO and CTO of Miromico respectively, join Ryan Chacon to discuss bringing LPWAN to industrial IoT. The conversation covers the shift towards wireless solutions in the industrial sector, the advantages of LPWAN, sustainable IoT solutions, energy harvesting, battery-free IoT devices, the challenges and strategies in building successful industrial IoT solutions, and the critical role of a strong partner ecosystem.Liliane Paradise is a dynamic tech leader and IoT innovator currently serving as Chief Operating Officer of Miromico. She holds a Master's in Mechanical Engineering from ETH Zurich and began her journey at Miromico as a hardware developer around four years ago. At Miromico, Liliane has driven several major breakthroughs—most notably the launch of the miro EdgeCard mioty®, a compact LPWAN gateway accessory enabling scalable, energy‑efficient deployments. She oversees global operations, focusing on bringing innovative IoT devices—such as rugged gateways and battery‑free sensors—to mass production while championing sustainability and Swiss engineering excellence.Alex Raimondi is an IoT and embedded systems expert with a Master's in Electrical Engineering and Information Technology from ETH Zurich. Since 2004, he has led the embedded design team at Miromico, developing everything from high-performance FPGA systems to ultra-low-power sensor devices. He is also a co-founder of the high-tech startup Chip-ing, which is pioneering next generation "Golf 3.0" products. A frequent speaker at IoT industry events like IoT Visions—where he has presented on topics such as scalable and sustainable LoRaWAN logistics—Alex combines deep technical leadership with entrepreneurial drive.Miromico AG is a Zurich-based high-tech company specializing in innovative IoT and wireless solutions. Founded in 2002 as a spin-off from ETH Zurich, Miromico develops and manufactures advanced devices such as sensors, gateways, and embedded systems for smart cities, industrial automation, logistics, and more. Known for its expertise in LPWAN technologies like LoRaWAN and mioty®, the company provides end-to-end services from design to mass production, combining Swiss engineering quality with a global impact.Discover more about IoT and LPWAN at https://www.iotforall.comFind IoT solutions: https://marketplace.iotforall.comMore about Miromico: https://miromico.ch/en/homeConnect with Liliane: https://www.linkedin.com/in/liliane-paradise-5ab212137/Connect with Alex: https://www.linkedin.com/in/alexraimondi/Our sponsor: https://www.hologram.io(00:00) Ad(00:29) Intro(00:41) Liliane Paradise, Alex Raimondi, and Miromico(02:14) The shift to wireless IoT solutions(04:44) What is LPWAN?(05:57) Why makes mioty stand out?(07:00) Building an industrial LPWAN solution with mioty(10:18) Sustainable IoT and battery-free devices(13:02) Challenges of designing for ultra low power(14:42) Getting to market faster(16:09) Balancing hardware and customer demands(19:48) Moving from proof-of-concept to deployment(20:57) Navigating competing demands in battery life(23:40) Regulations and certifications(25:00) Differentiation in IoT hardware(27:43) Learn more and follow upSubscribe on YouTube: https://bit.ly/2NlcEwmJoin Our Newsletter: https://newsletter.iotforall.comFollow Us on Social: https://linktr.ee/iot4allThe podcast and artwork embedded on this page are from IoT For All, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Partnership in Action: When Legacy Systems Meet Modern Cybersecurity ThreatsPub date: 2025-08-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this hard-hitting episode of Industrial Cybersecurity Insider, host Dino Busalachi sits down with two battle-tested experts: Debbie Lay from TXOne Networks and Patrick Gillespie from GuidePoint Security. Together, they pull back the curtain on the messy, complex world of operational technology (OT) cybersecurity, where million-dollar cybersecurity losses happen regularly.This isn't your typical cybersecurity podcast filled with vendor pitches and theoretical frameworks. Instead, you'll get an unvarnished look at what really happens when industrial organizations try to secure their critical infrastructure. From the shocking reality of cyber insurance claims being denied over half-implemented multi-factor authentication to the all-too-common sight of HMI passwords scrawled in permanent marker on the plant floor. This conversation exposes the gap between cybersecurity best practices and industrial implementation and protection reality.What makes this episode essential listening:Real financial impact: Learn why industrial breaches cost $5.5-6 million on average, with downtime running $125,000 per hourPractical solutions that work: Discover how segmentation, virtual patching, and agentless endpoint tools can protect legacy systems without breaking the bankPolitical warfare decoded: Understand the often-toxic dynamics between IT and OT teams that sabotage security initiativesImplementation roadmaps: Get actionable strategies for deploying zero-trust architectures on the plant floorWhether you're a CISO struggling to justify OT security budgets, an engineer trying to protect decades-old industrial systems, or a consultant navigating the minefield of industrial cybersecurity politics, this episode delivers the kind of street-smart insights you won't find in vendor whitepapers.Chapters:00:00:00 - Cyber insurance denied over incomplete MFA 00:03:21 - What clients face as they begin the OT security journey00:06:35 - Industrial breach cost stat ($5.5–$6M; ~$125k/hour downtime) 00:07:36 - Too many IT tools forced into OT00:08:47 - Investment hurdles and budgeting misalignment00:11:05 - Collaboration between OT asset owners and the CISO00:13:24 - Hamilton ransomware: 80% hit; cyber insurance denied for incomplete MFA00:14:26 - HMI username/password written in Sharpie; segue to TXOne solutions00:18:22 - Who embraces TXOne first—IT or OT?00:20:58 - CISOs on OT priorities and piloting top sites00:22:25 - The ugly: Lacking OT inventory, unclear playbooks, starting from zero00:23:26 - The good: Safeguarding OT, anomaly alerts, avoiding risky legacy connections00:24:34 - Healthcare imaging case: XP-based systems, high replacement costs00:27:03 - AI useful in SOC/baselining; humans still required on OT side00:29:15 - Combining best-of-breed solutions to avoid costly deployment gaps00:29:47 - Why deployments stall—overwhelm and fatigue after tech selectionLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Debbie Lay, TXOne Networks on LinkedInPatrick Gillespie, GuidePoint Security on LinkedInIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 69: Adding Crypto Agility to OT SystemsPub date: 2025-08-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationQuantum computers could break today's encryption, leaving many OT systems—which often lack encryption entirely—at even greater risk. Dave Krauthamer, Field CTO at QuSecure, warns that nation-state attackers may target critical infrastructure like power, water, and food supplies first, making it urgent to adopt quantum-resistant cryptography across both IT and OT systems.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Salvatore Gariuolo on Safe EV ChargingPub date: 2025-08-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSalvatore Gariuolo, a senior threat researcher at Trend Micro, joins the Nexus Podcast to discuss safe EV charging and in particular, the ISO 15118 standard meant to create a trusted environment for electric vehicle charging. Gariuolo contends that while ISO 15118 offers substantial improvements that reduce pressure on the grid, and also introduces a handful of cybersecurity enhancements, it is not sufficient to fully secure the EV charging ecosystem.Listen and subscribe to the Nexus PodcastThe podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Data Breach Today Podcast (LS 32 · TOP 5% what is this?)Episode: How OT Device Flaws Can Threaten Hospital OperationsPub date: 2025-08-04Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRecent advisories from U.S. federal authorities on vulnerabilities in certain operational technology devices underscore the potential security risks that many healthcare providers frequently underestimate, said Sila Özeren, a security research engineer at Picus Security.The podcast and artwork embedded on this page are from DataBreachToday.com, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Almog Apirion CEO & Co-Founder @Cyolo on Remote Privileged Access for OT & Cyber-Physical SystemsPub date: 2025-08-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationגישה מאובטחת מרחוק למערכות הארגוניות הפכה לכורח המציאות מאז הקורונה והצורך עלה בישראל ביתר שאת אחרי השביעי באוקטובר. במערכות פיזיות ותפעוליות גישה מאובטחת מרחוק היא צורך קיומי מחד, על מנת לאפשר תפעול תקלות 24 שעות ביממה. מאידך יש צורך בבקרה קפדנית על מי מתחבר, איך ולאן כולל תיעוד של כול הפעילויות שמתבצעות שוק חברות הטכנולוגיה שעוסקות בגישה מרחוק לסביבות תפעוליות התפתח מאוד בשנים האחרונות עם מגוון אפשריות ומתן מענה לצרכים שונים של הלקוחות. נחשון פינקו מארח את אלמוג אפיריון מנכ"ל ומייסד-שותף בסיולו בשיחה על ההתקדמות הטכנולוגית של פתרונות המאובטחים לגישה מרחוק במערכות פיזיות וסביבות תפעוליות והשילוב של יכולות פאם (גישה מועדפת) ועוד Secure remote access to corporate systems has become a necessity since the COVID-19 pandemic, and the need has increased in Israel even more after October 7th, in physical and operational systems. Secure remote access is an existential necessity, enabling 24-hour fault management. On the other hand, there is a need for strict control over who connects, how, and where, including documentation of all activities carried out. The market for technology companies that deal with remote access to operational environments has significantly developed in recent years, with a variety of options and solutions to different customer needs. Nachshon Pincu hosts Almog Apirion, CEO and co-founder of Cyolo, in a conversation about the technological advancement of secure solutions for remote access to physical systems and operational environments and the integration of PAM (privilege access management) capabilities. And moreThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: Which low-hanging fruits to grab on the OT security journey | OT Security Made SimplePub date: 2025-08-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationNew Zealand's Peter Jackson from SGS (not ofLord of the Rings fame!) speaks about right-sizing cybersecurity legislature,OT security assessments and the low-hanging fruits in building resilience. Hediscusses with host Klaus Mochalski how an OT security assessment helpsunderstand the risk landscape, how resilience can be hardened fast and easy,what challenges prevail in segmentation and isolation processes and why it isimportant to talk about genuine risks and not the bogeyman.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: From Shelfware to Security: Operationalizing OT Industrial Cybersecurity ToolsPub date: 2025-08-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMany manufacturing leaders believe they're seeing 80–85% of their OT environment industrial assets. But in this episode, Dino and Craig reveal the reality that most have visibility into only 30–35% of their industrial control system assets, leaving the hidden 70% vulnerable. In this hard-hitting episode, they dismantle the false sense of OT security. They explore why million-dollar cybersecurity tool investments aren't fully utilized, and expose the costly disconnect between corporate IT, plant-floor teams, and third-party vendors. From debunking the air gap myth to stressing the need to trust but verify every connection, they show how to turn underutilized tools into proactive defenses that improve both security and operational efficiency. If you think your ICS is fully protected, this conversation might change your mind.Chapters:00:00:00 - Introduction: When Inefficiency Becomes Expensive00:00:59 - The Hidden Danger of Feeling Secure in Manufacturing00:03:58 - Why True Visibility and Accurate Data Change Everything00:07:18 - Real-World Roadblocks: Missteps and Mixed Messages00:10:24 - Who Holds the Power vs. Who Bears the Blame in Cybersecurity00:21:47 - Charting a Smarter Path to Stronger Cyber Defenses00:25:27 - Conclusion: Actionable Moves to Level Up Your SecurityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Local Infrastructure is Critical InfrastructurePub date: 2025-08-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationOur host Bryson sits down with Colin Ahern and Kirk Herath, two of the only cybersecurity experts working in Governors' offices in the United States. Colin was appointed Chief Cyber Officer of the State of New York by Governor Kathy Hochul in June 2022, and Kirk stepped into his role as Cybersecurity Strategic Advisor to Ohio Governor Mike DeWine and Lt. Governor Jon Husted the same year. In their positions, Colin and Kirk are responsible for coordinating their states' cybersecurity capabilities, overseeing threat assessment and response, working with local governments to prepare for and remediate cyber attacks, and more.  What were the critical lessons learned in building statewide cybersecurity programs from the ground up? How do states navigate the shifting landscape of federal support? And what are the biggest challenges and opportunities on the horizon for cyber czars and strategic advisors across the country? “You can't replicate these shared services unless you're doing it together. You just can't. We can either succeed together or we can fail separately. There's really not a middle ground where we can all have exactly everything we want all the time. Because like we've said, this is a risk management exercise in a world of limited resources,” Colin explained. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S2 E1: Vulnerability Management and FeedsPub date: 2025-08-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJoin Don Weber and Tom VanNorman for the Season 2 premiere of Simply ICS Cyber!In this episode, your hosts interview special guest and ICS professional, Dan Ricci.Dan is a Power Systems Engineer and Researcher with Idaho National Labs and sits down with the hosts to explore vulnerability management, feeds, and learn more about ICS Advisory Board Project. Episode Links:- https://www.icsadvisoryproject.com/- https://www.icsadvisoryproject.com/ics-advisory-dashboards/cisa-kev-for-cisa-ics-advisoriesConnect with Dan Ricci on LinkedIn:https://www.linkedin.com/in/danricci14Connect with your hosts on LinkedIn:- Don linkedin.com/in/cutaway- Tom linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/SocialsThe podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Advanced Manufacturing Now (LS 35 · TOP 3% what is this?)Episode: Cybersecurity for SMMs: A Conversation with CyManII & Michigan TechPub date: 2025-08-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Advanced Manufacturing Now, Editor-in-Chief Steve Plumb dives into how small and mid-sized manufacturers can build cybersecurity into their digital transformation efforts. Gabriela Ciocarlie and Curtis Taylor from CyManII are joined by Vinh Nguyen from Michigan Tech to explore a groundbreaking cybersecurity project. The podcast and artwork embedded on this page are from SME Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The Defender's Advantage Podcast (LS 36 · TOP 2.5% what is this?)Episode: Protecting the Core: Securing Protection Relays in Modern SubstationsPub date: 2025-07-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHost Luke McNamara is joined by members of Mandiant Consulting's Operational Technology team (Chris Sistrunk, Seemant Bisht, and Anthony Candarini) to discuss their latest blog on securing assets in the energy grid.https://cloud.google.com/blog/topics/threat-intelligence/securing-protection-relays-modern-substationsThe podcast and artwork embedded on this page are from Mandiant, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S1 E7: TSA Security Directives and OTPub date: 2025-05-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDon and Tom jump into the TSA Directives in this episode with their special guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world's largest engineering, procurement, and construction companies. He also founded the BSides ICS/OT and BSides Greenville cons. In this episode, our expert guest helps us answer the questions below:- What are TSA Directives? - Where do we find them?- Who do they apply to?- How are sites checked?Connect with Mike: - Mike Holcomb LinkedIn: https://www.linkedin.com/in/mikeholcomb/Learn more about BSides ICS/OT:- BSides ICS/OT: https://www.bsidesics.org/=========================Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don linkedin.com/in/cutaway- Tom linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/SocialsThe podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Reflections from Black Hat and DEFCON: Trends, Community Energy, and the Future of OT CybersecurityPub date: 2025-08-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Aaron returns from an action-packed week at Black Hat and DEFCON in the sweltering heat of Las Vegas. He shares his firsthand impressions on the changing atmosphere of these legendary conferences, from skyrocketing prices to a slightly thinner crowd, and digs into hot topics like the surge in AI discussions and the ongoing clash of perspectives between IT and OT professionals.  Aaron also highlights the unmatched energy and camaraderie in the DEFCON villages—especially the ICS Village—and offers a sneak peek at exciting upcoming events, such as ResetCon and Lone Star Cyber Shootout.  Whether you're a conference veteran or just OT-curious, this episode is packed with personal stories, industry trends, and tips for making the most out of these must-attend cybersecurity gatherings. Tune in and get ready to protect it all! Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S1 E6: ISA/IEC Cybersecurity FrameworkPub date: 2025-04-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Simply ICS Cyber, Don and Tom interview their guest, Jim Gilsinn. Together they discuss the ISA/IEC 62443 Cybersecurity framework and answer the questions:- What is ISA/IEC 62443 Series of Standards and how do they help?- How do you get access to the ISA/IEC 62443 documents?- How can you help improve the standards?Connect with Jim Gilsinn on socials:- Linked In: https://www.linkedin.com/in/jimgilsinn/- X: https://x.com/JimGilsinnLearn more about the ISA/IEC 62443 Standards: https://www.isa.org/standards-and-publications/isa-standards/isa-iec-62443-series-of-standards=========================Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don linkedin.com/in/cutaway- Tom linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/SocialsThe podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The Industrial Security Podcast (LS 36 · TOP 3% what is this?)Episode: I don't sign s**t [The Industrial Security Podcast]Pub date: 2025-08-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWe don't have budget to fix the problem, so we accept the risk? Tim McCreight of TaleCraft Security in his (coming soon) book "I don't sign s**t" uses story-telling to argue that front line security leaders should not be accepting multi-billion dollar risks on behalf of the business. We need to escalate those decisions - with often surprising results when we do.The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S1 E5: Incident Response in ICS/OT/SCADAPub date: 2025-04-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHow does Incident Response in ICS/OT/SCADA work? In this episode of Simply ICS Cyber, Don and Tom welcome Kai Thomsen, Director of Global Incident Response Services at Dragos.Join us as we answer the questions below and provide more insight into how IR works in OCS, OT, and SCADA:- Is DFIR the same on the OT side as the IT side?- What are some of the challenges the OT DFIR team faces?- In an organization, who is responsible for OT incident response?- What are table tops, how should you conduct them?- What are some table top exercises?- How do you get into OT DFIR?Discover the Dragos 2025 YIR Report: https://www.dragos.com/ot-cybersecurity-year-in-reviewConnect with Kai on LinkedIn: https://www.linkedin.com/in/kai-thomsen-a635b21b7Check out the Incident Response Table top resources below:- CISA Tabletop Exercise Packages (CTEPs)- CISA ICS Training- Dean Parson's ICS Incident Response Tabletops- Lenny Zeltser Cheat Sheets and Presentations- NERC's Grid Security Exercise (GridEx) - MITRE Cyber Exercise Playbook- Black Hills Information Security (BHIS) Backdoors and Breaches ICS/OT Deck- Center for Internet Security, Tabletop Exercises – Six Scenarios to Help Prepare Your Cybersecurity Team- Red Canary: Are You Using Tabletop Simulations to Improve Your Information Security Program?- Dragos: Preparing for Industrial Cyber Response Tookit- Dragos: Preparing for Incident Handling and Response in ICS- Dragos Tabletop Exercise- ICS4ICS Incident Command System for Industrial Control Systems- European Network for Cyber Security (ENCS) Red Team – Blue Team TrainingJoin us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don linkedin.com/in/cutaway- Tom linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/SocialsThe podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S1 E4: What are the 5 ICS Cybersecurity Controls?Pub date: 2025-04-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Tom and Don host special guest Michael Hilken, Cyber Physical Engineer at Grimm. The trio review and discuss the Five ICS Cybersecurity Critical Controls. Links from this episode:- Michael Hilken: https://www.linkedin.com/in/michael-hilken/- SANS Whitepaper on the The Five ICS Cybersecurity Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls/ - Dragos 2025 OT Cybersecurity Report - 8th Annual Year in Review: https://www.dragos.com/ot-cybersecurity-year-in-review/  Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway- Tom https://www.linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================The podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Noam Moshe on Hacking Video SurveillancePub date: 2025-08-07Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationNoam Moshe, Research Director for Claroty Team82, joins the Nexus Podcast live at the Black Hat Briefings in Las Vegas to discuss research that was presented here on the security of a popular video surveillance platform manufactured by Axis Communications. Moshe describes how Team82 examined the proprietary protocol supporting Axis servers and clients (camera) and uncovered four vulnerabilities that could be chained to eventually gain pre-authentication remote-code execution. Moshe explains Team82's research process, the risks to users, and the successful disclosure process with Axis Communication that resulted in prompt patches available for the servers and camera platforms. Read Team82's research blog hereListen and subscribe to the Nexus PodcastThe podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S1 E3: Critical Infrastructure vs. Everything ElsePub date: 2025-03-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Simply ICS Cyber, Don and Tom interview Gus Serino, water sector expert and Owner at I&C Secure, Inc.Listen in as we will answer the following questions:- What is Critical Infrastructure?- What are other types of Industrial and Automation?- Is cybersecurity different between the two?Links from this episode:- Gus Serino LinkedIn: https://www.linkedin.com/in/gusserino/- Instrumentation & Control Secure, Inc.: https://www.iandcsecure.com/- S4Events - Water Sector Cyber Risk with Gus Serino: https://www.youtube.com/watch?v=ScigBpXIjggJoin us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway- Tom https://www.linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================The podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Shaya Feedman Ex Head of Information Security @Porsche Digital about cars functional safety & cyberPub date: 2025-08-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationכשאתם נכנסים לרכב שלכם כמה מחשבה אתם מקדישים לעובדה שאתם בתוך דאטה-סנטר עצום, איך מתמודדים בטיחותית וסייברית עם מפעל שיש בו עשרות רבות ולעיתים מאות מחשבים עם שתי רשתות תקשורת שלפחות אחת מוגדרת כקריטית וכול זה ממוזער ונדחס לרכב אחד אין ספק שבטיחות והגנת סייבר בתעשיית הרכב היא אחד האתגרים הקשיים שיש החל משלב התכנון, דרך שרשרת אספקה ועד הרכב עצמו. נחשון פינקו מארח את שייע פידמן עד לאחרונה מנהל מרכז הפיתוח והגנת הסייבר בפורשה דיגיטל בשיחה על הגנת סייבר בעולם ייצור הרכבים והרכבים עצמם. ועוד כמה מיידעים לגבי הרכבים שלכם שכנראה לא ידעתם When you get into your car, how much thought do you give to the fact that you are inside a huge data center, how do you deal with safety and cyber security with a factory that has dozens and sometimes hundreds of computers with two communication networks, at least one of which defined as critical, and all of this is minimized and compressed into one car? There is no doubt that safety and cybersecurity in the automotive industry are among the most difficult challenges, from the planning stage, through the supply chain, to the vehicle itself. Nachshon Pincu hosts Shaya Feedman, until recently the Head of Information Security at Porsche Digital, in a conversation about cybersecurity in the world of vehicle manufacturing and the vehicles themselves. And some more information about your cars that you probably didn't know  The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S1 E2: How to get started in ICS, OT and SCADAPub date: 2025-03-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn episode 2 of Simply ICS Cyber, we answer the following questions for those interested in starting a career in ICS (industrial control systems), OT (operational technology):- What is Capex vs Opex? And, why does it matter when getting a job?- What is the compensation versus actual pay?- What does the OT side consider as important skills?- How are the rising FTE and consultant wages affecting winning ICS/OT work? Links to learn more about ICS, OT, SCADA:- ICS Village: https://www.icsvillage.com - Contact ICS Village: https://www.icsvillage.com/contact-us - NICE Framework (Find OT in the Competency Areas): https://niccs.cisa.gov/workforce-development/nice-framework - SANS ICS NICE: https://www.sans.org/nice-framework/industrial-control-systems Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway - Tom https://www.linkedin.com/in/thomasvannorman =========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials=========================The podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 68: Hacking Cruise Ships and Data CentersPub date: 2025-08-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThis is a story where one maritime company found multiple vendors maintaining unrestricted VPN access to systems across a cruise vessel, exposing safety-critical functions to potential compromise. Bill Moore, CEO of Xona Systems, returns to Error Code to talk about how that company and others, such as data center operators, are recognizing their latent multiple-vendor OT exposure and learning how to address it today.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: When the Plant Can't Stop: Securing Systems That Never SleepPub date: 2025-08-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Industrial Cybersecurity Insider, Craig Duckworth sits down with Ian Bramson, VP of Global Industrial Cybersecurity at Black & Veatch, to explore what it really takes to secure complex industrial systems. Whether you're retrofitting legacy brownfield environments or designing cybersecurity into greenfield builds, Ian unpacks the foundational questions every organization must answer:What do you need to protect? Where are your holes? Can you see what's happening and respond if something goes wrong? From AI-enabled attackers to real-time asset visibility, he shares actionable insights on risk management, OT monitoring, and why leaders must begin treating cybersecurity like safety, not just an IT function. Whether you're managing a water treatment plant, a power plant, or smart transportation infrastructure, this conversation delivers clarity in complexity - and guidance for what to do next.Chapters:00:00:00 - Uncovering Hidden Dangers in Remote Access00:00:59 - Meet Ian Bramson: Defending the World's Most Critical Systems00:02:58 - Why Critical Infrastructure Is Everyone's Business00:03:30 - Power and Water: The Frontlines of Cyber Defense00:09:07 - Decoding NERC CIP: What You Really Need to Know00:10:38 - Walking the Tightrope Between Compliance and True Security00:17:01 - Proven Cybersecurity Tactics That Actually Work00:22:50 - AI in Cybersecurity: Game-Changer or New Threat?00:24:47 - How Public and Private Sectors Tackle Cyber Risk Differently00:29:31 - Ian Bramson's Final Playbook for Today's CISOsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S1 E1: Intro to ICS, OT, and SCADAPub date: 2025-02-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWelcome to the first episode of Simply ICS Cyber! Tune in every other Wednesday for new episodes premiering at 9:30 AM ET.Learn more about what to expect in this episode below:- Who are Don and Tom?- What are industrial and automation controls and why are they important?- What are these terms? ICS, OT, 62443, countermeasures, PLC, DCS- Why is cybersecurity different in OT versus IT?Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway- Tom https://www.linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================The podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: How to Maximize the ROI at Cybersecurity ConferencesPub date: 2025-08-04Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWelcome back to Protect It All, the podcast where host Aaron Crow goes beyond the basics of OT to explore the dynamic intersection of IT and OT cybersecurity. In this episode, Aaron takes us inside a hacker summer camp in Las Vegas - home to industry giants Black Hat and DEFCON, where tens of thousands of security professionals gather each year.  Drawing from his years of experience attending these events, Aaron unpacks the good, the bad, and the ugly of the conference circuit: from the value of in-person networking and the buzz of vendor events, to the challenges of ROI, overwhelming hype, and the evolving role of sponsors. Plus, he shares hard-won tips for making the most of Vegas - including how to find your tribe, engage meaningfully with vendors, and stay cool (literally and figuratively) amidst the chaos.  Whether you're a first-timer or a seasoned attendee, this episode is packed with honest insights and actionable advice to help you navigate the ever-evolving world of cybersecurity conferences. Key Moments:  03:05 Networking's Importance in Vegas 08:29 Evaluating Black Hat Conference ROI 12:17 "CISOs' Discreet Presence at Vendor Events" 13:22 Buzzword Overload at Conferences 18:40 Relationship-Driven Sales Strategy 21:02 Balancing Conference Costs and Value 25:44 "Prioritize Genuine Leads Only" 27:05 Enhancing Cybersecurity Events Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Unsolicited Response (LS 33 · TOP 5% what is this?)Episode: Long Conversation: OT and IT - Convergence, Integration, and Separation?Pub date: 2025-07-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationFew topics get as much heat as the current, future, and ideal relationship between OT and IT. One of the first posts someone just discovering OT makes is how OT is different than IT. As you dig deeper into OT you find an increasing case of the technology, processes, and even the people being similar to IT. In this 90 minute long conversation format, we will try to bring some enlightenment to this question with a specially curated group of 9 S4x25 attendees.   About The Long Conversation Format  Two people begin the discussion on stage. After 10 minutes a third person will tap one of the participants on the shoulder and replace them in the conversation. This continues for the 90 minutes. Participants are on stage for 20 minutes talking to two different people for 10 minutes each.The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 25 · TOP 10% what is this?)Episode: Breaking Down Barriers: Making IoT and Hardware Hacking Accessible to All with Andrew BelliniPub date: 2025-07-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe episode centers on the challenges and opportunities in IoT and OT security, with insights from technical content creator, hardware hacker, and educator Andrew Bellini. It highlights the often-overlooked vulnerabilities of industrial and consumer IoT devices, emphasizing the accessibility of hardware hacking and the need for practical, low-cost educational resources, covering hands-on learning, industry anecdotes, recommendations for securing environments, and advice for newcomers interested in hardware security. Let's connect about IoT Security!Follow Phillip Wylie at https://www.linkedin.com/in/phillipwyliehttps://youtube.com/@phillipwylieThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: The Lawyer's View: Strategic Lessons in Cybersecurity and Incident ResponsePub date: 2025-07-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig Duckworth sits down with seasoned attorney and cyber crisis strategist Josh Cook, founder of Left of Boom Consulting. Together, they explore the pivotal role of proactive preparation in cybersecurity especially for mid-market and industrial organizations navigating today's hyper-connected, AI-augmented threat landscape. Josh shares hard-earned insights from decades of incident response leadership, emphasizing why building your cyber playbook before the attack is critical. From legal implications and executive missteps to the psychological attributes needed in your incident command post, this conversation is a masterclass in cyber resilience and proactive protection by design.Chapters:00:00:00 – Kicking Off with Chaos: Why Incident Response Matters00:01:02 – Enter Josh Cook: Legal Strategist Turned Cyber Commander00:01:18 – War Stories and Wisdom: Josh's Journey to Left of Boom00:02:38 – Planning Beats Panic: Mastering the Art of Pre-Incident Prep00:04:17 – Assembling the A-Team: Who Belongs in Your Cyber War Room00:09:07 – AI at the Front Lines: Friend, Foe, or Something in Between?00:12:42 – Industrial Chaos: What's Really Holding Cybersecurity Back00:16:07 – Boardroom to Shop Floor: Why the C-Suite Can't Stay Silent00:25:18 – No Secrets Here: Transparency and the Power of Telling the Truth00:29:08 – Parting Shots: Josh's Battle-Tested Advice for ResilienceLinks And Resources:Josh Cook on LinkedInWebsiteWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: Bei der OT-Sicherheit ist der Staat in der Pflicht | OT Security Made SimplePub date: 2025-07-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybertech-Influencer und Experte für Cybersicherheit und Maschinenbau Olaf Classen spricht über Cybersicherheit als Wettbewerbs- und Standortvorteil und warum gerade deutsche und europäische Unternehmen ihre Expertise im Engineering Richtung Cybersicherheit ausbauen sollten. Er plädiert für staatliche Förderung (und nicht nur Regulierung) und dafür, Cybersicherheit und digitale Souveränität als gesamtgesellschaftliches und europäisches Projekt zu behandeln.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Lessons Learned in OT Security: Regulation, Collaboration, and the Rise of AI Threats with Kam Chumley-SoltaniPub date: 2025-07-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by Kam Chumley-Soltani, Director of OT Security at Armis, for a candid conversation that dives into the ever-evolving landscape of OT (operational technology) and IT cybersecurity. After several rescheduling attempts across time zones and even parking lots, Aaron and Kam finally sit down to share their frontline experiences and insights from the world of critical infrastructure security. From the increasing visibility of OT threats and the surge in regulatory requirements, to the convergence of IT and OT teams, they dig into what's driving organizations to prioritize real-time visibility, risk management, and collaboration. Kam reflects on his diverse background in the military, at Cisco, Dragos, and now Armis, while Aaron draws on decades of experience leading teams across power plants and utilities in Texas. They both underscore the importance of people, process, and technology - reminding us that even the best tools are only as valuable as the teams that wield them. The discussion explores the challenges smaller utilities face, balancing regulation with limited resources, and the need for cyber-informed engineering from the very start. Plus, they look ahead at the role of AI in cybersecurity, the daisy-chain effects of infrastructure attacks, and the importance of community and continuous learning in keeping ahead of the curve. Whether you're a cybersecurity veteran, just breaking into OT, or simply want to understand why your electricity bill matters, this episode is packed with anecdotes, practical advice, and a few laughs. So pull up a chair and get ready to protect it all! Key Moments:  03:18 Cybersecurity Developments and Regulatory Changes 06:33 Demand for Consulting and Assessments 09:51 Future of Regulation and Community 13:06 Regulating Small Utilities Challenges 16:41 Cybersecurity in Critical Infrastructure 19:43 Simplifying Complex Issues for All 26:12 Embracing AI in Cybersecurity 27:39 "Embrace Challenges, Educate Yourself" 30:14 Cybersecurity Threats to Infrastructure 34:29 Evaluating Automated Alerting Systems 39:38 Controlled Network Configuration Risks 42:10 Underfunded Team: Multi-Skill Necessity 45:31 "Collective Progress and Contribution" 48:13 "Geopolitical Threats to Infrastructure" About the guest :  Kam Chumley-Soltani serves as the Director of OT Solutions Engineering for the U.S. Public Sector at Armis, where he specializes in industrial cybersecurity. His expertise lies in designing secure and resilient network architectures for critical infrastructure environments. Previously, Kam led Cisco's OT Solutions Engineering team for the entire U.S. Public Sector, delivering end-to-end solutions across IoT/OT security, network architecture, diverse RF wireless deployments, embedded systems, and edge computing. He has guided numerous global enterprises, federal agencies, and SLED organizations in architecting solutions that incorporate robust networking, cybersecurity controls, advanced threat detection, and proactive vulnerability management. A Navy veteran, Kam served as a flight systems engineer and mission operations planner. He holds a B.S. in Cyber Operations from the United States Naval Academy, an M.S. in Cybersecurity from Brown University, and an M.B.A. from Northwestern University's Kellogg School of Management. He is currently pursuing his Doctor of Engineering (D.Eng.) in AI/ML from George Washington University.  How to connect Kam:  Linkedin: https://www.linkedin.com/in/kam-chumley-soltani/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The Industrial Security Podcast (LS 36 · TOP 3% what is this?)Episode: NIS2 and the Cyber Resilience Act (CRA) [The Industrial Security Podcast]Pub date: 2025-07-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationNIS2 legislation is late in many EU countries, and the new CRA applies to most suppliers of industrial / OT computerized and software products to the EU. Christina Kiefer, attorney at reuschlaw, walks us through what's new and what it means for vendors, as well as for owner / operators.The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Dan Berte on Solar Grid and IoT VulnerabilitiesPub date: 2025-07-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDan Berte, director of IoT security at Bitdefender, joins the Nexus Podcast to join his team's ongoing research into the security of solar grid inverters and three serious vulnerabilities uncovered in the popular Deye Solarman management platform.Dan discusses his team's research, the disclosure process, and the implications on green energy initiatives overall. With the growing popularity of these platforms, Berte cautions that attackers are going to continue to analyze their security for weaknesses and attempt to exploit them. Listen to the Nexus Podcast on your favorite podcast platform. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.