@BEERISAC: CPS/ICS Security Podcast Playlist

Podcast: Industrial Cybersecurity InsiderEpisode: The Nation-State Attacks Hiding in Your OT NetworkPub date: 2025-11-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of the Industrial Cybersecurity Insider, Craig Duckworth sits down with Matthew Carr, co-founder of Atumcell and OT penetration testing expert with fifteen years of experience securing operational technology systems. Matthew shares his journey from vulnerability research to specializing in cyber-physical security, recounting the pivotal moment when his exploit code stopped a production line at a major car manufacturer. The conversation addresses the critical gaps in OT security, including why most organizations are unaware of what's actually on their networks, the dangers of default passwords on IoT devices, and how attackers often use espionage rather than ransomware to remain undetected. Matthew reveals how his team safely conducts pentests in production environments, develops proprietary detection rule sets, and helps organizations understand their infrastructure through network mapping. The discussion encompasses a range of topics, from the risks associated with smart TVs in conference rooms to the motivations behind nation-states targeting critical infrastructure, culminating in practical advice on developing a cybersecurity roadmap for cyber-physical systems.Chapters:(00:00:00) - Welcome and Introduction to Matthew Carr's OT Security Journey(00:02:30) - The Moment Exploit Code Stopped a Production Line at a Major Car Manufacturer(00:06:15) - Why Most Organizations Don't Know What's Actually on Their OT Networks(00:09:45) - The Three Pillars of Adamzsel: Pentesting, Monitoring, and Tabletop Exercises(00:14:20) - How Attackers Know Your Infrastructure Better Than You Do(00:18:50) - Smart TVs in Conference Rooms: The Hidden Security Risk with Root Access(00:22:30) - Espionage vs Ransomware: The Cyber Attacks No One Is Talking About(00:26:45) - Why Default Passwords on IoT Devices Are an Attacker's Favorite Entry Point(00:30:20) - Building a Cybersecurity Roadmap for Cyber-Physical Systems(00:33:15) - Closing Thoughts and Free OT Security White Paper from AdamzselLinks And Resources:Atumcell WebsiteMatthew Carr on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 75: IoT-based Living Off The Land Attacks and Air-Gapping Solar SystemsPub date: 2025-11-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAt Black Hat USA 2025, Dan Berte, IoT Director at BitDefender, revisits his talk last year about hacking solar panels in light of the blackout in Spain and Portugal. While the Iberian Peninsula blackout wasn't an attack, it shows how sensitive these systems are when mixing old and new technologies, and how living off the land attacks might someday take advantage of that. The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Acciones en el Gobierno y Gestión de la Ciberseguridad IndustrialPub date: 2025-11-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se profundiza en cómo iniciar la implantación de un Sistema de Gobierno y Gestión de la Ciberseguridad Industrial (SG2CI), qué estructuras y métricas son clave para mantener alineados gobierno y gestión, y cómo traducir la estrategia en proyectos concretos con responsables, plazos y resultados medibles.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Bad ActorsEpisode: E38: The Unseen Threats to Critical Infrastructure with Patrick GillespiePub date: 2025-10-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Bad Actors, host Rebecca Craddick speaks with Patrick Gillespie, OT Practice Director at GuidePoint Security, about the unique and often misunderstood world of operational technology (OT) and its critical role in many areas, from manufacturing to public utilities.Patrick discusses the increasing threats to critical infrastructure, the challenges of bridging the gap between IT and OT teams, and the importance of adopting a "survivable" security posture. He also explains how GuidePoint's partnership with Armis helps organizations gain visibility into their OT environments and prioritize vulnerabilities. This episode is a must-listen for anyone interested in the evolving landscape of cybersecurity and the protection of our most vital systems.The podcast and artwork embedded on this page are from Armis, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: Angriffserkennung in Umspannwerken nach dem BSI | OT Security Made SimplePub date: 2025-11-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKlaus Hunsänger vom BSI gibt Tipps, wie in Umspannwerken eine Angriffserkennung nach BSI-CS 153 “Stationsautomatisierung” umgesetzt werden kann. Der Praktiker aus dem Referat für industrielle Steuerungs- und Automatisierungssysteme beleuchtet die Hintergründe des BSI-Dokuments und an welcher Stelle ein netzbasiertes IDS (NIDS) sinnvoll ist. Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen & Fragen an podcast@rhebo.com.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: When IT Security Meets OT Reality: Why One Size Doesn't Fit AllPub date: 2025-11-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhat happens when IT cybersecurity practices collide with OT operational realities? In this episode, Jim and Dino expose the costly mistakes organizations make when applying IT security playbooks to manufacturing environments.Discover why zero trust architectures can halt production, how shadow IT thrives on every plant floor, and why remote access policies designed for corporate networks fail in industrial settings. Learn the critical importance of OT-tailored asset inventories, the need for IT/OT collaboration, and why digital safety must be treated with the same urgency as physical safety.If you're struggling to bridge the gap between IT security mandates and OT operational needs—or if you've ever watched a well-intentioned security policy bring production to a halt—this episode is your roadmap to getting it right.Chapters:(00:00:00) - Introduction and Episode Overview(00:01:19) - IT vs OT Security Mindsets(00:02:03) - Zero Trust Challenges in OT Environments(00:05:12) - Remote Access and Change Management Conflicts(00:09:00) - Who Should Learn from Whom: IT or OT?(00:10:23) - Asset Inventory: What OT Engineers Don't Know(00:15:00) - Process Integrity and Operational Value(00:21:57) - Shadow IT: The Backdoors Nobody Talks About(00:26:00) - Designing Security Into New Equipment(00:28:00) - Digital Safety vs Physical SafetyLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInJim Cook on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S2 E7: ICS/OT Security Operations CentersPub date: 2025-11-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe growing need for visibility and response in industrial environments is driving more organizations to consider ICS/OT Security Operations Centers — but what does that actually look like for small and medium-sized operations?In this episode of Simply ICS Cyber, Don and Tom sit down with Dan Gunter, CEO and founder of Insane Cyber, to discuss how ICS/OT SOCs function, what data truly matters for monitoring, and how incident response changes when operators have (or don't have) the right information at hand.Drawing on experience from the Air Force CERT to founding an OT-focused security company, Dan shares a practical look at the realities of SOC implementation across industries — from utilities with limited staff to large-scale enterprises managing thousands of assets.Listeners will gain insight into how to start building visibility, selecting the right MSSP partners, and managing SOC fatigue — all while keeping industrial operations safe and resilient.⚙️ Tune in to learn how data, process, and people come together to make ICS/OT SOCs work in the real world.Connect with Dan on LinkedIn: https://www.linkedin.com/in/dan-gunter

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Open Source Intelligence Exposed: How Hackers Use Public Data to Target People, Passwords, and Critical SystemsPub date: 2025-11-04Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThink your company's private data is safe? Think again. In this episode of Protect It All, host Aaron Crow pulls back the curtain on one of cybersecurity's most underestimated frontiers - Open Source Intelligence. He reveals how attackers leverage publicly available data from LinkedIn profiles to leak passwords, mapping out targets, infiltrating systems, and exploiting the human attack surface. Drawing from real-world incidents and years of experience across IT and OT security, Aaron explains: How Open Source Intelligence fuels social engineering and insider threat campaigns. Why protecting systems isn't enough - you must protect people. How to use Open Source Intelligence proactively for threat modeling and risk mitigation. Steps to monitor your digital footprint and reduce exposure before it's too late. Whether you're a cybersecurity professional, executive, or simply digital-curious, this episode will change how you think about “public information.” Tune in to learn how Open Source Intelligence can both expose and empower your cybersecurity strategy - only on Protect It All. Key Moments:  06:17 Securing Domain Admin Accounts 09:09 Proactive Employee Security Monitoring 12:19 "Protecting Human Attack Surfaces" 16:48 "Enhancing Cybersecurity with Open Source Intelligence” 18:49 Exposed Data Response Process Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis del Gobierno y Gestión de la Ciberseguridad IndustrialPub date: 2025-11-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se profundiza en los niveles de responsabilidad en la ciberseguridad industrial, analizando dónde se producen más desviaciones, cómo se manifiestan los desequilibrios entre gobierno y gestión en las organizaciones actuales, y el rol clave del ICSO como puente entre estrategia y operación para alinear a todos los actores implicados en la protección […]The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Mark Korman Chief Legal & Strategy Officer @Critical-Impact about cyber crises aspects to considerPub date: 2025-10-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationPrevention tools are essential, but have their limits; no one can prevent every breach. Readiness determines how quickly and effectively you regain control once it happens. Tabletop exercises, crisis playbooks, and decision-making drills are the true differentiators. Nachshon Pincu hosts Mark Korman, Chief Legal and Strategy Officer at Critical-Impact, an incident response company, in a conversation about cyber crisis Investing in Readiness, Not Just Prevention The Paradox: Tech Is Better, Attacks Are Worse, and the AI game changer for good and for bad Data Leaks and Privacy with the 13th Amendment and moreThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Dispelling IT/OT Convergence Challenges and MythsPub date: 2025-10-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Craig and Dino tackle IT/OT convergence, operational technology security, and manufacturing cybersecurity challenges head-on. They challenge the notion of OT being a "shadow IT group" and explore the fundamental differences between IT and OT operations in industrial environments. The discussion emphasizes that OT focuses on safety and physical outcomes, while IT prioritizes data security. They stress the importance of collaboration between IT and OT teams, highlighting how system integrators, OEMs, and plant operators must work together to improve cybersecurity posture. The conversation covers practical issues like Overall Equipment Effectiveness (OEE), incident response, and the need for proper funding and governance. Both advocate for CISOs and CIOs to actively engage with OT teams and system integrators, visit manufacturing facilities, and understand the unique challenges of industrial control systems to achieve true convergence and protect manufacturing plants and critical infrastructure.Chapters:00:00:00 - Opening Shot: Who's Really in Charge—CIOs or the Plant Floor?00:00:57 - Collision Course: IT and OT Can't Keep Dodging Each Other00:01:52 - Two Worlds, One Mission: Why OT Isn't Just “IT in a Hard Hat”00:04:07 - When Convergence Fails: What's Missing in the Middle00:05:54 - Breaking Silos: Why Cybersecurity Demands True Collaboration00:08:22 - Real Talk: What Cyber Protection Looks Like on the Plant Floor00:10:46 - OT's Tipping Point: Will the Next Move Come from IT, or the Shop Floor?00:17:32 - Your Move: What Leaders Must Do Next (Before It's Too Late)Links And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 74: Turning Surveillance Cameras on their AxisPub date: 2025-10-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAt Black Hat USA 2025, Noam Moshe from Claroty's Team 82 revealed several vulnerabilities in Axis Communications' IP camera systems, including a deserialization flaw that could let attackers run remote code. The team worked with Axis to patch the issues. Moshe says that this case highlights the broader security risks still common in the billions of common IoT devices in the world today.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The Industrial Security Podcast (LS 35 · TOP 3% what is this?)Episode: Medical Device Cybersecurity Is Tricky [The Industrial Security Podcast]Pub date: 2025-10-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationYes the device has to be safe to use on patients, and yes it has to produce its results reliably, but patient / data confidentiality is also really important. Naomi Schwartz of Medcrypt joins us to explore the multi-faceted world of medical device cybersecurity - from MRI's to blood sugar testers.The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Old Windows, New Risks: How End-of-Life Systems Threaten OT Security and What You Can DoPub date: 2025-10-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Protect It All, host Aaron Crow takes a hard look at one of the biggest blind spots in OT cybersecurity: legacy Windows environments still running inside plants, refineries, and utilities. From Windows XP to Windows 10's upcoming end of support, Aaron breaks down why these systems persist, the true cost of “doing nothing,” and the high-stakes trade-offs between replacement, isolation, and risk mitigation. You'll discover: Why outdated Windows systems remain critical yet dangerously exposed. The myths of “true air gaps” and why they don't protect you anymore. Practical isolation tactics, segmentation, strict access control, and monitoring. How to manage asset visibility, vendor dependencies, and downtime risks. Whether you're a cybersecurity leader, plant manager, or operations engineer, this episode is your roadmap to making smarter, safer decisions about legacy systems before they cause costly disruptions. Tune in to learn how to balance operations, cost, and security and protect your OT world from old-system vulnerabilities. Key Moments:  01:22 "End-of-Life Systems in OT" 04:15 Upgrading Systems in Regulated Industries 07:35 Reducing Risk with Network Segmentation 12:02 "Firewall Rules and System Security" 15:52 Understanding Risks in End-of-Life Systems 18:54 Securing Legacy Systems Effectively Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 1/4 Contexto del Gobierno y Gestión de la Ciberseguridad IndustrialPub date: 2025-10-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio conoceremos la trayectoria de Diego Zuluaga y la evolución en el equilibrio entre gobierno y gestión, y las señales que indican cuándo una organización ha pasado de actuar sin rumbo a tener una ciberseguridad estratégica y con propósito.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S2 E6: Keeping Up With ICS Threat IntelligencePub date: 2025-10-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe industrial threat landscape never stands still — and neither can defenders. In this episode of Simply ICS Cyber, Don and Tom sit down with Joe Slowik, a globally recognized expert in cyber threat intelligence (CTI), detection engineering, and incident response for ICS, OT, and critical infrastructure environments.With over 15 years of experience spanning offensive operations, threat research, and leadership roles in both government and private sectors, Joe brings an unparalleled perspective on how adversaries target industrial systems — and how defenders can stay ahead.Listeners will hear how Joe's work connects cutting-edge artificial intelligence and detection development with the real-world challenges of protecting operational environments. His insights reveal where the next evolution of ICS threat intelligence is headed — and what teams should focus on now to stay resilient.⚙️ Tune in to learn how threat intelligence is evolving across industrial control systems and what it takes to keep pace in a rapidly changing landscape.Connect with Joe on LinkedIn: Joe Slowikhttps://www.linkedin.com/in/joe-slowik

Podcast: OT Security Made SimpleEpisode: Von der Angriffserkennung zum automatisierten Client Management in der OT | OT Security Made SimplePub date: 2025-10-21Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationPeter Lukesch, CEO des OT-Clientmanagement-Entwicklers ondeso, erklärt, wie in der OT passive Angriffserkennung und aktives Client Management sinnvoll zusammengeführt werden können. Er erörtert, wie die Handlungsfähigkeit der Verantwortlichen gesteigert, der Zeitaufwand reduziert und zugleich die Verfügbarkeit der sensiblen industriellen Prozesse geschützt werden. Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen & Fragen an ⁠podcast@rhebo.com⁠. The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: What Actually Works in OT Vulnerability Management with Dan Cartmill, TXOne NetworksPub date: 2025-10-21Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of the Industrial Cybersecurity Insider, host Dino sits down with Dan Cartmill, Sr. Global Product Marketing Director for TXOne Networks, to discuss the often misunderstood world of OT vulnerability management. Dan brings a unique perspective, having started as a practitioner 17 years ago, before transitioning to the vendor side. The conversation explores why simply creating a list of vulnerabilities isn't enough – and what organizations should actually be doing to reduce risk in their OT environments.Chapters:00:00:00 - Introduction and Dan's Background00:02:00 - Biggest Misconceptions About OT Vulnerability Management00:04:00 - Blind Spots in OT Vulnerability Scanning00:07:00 - Finding Vulnerabilities: OT vs IT Differences00:10:00 - Proactive Approaches to Unknown Vulnerabilities00:12:00 - How TX One Addresses Vulnerabilities Non-Disruptively00:15:00 - Virtual Patching and Operations-First Philosophy00:18:00 - IT/OT Convergence and Team Collaboration00:21:00 - Building Relationships with Third-Party Partners00:23:00 - Tabletop Exercises and Incident Response Planning00:26:00 - Key Takeaway: Never Forget Your Original Objectives00:28:00 - Dealing with Event Overload and Zero-Day VulnerabilitiesLinks And Resources:Dan Cartmill on LinkedInTXOne NetworksDino Busalachi on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: OT Cybersecurity Wake-Up Call: How Airports and Power Grids Expose the Gaps We Can't IgnorePub date: 2025-10-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this solo episode of Protect It All, host Aaron Crow delivers a straight-talk reality check on the widening IT–OT cybersecurity gap and what it really takes to protect the systems that keep the world running. With decades of experience defending critical infrastructure, Aaron exposes why many OT environments are still years behind in resilience and visibility - and how we can finally fix that. You'll learn: The real incidents prove why OT cybersecurity can't afford to lag. Why visibility and segmentation are non-negotiable for industrial systems. How to build an incident-response plan that works when the stakes are highest. Practical steps to strengthen resilience and recovery across critical operations. This episode isn't about fear - it's about preparation. If your work touches energy, transportation, manufacturing, or utilities, this one's your wake-up call to act before disaster hits. Listen now and learn how to protect what truly keeps our world moving - only on Protect It All. Key Moments: 05:06 "Real Risks of Critical Disruptions" 06:16 Redefining OT System Boundaries 11:42 Troubleshooting Unknown System Issues 14:09 "Secure Remote Access Best Practices" 18:28 "Planning for Worst-Case Scenarios" 19:36 Critical Infrastructure Under Cyber Threat   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4  The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 4/4 Desenlace de Evaluación de madurez en ciberseguridad industrialPub date: 2025-10-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se profundiza en cómo mantener vivo el impulso tras una evaluación de madurez, el valor estratégico que aporta en auditorías y gestión de incidentes, y cómo un ICSO puede aprovechar la plataforma MACIN del CCI como palanca de transformación en su organización.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: KBKAST (LS 31 · TOP 5% what is this?)Episode: Episode 338 Deep Dive: Eric Stride | Securing the Aviation Industry in the Modern AgePub date: 2025-10-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, we sit down with Eric Stride, Chief Security Officer at Huntress, to discuss the escalating cybersecurity challenges facing the aviation industry. Eric highlights the alarming 600% year-over-year surge in cyberattacks targeting the sector, emphasising how attackers are exploiting the interconnected and fragile aviation supply chain—most notably seen in recent incidents like the ransomware strike on Collins Aerospace. He explores the growing risk posed by both IT and OT system convergence, the shift in regulation tying cybersecurity readiness directly to airworthiness, and the increasing adoption of robust frameworks to mitigate operational disruptions and data breaches. Eric also highlights the critical need for holistic supply chain security, the importance of regulatory enforcement, and a cultural shift in the industry toward prioritising safety and cyber resilience to restore public trust in air travel. Eric Stride is the Chief Security Officer at Huntress, where he oversees the company's 24/7 Global Security Operations Center, Detection Engineering, Adversary Tactics, IT Operations, and Internal Security. A 20+ year cybersecurity leader, Eric has held senior roles spanning the U.S. Air Force, NSA, and private sector.  During his 12 years on active duty, Eric helped architect the Air Force's first cyber combat mission team, co-authored its first offensive cyber operations manual, and rose to Deputy Chief for Cyber Operations at NSA Georgia. He continues to serve as a Colonel in the Air Force Reserve, where he established its first cyber range squadron.  In the private sector, Eric co-founded Atlas Cybersecurity, advised defense and enterprise clients as an independent consultant, and led Deloitte's Advanced Cyber Training portfolio, generating $135M+ in new business. He holds an M.S. in Information Technology Management, a B.S. in Computer Science, and multiple cybersecurity certifications (CISSP, GCIH, CEH). The podcast and artwork embedded on this page are from KBI.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Industrial Cybersecurity: The Gap Between Investment and Cyber Event PreventionPub date: 2025-10-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Craig and Dino address why manufacturers still suffer incidents after spending millions on OT security tools. They discuss how to convert those investments into measurable risk reduction. You'll learn why buying tools isn't a strategy. Get insights into how to validate asset visibility on the floor (not just the network map), practical ways to reduce alert fatigue and assign ownership, how to close the OT incident response gap by connecting SOC to operators, the realities of flat Layer 2 networks and undocumented zones, how to handle technical debt at scale (EOL firmware, unpatched HMIs, safe upgrade paths), and why "everyone is responsible" often means no one is. Expect candid discussion on alert fatigue, flat networks, and the human constraints driving today's gaps, plus a concrete checklist for building a coalition that actually works to protect production environments.Chapters00:00:00 – Why incidents still happen after major OT cyber spend00:02:30 – Tools vs. outcomes: underusing capabilities and alert fatigue00:05:50 – Who owns plant‑floor cyber? Why CISOs, CIOs, OEMs, and SIs talk past each other00:08:10 – Define the use case before tuning sensors and policies00:10:00 – OT IR is missing: operators are the first responders00:11:20 – Network reality check: flat L2, VLAN gaps, and unmanaged switches00:13:30 – Change management and patching in OT: risk, downtime, and technical debt00:15:20 – Skills and staffing: the silver tsunami and "jack of all trades" constraints00:18:00 – What outside partners can and cannot do in plants00:21:00 – Visibility blind spots: validating coverage with floor‑level walkthroughs00:24:00 – It won't stick without a coalition: getting plant managers, engineering, OEMs, and SOC alignedLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 73: BADBOX 2.0: Blurring the line between bots and human for cybercrimePub date: 2025-10-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAd fraud driven by both humans and AI agents require new signals beyond traditional bot-vs-human checks. Gavin Reid and Lindsay Kaye from HUMAN Security discuss how monetization includes ad and click fraud (peach pit), selling residential proxy access, and operating botnets for hire and preventing harm requires dismantling criminal infrastructure and collaboration across industry, since many infected devices cannot be practically cleansed by end users.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Bites & Bytes PodcastEpisode: Third-Generation Farmer Jake Leguee on Technology, Risk, and Feeding the WorldPub date: 2025-10-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of the Bites and Bytes Podcast, host Kristin Demoranville sits down with Jake Leguee, a third-generation farmer from Saskatchewan, Canada, to explore the intersection of tradition, technology, and risk in modern agriculture. From “tractor naps” as a kid to operating GPS-guided combines, Jake reveals how precision agriculture has transformed aspects of farm life. However, with increased connectivity comes new vulnerability: cyber threats that farmers are aware of but don't yet know how to defend against.  Jake's message is clear: agriculture needs the cybersecurity community's help, but farmers don't know where to start. Whether you work in cybersecurity, food systems, or simply want to understand the human side of modern farming, this episode offers hard-won lessons on resilience, risk, and why securing our food supply has never mattered more. Jake's Links: Leguee Farms Website: https://legueefarms.com/ Blog: A Year in the Life of a Farmer LinkedIn: Jake Leguee --------------- Episode Key Highlights 00:01:18 – Favorite Foods & Global Connections 00:05:08 – From Straight Rows to GPS Precision 00:12:40 – Technology and the Modern Farm 00:18:15 – Right-to-Repair and Ownership Challenges 00:23:42 – Cyber Risks on the Farm 00:30:10 – The Human Side of Technology 00:35:56 – Feeding the World and Future Generations ---------------

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Accione en Evaluación de madurez en ciberseguridad industrialPub date: 2025-10-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se profundiza en cómo facilitar evaluaciones objetivas en planta, transformar los resultados en planes de acción efectivos, y en los factores clave que han permitido a modelos como C2M2 o el del CCI impulsar inversiones y respaldo directivo.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: Threat Hunting in der OT | OT Security Made SimplePub date: 2025-10-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationOT-Sicherheitsexperte Oliver Jaeckel-Bender definiert Threat Hunting für OT-Netzwerke. Wie unterscheidet sich die Disziplin zur IT und was genau braucht es mindestens (und vielleicht maximal), um ein OT-Netzwerk sicher betreiben zu können?Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen & Fragen an podcast@rhebo.com.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S2 E5: Evolving Vendor and Integrator Cybersecurity in ICS/OTPub date: 2025-10-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSelecting and managing ICS/OT cybersecurity vendors and integrators isn't just a procurement step - it's a strategic decision that shapes resilience, compliance, and long-term security outcomes. The best approach depends on organization size, resources, and security objectives.In this episode, Don and Tom are joined by Saltanat Mashirova, OT Cybersecurity Lead at CPX and OTCEP member with the Cyber Security Agency of Singapore. Salt brings deep global expertise across cybersecurity risk assessments (csHAZOP), ISA/IEC 62443 compliance, OT/ICS product development, governance, training, and the integration of both brownfield and greenfield assets.They'll also dive into how these challenges play out in industries like oil & gas, mining, energy, manufacturing, and more - where vendor and integrator choices can directly impact both safety and business outcomes.Salt shares her perspective as an industry-recognized leader, speaker, and award-winner (Top 40 Under 40 in Cybersecurity, SC Media “Women to Watch,” and more), with experience guiding global projects and engaging with everyone from engineers to CEOs.

Podcast: Industrial Cybersecurity InsiderEpisode: Hidden Cybersecurity Vulnerabilities in Today's Data CentersPub date: 2025-10-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Scott Cargill, Partner of BW Design Group, joins Craig and Dino. Together they dissect the critical vulnerability gap in data center operational technology infrastructure. While most data centers implement robust IT security protocols, their building management systems controlling cooling, power distribution, and environmental controls remain significantly under-protected. Cargill provides technical analysis of how the rapid expansion of data center capacity for AI workloads has outpaced OT security implementation, creating exploitable attack vectors where minutes of system compromise could cascade into millions in equipment damage and service disruption. Through evidence-based examination and industry insights, this episode offers CISOs and OT security professionals a practical framework for addressing the IT-OT security convergence challenge in mission-critical facilities.They offer actionable strategies for vulnerability assessment, segmentation, and defense-in-depth implementation.Chapters:- 00:00:00 - Meet Scott Cargill of BW Design Group- 00:02:30 - Data centers expanding for AI- 00:04:40 - Critical BMS vulnerabilities being ignored- 00:07:40 - Alarming OT security reality- 00:09:40 - Why OT security remains deprioritized- 00:12:10 - IT-OT security convergence challenges persist- 00:16:35 - Manufacturing parallels to data centers- 00:20:10 - Security solutions evolution underway- 00:21:45 - Managed services necessity for OT- 00:24:42 - Thought leadership driving industry standardsLinks and Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityScott Cargill on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The Industrial Security Podcast (LS 35 · TOP 3% what is this?)Episode: Hardware Hacking - Essential OT Attack Knowledge [the industrial security podcast]Pub date: 2025-10-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIf you can touch it, you can hack it, usually. And having hacked it, you can often more easily find exploitable vulnerabilities. Marcel Rick-Cen of Foxgrid walks us through the basics of hacking industrial hardware and software systems.The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Why “One Size Fits All” Fails in OT Cybersecurity: Real-World Fixes for IT–OT GapsPub date: 2025-10-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationOT cybersecurity isn't about installing more firewalls - it's about adapting your entire mindset. In this episode of Protect It All, host Aaron Crow breaks down why IT security tools often fall short in industrial environments and what it really takes to protect operational systems. Drawing from 25+ years of hands-on experience, Aaron explores the differences between IT and OT priorities, why “silver bullet” solutions don't exist, and how to build defense-in-depth strategies that actually work on the plant floor. You'll discover: Why IT tools struggle in OT environments - and where they can help. How to balance availability, safety, and security in critical systems. Practical ways to manage legacy hardware, vendor dependencies, and remote access. The key to uniting IT and OT teams for stronger resilience. If you're navigating the evolving world of industrial cybersecurity, this episode will change how you think about tools, processes, and protection. Tune in to learn how to bridge the IT–OT divide and build a smarter, safer security culture. Key Moments: 03:31 "Adapting IT Products for OT Use" 08:53 IT and OT Crossover Tools 11:05 Balancing OT Risk in Cybersecurity 13:37 Cybersecurity and Remote Secure Access 18:25 Designing Resilient, Independent Systems 21:40 Unified Cybersecurity Through Training & Collaboration 24:24 "IT and OT Integration Challenges" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Ophir Oren Cyber & AI sec Innovation squad leader @Bayer on cyber innovation & future challengesPub date: 2025-10-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationחדשנות בסייבר היא צורך קיומי, קצב השינוי בראיית התוקפים ומשטחי תקיפה חדשים שנוצרים חדשות לבקרים לא מאפשרים לצוותי ההגנה לנוח על זרי הדפנה מרבית צוותי הסייבר בחברות עסוקים במימושים של הגנות ולעיתים קרובות נותנים היום מענה לאתמול ופחות למחר.  הצורך בצוות שיבצע חשיבה ובדיקות לאיומי המחר ומציאת פתרונות טכנולוגים הפך לכורח המציאות נחשון פינקו מארח את אופיר אורן ראש יחידת החדשנות בסייבר והיי איי בחברת באייר העולמית בשיחה על חדשנות בסייבר, הקמת מעבדת הסייבר לסביבות תפעוליות לצורך ביצוע מחקרים ובדיקות ומה מחכה לנו מעבר לפינה בתחום ההיי איי, מחשוב קוונטי ושלל נושאים נוספים Cyber innovation is an existential necessity; the pace of change in attackers' vision and the new attack surfaces that are constantly being created do not allow defense teams to rest on their laurels. Most cyber teams in companies are busy implementing defenses and often provide a solution for yesterday, but not for tomorrow. The need for a team that thinks and tests tomorrow's threats and finds technological solutions has become a necessity Nachshon Pincu hosts Ophir Oren, Head of the Cyber and AI Innovation squad at Bayer Global, in a conversation about cyber innovation, the establishment of the Cyber Lab for OT for conducting research and testing, and what awaits us around the corner in the AI field, quantum computing, among other topicsThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis Evaluación de madurez en ciberseguridad industrialPub date: 2025-10-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se profundiza en los criterios que hacen realmente útil un modelo de madurez en entornos OT, la importancia de incluir roles funcionales específicos en su evaluación, y los riesgos de aplicar enfoques genéricos sin adaptación al contexto industrial, como advierte el modelo MACIN del CCI.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Building OT Cybersecurity That Works in the Real WorldPub date: 2025-09-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIndustrial environments are complex. Aging systems, distributed plants, and a crowded vendor landscape make “buy another tool” a tempting but often costly reflex. In this episode, Dino Busalachi talks with Danielle “DJ” Jablanski, about moving from paper programs to measurable progress in OT security. They address why competence and capacity must come before capabilities, how to right-size your technology stack through tool rationalization, and why interdependence mapping is foundational for real resilience.00:00:00 – Why OT maturity often stalls00:06:00 – Where to focus first: assets, segmentation, and access00:08:20 – Governance gaps: frameworks on paper vs. controls in practice00:10:10 – Interdependence mapping beyond "crown jewels"00:12:30 – Operators as first responders and safe-state realities00:16:15 – Vendor and OEM ecosystems: who owns the response plan?00:20:10 – Threat intel's limits: effects‑based security over means‑based noise00:22:00 – Incident readiness in plants: plans, practice, and ownership00:26:00 – Supply chain fragility and concentration risk in manufacturing00:29:30 – Tool rationalization: measuring ROI, coverage, and usabilityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.DJ's Blog on Interdependence Mapping: https://claroty.com/blogDanielle Jablanski on LinkedInIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Adm. Michael Rogers on Deterrence in CyberspacePub date: 2025-10-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRetired four-star U.S. Navy Admiral Michael S. Rogers joins the Nexus Podcast for a wide-ranging discussion on deterrence in cyberspace and an examination of adversarial tactics and strategies. Adm. Rogers explains that deterrence relies on having the will to employ tactics that will reshape the choices adversaries are making in the targeting of U.S. critical infrastructure. Adm. Rogers also touches on Congress' failure to re-authorize the Cybersecurity Information Sharing Act (CISA 15) and what it means for defenders as the reauthorization deadline passes, and the resource challenges affecting adequate protection of critical infrastructure. Listen and subscribe to the Nexus Podcast.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 72: Does a CISSP Certification Make Sense For OT?Pub date: 2025-09-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCertification exams increasingly reflect the IT OT convergence, acknowledging that many protections apply across both domains requiring holistic security approaches rather than siloed solutions. John France, CISO at ISC2, explains that as threats grow more complex, certifications, continuous learning, and diverse skills are essential to building a resilient global workforce.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Manufacturing Happy Hour (LS 43 · TOP 1% what is this?)Episode: 255: How AI is Reshaping Security and OT Network Requirements featuring Felipe Sabino Costa, Sr. Product Manager for Networking & Cybersecurity at MoxaPub date: 2025-09-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIt's been over a year since we've talked about cybersecurity on Manufacturing Happy Hour, and with AI changing the game completely, we're overdue for a refresh. Around 80-85% of the global industry doesn't have basic defense at the edge of their networks; that's a sobering statistic.Felipe Sabino Costa, Senior Product Manager for Networking and Cybersecurity at Moxa, joins the show to break down why Operational Technology (OT) security matters more than ever. Manufacturers need to transmit massive amounts of data for AI and predictive analytics, but they're working with 15–20-year-old infrastructure that wasn't built for this.The good news is, Felipe shares practical frameworks like NIST and IEC 62443 (which he compares to nutrition labels) that help manufacturers build security into their operations. The key takeaway? There's no silver bullet; it's about building layers of defense and finding the right partners.In this episode, find out:Why OT data has shifted from historical logging to real-time predictive powerThe bandwidth issue hitting intelligent transportation systems and semiconductor manufacturingHow AI enables attackers to adapt their attacks in real-timeWhy 80-85% of global industry lacks protectionFelipe's nutrition label analogy for understanding security certificationsThe difference between thinking your air-gapped and actually being air-gappedWhy defense requires multiple layers of securityFelipe's outlook on the future of OT networksEnjoying the show? Please leave us a review here. Even one sentence helps. It's feedback from Manufacturing All-Stars like you that keeps us going!Tweetable Quotes:“We used to be air-gapped or isolated. And many of the companies, they still think that they are, but they are not anymore. To be really air-gapped, I shouldn't have any way to send data.”“Give and take, 80% of the global industry, including the US, does not have these specific layers of defense. They have some defense, but they have nearly zero protection close to the process itself.”“There is no silver bullet. We are seeing this shift right from how we used to do security. A strategy should be way more sophisticated.”Links & mentions:OT Network Security: Investment & Segmentation Strategies, a webinar that addresses the financial and operational risks posed by cyber threats while offering hands-on guidance for OT network security Futureproof Industrial Networks, a website shares how to design and implement a robust, secure, and efficient network infrastructure that can meet the demands of modern industrial environments and optimize operational processesMoxa, delivering the reliable and secure connectivity foundation that advanced analytics and AI depend on, with solutions in edge connectivity, industrial computing, and network infrastructure Make sure to visit http://manufacturinghappyhour.com for detailed show notes and a full list of resources mentioned in this episode. Stay Innovative, Stay Thirsty.The podcast and artwork embedded on this page are from Chris Luecke, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 1/4 Contexto Evaluación de madurez en ciberseguridad industrialPub date: 2025-09-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEste episodio explora la evolución de la ciberseguridad desde IT a OT, la importancia de evaluar su madurez, y cómo el modelo MACIN del CCI aborda procesos, tecnología, personas y resultados para fortalecerla.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Refael Franco founder & CEO @CodeBlue on the October 7th war cyber-attacks, IR and crisis managementPub date: 2025-09-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationהפרק מוקדש לזכרו של אריק קראוניק גיבור ישראל, רבש"צ קיבוץ בארי שנרצח ב-7 לאוקטובר בשעה שנלחם להגן על הישוב מפני הפורעים, יהי זכרו ברוך זה עדיין לא הזמן לסיכומים של מלחמת חרבות ברזל שטרם הסתיימה, המלחמה הארוכה ביותר בתולדות מדינת ישראל שהתפצלה בהמשך למלחמות משנה מול החיזבאללה, אירן והחותים בעולם הסייבר אנו חווים את השפעות המלחמה יום יום עם כמות התקפות עצומה בכול קנה מידה גלובלי, מדינת ישראל במונחים אבסולוטיים היא המדינה השנייה בעולם בכמות תקיפות הסייבר כנגדה נחשון פינקו מארח את רפאל פרנקו מייסד ומנכ"ל קוד-בלו סייבר בשיחה על השבועות הראשונים של מלחמת אוקטובר וחמ"ל המתנדבים שהקים לאיתור חטופים ונעדרים כזכור מערכות הבטחון הישראליות היו בכאוס מוחלט והצורך במידע בדוק ואיכותי היה קריטי בהיבט המקצועי מה קרה למשק הישראלי במהלך השנתיים האחרונות והאם החברות הישראליות היו ערוכות כראוי למתקפות סייבר מה המשמעות של ניהול אירוע סייבר ואיך מומלץ לבחור חברת תגובה לאירוע סייבר ועוד The episode is in memory of Arik Kraunik, an Israeli hero, Kibbutz Be'eri security chief, who was murdered on October 7th while fighting to protect the settlement from rioters. May his memory be blessed. It is not yet time to sum up the "Iron Swords" War that has not yet ended, the longest war in the history of the State of Israel, which subsequently split into secondary wars against Hezbollah, Iran, and the Houthis. In the cyber world, we experience the effects of the war every day with a vast number of attacks on a global scale. In absolute terms, the State of Israel is the second country in the world in the number of cyber attacks against it. Nachshon Pincu hosts Refael Franco, founder and CEO of Code Blue Cyber, in a conversation about the first weeks of the October War and the volunteer task force he established to locate kidnapped and missing persons. As we recall, the Israeli defense systems were in complete chaos, and the need for verified and high-quality information was critical. From a professional perspective, what happened to the Israeli economy over the past two years, and whether Israeli companies were adequately prepared for cyber attacks. What does cyber incident management mean, and how to choose a cyber incident response company And more  The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Simply ICS CyberEpisode: S2 E4: Industrial Security Alongside a WarzonePub date: 2025-09-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIndustrial control systems (ICS) and operational technology (OT) are the backbone of modern society—powering electricity, water, gas, communications, manufacturing, chemicals, and even medical technology. But what happens when these systems must be secured in the middle of a warzone?On this episode of Simply ICS Cyber, hosts Don C. Weber and Tom VanNorman sit down with special guest Patrick C. Miller, President & CEO of Ampyx Cyber, a company dedicated to protecting the industrial world.Learn more about:The challenges of defending critical infrastructure in conflict environmentsReal-world insights from one of the most experienced leaders in ICS/OT securityWhy these conversations are vital for the future of cybersecurityThis is a rare opportunity to hear experts break down industrial cybersecurity in the harshest conditions. Whether you're in IT, OT, or just want to understand the stakes, you'll walk away with practical lessons and a deeper appreciation of what's at risk.Connect with Patrick on LinkedIn: https://www.linkedin.com/in/millerpatrickc/Episode Links:-The 5 Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls - KEV: https://www.cisa.gov/known-exploited-vulnerabilities

Podcast: OT Security Made SimpleEpisode: Wie können Hersteller proaktiv auf den CRA reagieren?Pub date: 2025-09-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDr. André Egners, verantwortlich für die Sicherheitsstrategie bei Landis+Gyr und in verschiedenen Standardisierungsgremien tätig, spricht über Cybersicherheit in Smart Metern und die Bedeutung des Cyber Resilience Act. Er erläutert, wie er die Sicherheitslevel des IEC 62443 Standards anwendet und wie Unternehmen beim Einkauf von Komponenten mehr Cybersicherheit einfordern können. The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Mitsubishi's Billion-Dollar Bet on OT Cybersecurity with Nozomi AcquisitionPub date: 2025-09-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHosts Craig and Dino discuss Mitsubishi's billion-dollar acquisition of Nozomi Networks and its implications for operational technology cybersecurity. They address how this major deal affects the industrial security market.The conversation covers IT/OT convergence challenges, managed services, vendor partnerships, and AI in cybersecurity decision-making. Craig and Dino share practical insights for security leaders and engineering professionals working in industrial environments.Topics covered: • Why Mitsubishi made this $1B investment • How this affects choosing security vendors • The growing role of managed services in OT security • What organizations should do to prepare for changesFor cybersecurity professionals, industrial engineers, and executives working with operational technology and cyber defense.Chapters:00:00:00 - Welcome to Industrial Cybersecurity Insider Podcast00:01:26 - A Trend of Cybersecurity Platform Acquisitions00:02:03 - The "Cyber-Informed Engineering" Play00:02:52 - Market Impact: Setting a Billion-Dollar Bar for Competitors00:05:06 - A Lack of Expertise and Resources00:05:48 - The Challenge of Building an In-House Team vs. Using Managed Services00:07:40 - Embedding Security Directly into Hardware Controllers00:09:33 - How Competitors Like Rockwell Might React00:10:00 - IPO or Acquisition?00:14:42 - The On-Prem vs. Cloud Debate in Manufacturing Environments00:16:50 - 87% of Organizations Are Lagging in Cybersecurity Maturity00:17:20 - The IT/OT Resource and Knowledge Gap00:18:54 - The Need for CIOs to Partner with OT Systems Integrators00:21:25 - The "OnStar" Model for Industrial Security00:22:15 - The Reality of Vendor Lock-In and Warranty Issues00:24:14 - OT Needs to Own Its Cybersecurity Strategy00:25:12 - The Risk of Underutilized Security ToolsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 4/4 Desenlace aplicando NIS2 en un entorno industrialPub date: 2025-09-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se comparten consejos finales, aprendizajes y evolución esperada de la norma y el ecosistema regulador.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Energy TalksEpisode: #111: Navigating Cybersecurity in Power SystemsPub date: 2025-09-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe importance of risk assessments in security engineering In this episode, hosted by OMICRON OT cybersecurity expert** Simon Rommer**, we explore the critical roles of IT and OT in power systems cybersecurity, focusing on security risk assessments from a design and construction perspective. *Jose Paredes*, Regional Engineering Manager at H&MV Engineering, discusses the importance of bridging the knowledge gap between IoT and electrical engineering, as well as the necessity of integrating cybersecurity into the design process from the outset. The conversation highlights the challenges of managing client expectations, compliance, and procurement in the context of cybersecurity, as well as the impact of latency on project success. Jose emphasizes the need for effective partnerships and thorough risk assessments to navigate the complexities of cybersecurity in power systems. For more information about advanced cybersecurity for OT environments, please visit our website. We welcome your questions and feedback. Simply send us an email to podcast@omicronenergy.com. Please join us to listen to the next episode of Energy Talks.The podcast and artwork embedded on this page are from OMICRON electronics GmbH, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Shmulik Yehezkel Founder & CEO @Pryvaxy on the tight coloration between physical & cyber defensePub date: 2025-09-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationביטחון פיזי והגנת סייבר הם שני צדדים של אותה המטבע, כול אחד מהם מהווה השלמה של השני וחשוב למניעת מתקפה על הארגון.  ארגונים שאינם ביטחוניים נוטים להפריד ביניהם ושוברים את קו ההגנה הרגיש ממילא נחשון פינקו מארח את אל"מ (מיל'), מייסד ומנכ"ל חברת פריבקסי מבכירי משרד ראש הממשלה לשעבר מקים וראש חטיבת הסייבר המבצעי של משרד הביטחון, ראש בית הספר לסייבר וטכנולוגיה וסגן וממלא מקום ראש מטה הביטחון והסייבר במשרד ראש הממשלה בשיחה על ביטחון פיזי והגנת סייבר בראיית המגן והצורך לפעול בקורלציה ביניהם מההבנה של ראיית התוקף Physical security and cyber defense are two sides of the same coin, complementing each other, and are crucial for preventing an attack on the organization. Non-security organizations tend to separate them and break the already sensitive line of defense. Nachshon Pincu hosts Col. (res.), founder and CEO of Pryvaxy, a former senior official in the Prime Minister's Office, founder and head of the Operational Cyber ​​Division of the Ministry of Defense, head of the School of Cyber ​​and Technology, and deputy and acting head of the Security and Cyber ​​Headquarters in the Prime Minister's Office, in a conversation about physical security and cyber defense from the perspective of the defender and the need to act in correlation between them from the understanding of the attacker's perspective.The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Bites & Bytes PodcastEpisode: Electric Utility Lessons for Food & Ag with Kylie McClanahanPub date: 2025-09-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationOn this episode of Bites and Bytes Podcast, Kristin Demoranville talks with Kylie McClanahan, Chief Technology Officer at Bastazo, about what food and agriculture can learn from the electric utility sector. With nearly a decade of experience in the electric utility sector and a PhD in computer science, Kylie brings a systems-thinking perspective to securing the technology that underpins food and agriculture. From chicken houses and precision farming to rural broadband and GPS-dependent tractors, Kylie explains how cyber risks in agriculture are more tangible than many realize. She shares why treating people as the strongest line of defense and building community support models like mutual aid may be the key to keeping our food supply secure. This episode is a reminder that cybersecurity in food and agriculture isn't abstract: when the technology behind farming fails, the impact reaches every dinner table. --------------- Guest Contact Information Kylie's LinkedIn Where Kylie works:  Bastazo --------------- Episode Key Highlights 00:09:55 – Community and systems thinking as a lens for resilience in OT and agriculture. 00:12:13 – The reality of alert fatigue, decision fatigue, and vulnerability overload. 00:17:29 – Chicken house demo story: Peeps in a toaster oven to show real-world ICS risks. 00:19:21 – How rural broadband and connectivity gaps impact digital farming security. 00:25:00 – Practical lessons food and agriculture can learn from regulated utilities. ---------------

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: E71: Meeting Cybersecurity Requirements That Don't Yet ExistPub date: 2025-09-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe EU's new Cyber Resilience Act (CRA) sets higher security requirements but leaves many technical details undecided. This puts pressure on vendors of connected or software-based products to either redesign, retrofit, or withdraw from the market. According to Roland Marx, Senior Product Manager at Swissbit, the CRA's three-year rollout is meant to give companies time to adapt while regulators finalize the specifics.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Responsibility Without Authority: The CISO's Industrial Cybersecurity DilemmaPub date: 2025-09-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Craig and Dino address one of the most pressing challenges in industrial cybersecurity: the gap between responsibility and authority for CISOs and their ability to protect manufacturing and critical infrastructure plant floors. While executives are tasked with ensuring resilience and reporting to the board, they often hit resistance at the plant floor where production uptime and safety KPIs take priority. The conversation explores IT/OT convergence, asset visibility blind spots, OEM restrictions, and the risks of relying on remote-only deployments. With insights from decades of hands-on experience in industrial environments, Craig and Dino outline practical steps for building bridges between IT and OT, aligning financial risk with security strategy, and equipping CISOs with the authority they need to succeed.Chapters:00:00:00 - Welcome to the Industrial Cybersecurity Insider Podcast00:01:11 - The CISO's Core Conflict of Responsibility Without Authority00:02:45 - Why Security Efforts Get "Kneecapped at the Front Door"00:04:04 - Understanding the OT Environment and Its Unique Technology00:05:36 - Building Bridges Between IT and OT as the Solution00:07:44 - Overcoming OT's "Skittish" Resistance to IT00:09:43 - The Scaling Problem of Too Few Engineers for Too Many Plants00:10:57 - Why a Remote-First Approach Fails in Manufacturing00:14:44 - The "Epiphany" of Uncovering Operational Benefits for OT Teams00:17:24 - Navigating OEM Warranties and Equipment Restrictions00:19:14 - The "Trust but Verify" Mandate for a CISO00:20:56 - The Danger of Hidden Networks and the "Air Gap" Myth00:23:16 - Speaking the Language of Business in Dollars and Cents00:24:43 - Aligning Security with the Plant's Capital Master Plan00:27:24 - How Company Ownership Affects Security Investment00:28:16 - How to Give the CISO Real AuthorityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 25 · TOP 10% what is this?)Episode: Hacking Culture, Community, and Curiosity: Evolving Security Research in a Modern WorldPub date: 2025-09-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe dynamic evolution of hacker culture, the ongoing transformation of cybersecurity conferences, and the importance of resilience and curiosity among security researchers are all topics covered in this episode through stories of past and present with Dhillon Kannabhiran, CEO and Founder of Hack In The Box (HITB) and Out Of The Box.  He and Phillip Wylie examine the shift from open knowledge sharing and exploration to the monetization and commercialization of cybersecurity exploits. Dhillon offers insights into the unique approaches Hack In The Box and Out of the Box conferences have taken, encouraging people the valuing of persistence and the collaborative spirit that push the community forward.Dhillon Kannabhiran on LinkedIn: https://www.linkedin.com/in/l33tdawg/Dhillon Kannabhiran on X: https://x.com/l33tdawgKey Points/Topics Covered:Evolution of hacker culture and the foundational role of resilience and curiosityHistory, mission, and format of Hack In The Box and Out of the Box conferencesShifts in conference and research communities post-COVID and the influence of commercialization on sharingThe continuing need for community, knowledge sharing, and supporting new talent in cybersecurityThe changing landscape of security research and bug hunting with the advent of AI and new technology Let's connect about IoT Security!Follow Phillip Wylie at https://www.linkedin.com/in/phillipwyliehttps://youtube.com/@phillipwylieThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Today with ISSSourceEpisode: Understanding Consequence-based RiskPub date: 2025-09-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhen it comes to cybersecurity it has always been about what threats are you facing, or what kinds of vulnerabilities are imminent. Threats and vulnerabilities are something you need to be aware of and protect against, the reality is if you don't know the consequence or if there is no consequence from a threat, then why bother protecting against it. A consequence-based cyber risk management approach is vital for protecting OT and ICSes across the board.The podcast and artwork embedded on this page are from Gregory Hale, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Bridging Military and Civilian Cybersecurity: Leadership, Skills, and Lifelong Learning with Christopher RossPub date: 2025-09-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow sits down with cybersecurity leader and National Guard threat hunt team lead Christopher Ross, diving into the real-world experiences that shape careers in the intersecting worlds of IT and OT security. Chris shares his 18-year journey from joining the military with a passion for computers to leading critical infrastructure cybersecurity efforts - both in uniform and in the private sector. Together, Aaron and Chris break down myths about gatekeeping, discuss the unique challenges of military versus civilian roles, and highlight lessons learned along the way. From imposter syndrome to servant leadership, the conversation unpacks how effective communication, continuous training, and the willingness to learn from failure fuel professional growth. Chris also reflects on how military training instills risk mitigation and teamwork, and how those skills can translate - and sometimes clash - with civilian cybersecurity cultures. They talk certifications, hands-on learning, the importance of meaningful tabletop exercises, and the evolving landscape as AI powers both attackers and defenders. Whether you're a veteran, a fresh analyst, or just passionate about cybersecurity, this honest and energetic exchange will leave you motivated to keep learning, keep growing, and keep protecting it all. So grab your energy drink and tune in for a conversation that proves everyone in cyber, no matter their path, has wisdom worth sharing.   Key Moments:  05:30 Military Adventures Surpass Civilian Opportunities 07:28 Military vs. Civilian Leadership Dynamics 10:42 Clarifying Civilian vs Military Missions 12:22 Leadership: Addressing Miscommunication & Misalignment 15:45 Toxic Leadership and Military Transition 20:01 Reliance on Tools vs. Core Skills 22:29 "Forgotten Skills Fade Over Time" 25:13 Boosting Confidence in New Roles 29:42 Interactive Training and Environmental Protection 32:37 Purple Teaming Strategy Insights 36:15 Persistence in Skill Development 39:04 Soft Skills Matter for Career Growth 42:44 "Technical & Business Acumen Fusion" 44:41 Military: Career Value and Benefits 48:09 "Cyber Education for K-12" Resources Mentioned :  https://www.ransomware.live/ comprehensive resource that tracks and monitors ransomware groups and their activities. https://ransomwhe.re/ tracks ransomware payments by collecting and analyzing cryptocurrency addresses associated with ransomware attacks.  https://www.ransom-db.com/ real-time ransomware tracking platform that collects, indexes, and centralizes information on ransomware groups and their victims.  About the Guest :  Christopher Ross is a veteran and cybersecurity leader with over 15 years of experience in Security Operations, Incident Response, and threat hunting across defense and fintech. A Chief Warrant Officer in the Army National Guard's Cyber Brigade, he has led blue and purple team operations, translating military discipline and teamwork into enterprise cyber defense strategies.   In his civilian career, Christopher has built and led SOC teams, integrated MSSPs, and driven automation to strengthen detection and response capabilities at organizations including MACOM, CFGI, Draper, and Abiomed. He holds a Master of Science in Information Security Engineering from the SANS Technology Institute and more than a dozen GIAC certifications. An Order of Thor recipient from the Military Cyber Professional Association.    Christopher is passionate about developing playbooks, advancing training pipelines, and mentoring the next generation of defenders. Sharing lessons from his veteran-to-cyber journey, practical insights on certification paths and ROI, and real-world stories from blue-team operations and purple-team collaboration.   Visit  https://public.milcyber.org/ The Military Cyber Professionals Association is the only U.S. military professional association with cyber at its core. It connects, supports, and elevates those who serve in or support the military cyber domain, while investing in future generations through education and mentorship. Connect Christopher : https://www.linkedin.com/in/christopheraross-ma/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Acciones aplicando NIS2 en un entorno industrialPub date: 2025-09-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se muestran los pasos inmediatos para organizar el cumplimiento de la NIS2, cómo industrializar el proceso de análisis de riesgos y la gestión de proveedores para cumplir con NIS2 y el papel que tienen los marcos de referencia para facilitar el cumplimiento de la NIS2.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.