@BEERISAC: CPS/ICS Security Podcast Playlist

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: How to Harness AI Without Breaking Security or Corporate PoliciesPub date: 2025-06-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow dives deep into the fast-evolving world of AI automation and its impact on cybersecurity. Aaron breaks down practical, real-world ways security professionals can leverage AI to streamline their workflows without breaking data loss prevention policies or putting proprietary information at risk.  From drafting reports and playbooks to automating repetitive tasks and managing vulnerability data, Aaron offers actionable advice for using both public AI tools like ChatGPT and more advanced private AI models. He also addresses common fears CISOs and business leaders have about unsanctioned AI use in the workplace and shares tips for staying safe and compliant while taking advantage of AI's efficiencies.  Whether you're in a large enterprise or a lean team with limited resources, you'll come away with a fresh perspective on how to use AI responsibly to work smarter and protect your organization. Plus, Aaron invites listeners to share their own creative AI use cases and lessons learned. Let's jump in and explore how to protect it all as AI advances. Key Moments :  01:20 AI's Rising Role in Media 03:22 Guidelines for Using AI Safely 07:06 "AI Integration and Automation Strategies" 10:03 Automating Windows Management Tasks 14:29 Exploring AI for Personal Tasks Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Pedro Umbelino on Exploiting ATG Devices in Fuel StoragePub date: 2025-06-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationPedro Umbelino, Principal Research Scientist at Bitsight Technologies, joins the Nexus Podcast to discuss his team's research into Automatic Tank Gauge (ATG) systems and how they uncovered 11 vulnerabilities in ATGs manufactured by five different vendors. ATG systems are an industrial control system that monitors fuel levels inside storage tanks, including those at gasoline stations, military bases, hospitals, airports, and elsewhere. ATGs track fuel levels, and are meant to detect leaks, help with inventory management, and are key in regulatory compliance efforts.The vulnerabilities uncovered by Pedro and his team expose these systems to catastrophic risks, from environmental hazards to significant economic losses, including physical damage.Worse yet is that these systems are old and challenging to update. Read Bitsight's research here.Listen to the Nexus Podcast on your favorite podcast platform. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 65: Hacking Critical Infrastructure Through Supply ChainsPub date: 2025-06-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCritical Infrastructure software lacks the strict liability standards found in industries like automotive manufacturing, leading to minimal accountability for insecure products when they get exploited.  Alex Santos, CEO of Fortress Information Security, explains how they're typically hired by buyers of ICS equipment—such as utilities—to assess and mitigate supply chain risks, including working with OEMs to improve security.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: When IT Cyber Events Bring Down the Plant FloorPub date: 2025-06-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino break down how cyberattacks that start in traditional IT systems can shut down entire manufacturing production lines, leading to massive financial losses. Using real-world examples like UNFI's $500 million drop in market value in 60 hours, they explain how overlooked connections between IT and the OT plant floor are often the weakest links. You'll hear why simply installing firewalls isn't enough, how organizational silos between IT and operations cause major blind spots, and what it really takes to secure industrial equipment. Whether you're in leadership, technology, or operations, this episode will change how you think about cyber risk and business continuity in connected environments.Chapters:00:00:00 - Introduction: Where Responsibility Ends and Authority Doesn't Begin00:01:08 - Meet Your Guides: Dino & Craig On the Frontlines00:01:14 - When Cyber Hits the Plant Floor00:01:28 - Real-World Wake-Up: The Unify IT Incident00:02:36 - The Gaps No One's Watching in OT Security00:03:18 - How Org Structure Can Make or Break Cyber Defense00:04:03 - Plugging in OT Visibility: IDS in Action00:04:43 - Who's Really Calling the Shots—Corporate or the Plant?00:07:02 - IT-OT Convergence: What Leaders Must Understand00:13:14 - Building Cyber Defense That Actually Works00:15:25 - Recovery Starts Before the Breach00:17:37 - Why IT Alone Can't Fix OT Problems00:24:55 - Just Getting Started? Here's What to Do First00:28:33 - Final Word: You Can't Secure OT AloneLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Driving OT Security Innovation: AI, Risk Reduction, and the Future of Critical InfrastructurePub date: 2025-06-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWelcome back to Protect It All! In this episode, host Aaron Crow sits down with longtime friend and OT cybersecurity veteran Brian Proctor for a deep dive into the current state—and future—of the OT cyber landscape. Together, they trade stories from the front lines, reflecting on how their early experiences as asset owners shaped their passion for innovation and helping critical infrastructure run safely and securely. Brian, whose career spans roles from OT engineer to startup co-founder, opens up about his journey—highlighting his drive to push the boundaries of traditional OT security and the evolution of key industry technologies. The conversation explores everything from the persistent lack of innovation in OT, to AI's growing role in tackling the daunting challenges of risk reduction, visibility, and scaling assessments across sprawling environments. If you've ever wondered how new tech like AI is reshaping industrial cybersecurity, why “we've always done it this way” just doesn't cut it anymore, or how organizations can realistically stay ahead without breaking the bank, this episode delivers honest insights, practical advice, and a look toward an exciting, if sometimes daunting, future. So grab your headphones and settle in as Aaron and Brian share stories, hot takes, and strategies designed to protect it all—because in critical infrastructure, the stakes have never been higher. Key Moments:  06:45 OT Cyber Industry Evolution 11:57 Evolving Challenges in OT Security 19:34 Bridging the OT Security Skills Gap 21:54 Enhancing OT Security Understanding 30:46 AI Model Security Challenges 34:26 Rapid Scaling for Site Assessments 40:56 Simulating Cyber Threat Responses 47:19 Operational Priorities: Equipment vs. Cyber Tools 49:30 Focus on Meaningful Security Metrics 56:30 Rapid AI Adoption vs. Internet 01:02:12 Cybersecurity: Small Targets are Vulnerable About the guest :  Brian Proctor is a cybersecurity leader with over 20 years of experience protecting critical infrastructure across energy, industrial automation, and operational technology sectors. As the co-founder and CEO of Frenos, he empowers critical infrastructure operators to proactively secure their environments against evolving cyber threats. Brian built his foundation in ICS/OT cybersecurity during his 13+ year tenure at two progressive California Investor Owned Utilities, San Diego Gas & Electric and Southern California Edison serving the 2nd and 8th largest cities in the United States. He managed a team of 15 security engineers and researchers across 150+ projects, established OT security roadmaps, and co-invented an R&D Magazine Top 100 award-winning GPS anti-spoofing mitigation technology that earned him a patent. Brian has published IEEE papers on security monitoring, served as Critical Infrastructure Co-Chair for Securing Our eCity, and regularly speaks at conferences to educate and build the ICS/OT cybersecurity community. He holds technical certifications including GICSP, CISSP, and CRISC, along with a Business Administration degree from the University of San Diego. Links:  https://frenos.io/services - Learn more about Optica, the industry's first tech-enabled rapid OT visibility service  https://frenos.io/autonomous-ot-security-assessment-platform - Learn more about how to automate OT security risk assessments Connect Brian : https://www.linkedin.com/in/brianproctor67/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 4/4 Desenlace incorporando ciberseguridad en el diseño de tecnología industrialPub date: 2025-06-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se muestran recomendaciones para quien esté empezando a considerar la ciberseguridad como parte del desarrollo de una nueva tecnología y cambios estructurales o culturales necesarios para seguir avanzando.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Steven Sim on OT-ISAC and the State of Information SharingPub date: 2025-06-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSteven Sim, Chair of the OT-ISAC Advisory Committee, joins the Nexus Podcast to catch us up on the ISAC's activities, and some of the upcoming community-driven initiatives sponsored by the group. Steven shares the processes by which member organizations share incident, threat, and vulnerability information. He also discusses how member organizations contribute and participate in discussions and events that level up the maturity of cybersecurity practices within OT asset-heavy enterprises. Listen to the Nexus Podcast on your favorite podcast platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Secure Insights with NDK CyberEpisode: AI-Native OT Security with FRENOS' Harry Thomas and Colin MurphyPub date: 2025-06-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSend us a textThis week on Secure Insights, we're joined by FRENOS Founder Harry Thomas and Chief Hacking Officer Colin Murphy. Frenos is an innovative organisation revolutionising OT security through the use of AI and next-generation tech. In this episode, we shine a light on some of the most overlooked challenges in the OT space, exploring whether the traditional ways of assessing risk still hold up, and how scalable the Frenos approach really is. We dive into what's working, what's not, and where the future of OT security is headed. From critical vulnerabilities to smarter, AI-driven solutions, we unpack it all giving you real insight into where businesses are falling short, where they're leading the charge, and what needs to change to secure our infrastructure for the long haul.Get in touch with host James hereGet in touch with Harry here.Get in touch with Colin here.The podcast and artwork embedded on this page are from NDK Cyber, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: Wer ist für die Cybersicherheit der Windparks verantwortlich? | OT Security Made SimplePub date: 2025-06-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMohamed Harrou erklärt als OT-Sicherheitsingenieur beim Energieversorger Amprion den Mehrwert von OT-Sicherheit in Windparks und PV-Anlagen. Mit seinem 12 Jahren Erfahrung im Bereich erneuerbarer Energieanlagen liefert er praxisnahe Einblicke zu den technologischen und organisatorischen Herausforderungen moderner Windparks und gibt eine überraschende und eher beunruhigende Antwort auf die Frage nach den Verantwortlichkeiten. The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Sarah Fluchs on the Cyber Resilience ActPub date: 2025-06-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybersecurity and technology expert Sarah Fluchs joins the 100th episode of the Nexus Podcast to discuss the EU's Cyber Resilience Act and what it means for manufacturers of "products with digital elements" as they aim toward a 2027 compliance deadline. Sarah provides her insight on the regulation's essential requirements, its focus on secure-by-design and overall cyber resilience of products, and the milestones manufacturers need to hit as their compliance efforts get under way. Sarah also discusses her thought leadership and work in bringing cybersecurity to engineers, asset operators, and other non-security teams. It's important, she says, to eliminate cybersecurity's innate complexity and bring these concepts to engineers and others on their terms. Listen to the Nexus Podcast on your favorite podcast platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The Industrial Security Podcast (LS 36 · TOP 3% what is this?)Episode: Credibility, not Likelihood [The Industrial Security Podcast]Pub date: 2025-06-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSafety defines cybersecurity - Kenneth Titlestad of Omny joins us to explore safety, risk, likelihood, credibility, and deterministic / unhackable cyber defenses - a lot of it in the context of Norwegian offshore platforms.The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: When CISOs Inherit the Plant Floor: What Happens Next?Pub date: 2025-06-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhat happens when the CISO inherits responsibility for the security of the plant floor?Dino and Craig discuss a growing trend: CISOs are being expected to oversee cybersecurity for industrial plant floors. Unfortunately, they don't have the background to effectively take on this responsibility.A perpetuating trend exists where cybersecurity leaders are expected to protect factories and industrial assets without the authority, tools, or support to do so effectively.In this conversation, Dino and Craig explain why traditional IT security approaches don't work in these environments, and how things like outdated equipment, disconnected systems, and outside vendors make the challenge even harder. From weak remote access tools to the confusion around who actually manages plant security, this episode shines a light on the hidden risks most companies overlook.Whether you're in IT, operations, or a leadership role, you'll walk away with a better understanding of how to approach cybersecurity in complex industrial settings.You'll also gain insights into the steps you can take to protect your people, your technology, and your bottom line.Chapters:00:00:00 - Kicking Off: Smart Tool Choices Start Here00:01:02 - When CISOs Inherit the Factory Floor00:02:17 - Making Friends with OEMs and Integrators00:04:47 - Why OT Security Is a Whole Different Beast00:08:50 - Cyber Budgets: Where's the Money Really Coming From?00:13:10 - How to Actually Roll Out Security in the Plant00:18:35 - VPNs Aren't Enough: Fixing Remote Access00:24:42 - What OT Incident Response Really Looks Like00:27:17 - Wrapping It Up: Strategy, Buy-In, and What's NextLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Inside OT Penetration Testing: Red Teaming, Risks, and Real-World Lessons for Critical Infrastructure with Justin SearlePub date: 2025-06-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow sits down with OT security expert Justin Searle, Director of ICS Security at InGuardians, for a deep dive into the ever-evolving world of OT and IT cybersecurity.  With over 25 years of experience, ranging from hands-on engineering and water treatment facilities to red-team penetration testing on critical infrastructures such as airports and power plants, Justin brings a wealth of insight and real-world anecdotes. This episode unpacks what it really takes to assess and secure operational technology environments. Whether you're a C-suite executive, a seasoned cyber pro, or brand new to OT security, you'll hear why network expertise, cross-team trust, and careful, collaborative engagement with engineers are so crucial when testing high-stakes environments. Aaron and Justin also discuss how the industry has matured, the importance of dedicated OT cybersecurity teams, and why practical, people-first approaches make all the difference, especially when lives, reliability, and national infrastructure are on the line. Get ready for actionable advice, hard-earned lessons from the field, and a candid look at both the progress and the ongoing challenges in protecting our most critical systems.   Key Moments:  05:55 Breaking Into Cybersecurity Without Classes 09:26 Production Environment Security Testing 13:28 Credential Evaluation and Light Probing 14:33 Firewall Misconfiguration Comedy 19:14 Dedicated OT Cybersecurity Professionals 20:50 "Prioritize Reliability Over Latest Features" 24:18 "IT-OT Convergence Challenges" 29:04 Patching Program and OT Security 32:08 Complexity of OT Environments 35:45 Dress-Code Trust in Industry 38:23 Legacy System Security Challenges 42:15 OT Cybersecurity for IT Professionals 43:40 "Building Rapport with Food" 47:59 Future OT Cyber Risks and Readiness 51:30 Skill Building for Tech Professionals   About the Guest :  Justin Searle is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing.  He led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and played critical roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP).     Justin has taught hacking techniques, forensics, networking, and intrusion detection courses for multiple universities, corporations, and security conferences.  His current courses at SANS and Black Hat are among the world's most attended ICS cybersecurity courses.  Justin is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, he frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, HITBSecConf, Brucon, Shmoocon, Toorcon, Nullcon, Hardware.io, and AusCERT.     Justin leads prominent open-source projects, including The Control Thing Platform, Samurai Web Testing Framework (SamuraiWTF), and Samurai Security Testing Framework for Utilities (SamuraiSTFU).  He has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), Web Application Penetration Tester (GWAPT), and GIAC Industrial Control Security Professional (GICSP)   How to connect Justin:  https://www.controlthings.io https://www.linkedin.com/in/meeas/ Email: justin@controlthings.io Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Acciones Incorporando ciberseguridad en el diseño de tecnología industrialPub date: 2025-06-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se muestran las medidas o buenas prácticas para implementar la ciberseguridad durante el diseño, implementación y puesta en marcha de tecnologías además de herramientas o metodologías que se utilizan.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Reflections from the Front Lines of Industrial Cyber FailuresPub date: 2025-06-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this rewind episode, cybersecurity leaders revisit some of the hardest-hitting truths about protecting critical infrastructure in an increasingly converged IT/OT world. This conversation explores the disconnect between IT theory and OT reality, from the real-world fallout of the CrowdStrike disruption to the challenges of virtual patching, insider threats, and the cloud's role on the plant floor. The discussion exposes how legacy systems, poor collaboration, alert fatigue, and vendor dependency continue to sabotage industrial cybersecurity. They discuss tactical strategies for improving, from asset inventory and patching hygiene to choosing the right partners and walking the plant floor.Chapters:00:00:00 - Cyber threats are moving faster than your patch cycle00:00:47 - Crowdstrike, Virtual Patching and Industrial OT Environments with Debbie Lay, TXOne Networks00:07:48 - The #1 Myth Putting Your Industrial OT Assets at Risk00:15:01 - Patch Management and Software Updates: IT versus OTLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Control Amplified: The Process Automation Podcast (LS 25 · TOP 10% what is this?)Episode: Modern SCADA: ensuring safety, relevance and conveniencePub date: 2025-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSCADA applications are responsible for far more than facilitating real-time process monitoring and alarm management. The process history they compile over time is critical to providing the data-driven insights that industry relies on when optimizing their systems to control costs, maximize uptime and increase the life of infrastructure. Modern SCADA systems must ensure data is safe, relevant and easily shareable with a company's own team or third-party reporting solutions, business systems and artificial intelligence (AI) platforms. Control Amplified talked to Chris Little, media relations director, Trihedral Engineering, about straightforward principles to ensure that your SCADA data is ready to go to work.The podcast and artwork embedded on this page are from ControlGlobal, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 64: Volt TyphoonPub date: 2025-06-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhile cybersecurity threats targeting critical infrastructure, particularly focusing on the vulnerabilities of operational technology (OT) and industrial control systems (ICS).mostly originate on the business or IT side, there's increasing concern about attacks crossing into OT, which could result in catastrophic consequences, especially in centralized systems like utilities. Michael Welch,  managing director from MorganFranklin Cyber, discusses how Volt Typhoon and other attacks are living off the land, and lying in wait.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: KBKAST (LS 31 · TOP 5% what is this?)Episode: Episode 314 Deep Dive: Imran Husain | Cybersecurity Threats in the Manufacturing WorldPub date: 2025-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, we sit down with Imran Husain, Chief Information Security Officer at MillerKnoll, as he discusses the evolving landscape of cybersecurity threats in the manufacturing sector. Imran explores the challenges that arise as manufacturing increasingly integrates with online technologies and IoT, highlighting the unique vulnerabilities posed by legacy systems and operational technology (OT). He shares insights on high-profile incidents like the Norsk Hydro ransomware attack, emphasizing the importance of cyber resilience, data backup, and incident recovery. Imran also offers a candid look at why critical tasks like backing up data are often neglected, the complexities of securing aging infrastructure, and the need for creative solutions such as network segmentation and IT/OT convergence. A dedicated and trusted senior Cyber security professional, Imran Husain has over 22 years of Fortune 1000 experience that covers a broad array of domains which includes risk management, cloud security, SecDevOps, AI Security and OT Cyber practices. A critical, action-oriented leader Imran brings strategic and technical expertise with a proven ability to build cyber program to be proactive in their threat detection, identifying and engaging in critical areas to the business while upholding their security posture. He specializes in Manufacturing and Supply Chain Distribution focusing on how to best use security controls and processes to maximize coverage and reduce risk in a complex multi-faceted environment. A skilled communicator and change agent with bias to action who cultivates an environment of learning and creative thinking, Imran champions open communication and collaboration to empower and inspire teams to exceed in their respective cyber commitments. He is currently the Global Chief Information Security Officer (CISO) at MillerKnoll, a publicly traded American company that produces office furniture, equipment, and home furnishings.The podcast and artwork embedded on this page are from KBI.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 24 · TOP 10% what is this?)Episode: Breaking In to Break Things: Practical Paths to Hardware Hacking and IoT SecurityPub date: 2025-06-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHash Salehi, Reserve Engineer and Founder of RECESSIM, joins host Philip Wylie to demystify the world of hardware hacking and security, highlighting niche but critical vulnerability research in IoT and embedded devices. Through recounting his own experiences, from customizing low-cost fault injection attacks on automotive microprocessors to reverse engineering smart meters, Hash shares both successes and frustrations from the front lines of hands-on security assessment. The conversation aims to inspire and equip listeners who want to explore or deepen their understanding of hardware security by surfacing resources, communities, and the mindset necessary to uncover vulnerabilities beyond software.Links:http://www.recessim.com/https://wiki.recessim.com/https://www.youtube.com/c/RECESSIM Let's connect about IoT Security!Follow Phillip Wylie at https://www.linkedin.com/in/phillipwyliehttps://youtube.com/@phillipwylieThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Old Systems, New ThreatsPub date: 2025-06-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBryson Bort is joined by Jim Montgomery, Director, Industrial Cybersecurity Solutions at TXOne Networks. TXOne provides network-based and endpoint-based products to tackle security vulnerabilities across industrial environments. With decades of IT security experience, Jim now leads TXOne's work protecting Operational Technology environments across critical sectors like automotive, oil and gas, pharma, manufacturing, and semiconductors.How can we defend against threats that are already embedded within our systems? What are the most immediate and significant risks facing our critical infrastructure today? And how can operators begin to secure their networks? “Let's start with the basics. Let's start with understanding. Let's start with making it hard to get into your environment, and let's start discouraging that type of behavior from attacking your environment,” Jim said. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: From Y2K to 2038: Uncovering Time Bombs in OT and ICS Systems with Pedro UmbelinoPub date: 2025-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Protect It All, host Aaron Crow welcomes Pedro Umbelino, Principal Research Scientist at BitSight, for an insightful and lively conversation recorded shortly after they met at RSA. Pedro shares stories of his early days in computing, from scavenging parts as a kid to teaching himself programming on a ZX Spectrum. The discussion quickly dives into critical cybersecurity issues across the interconnected worlds of IT and OT, focusing on dramatic vulnerabilities in Automatic Tank Gauges (ATGs) at gas stations—exposing ways attackers could cause significant physical damage and even spark major operational disruptions, all through insecure legacy protocols.   Pedro also brings attention to a ticking time bomb: the “Year 2038” problem, where millions (if not billions) of 32-bit systems might fail due to an epoch time rollover—an issue that could have consequences reminiscent of Y2K, but on a potentially broader scale, especially for OT and critical infrastructure.   Throughout the episode, Aaron and Pedro share practical strategies, lessons from the field, and the sobering reminder that many of these vulnerabilities are still lurking below the surface. The conversation highlights the importance of awareness, collaboration across industry and ISPs, and a proactive approach to understanding and hardening both new and legacy systems. Whether you're an OT engineer, a security researcher, or just curious about what it means to truly “protect it all,” this episode offers a fascinating look at the evolving landscape of digital and physical security risks.   Key Moments: 06:37 Letting Go of Old Memories 15:12 Refueling Spill Risks Concern Technicians 17:37 Understanding Risks Beyond Fear 23:24 Internet Exposure Risks for OT Devices 32:17 Global Cyber Incident Response Challenges 35:30 Legacy System Challenges 39:19 Unidentified Cyber Assets Risk 48:41 "Understanding the Apocalypse Project's Challenges" 49:31 Testing System Vulnerabilities at Scale 55:12 Tech Vulnerabilities Analogous to Y2K 01:03:08 Challenges in OT Modernization   About the Guest: Pedro Umbelino currently holds the position of Principal Research Scientist at Bitsight Technologies and brings over a decade of experience in dedicated security research. ⁤His eclectic curiosity has led to the uncovering of vulnerabilities spanning a gamut of technologies, highlighting critical issues in multiple devices and software, ranging from your everyday smartphone to household smart vacuums, from the intricacies of HTTP servers to the nuances of NFC radio frequencies, from vehicle GPS trackers to protocol-level denial of service attacks.  Pedro is committed to advancing cybersecurity knowledge and has shared his findings at prominent conferences, including Bsides Lisbon, DEF CON, Hack.lu and RSA. How to connect Pedro : LinkedIn: https://www.linkedin.com/in/pedroumbelino/X: https://x.com/kripthorWebsite: https://www.bitsight.com/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis Incorporando ciberseguridad en el diseño de tecnología industrialPub date: 2025-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSe analiza cuáles son los principales momentos del ciclo de vida del desarrollo de una tecnología industrial y cuándo se debe incorporar la ciberseguridad y otros requisitos.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: What Every CISO Gets Wrong About OT SecurityPub date: 2025-06-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Dino and Craig tackle one of the most misunderstood topics in industrial cybersecurity: IT/OT convergence. But is it truly convergence or more of a collision? Drawing from real-world experiences, they challenge the idea that OT is a “shadow IT group” and argue that operational technology deserves distinct governance, funding, and strategic influence. From secure-by-design to system integrators' evolving role, this conversation is a call to action for CISOs, CIOs, and engineering leaders to rethink how they build cybersecurity partnerships across the plant floor.Chapters:00:00:00 - Opening Shot: Who's Really in Charge—CIOs or the Plant Floor?00:00:57 - Collision Course: IT and OT Can't Keep Dodging Each Other00:01:52 - Two Worlds, One Mission: Why OT Isn't Just “IT in a Hard Hat”00:04:07 - When Convergence Fails: What's Missing in the Middle00:05:54 - Breaking Silos: Why Cybersecurity Demands True Collaboration00:08:22 - Real Talk: What Cyber Protection Looks Like on the Plant Floor00:10:46 - OT's Tipping Point: Will the Next Move Come from IT, or the Shop Floor?00:17:32 - Your Move: What Leaders Must Do Next (Before It's Too Late)Links And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: What do we need to deter insider threats? | OT Security Made SimplePub date: 2025-06-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMandana White, CEO of Smart Grid Forums, talks about the rise of insider threats to a company's cybersecurity and what it has to do with the cost-of-living crisis as well as the Western Robin Hood mentality. Diving a bit into societal psychology and politics there might even be a bit to learn from – of all places – Dubai to get IT and OT cybersecurity working in both companies and society.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Building Trust and Bridging the Gap in OT and IT CybersecurityPub date: 2025-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow sits down with Dean Parsons, one of the most recognized names in the OT and industrial control systems (ICS) security world, for a candid and insightful conversation.   Join Aaron and Dean as they explore what it truly takes to bridge the worlds of IT and OT. Drawing from decades of industry experience, their discussion covers everything from building trust across teams, to the superpower of understanding both operational technology and cybersecurity. Expect real-world stories, practical advice on breaking into OT cybersecurity, and memorable lessons from the plant floor to the boardroom.   They also break down what makes OT security fundamentally different from traditional IT approaches, why risk-based strategies are essential, and how building relationships, sometimes over donuts and coffee—can be just as important as deploying firewalls and patching systems. Whether you're new to ICS and OT security, or a seasoned defender looking for fresh perspective, this episode brings actionable tips, honest assessments, and inspiration to help you better protect what matters most.   So grab your hard hat (and maybe a box of donuts!), and get ready for a masterclass on collaboration, building skills, and why trust is the real currency in the fight to secure our critical infrastructure.   Key Moments:    05:32 Listening Over Speaking in Legacy Spaces 07:01 IT Security Teamwork and Trust 11:21 Cost-Efficient ICS Security Solutions 15:42 Converging Skill Sets in IT Security 17:36 OT vs IT: Different Risks 22:28 Prioritizing Post-Assessment Actions 23:20 Prioritize SANS ICS Critical Controls 29:31 Engineering Perspective on Critical Assets 30:47 Detecting Misuse of Control Systems 35:52 Collaborative Incident Response Dynamics 39:03 Remote Hydroelectric Plant Journey 40:45 Building Trust with Baked Goods 44:55 "Safety Crucial in Facility Disruptions" 48:50 ICS Security: Closing Safety Gaps 53:37 Enhancing ICS Security Controls 57:18 "ICS Summit and LinkedIn Activities"   About the guest :  Dean is the CEO and Principal Consultant of ICS Defense Force and brings over 20 years of technical and management experience to the classroom. He has worked in both Information Technology and Industrial Control System (ICS) Cyber Defense in critical infrastructure sectors such as telecommunications, electric generation, transmission, distribution, and oil & gas refineries, storage, and distribution, and water management. Dean is an ambassador for defending industrial systems and an advocate for the safety, reliability, and cyber protection of critical infrastructure. His mission as an instructor is to empower each of his students, and he earnestly preaches that “Defense is Do-able!”    Over the course of his career, Dean's accomplishments include establishing entire ICS security programs for critical infrastructure sectors, successfully conducting industrial-grade incident response and tabletops, ICS digital forensics, and ICS/OT Cybersecurity assessments across multiple sectors. As a SANS Principal Instructor, Dean teaches ICS515: ICS Visibility, Detection, and Response, is a co-author of the SANS Course ICS418: ICS Security Essentials for Managers and an author of SANS ICS Engineer Technical Awareness Training. Dean is a member of the SANS GIAC Advisory Board and holds many cybersecurity professional certifications including the GICSP, GRID, GSLC, and GCIA, as well as the CISSP®, and holds a BS in computer science. When not in the field, Dean spends tine chasing icebergs off the coast of Newfoundland on a jetski, or writing electric 80s inspired electronic music in this band Arcade Knights.   Resources Mentioned:  5 ICS Cybersecurity Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls/ SANS ICS Cybersecurity Summit: https://www.sans.org/cyber-security-training-events/ics-security-summit-2025/ How to connect Dean:  https://www.linkedin.com/in/dean-parsons-cybersecurity/ https://www.sans.org/profiles/dean-parsons/ Dean's Book: https://www.amazon.com/ICS-Cybersecurity-Field-Manual-EXCLUSIVE/dp/B0CGG6GMHW/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CiberAfterWork: ciberseguridad en Capital RadioEpisode: Episode 298: The Blackout, Critical Infrastructures, and CybersecurityPub date: 2025-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThis episode discusses the major power blackout in Spain, analyzing if it could have been caused by a cyberattack, although market consensus discards this possibility. It also reflects on the vulnerability of critical infrastructures to such events. The program also details the rapid appearance of cyber scams related to the blackout, demonstrating the adaptability of cybercriminals. Subsequently, the program presents a DNS-based security solution (Flash Start) to protect web browsing in companies and on devices, emphasizing its ease of installation and customization. Finally, it reports on a ransomware cyberattack on the Ayuntamiento de Badajoz and the dismantling by the FBI of a "Fishing as a Service" platform, highlighting the importance of prevention, detection, and response in cybersecurity. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/The podcast and artwork embedded on this page are from psaneme, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CiberAfterWork: ciberseguridad en Capital RadioEpisode: Episodio 298: El Apagón, las Infraestructuras Críticas y la CiberseguridadPub date: 2025-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se habla del gran apagón que sufrió España y se analiza si pudo haber sido causado por un ciberataque, aunque el consenso del mercado lo descarta, y reflexionando sobre la vulnerabilidad de las infraestructuras críticas ante tales eventos. También se detalla la rápida aparición de ciberestafas relacionadas con el apagón, demostrando la adaptabilidad de los ciberdelincuentes. Posteriormente, el programa presenta una solución de seguridad basada en DNS para proteger la navegación web en empresas y dispositivos, enfatizando su facilidad de instalación y personalización. Finalmente, se informa sobre un ciberataque de ransomware al Ayuntamiento de Badajoz y el desmantelamiento por parte del FBI de una plataforma de "Fishing as a Service", resaltando la importancia de la prevención, detección y respuesta en ciberseguridad. Twitter: @ciberafterwork Instagram: @ciberafterwork Panda Security: https://www.pandasecurity.com/es/ +info: https://psaneme.com/ https://bitlifemedia.com/ https://www.vapasec.com/ VAPASEC https://www.vapasec.com/ https://www.vapasec.com/webprotection/The podcast and artwork embedded on this page are from psaneme, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 1/4 Contexto Incorporando ciberseguridad en el diseño de tecnología industrialPub date: 2025-06-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se presenta el contexto del caso: datos del entrevistado y cuál es el contexto del entorno y cuáles son los desafíos de incorporar ciberseguridad en el desarrollo de las tecnologías.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Conservas Guillén by Trend MicroEpisode: Conserva #38 con Maria Penilla (ZIUR) - CRA (Cyber Resilience Act).Pub date: 2025-05-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn Conservas Guillén abrimos una nueva lata para hablar con María Penilla (Directora General de la Fundación ZIUR, Centro de Ciberseguridad Industrial de Gipuzkoa) para hablar de la CRA (Cyber Resilience Act) y como desde la Fundación están ayudando al tejido empresarial / industrial de Guipuzkoa y Euskadi. Conservaciones de 30 minutos, aproximadamente, en lenguaje entendible y coloquial.The podcast and artwork embedded on this page are from Trend Micro Iberia, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Megan Stifel on the Impact of the Ransomware Task ForcePub date: 2025-05-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMegan Stifel, Chief Strategy Officer for the Institute for Security and Technology, joins the Nexus Podcast to discuss the four years of progress and challenges experienced by the Ransomware Task Force. The RTF was created days before the Colonial Pipeline ransomware incident and in a landmark report, laid out 48 recommendations to the industry that included a framework for critical infrastructure organizations that could help deter and disrupt the operations of ransomware gangs. Stifel covers the growth of the task force and which the of the 48 recommendations have been tackled and which remain. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 63: Chief Hacking OfficerPub date: 2025-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThis is a story about a Chief Hacking Officer who draws on his expertise in physical and virtual security assessments—along with some intuitive AI-driven coding—to safeguard Operational Technology. Colin Murphy of Frenos and Mitnick Security talks about how some of his early assessment work with Kevin Mitnick is helping him with OT security today.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: OT Security in Hindsight: Visibility, Authority, and the Executive DisconnectPub date: 2025-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this special rewind edition of Industrial Cybersecurity Insider, we revisit some of the most powerful insights shared on how to elevate OT cybersecurity across complex, distributed environments. From budget allocation strategies to disaster recovery frameworks and the nuances of executive engagement, this episode distills frontline lessons into a compact, high-impact listen. Whether you're navigating remote access risks, managing hybrid architectures, or striving to align plant managers with corporate cybersecurity goals, these reflections are a roadmap for driving resilience and maturity in your OT security strategy.Chapters:00:00:00 - Rewind Kickoff: From Blind Spots to Bold Predictions00:00:46 - The A-Z of Industrial Cybersecurity for OT Environments with Industry Expert Bryson Bort00:10:57 - Gartner, DOGE, and the Future of OT Cybersecurity Policy00:21:38 - Uncovering Blind Spots in OT CybersecurityLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 24 · TOP 10% what is this?)Episode: Real-World Cyber Threats in Healthcare: Balancing Tech, Training, and Human SafetyPub date: 2025-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybersecurity in healthcare is facing heightened challenges as regulations shift, IoT devices proliferate, and ransomware attacks become increasingly devastating. Josh Spencer, Founder, and CIO at FortaTech Security and with over fifteen years in the field including time as CISO/CTO at UT Southwestern, explores why HIPAA changes are necessary, the high stakes of securing medical devices, and how both technology and culture play roles in protecting patient data and safety. The conversation breaks down risks, practical mitigation strategies, and the ongoing evolution of both threats and defensive tools -- including AI --  and covers the evolving HIPAA landscape and the move from “addressable” to required controls, ransomware's impact on hospitals and patient safety, challenges and best practices in securing connected medical (IoT/OT) devices, the importance of real-world risk assessment and penetration testing in healthcare, and human factors, including security awareness training and leveraging AI both for defense and as a threat. Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: From Plant Operator to OT Security: Stories of Failures and BreakthroughsPub date: 2025-05-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow dives deep into the intersection of IT and OT cybersecurity with special guest Gavin Dilworth—a plant operator turned automation engineer and cybersecurity expert. Listen in as Gavin shares his candid and often humorous journey from factory floors to global consulting, including how a workplace near-miss sparked his “lightbulb moment” about the similarities between health and safety and cybersecurity. Aaron and Gavin discuss everything from operators' creative workarounds on the plant floor, to the importance of trust and rapport between IT and OT teams, and why having hands-on experience is key to building effective cybersecurity programs in critical infrastructure environments.  You'll also hear real-world stories of technology mishaps, the critical role of plant culture, and the practical challenges organizations face in securing legacy systems while keeping operations running. If you want honest, relatable insights and actionable advice on bridging the IT-OT divide—and a few laughs along the way—this episode is for you. Key Moments:  10:12 Operator Rounds and RFID Challenges 12:56 Operators' Ingenuity and Knowledge 21:29 IT vs. OT: Firmware Update Challenges 26:49 Understanding and Accepting Risk 28:12 Standards, Frameworks, and Continuity 33:08 High Voltage Safety Precautions 40:41 Bridging OT and IT Skills 43:46 Cybersecurity Cross-Training Surge 52:38 CISO Knowledge Gap in OT Security 54:32 "Experience: Essential for Understanding" 01:03:34 DCS System Configuration Challenges 01:06:52 Neglecting Redundancy Risks Operations 01:11:00 Optimizing Underutilized IT Resources 01:20:04 "Understanding Systems Before Advice" 01:22:06 Old Cables Remain Untouched About the guest :  Gavin Dilworth's career took an unconventional path. As a plant operator, he was tasked with keeping production running smoothly and monitoring sensor readings, both on the computer and around the factory. However, Gavin was never quite the model operator—rather than dutifully making rounds and comparing readings, he often found himself absorbed in books, dreaming of a future in IT. Though he laughs about being a “pretty terrible operator,” Gavin's story reflects his early drive to pursue his true interests in technology, even when duty called elsewhere. How to connect Gavin :  Linkedin : https://www.linkedin.com/in/gavin-dilworth/ Website: https://assessmentplus.co.nz/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks PodcastEpisode: Michal Shlomo Head of cyber-Insurance @Howden Insurance Brokers IL on insurance role & cyber attackPub date: 2025-05-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationאחת המחלוקות הגדולות בין אנשי המקצוע בסייבר היא נושא ביטוח הסייבר. כן צריך, לא צריך, האם המוצר הביטוחי מצדיק את ההוצאה והאם הוא נותן פתרון אמיתי בזמן משבר. הדס תמם בן אברהם סגנית הדיקן בקריה האקדמית אונו ונחשון פינקו יועץ ואוונגליסט סייבר מארחים את מיכל שלמה ראש מחלקת ביטוחי סייבר בסוכנות הביטוח האודן, בשיחה על ביטוחי סייבר ומה האמת למול השמועות. האם ביטוח סייבר באמת יקר האם ברגע שיש אירוע סייבר, חברת הביטוח לוקחת את המושכות ומנהלת את המשבר גם אם בניגוד לדעת הלקוח האם ביטוח סייבר הוא במקום התקשרות מבעוד מועד עם חברת איי.אר ועוד One of the most significant disputes among cyber professionals concerns cyber insurance. Is it necessary? Does the insurance product justify the expense? Does it provide a real solution during a cyber crisis? Hadas Tamam Ben Avraham, Vice Dean at the Ono Academic College, and Nachshon Pincu, cyber evangelist and consultant, host Michal Shlomo, Head of the Cyber Insurance Department at Howden Insurance Brokers Israel, in a conversation about cyber insurance and the truth in the face of rumours. Is cyber insurance costly? Does the insurance company take the reins and manage the crisis as soon as a cyber event occurs, even if contrary to the customer's opinion? Is cyber insurance a substitute for a contract in advance with an IR company? And moreThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 4/4 Desenlace Gestionando Ciberresiliencia en un entorno industrialPub date: 2025-05-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se muestra el papel que juegan la cultura organizacional y la concienciación del personal de operación en la resiliencia frente a ciberincidentesThe podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made SimpleEpisode: How to build a SIEM SOC in OT? | OT Security Made SimplePub date: 2025-05-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationZeek Muratovic, Director of Security Operations at Landis+Gyr talks about the first steps to build a SIEM SOC in OT environments. Being a pragmatist, he proposes a step-by-step approach that prevents OT operators from overkilling their budget AND workload.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The Industrial Security Podcast (LS 36 · TOP 3% what is this?)Episode: Lessons Learned From Incident Response [The Industrial Security Podcast]Pub date: 2025-05-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationHow did they get in? How did we find them when they got in? What can we do in future to clean up the mess faster? Chris Sistrunk reflects on a decades' industrial cyber incident response experience at Mandiant (Google).The podcast and artwork embedded on this page are from PI Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Bridging the IT-OT Divide with AI-Powered InsightPub date: 2025-05-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino and Craig tackle one of the most misunderstood challenges in cybersecurity for industrial environments. The persistent disconnect between IT-led cybersecurity tools and operational technology realities.They explore the concept of "shadow OT," as well as the limits of traditional IDS deployments.They discuss why visibility is key to protecting critical systems. Vulnerability scanning alone isn't enough.Real world case studies reveal how failing to engage OT teams derails cybersecurity strategies. One case involved rogue servers causing daily production failures. Another featured misconfigured modules choking brewery operations. These examples show that even the most advanced strategies fail without OT team involvement.For leaders in manufacturing, utilities, and critical infrastructure, this is a must-listen conversation. It's about redefining risk management through OT-first thinking.Chapters:00:00:00 - When Machines Stop, Money Bleeds: The Downtime Dilemma00:00:47 - Shadow IT or Ingenious OT? Rethinking Rogue Tech00:02:29 - Cybersecurity Isn't Enough: The OT Risk You're Missing00:04:37 - Server Ghosts & Brewery Blunders: Fixing What IT Can't See00:06:41 - Visibility is Power: Using the Tools You Already Own00:09:50 - IT vs. OT: Breaking Silos, Building Alliances00:13:28 - Final Thoughts: Who Really Owns OT Security?Links And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Why Cybersecurity Is More Than Just Technology and Tools with Paul MarcoPub date: 2025-05-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow welcomes lifelong cybersecurity professional Paul Marco to the podcast. Fresh off of a fun, bourbon-fueled appearance on Paul and Evan's podcast, Cyber After Hours, Aaron and Paul sit down for a candid conversation that covers everything from the pitfalls of shiny new cyber tools, to the real-world challenges of defending both networks and people.   Tune in as they discuss the importance of making the most of what you already have, the realities of cyber as a “cost center,” and how availability increasingly trumps confidentiality in today's threat landscape. Paul shares powerful insights from decades in cyber operations, the difference between theory and real value, and why storytelling and business skills are now just as vital as technical chops.   From protecting small businesses to demystifying the impact of AI and quantum computing on everyday cybersecurity, this episode is packed with practical advice, plenty of war stories, and even a few laughs. Whether you're a seasoned security pro or just starting out, you won't want to miss this lively and wide-ranging discussion on how to protect it all.   Key Moments:  05:38 Tech Rationalization Over Product Dependence 10:42 "Cybersecurity: A Costly Necessity" 17:44 Privacy Is Obsolete 25:51 Cyber Crime Funds Dark Activities 26:39 "Preventing Cyber-Facilitated Crime" 37:50 "Exploiting AI: Ethics Versus Greed" 46:44 Understanding Business Elevates Cybersecurity 48:01 Broadening Skills Beyond Cybersecurity 54:19 CISOs Need More Than Tech Skills 58:56 "Tech Threatens Critical Thinking"   About the guest :    Paul is the Co-Founder of TALAS Security and the Co-Host of the Cyber After Hours Podcast. With over twenty years of experience in IT and Cybersecurity, Paul is a senior cybersecurity leader who has built, maintained, and operated enterprise-grade Cybersecurity programs in highly complex environments. His expertise lies in taking a "controls first" approach to Cybersecurity. He specializes in designing programs that maximize the use of existing capabilities to balance both defense and compliance to accelerate organizational maturity. He creates sustainable solutions that enable organizations to effectively manage their cybersecurity risks and is committed to staying ahead of the curve in an ever-evolving cybersecurity landscape and helping organizations securely achieve their business objectives. How to connect Paul:  LinkedIn: https://www.linkedin.com/in/pm01/ Talas Security: https://www.talas.io/ Cyber after Hours Podcast: https://www.cahpodcast.com/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Acciones Gestionando Ciberresilienca en un entorno industrialPub date: 2025-05-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se revisan las medidas concretas recomendadas en una organización para fortalecer la ciberresiliencia en las operaciones industriales.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Cyber Focus (LS 24 · TOP 10% what is this?)Episode: The One-Way Street of Digital Transformation: OT Cybersecurity with Nozomi's Edgard CapdeviellePub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this special RSA Conference edition of Cyber Focus, host Frank Cilluffo sits down with Edgard Capdevielle, President and CEO of Nozomi Networks, to unpack the evolving landscape of operational technology (OT) cybersecurity. Together, they explore how digital transformation and the convergence of IT and OT are reshaping the threat environment for critical infrastructure. Capdevielle outlines the three major phases of the OT security market, reflects on the role of AI and legacy systems, and explains why visibility remains foundational to cybersecurity. The conversation also highlights the growing risk from nation-state actors, the breakdown of air gap assumptions, and the tangible steps owner-operators must take to build resilience. Main Topics Covered: Defining the three phases of OT cybersecurity market maturity The impact of digital transformation and IT/OT convergence Why visibility remains the top concern for infrastructure operators The role of AI in passive detection and firmware profiling Nation-state threats, air gap fallacies, and Volt Typhoon's implications Practical steps for operators to improve risk visibility and resilience Key Quotes: “Digital transformation is a one-way street. We're only going to automate more — automate everything — and IT and OT are only going to converge more.” — Edgard Capdevielle “You cannot protect what you can't see. So having a layer of visibility is number one.” — Edgard Capdevielle “Air gapping has been our number one enemy because it's not real… It's brought a level of comfort that is not good for us.” — Edgard Capdevielle Relevant Links and Resources: Nozomi Networks Guest Bio: Edgard Capdevielle is President and CEO of Nozomi Networks, a global leader in OT and IoT cybersecurity. He has a background in computer science and more than two decades of experience in cybersecurity and enterprise technology. Prior to joining Nozomi in 2016, he held leadership roles at Imperva and EMC (including post-acquisition work with Data Domain) and has served as an investor and advisor to several successful startups in the security space.The podcast and artwork embedded on this page are from McCrary Institute, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Joe Slowik on Identifying Truly 'Critical' InfrastructurePub date: 2025-05-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSecurity researcher Joe Slowik joins the Nexus Podcast to discuss the broad interpretation of what critical infrastructure entities are truly "critical," and how that creates an ethical wedge between protecting the well-resourced and those that are resource-strapped. Slowik acknowledges that while calling everything "critical" ensures that nothing is critical, serious discussions must be had about getting the most return in terms of defensive resources while recognizing the ethical dilemmas that some entities cannot be left behind because they're not as important to overall national and economic security. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Bites & Bytes PodcastEpisode: AI, Consumer Behavior, and the Future of Food with Andreas DuessPub date: 2025-05-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhy do most new food products fail, and what does AI have to do with it? In this episode of the Bites and Bytes Podcast, you host, Kristin Demoranville,  is joined by Andreas Duess, co-founder of GoCPG and CEO of 6 Seeds, to unpack what's really driving the food and beverage industry right now.   Spoiler: it's not just taste trends or fancy branding.  Its behavior, data, and decisions are made without proper insight. We talk about: How AI is helping food brands try to understand real consumer behavior The say-do gap: why people don't buy what they say they want How Uber Eats data, smart fridges, and strained supply chains shape product development Why big brands are suddenly out-innovating startups What GLP-1 drugs mean for food categories And why rebuilding communities around food matters more than ever Whether you're in food, tech, or cybersecurity, or just curious about the systems behind what we eat, this episode pulls back the curtain on where the industry is headed. _____________________________________ Andrea Duess's contact information & companies: Andrea's LinkedIn Personal Site 6 Seeds is the Communication and Innovation Consultancy for today's agri-food Brands goCPG is an AI-powered platform that helps food entrepreneurs and consumer packaged goods (CPG) brands grow by providing personalized insights, mentorship, and tools to turn their ideas into successful businesses. _____________________________________

Podcast: HOU.SEC.CAST.Episode: OT Security with Watch Mr. Wizard Star Sean CurryPub date: 2025-05-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMichael and Sam are catching up with Principal Consultant and Co-Founder at Cavalry Solutions, Sean Curry! Sean talks about his transition from the military to the private sector, the importance of standards like IEC 62443 for OT security, and the best way to align IT and OT teams.Things Mentioned:·      New study reveals 92% of industrial sites at risk from unsecured remote access - https://www.securityinfowatch.com/critical-infrastructure/press-release/55262827/new-study-reveals-92-of-industrial-sites-at-risk-from-unsecured-remote-access?utm_campaign=4532845-%5BSocial%5D+News+Mentions,+Articles,+and+Bylines&utm_content=323098968&utm_medium=social&utm_source=linkedin&hss_channel=lcp-12898104·      Sean's Talk: https://youtu.be/Lv6ppq6ZaBs?si=IlBtkFJSEuDshGwF Do you have a question for the hosts? Reach out to us at podcast@houstonseccon.com Keep up with HOU.SEC.CON:·      LinkedIn·      Twitter·      Facebook·      Instagram·      YouTube·      Bluesky Check out our other show:·      CyberSundayCheck out our Conferences and Events:·      HOU.SEC.CON.·      OT.SEC.CON.·      EXEC.SEC.CON.·      HSC User GroupSupport or apply to our Scholarship Program:·      TAB Cyber FoundationIn this episode:·      Host: Michael Farnum·      Host: Sam Van Ryder·      Guest: Sean Curry·      Production and editing: Lauren Lynch·      Music by: August HoneyThe podcast and artwork embedded on this page are from Michael Farnum and Sam Van Ryder, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 62: Defending the Unknown in OT SecurityPub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationROI is always a tricky subject in cybersecurity. If you're paying millions of dollars in securing your OT networks, you'd want to be able to show that it was worth it. Andrew Hural of UnderDefense talks about the need for continuous vigilance, risk management, and proactive defense, acknowledging both the human and technological elements in cybersecurity and how just because something didn't happen doesn't mean that it didn't.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: The Truth About OT VulnerabilitiesPub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBryson Bort sits down with Adam Robbie, Head of OT Threat Research at Palo Alto Networks, to pull back the curtain on OT threat research. With a background in electrical engineering, Adam's first job in cybersecurity was at an IT help desk. He now leads a team dedicated to identifying, analyzing, and mitigating cyber threats targeting Operational Technology (OT) environments.What are the top threats Adam is seeing in OT attacks? Why is manufacturing such a vulnerable sector? And if he could wave a magic, non-Internet connected wand, what would he change? “I really would love to have more experts in OT,” Adam said. “The more knowledge…and the more experts we have, it will fasten this process [of innovation].” Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: IoT Security Podcast (LS 24 · TOP 10% what is this?)Episode: Securing the Foundation: Cyber Strategy in the Age of Smart InfrastructurePub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCybersecurity is redefined as a discipline for the curious and adaptable, with a focus on continuous learning, imagination, and embracing change. On location at the RSA Conference, host Phillip Wylie and Anand Singh discusses the evolving challenges of IoT and OT security, the rapid integration of AI, and how organizations must address overlooked endpoints and fragmented infrastructures. There is an emphasis on practical advice for CISOs and cybersecurity practitioners, underscoring the importance of foundational security practices, data visibility, identity management, and mental well-being in high-stress leadership roles.The role of curiosity and adaptability in cybersecurity careersOverlooked risks and challenges in IoT and OT device securityThe transformative impact of AI and the importance of securing AI adoptionPractical strategies for asset, identity, and data managementMaintaining work-life balance and resilience for CISOs and security leaders Let's connect about IoT Security!Follow John Vecchi at https://www.linkedin.com/in/johnvecchiThe IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcastThe podcast and artwork embedded on this page are from Phosphorus Cybersecurity, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity InsiderEpisode: Visibility Revisited: Trends Shaping the Future of OT CybersecurityPub date: 2025-05-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this special rewind episode we highlight outside influences shaping control system integrity, the impact of AI, emerging technologies, and the dynamics of building a career in OT cybersecurity.Drawing from frontline experiences and industry events like the S4 Conference, the discussion explores the growing organizational shift toward dedicated OT cybersecurity roles.We address the critical need for alignment between capital and operational expenditures, and the importance of selecting technologies that provide actionable visibility across diverse plant environments. Listeners will gain strategic guidance on integrating cybersecurity into capital planning, addressing asset variability across sites, and implementing scalable, non-disruptive security frameworks. From OT-specific IDS deployment to balancing remote access with zero-trust principles, this episode offers practical, forward-looking advice.Whether you're a practitioner or a decision-maker, focused on securing extended IIoT environments while maintaining operational resilience, this episode covers practical and relatable challenges and solutions.Chapters:00:00:00 – A Strategic Rewind: Exploring the Emerging Roles, Budget Realities, and Lessons Learned in OT Cybersecurity00:00:41 - Gartner, DOGE, and the Future of OT Cybersecurity Policy00:12:12 - The Future Looks Bright : Building a Career in OT Cybersecurity00:22:44 - AI, Global Trends, and More: A Glimpse into the Future of OT Cybersecurity with ClarotyLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Building Trust in OT Cybersecurity: Patching, Communication, and Personal Branding for SuccessPub date: 2025-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by his longtime friend and fellow OT (Operational Technology) aficionado, Oren Niskin. Oren dives into his unconventional journey from Navy electrician to offshore rig automation, through to OT cybersecurity consulting—sharing the highs, the lessons learned, and the unique perspective gained from crawling through the “belly of the ship” rather than a college lecture hall. Aaron and Oren discuss the real-world value of hands-on experience versus formal education, the evolving relationship between IT and OT teams, and why personal branding and communication skills are key for career growth in the cybersecurity field. They unpack the challenges and misconceptions around patching in the OT environment, and Oren reveals practical advice from his recent presentation on how organizations can dramatically reduce their vulnerability management workload while maintaining operational safety. Tune in for thoughtful reflections, war stories from the rig, and actionable tips for aspiring and seasoned cybersecurity professionals alike—plus a heartwarming nod to inspiring the next generation. Whether you're just getting started in OT or looking to take your cyber game to the next level, this episode is packed with honest advice and community spirit. Key Moments:  05:58 College: Not the Ultimate Answer 08:26 Consulting Perspective Accelerates Career Growth 13:36 "Building Value with Personal Branding" 16:49 "Everyone's a Salesman Everywhere" 19:44 "Patching Essential for System Health" 21:14 Firmware Updates Resolve Most Issues 26:18 Robots Dominate Manufacturing Line 28:08 Prioritizing Critical Drilling Vulnerability Fixes 33:29 "Prioritizing Business-Critical Systems" 36:57 Cyber-Resilient Tech Design 39:20 "Virtualization Best Practices: Snapshot Safety" 41:18 OT Cybersecurity: Focus on Basics 44:37 Unexpected Changes Disrupt Startup Plans 47:44 "Building Trust in Business" 50:52 "IT-OT Collaboration Importance" Oren Niskin – From the Navy to OT Cybersecurity: Bridging the Gap Between the Plant Floor and Secure Operations Oren Niskin is an OT cybersecurity consultant with over two decades of hands-on industrial experience spanning the U.S. Navy, offshore drilling operations, and global OT network management. His career began not in a classroom, but aboard the USS Harry S. Truman, where he served as an electrician and shutdown reactor operator after enlisting in the Navy post-9/11. Since then, he's steadily climbed the OT ranks—from maintaining electrical systems at sea to managing IACS networks for a global fleet of drilling rigs, and now, advising critical infrastructure on how to secure their operational environments. Oren brings a rare combination of deep technical insight and real-world plant floor experience to the evolving challenges of OT cybersecurity. He holds a Bachelor's degree in Nuclear Engineering Technology and a Master's in Information Security Engineering from the SANS Institute. Oren is passionate about translating complex OT security needs into practical outcomes—turning big visions into tangible progress. Connect with Oren on LinkedIn at https://www.linkedin.com/in/orenniskin/ or catch him in person at HouSecCon this September. Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis Gestionando Ciberresilienca en un entorno industrialPub date: 2025-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se analiza el impacto que pueden tener los ciberincidentes en la cadena de valor y la confianza del sistema eléctrico considerando el equilibrio necesario al protegerse frente a ciberamenazas con las exigencias de disponibilidad y eficiencia del negocioThe podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.