Podcasts about Critical infrastructure

The decision to leave a successful corporate position and start a company requires more than just identifying a market opportunity. For Shankar Somasundaram, it required witnessing firsthand how traditional cybersecurity approaches consistently failed in the environments that matter most to society: hospitals, manufacturing plants, power facilities, and critical infrastructure.Somasundaram's path to founding Asimily began with diverse technical experience spanning telecommunications and early machine learning development. This foundation proved essential when he transitioned to cybersecurity, eventually building and growing the IoT security division at a major enterprise security company.During his corporate tenure, Somasundaram gained direct exposure to security challenges across healthcare systems, industrial facilities, utilities, manufacturing plants, and oil and gas operations. Each vertical revealed the same fundamental problem: existing security solutions were designed for traditional IT environments where confidentiality and integrity took precedence, but operational technology environments operated under entirely different rules.The mismatch became clear through everyday operational realities. Hospital ultrasound machines couldn't be taken offline during procedures for security updates. Manufacturing production lines couldn't be rebooted for patches without scheduling expensive downtime. Power plant control systems required continuous availability to serve communities. These environments prioritized operational continuity above traditional security controls.Beyond technical challenges, Somasundaram observed a persistent communication gap between security and operations teams. IT security professionals spoke in terms of vulnerabilities and patch management. Operations teams focused on uptime, safety protocols, and production schedules. Neither group had effective frameworks for translating their concerns into language the other could understand and act upon.This divide created frustration for Chief Security Officers who understood risks existed but lacked clear paths to mitigation that wouldn't disrupt critical business operations. Organizations could identify thousands of vulnerabilities across their operational technology environments, but struggled to prioritize which issues actually posed meaningful risks given their specific operational contexts.Somasundaram recognized an opportunity to approach this problem differently. Rather than building another vulnerability scanner or forcing operational environments to conform to IT security models, he envisioned a platform that would provide contextual risk analysis and actionable mitigation strategies tailored to operational requirements.The decision to leave corporate security and start Asimily wasn't impulsive. Somasundaram had previous entrepreneurial experience and understood the startup process. He waited for the right convergence of market need, personal readiness, and strategic opportunity. When corporate priorities shifted through acquisitions, the conditions aligned for his departure.Asimily's founding mission centered on bridging the gap between operational technology and information technology teams. The company wouldn't just build another security tool; it would create a translation layer enabling different organizational departments to collaborate effectively on risk reduction.This approach required understanding multiple stakeholder perspectives within client organizations. Sometimes the primary user would be a Chief Information Security Officer. Other times, it might be a manufacturing operations head managing production floors, or a clinical operations director in healthcare. The platform needed to serve all these perspectives while maintaining technical depth.Somasundaram's product engineering background informed this multi-stakeholder approach. His experience with complex system integration—from telecommunications infrastructure to machine learning algorithms—provided insight into how security platforms could integrate with existing IT infrastructure while addressing operational technology requirements.The vision extended beyond traditional vulnerability management to comprehensive risk analysis considering operational context, business impact, and regulatory requirements. Rather than treating all vulnerabilities equally, Asimily would analyze each device within its specific environment and use case, providing organizations with actionable intelligence for informed decision-making.Somasundaram's entrepreneurial journey illustrates how diverse technical experience, industry knowledge, and strategic timing converge to address complex market problems. His transition from corporate executive to startup founder demonstrates how deep industry exposure can reveal opportunities to solve problems that established players might overlook or underestimate.Today, as healthcare systems, manufacturing facilities, and critical infrastructure become increasingly connected, the vision Somasundaram brought to Asimily's founding has proven both timely and necessary. The company's development reflects not just market demand, but the value of approaching familiar problems from fresh perspectives informed by real operational experience.Learn more about Asimily: itspm.ag/asimily-104921Note: This story contains promotional content. Learn more.Guest: Shankar Somasundaram, CEO & Founder, Asimily  | On LinkedIn: https://www.linkedin.com/in/shankar-somasundaram-a7315b/Company Directory: https://www.itspmagazine.com/directory/asimilyResourcesLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In 2024, there were 440,000 detected cyber threats to critical infrastructure, and the U.S. Critical Infrastructure experienced a surge in attacks, including the Volt Typhoon and Chinese Telecom Network Infiltration. For 2025, projections indicate 30% of critical infrastructure organizations will experience a security breach, and major attacks on the sector are expected to continue, according to Gartner.As we welcome 2026, what would a maturing artificial intelligence present to critical infrastructure, and how should CISOs strengthen their cybersecurity strategies to reflect the evolving technology, regulatory, geopolitical and business landscape in the coming years.Joining us on PodChats for FutureCISO is Lim Hsin Yin, vice president of sales for ASEAN at Cohesity for her views on the topic of Resilience in Action: Critical Infrastructure Defence.1.       What is Cohesity?2.       How robust are enterprises' data resilience strategies in Asia—including immutable backups, air-gapped copies, and recovery drills—in ensuring operational continuity after ransomware or destructive cyber-attacks? What KPIs are being used to measure its effectiveness?3.       To what extent have enterprises in ASEAN integrated IT and OT security teams, tools, and processes to achieve unified threat visibility and coordinated response across our entire critical infrastructure estates, especially considering legacy systems prevalent in the region?4.       How are CISOs continuously re-evaluating and managing third-party and supply chain risks—especially for vendors linked to OT environments—to prevent breaches similar to regional supply chain attacks like MOVEit or airport data centre infiltrations?5.       What zero-trust and segmentation measures have CISOs prioritised to protect industrial control systems (ICS) and OT environments against increasingly sophisticated hacktivist and state-backed threat actors targeting ASEAN and Hong Kong critical infrastructure?6.       How are enterprises leveraging real-time, cross-border threat intelligence sharing within ASEAN to detect and disrupt pre-positioning and advanced persistent threats (APTs), as exemplified by campaigns like Volt Typhoon?Coming into 2026, what are you expecting as far as critical infrastructure defense, and what should operators of critical infrastructure be taking in terms of their defense structure? 

שני סיסויים נכנסים לאולפן.....נשמע כמו התחלה של בדיחה טובה. הגנה על תשתיות קריטיות היא משימה מורכבת, האחריות מחד והצורך ללהטט בין הרגולציה להנהלה מאידך נחשון פינקו מארח את חיים הלוי סלע סיסו מוכר ומוערך באחת מחברות האנרגיה הגדולות בישראל לשיחת סיסויים על תחושת האחריות, ההתמודדות היום יומית עם סייבר בתקופת מלחמה,  האם הרגולציה עוזרת או מפריעה, איך בוחרים טכנולוגיה ואיך מגייסים ההנהלה והדירקטוריון להתמודדות עם סיכוני סייבר Two CISOs enter a studio.... sounds like the start of a good joke. Protecting critical infrastructure is a complex task, a responsibility on the one hand, and the need to juggle regulation and management on the other Nachshon Pincu hosts Haim Halevy Sela, a well-known CISO at one of Israel's largest energy companies, for a CISO conversation about the sense of responsibility, the daily dealings with cyber in times of war, whether regulation helps or hinders, how to choose technology, and how to mobilize management and the board of directors to deal with cyber risks.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: AI, Quantum, and Cybersecurity: Protecting Critical Infrastructure in a Digital WorldPub date: 2025-09-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by Kathryn Wang, Principal of Public Sector at SandboxAQ, for a wide-ranging and candid conversation about the critical role AI and quantum technology are playing in today's cybersecurity landscape.  Kathryn and Aaron break down complex concepts like quantum cryptography and the growing risks of deepfakes, data poisoning, and behavioral warfare - all with real-world examples that hit close to home. They dig into why cryptographic resilience is now more urgent than ever, how AI can both strengthen and threaten our defenses, and why your grandma shouldn't be left in charge of her own data security. From lessons learned in power plants and national defense to the nuances of protecting everything from nuclear codes to family recipes, this episode dives deep into how we can balance innovation with critical risk management.  Kathryn shares practical advice on securing the basics, educating your network, and making smart decisions about what truly needs to be connected to AI. Whether you're an IT, OT, or cybersecurity professional—or just trying to keep ahead of the next cyber threat - this episode will arm you with insights, strategies, and a little bit of much-needed perspective. Tune in for a mix of expert knowledge, humor, and actionable takeaways to help you protect it all.   Key Moments:    04:02 "Securing Assets in Post-Quantum Era" 07:44 AI and Cybersecurity Concerns 12:26 "Full-Time Job: Crafting LLM Prompts" 15:28 AI Vulnerabilities Exploited at DEFCON 19:30 AI Data Poisoning Concerns 20:21 AI Vulnerability in Critical Infrastructure 23:45 Deepfake Threats and Cybersecurity Concerns 28:34 Question Everything: Trust, Verify, Repeat 33:20 "Digital Systems' Security Vulnerabilities" 35:12 Digital Awareness for Children 39:10 "Understanding Data Privacy Risks" 43:31 "Leveling Up: VCs Embrace Futurism" 45:16 AI-Powered Personalized Medicine About the guest :  Kathryn Wang is a seasoned executive with over 20 years of leadership in the technology and security sectors, specializing in the fusion of cutting-edge innovations and cybersecurity strategies.    She currently serves as the Public Sector Principal at SandboxAQ, where she bridges advancements in post-quantum cryptography (PQC) and data protection with the mission-critical needs of government agencies. Her work focuses on equipping these organizations with a zero-trust approach to securing sensitive systems against the rapidly evolving landscape of cyber threats.   During her 16-year tenure at Google and its incubator Area120, Kathryn drove global efforts to develop and implement Secure by Design principles in emerging technologies, including Large Language Models (LLMs) and Generative AI.   How to connect Kathryn :  https://www.linkedin.com/in/kathryn-wang/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this week's Security Sprint, Dave and Andy covered the following topics: Warm Open:• Nerd Out EP 61. The 2/3 of the Year Awards!Main Topics:FBI PSA - Russian Government Cyber Actors Targeting Networking Devices, Critical Infrastructure. The Federal Bureau of Investigation (FBI) is warning the public, private sector, and international community of the threat posed to computer networks and critical infrastructure by cyber actors attributed to the Russian Federal Security Service's (FSB) Center 16. The FBI detected Russian FSB cyber actors exploiting Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI) to broadly target entities in the United States and globally. Info Ops: • Most Adults in 25 Countries Say Spread of False Information Is a Top National Threat. The findings come from Pew's seventh iteration of its Global Attitudes Survey: International Opinion on Global Threats, which was last published in 2022. • Foreign disinformation enters AI-powered era. At least one China-based technology company, GoLaxy, seems to be using generative AI to build influence operations in Taiwan and Hong Kong… Documents also show that GoLaxy has created profiles for at least 117 members of Congress and over 2,000 American political figures and thought leaders.• Toxic politics and TikTok engagement in the 2024 U.S. election• Why wind farms attract so much misinformation and conspiracy theory UN - Terror threat posed by ISIL ‘remains volatile and complex,' Security Council hears. The threat posed by the terrorist group ISIL – known more widely in the Middle East as Da'esh – remains dynamic and diverse, with Africa currently experiencing the highest level of activity worldwide.• PDF: Remarks by Mr. Vladimir Voronkov, Under-Secretary-General for Counter-Terrorism, United Nations Office of Counter-Terrorism. • PDF: Remarks by Mr. Vladimir Voronkov, Under-Secretary-General, United Nations Office of Counter-Terrorism.• UN Report: ISIS Fighters' Migration to Afghanistan and the Taliban's Failure• ISIS-K poses major threat with 2,000 fighters in Afghanistan, UN saysFEMA Employees Warn That Trump Is Gutting Disaster Response. After Hurricane Katrina, Congress passed a law to strengthen the nation's disaster response. FEMA employees say the Trump administration has reversed that progress. Employees at the Federal Emergency Management Agency wrote to Congress on Monday warning that the Trump administration had reversed much of the progress made in disaster response and recovery since Hurricane Katrina pummeled the Gulf Coast two decades ago. The letter to Congress, titled the “Katrina Declaration,” rebuked President Trump's plan to drastically scale down FEMA and shift more responsibility for disaster response — and more costs — to the states. It came days before the 20th anniversary of Hurricane Katrina, one of the deadliest and costliest storms to ever strike the United States.Quick Hits:• 25% of security leaders replaced after ransomware attack• Gate 15: Hack Yourself First: Pen Testing for Prevention • FB-ISAO: Ransomware Incident Review January to June 2025• Dissecting PipeMagic: Inside the architecture of a modular backdoor framework• Maryland Transit Administration says cybersecurity incident is affecting some of its servicesNevada state government offices closed after network security incident• Audit of Antisemitic Incidents 2024• MIT report: 95% of generative AI pilots at companies are failing• Report: Russian Sabotage Operations In Europe Have Quadrupled Since 2023• CISA Requests Public Comment for Updated Guidance on Software Bill of Materials• Risky Bulletin: NIST releases face-morphing detection guideline• CVE-2025–41688: Bypassing Restrictions in an OT Remote Access Device• Think before you Click(Fix): Analyzing the ClickFix social engineering technique

E131 The Fifth CourtCo-host of the Fifth Court, Peter Leonard, BL, met with Kirk Offel at the Dublin Tech Summit, promoter of the 5th Industrial Revolution.'Data centres are the most important things to be manufactured in the world'. That's Kirk's view and that's just the beginning of this terrific chat about all things AI and Data Centres.Kirk is not your typical tech CEO. From a military family, a former US Navy submariner, nuclear-trained engineer, cancer survivor, and now founder of Overwatch Mission Critical, he brings a mix of discipline, resilience, and purpose to the fast-changing world of digital infrastructure. His company designs and delivers the data centres that make the cloud, AI, and mission-critical systems possible — what he likes to call “the sky for the cloud.”You'll also learn everything you ever wondered about life in a submarine under the ocean...though some of what he's done he can't talk about.Before that, Peter and Mark Tottenham, BL, examine notable recent court decisions featured on Decisis.ie including:A 'Proceeds of Crime' case and whether it should be reopened with new material comes to light?A case full of energy, including a windfarm, a hydrogen plant and turf-cutting.Another planning case, this one regarding an old paint factory that was being used to house migrants. It turned out to be a moot case.Whether you're in practice or just passionate about the law, this episode is a must-listen for its clarity, depth, and practical relevance.Sponsored by Charltons Solicitors and Collaborative Practitioners – family law with a collaborative approach. Hosted on Acast. See acast.com/privacy for more information.

AI is changing how data centers operate, and particularly in the case of retrofit facilities, it is more important than ever that operators have all the data they need to ensure uptime. We talk to Jad Jebara, CEO and president of Hyperview - an AI-powered DCIM provider - about some of the pitfalls data center operators are falling into as they handle more demanding workloads, and how a surprising number of operators are still actually using Excel for capacity planning.

In today's episode of 'Cybersecurity Today,' hosted by Jim Love, we cover several key issues in the cybersecurity landscape. Firstly, a breach involving Workday and social engineering attacks targeting Salesforce customers is discussed. Next, the risks posed by a recent Windows update potentially causing data corruption on SSDs and HDDs are highlighted. We also delve into a critical infrastructure breach where Russian hackers remotely accessed a Norwegian dam's control system. Additionally, the episode covers Google's vulnerabilities in its AI and Gmail services, and finally, Apple's significant privacy victory against the UK's backdoor encryption mandate. The episode concludes with a call for listener support through donations to sustain the program. 00:00 Introduction and Headlines 00:23 Workday Data Breach Explained 02:15 Windows Update Issues 04:05 Norwegian Dam Cyber Attack 05:49 Google's Security Challenges 07:12 Apple's Privacy Victory 08:19 Conclusion and Listener Support

Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Local Infrastructure is Critical InfrastructurePub date: 2025-08-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationOur host Bryson sits down with Colin Ahern and Kirk Herath, two of the only cybersecurity experts working in Governors' offices in the United States. Colin was appointed Chief Cyber Officer of the State of New York by Governor Kathy Hochul in June 2022, and Kirk stepped into his role as Cybersecurity Strategic Advisor to Ohio Governor Mike DeWine and Lt. Governor Jon Husted the same year. In their positions, Colin and Kirk are responsible for coordinating their states' cybersecurity capabilities, overseeing threat assessment and response, working with local governments to prepare for and remediate cyber attacks, and more.  What were the critical lessons learned in building statewide cybersecurity programs from the ground up? How do states navigate the shifting landscape of federal support? And what are the biggest challenges and opportunities on the horizon for cyber czars and strategic advisors across the country? “You can't replicate these shared services unless you're doing it together. You just can't. We can either succeed together or we can fail separately. There's really not a middle ground where we can all have exactly everything we want all the time. Because like we've said, this is a risk management exercise in a world of limited resources,” Colin explained. Join us for this and more on this episode of Hack the Plan[e]t. The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology.The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The hits just keep on coming Where's the Little Dutch Boy when you need him? I felt the ransomware down in Africa Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com

Podcast: Simply ICS CyberEpisode: S1 E3: Critical Infrastructure vs. Everything ElsePub date: 2025-03-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Simply ICS Cyber, Don and Tom interview Gus Serino, water sector expert and Owner at I&C Secure, Inc.Listen in as we will answer the following questions:- What is Critical Infrastructure?- What are other types of Industrial and Automation?- Is cybersecurity different between the two?Links from this episode:- Gus Serino LinkedIn: https://www.linkedin.com/in/gusserino/- Instrumentation & Control Secure, Inc.: https://www.iandcsecure.com/- S4Events - Water Sector Cyber Risk with Gus Serino: https://www.youtube.com/watch?v=ScigBpXIjggJoin us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway- Tom https://www.linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================The podcast and artwork embedded on this page are from Simply Cyber Media Group, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Declassified emails and memos reveal the Clinton campaign may have fabricated Trump–Russia collusion to distract from her email scandal. The PBD Podcast crew exposes Obama-era FBI failures, media complicity, and the deeper implications for justice, accountability, and free speech.

Keywordscybersecurity, military transition, Tampa cybersecurity, mentorship, cyber law, incident response, private sector, cybersecurity misconceptions, legal perspectives, cybersecurity growth  SummaryIn this episode of No Password Required, hosts Jack Clabby and Kayley Melton sit down with Kurt Sanger — former Deputy General Counsel at U.S. Cyber Command — to talk about the evolving world of cyber law, the wild ride from government service to private sector strategy, and what keeps him grounded in a field that's constantly shifting. Kurt dives into the fast-growing cybersecurity scene in Tampa, the power of mentorship, and why people still get cyber law so wrong. Plus: insights on responding to incidents under pressure and what role the government should (and shouldn't) play in the digital fight.  TakeawaysKurt emphasizes that newcomers to cybersecurity are not as far behind as they think.The transition from military to private sector can be challenging but rewarding.Tampa is becoming a significant hub for cybersecurity talent and companies.Understanding cybersecurity misconceptions is crucial for decision-makers.Mentorship plays a vital role in navigating career challenges in cybersecurity.Military and civilian cyber law have distinct differences in enforcement and flexibility.The stakes in private sector cybersecurity can be incredibly high for clients.Kurt's experience highlights the need for collaboration between government and private sectors.Cybersecurity is an ever-evolving field that requires continuous learning.Kurt finds excitement in helping clients during their most challenging times.  Sound bites "You're only six months behind.""We're all in the same boat.""The government needs to step back."  Chapters 00:00 NPR S6E7 Kurt Sanger52:53 NPR S6E7 Kurt Sanger01:45:47 Introduction to Cybersecurity Conversations01:48:22 Transitioning from Military to Private Sector Cybersecurity01:51:11 The Growth of Tampa as a Cybersecurity Hub01:54:05 Understanding Cybersecurity Misconceptions01:57:15 The Role of Mentorship in Cybersecurity Careers02:00:24 Military vs. Civilian Cybersecurity Law02:03:07 The Excitement of Cyber Command vs. Private Sector02:13:52 High Stakes in Cybersecurity for Small Organizations02:15:44 The Role of Legal Experts in Cybersecurity02:17:21 Translating Technical Jargon for Clients02:18:57 Challenges of Explaining Cyber Operations to Commanders02:22:43 Lifestyle Polygraph: Fun Questions and Insights02:23:30 The 10,000 Hour Rule in Cybersecurity02:29:34 Creative Freedom with LEGO Bricks02:31:27 Tampa's Culinary Delights and Local Favorites

In the latest Nerd Out, Alec and Dave welcome in Hunter Headapohl to talk about the cyber basics, and why so many threats can be prevented by following appropriate cyber hygiene. Alec and Hunter share their best practices and some of their tools and resources that can be leveraged to mitigate risk.Some of the references from the pod include:Top Cyber Actions for Securing Water Systems - https://www.cisa.gov/resources-tools/resources/top-cyber-actions-securing-water-systemsDefending OT Operations Against Ongoing Pro-Russia Hacktivist Activity - https://www.cisa.gov/resources-tools/resources/defending-ot-operations-against-ongoing-pro-russia-hacktivist-activityIRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including US Water and Wastewater Systems Facilities - https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-335aChina Strategically Infiltrates U.S. Critical Infrastructure as Cyberattacks Escalate - https://thesoufancenter.org/intelbrief-2025-january-10/Secure by Design - https://www.cisa.gov/securebydesignCISA Training - https://www.cisa.gov/resources-tools/training

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: The Double-Edged Sword of AI in Cybersecurity and Critical InfrastructurePub date: 2025-07-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this solo episode, host Aaron Crow takes us on a fast-paced journey through the latest critical developments in both IT and OT cybersecurity. Aaron breaks down the month's most pressing zero-day exploits, including high-profile attacks on Microsoft SharePoint and CrushFTP, and explores the implications of rapidly evolving threats - especially as attackers leverage AI for faster, more innovative hacks. But it's not all doom and gloom: Aaron dives into how AI is also becoming a game-changer for defense, from Google's use of AI agents to spot vulnerabilities ahead of attackers, to the promise (and dangers) of deepfake technology. He discusses new policy moves, like the FCC's proposal to ban Chinese tech in undersea internet cables and the US Coast Guard's push for cyber resilience in maritime infrastructure. Throughout the episode, Aaron offers strategic advice for organizations of all sizes - from patch management and digital twins to incident response plans designed for today's AI-driven threat landscape. Whether you're in cyber, tech, critical infrastructure, or just want to stay a step ahead, this episode is packed with actionable insights and timely analysis to boost your cyber resilience. Plug in for a conversation that's equal parts eye-opening and empowering! Key Moments;  01:20 High-Level Tactical Briefing 05:31 Digital Twin for System Security 09:39 Dual Role of Tools 12:00 Emergency Procedures Reminder 14:24 Challenges in OT System Integration 18:32 Deep Fake Detection and Response 20:12 "AI Persistence and Impact" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Even though the bombs and missiles have stopped falling, that doesn't mean nothing is happening between Iran, Israel, and the United States. In fact, it may mean that certain dangers like cyber attacks are actually increasing. Here to help us understand the threat and how to mitigate it is vice president of global cyber risk at Optiv, James Turgal.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Podcast: Bites & Bytes PodcastEpisode: Hiring for the Frontlines of Critical Infrastructure with Nathaniel SmithPub date: 2025-07-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhat does it take to build a cybersecurity workforce capable of protecting the systems that keep the lights on and food on our plates? In this episode, host Kristin Demoranville is joined by Nathaniel Smith, Co-Founder and VP at SR2, a purpose-driven recruitment firm. Nathaniel, who specializes in hiring OT/ICS, brings over 14 years of recruiting experience and a refreshing dose of honesty to the challenges of hiring in critical infrastructure. Together, they explore what makes a strong Operational Technology (OT) candidate, why culture fit matters as much as technical skills, and how broken hiring processes often keep the best people out. For sectors like food and agriculture, where operational technology is directly tied to safety, production, and public trust, getting the right people into the right roles isn't just important. It's essential. --------------- Show Notes: Mike Holcomb's Episode (here) SEC Ruling on Disclosure of Cyber Incidents (here)

Also - row erupts in Belfast City Hall over Pride stained glass window installed in May

Tanya Janca joins the show this week, with unique perspective on building secure software and advocating for better cybersecurity policy.George K and George A talk to Tanya about: Her transition from 14 years as a Canadian public servant to private sector entrepreneurship The core values that guide her work: performing good and moving the industry toward secure software Entrepreneurship since age 19: solving real problems that hurt badly enough for people to pay Civil advocacy for security by design policies and challenging inadequate government cybersecurity practicesTanya's perspective on building businesses around genuine problem-solving rather than just seeking acquisition or wealth creation offers valuable insights for any founder. Whether you're interested in secure coding, entrepreneurship, or how to advocate for better cybersecurity policy, this episode delivers actionable insights from someone who's been in the trenches and made real impact.Mentioned: The Eh List: https://ehlist.org/ Forte Group: forte-group.org/home-our-mission Tanya's petition: https://www.ipetitions.com/petition/secure-canadas-future Tanya's Secure Coding Guideline: newsletter.shehackspurple.ca/c/secure-coding-guideline

What does the future of enterprise networking really look like?   In this episode, Extreme Networks' Chief Product & Technology Officer Nabil Bukhari joins Craig to explore how AI, autonomous agents, and platform thinking are transforming the core infrastructure of modern businesses.   From managing mission-critical networks to building agentic systems that collaborate, troubleshoot, and scale autonomously - this is a deep dive into how connectivity is being redefined from the ground up.   Whether you're a tech leader, CIO, product builder, or simply curious about how infrastructure evolves, this conversation reveals where the enterprise is headed next.   Check out Extreme Networks: https://www.extremenetworks.com/   Stay Updated: Craig Smith on X: https://x.com/craigss Eye on A.I. on X: https://x.com/EyeOn_AI   (00:00) Preview (01:02) Introducing Nabil Bukhari & Extreme Networks (05:24) Why Global Connectivity Is Still Accelerating (07:54) How Enterprise Data Flows Across Modern Networks (12:34) Networking for AI vs. Built-in AI (14:12) Platform One & Agentic AI Systems Explained (21:20) Human-in-the-Loop, Over-the-Loop, and Above-the-Loop (23:35) Why AI Guardrails Must Be Baked into the Architecture (27:33) Introducing the ARC Framework (31:15) Persona-Based Interfaces for NetOps, CFOs & CMOs (33:25) The Problem with Chatbots (36:06) Enterprise vs. Public Networks (38:38) Global Connectivity Infrastructure & Use Case Variability (44:29) How Secure and Resilient Are Enterprise Networks? (52:24) In-House AI for Critical Infrastructure

CISA warns organizations of potential cyber threats from Iranian state-sponsored actors.Scattered Spider targets aviation and transportation. Workforce cuts at the State Department raise concerns about weakened cyber diplomacy. Canada bans Chinese security camera vendor Hikvision over national security concerns.Cisco Talos reports a rise in cybercriminals abusing Large Language Models. MacOS malware Poseidon Stealer rebrands.Researchers discover multiple vulnerabilities in Bluetooth chips used in headphones and earbuds. The FDA issues new guidance on medical device cybersecurity. Our guest is  Debbie Gordon, Co-Founder of Cloud Range, looking “Beyond the Stack - Why Cyber Readiness Starts with People.” An IT worker's revenge plan backfires. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On today's Industry Voices segment, Debbie Gordon, Co-Founder of Cloud Range, shares insights on looking “Beyond the Stack - Why Cyber Readiness Starts with People.” Learn more about what Debbie discusses in Cloud Range's blog: Bolstering Your Human Security Posture. You can hear Debbie's full conversation here. Selected Reading CISA and Partners Urge Critical Infrastructure to Stay Vigilant in the Current Geopolitical Environment (CISA) Joint Statement from CISA, FBI, DC3 and NSA on Potential Targeted Cyber Activity Against U.S. Critical Infrastructure by Iran (CISA, FBI, DOD Cyber Crime Center, NSA)  Prolific cybercriminal group now targeting aviation, transportation companies (Axios) U.S. Cyber Diplomacy at Risk Amid State Department Shakeup (GovInfo Security) Canada Bans Chinese CCTV Vendor Hikvision Over National Security Concerns (Infosecurity Magazine) Malicious AI Models Are Behind a New Wave of Cybercrime, Cisco Talos (Hackread) MacOS malware Poseidon Stealer rebranded as Odyssey Stealer (SC Media) Airoha Chip Vulnerabilities Expose Headphones to Takeover (SecurityWeek) FDA Expands Premarket Medical Device Cyber Guidance (GovInfo Security) 'Disgruntled' British IT worker jailed for hacking employer after being suspended (The Record) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 65: Hacking Critical Infrastructure Through Supply ChainsPub date: 2025-06-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCritical Infrastructure software lacks the strict liability standards found in industries like automotive manufacturing, leading to minimal accountability for insecure products when they get exploited.  Alex Santos, CEO of Fortress Information Security, explains how they're typically hired by buyers of ICS equipment—such as utilities—to assess and mitigate supply chain risks, including working with OEMs to improve security.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Driving OT Security Innovation: AI, Risk Reduction, and the Future of Critical InfrastructurePub date: 2025-06-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWelcome back to Protect It All! In this episode, host Aaron Crow sits down with longtime friend and OT cybersecurity veteran Brian Proctor for a deep dive into the current state—and future—of the OT cyber landscape. Together, they trade stories from the front lines, reflecting on how their early experiences as asset owners shaped their passion for innovation and helping critical infrastructure run safely and securely. Brian, whose career spans roles from OT engineer to startup co-founder, opens up about his journey—highlighting his drive to push the boundaries of traditional OT security and the evolution of key industry technologies. The conversation explores everything from the persistent lack of innovation in OT, to AI's growing role in tackling the daunting challenges of risk reduction, visibility, and scaling assessments across sprawling environments. If you've ever wondered how new tech like AI is reshaping industrial cybersecurity, why “we've always done it this way” just doesn't cut it anymore, or how organizations can realistically stay ahead without breaking the bank, this episode delivers honest insights, practical advice, and a look toward an exciting, if sometimes daunting, future. So grab your headphones and settle in as Aaron and Brian share stories, hot takes, and strategies designed to protect it all—because in critical infrastructure, the stakes have never been higher. Key Moments:  06:45 OT Cyber Industry Evolution 11:57 Evolving Challenges in OT Security 19:34 Bridging the OT Security Skills Gap 21:54 Enhancing OT Security Understanding 30:46 AI Model Security Challenges 34:26 Rapid Scaling for Site Assessments 40:56 Simulating Cyber Threat Responses 47:19 Operational Priorities: Equipment vs. Cyber Tools 49:30 Focus on Meaningful Security Metrics 56:30 Rapid AI Adoption vs. Internet 01:02:12 Cybersecurity: Small Targets are Vulnerable About the guest :  Brian Proctor is a cybersecurity leader with over 20 years of experience protecting critical infrastructure across energy, industrial automation, and operational technology sectors. As the co-founder and CEO of Frenos, he empowers critical infrastructure operators to proactively secure their environments against evolving cyber threats. Brian built his foundation in ICS/OT cybersecurity during his 13+ year tenure at two progressive California Investor Owned Utilities, San Diego Gas & Electric and Southern California Edison serving the 2nd and 8th largest cities in the United States. He managed a team of 15 security engineers and researchers across 150+ projects, established OT security roadmaps, and co-invented an R&D Magazine Top 100 award-winning GPS anti-spoofing mitigation technology that earned him a patent. Brian has published IEEE papers on security monitoring, served as Critical Infrastructure Co-Chair for Securing Our eCity, and regularly speaks at conferences to educate and build the ICS/OT cybersecurity community. He holds technical certifications including GICSP, CISSP, and CRISC, along with a Business Administration degree from the University of San Diego. Links:  https://frenos.io/services - Learn more about Optica, the industry's first tech-enabled rapid OT visibility service  https://frenos.io/autonomous-ot-security-assessment-platform - Learn more about how to automate OT security risk assessments Connect Brian : https://www.linkedin.com/in/brianproctor67/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Critical Infrastructure software lacks the strict liability standards found in industries like automotive manufacturing, leading to minimal accountability for insecure products when they get exploited.  Alex Santos, CEO of Fortress Information Security, explains how they're typically hired by buyers of ICS equipment—such as utilities—to assess and mitigate supply chain risks, including working with OEMs to improve security.

In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity. Nathan Case - https://www.linkedin.com/in/nathancase/   Chapters 00:00 Introduction to the Israel-Iran Conflict 00:52 Meet the Expert: Nate Case 01:51 Cyber Warfare Insights from Russia-Ukraine Conflict 03:36 The Impact of Cyber on Critical Infrastructure 08:00 Ethics and Rules of Cyber Warfare 15:01 Iran's Cyber Capabilities and Strategies 16:56 Historical Context and Modern Cyber Threats 23:28 Foreign Cyber Threats: The Iranian Example 24:06 Israel's Cyber Capabilities 25:39 The Role of Cyber Command 26:23 Challenges in Cyber Defense 27:11 The Complexity of Cyber Warfare 32:21 Ransomware and Attribution Issues 36:13 Defensive Cyber Operations 39:39 Final Thoughts and Recommendations

In this episode of CISO Tradecraft, host G Mark Hardy discusses the ongoing Israel-Iran conflict and its potential cyber implications with cybersecurity expert Nathan Case. They delve into lessons learned from the Russia-Ukraine conflict, discuss the effectiveness of cyber warfare, and evaluate Iran's cyber capabilities. The conversation also covers the ethical implications of cyber attacks, dual-use targets, and the danger of supply chain vulnerabilities. Practical advice is provided on improving cybersecurity measures, including the importance of MFA, network segmentation, and evaluating internal threats. Join us for an in-depth look at how current geopolitical tensions can impact global cybersecurity. Nathan Case - https://www.linkedin.com/in/nathancase/ Chapters 00:00 Introduction to the Israel-Iran Conflict 00:52 Meet the Expert: Nate Case 01:51 Cyber Warfare Insights from Russia-Ukraine Conflict 03:36 The Impact of Cyber on Critical Infrastructure 08:00 Ethics and Rules of Cyber Warfare 15:01 Iran's Cyber Capabilities and Strategies 16:56 Historical Context and Modern Cyber Threats 23:28 Foreign Cyber Threats: The Iranian Example 24:06 Israel's Cyber Capabilities 25:39 The Role of Cyber Command 26:23 Challenges in Cyber Defense 27:11 The Complexity of Cyber Warfare 32:21 Ransomware and Attribution Issues 36:13 Defensive Cyber Operations 39:39 Final Thoughts and Recommendations

Join us as we sit down with Matt Nicolls, Chief Digital Innovation Officer at Technology Partners, to uncover the unique story behind his creative approach to leadership. Matt shares how his early experiences shaped his passion for visually mapping out solutions, and how this skill has become central to his work in technology. Listeners will hear about the mentors who inspired him, the power of transparency in business, and how bringing “something extra” to the table can make all the difference in driving innovation and building strong teams.Guest Links:Matt's LinkedInTechnology PartnersCredits: Host: Lisa Nichols, Executive Producer: Jenny Heal, Marketing Support: Landon Burke and Joe Szynkowski, Podcast Engineer: Portside Media

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Inside OT Penetration Testing: Red Teaming, Risks, and Real-World Lessons for Critical Infrastructure with Justin SearlePub date: 2025-06-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow sits down with OT security expert Justin Searle, Director of ICS Security at InGuardians, for a deep dive into the ever-evolving world of OT and IT cybersecurity.  With over 25 years of experience, ranging from hands-on engineering and water treatment facilities to red-team penetration testing on critical infrastructures such as airports and power plants, Justin brings a wealth of insight and real-world anecdotes. This episode unpacks what it really takes to assess and secure operational technology environments. Whether you're a C-suite executive, a seasoned cyber pro, or brand new to OT security, you'll hear why network expertise, cross-team trust, and careful, collaborative engagement with engineers are so crucial when testing high-stakes environments. Aaron and Justin also discuss how the industry has matured, the importance of dedicated OT cybersecurity teams, and why practical, people-first approaches make all the difference, especially when lives, reliability, and national infrastructure are on the line. Get ready for actionable advice, hard-earned lessons from the field, and a candid look at both the progress and the ongoing challenges in protecting our most critical systems.   Key Moments:  05:55 Breaking Into Cybersecurity Without Classes 09:26 Production Environment Security Testing 13:28 Credential Evaluation and Light Probing 14:33 Firewall Misconfiguration Comedy 19:14 Dedicated OT Cybersecurity Professionals 20:50 "Prioritize Reliability Over Latest Features" 24:18 "IT-OT Convergence Challenges" 29:04 Patching Program and OT Security 32:08 Complexity of OT Environments 35:45 Dress-Code Trust in Industry 38:23 Legacy System Security Challenges 42:15 OT Cybersecurity for IT Professionals 43:40 "Building Rapport with Food" 47:59 Future OT Cyber Risks and Readiness 51:30 Skill Building for Tech Professionals   About the Guest :  Justin Searle is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing.  He led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and played critical roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP).     Justin has taught hacking techniques, forensics, networking, and intrusion detection courses for multiple universities, corporations, and security conferences.  His current courses at SANS and Black Hat are among the world's most attended ICS cybersecurity courses.  Justin is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, he frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, HITBSecConf, Brucon, Shmoocon, Toorcon, Nullcon, Hardware.io, and AusCERT.     Justin leads prominent open-source projects, including The Control Thing Platform, Samurai Web Testing Framework (SamuraiWTF), and Samurai Security Testing Framework for Utilities (SamuraiSTFU).  He has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), Web Application Penetration Tester (GWAPT), and GIAC Industrial Control Security Professional (GICSP)   How to connect Justin:  https://www.controlthings.io https://www.linkedin.com/in/meeas/ Email: justin@controlthings.io Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode of The New CISO, host Steve Moore speaks with Keith Price, Chief Security Officer at National Highways, about the evolving responsibilities of modern security leaders and the critical role of convergence between cyber, physical, and people security.Keith shares real-world stories from his work protecting England's strategic road network—used by over four million people daily—and explains why understanding both legacy infrastructure and cutting-edge technology is essential for building a resilient security strategy. From managing insider threats and recovering stolen radar equipment to championing mental health and developing junior talent, Keith offers a holistic approach to leadership in critical infrastructure.Key Topics Covered:How converging physical, cyber, and personnel security leads to stronger protectionReal-life insider threat examples—and how sensors helped prevent major damageThe challenge of managing decades-old asset tracking systems across regionsWhy availability and integrity of data now outweigh confidentiality in certain sectorsHow Keith's team detected stolen highway radar for sale on eBayThe importance of empathetic leadership and supporting mental health in security teamsHow "Cyber Coffee" sessions create safe spaces for vulnerability and connectionUpskilling IT staff into cybersecurity roles through “pay-it-forward” learningThe case for offering security-as-a-service to small but critical supply chain partnersKeith's insights reveal why successful security leadership requires more than just technical knowledge—it demands communication, humility, and a deep understanding of human behavior. This conversation is a must-listen for any security professional working to bridge silos and lead with impact.

In this episode, hosts Frank La Vigne and Candice Gillhoolley are joined by Andy Schwaderer and Dr. Christopher Leach from Quantum Knight. As the podcast celebrates its recent top ranking on Feedspot, the conversation dives deep into the urgent realities of post-quantum encryption, highlighting the evolving threats facing our digital lives—far beyond the stereotypical “hackers in hoodies.”Andy and Dr. Leach unpack why “being quantum ready isn't optional, it's essential,” sharing practical insights on defending against sophisticated adversaries, from nation-state actors to criminal gangs exploiting the cracks in legacy infrastructure. From the infamous Sony hack to modern ransomware attacks on hospitals and public utilities, the episode explores how Quantum Knight's innovative cryptosystem aims to protect data across everything from IoT devices to critical medical systems.Tune in for a compelling discussion on why security can no longer be an afterthought, how agile cryptography is enabling a future-proof approach, and why the responsibility—and power—to keep data safe now rests firmly in the hands of every individual and organization. If you've ever wondered how quantum computing and cybersecurity overlap, or how to safeguard your most vital assets in the quantum era, this episode is for you.Timestamps00:00 Streamlined Quantum-Enhanced Data Security08:26 "Data Control is King"14:48 "Understanding Advanced Persistent Threats"17:43 Quantum Computing's Impact on Cybersecurity22:42 "IoT's Security Oversight"32:15 "Admitting Issues, Seeking Solutions"36:02 Cryptography's Limits and Access Control39:31 Affordable Ransomware Protection Solution48:55 Switching Accountants Mid-Service51:35 Data Threat: Public Infrastructure Vulnerability56:45 Versatile Cryptography Support System01:02:19 AI Code Reliability Challenges01:06:53 "Concerns About Health and Security"

In this episode of 'Cybersecurity Today', host Jim Love is joined by panelists Laura Payne from White Tuque and David Shipley from Beauceron Security to review significant cybersecurity events over the past month. The discussion covers various impactful stories such as the disappearance of a professor, a data breach at Hertz, and government officials using a commercial app during a conflict. They dive deep into the ransomware attack on PowerSchool and its implications for K-12 schools in North America. The conversation also highlights the vulnerability of critical infrastructures, including the food supply chain and the importance of robust cybersecurity measures. Finally, the panel touches upon the progression towards post-quantum encryption by major tech companies like AWS and Google, signaling advancements in securing future technologies. 00:00 Introduction and Panelist Welcome 00:20 Major Cybersecurity Incidents of the Month 02:04 PowerSchool Data Breach Analysis 04:11 Ransomware and Double Extortion Tactics 12:20 4chan Security Breach and Its Implications 16:31 Hertz Data Loss and Retail Cybersecurity 17:44 Critical Infrastructure and Cyber Regulation 27:03 The Importance of CVE Database 27:54 Debate on Vulnerability Scoring 30:17 Open Source Software and Geopolitical Risks 31:43 The Evolution and Challenges of Open Source 37:17 The Need for Software Regulation 46:50 Signal Gate and Compliance Issues 54:08 Post-Quantum Cryptography 56:10 Conclusion and Final Thoughts

This week on Caveat, Dave and Ben welcome back N2K's own Ethan Cook for our latest policy deep dive segment. As a trusted expert in law, privacy, and surveillance, Ethan is joining the show regularly to provide in-depth analysis on the latest policy developments shaping the cybersecurity and legal landscape. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Please take a moment to fill out an audience survey! Let us know how we are doing! Policy Deep Dive In this Caveat Policy Deep Dive, our conversation and analysis revolve around critical infrastructure policy. Throughout this conversation, we break down how critical infrastructure policy has evolved over the past fifteen years and what policies have been behind some of these advancements. Some key topics focused on during this conversation center on some of the centralization of infrastructure management policies, the creation of CISA, and how the second Trump administration is changing the federal government's approach when managing critical infrastructure. Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠Caveat Briefing⁠, a weekly newsletter available exclusively to ⁠N2K Pro⁠ members on ⁠N2K CyberWire's⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠Caveat Briefing⁠ a new bill that is gaining traction in Congress where Senators Merkley and Kennedy are looking to limit the TSA's facial scanning program. This law comes after the DHS announced an audit regarding how the TSA has used this technology. Curious about the details? Head over to the ⁠Caveat Briefing⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠caveat@thecyberwire.com⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this episode of Banking on KC, Joe Kessinger, CEO of HCI Energy, joins host Kelly Scanlon to discuss how the Kansas City-based company is revolutionizing energy delivery for telecom, public safety and underserved areas through sustainable hybrid power systems. Tune in to discover:How HCI Energy's technology provides reliable, renewable energy for mission-critical infrastructureThe environmental and economic benefits of hybrid power in remote and disaster-prone areasHow HCI Energy is contributing to social equity through energy access in underserved communitiesCountry Club Bank – Member FDIC

Steve Summers speaks with SE Radio host Sam Taggart about securing test and measurement equipment. They start by differentiating between IT and OT (Operational Technology) and then discuss the threat model and how security has evolved in the OT space, including a look some of the key drivers. They then examine security challenges associated with a specific device called a CompactRIO, which combines a Linux real-time CPU with a field programmable gate array (FPGA) and some analog hardware for capturing signals and interacting with real-world devices. Brought to you by IEEE Computer Society and IEEE Software magazine.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Danielle Jablanski on Critical Infrastructure ProtectionPub date: 2025-05-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDanielle Jablanski, Industrial Control Systems Strategist & Subject Matter Expert at CISA, joins the Nexus podcast to discuss her perspectives on critical infrastructure protection and government's role as a cybersecurity partner on implementation guidance and enablement. Danielle touches on a number of areas of CI security and protection, ranging from the challenges arising from the high percentage of private sector ownership of critical infrastructure, to the assistance available from CISA and other agencies to lesser-resourced entities in the 16 CI sectors. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode of Cybersecurity Today, host David Shipley covers a range of cyber threats including the Venom Spider malware targeting HR professionals, the emergence of the Noodlofile info stealer disguised as an AI video generator, and misinformation campaigns amid the India-Pakistan conflict. Additionally, the episode discusses warnings from U.S. agencies about cyberattacks on the oil and gas sector, and highlights a recent interview with whistleblower Daniel Brules about security lapses at the National Labor Relations Board. 00:00 Introduction and Overview 00:33 Venom Spider Targets HR Professionals 02:12 Fake AI Video Generators and Noodlofile Malware 03:41 Misinformation Amid India-Pakistan Conflict 05:40 US Oil and Gas Infrastructure Under Threat 07:22 Conclusion and Final Thoughts

Danielle Jablanski, Industrial Control Systems Strategist & Subject Matter Expert at CISA, joins the Nexus podcast to discuss her perspectives on critical infrastructure protection and government's role as a cybersecurity partner on implementation guidance and enablement. Danielle touches on a number of areas of CI security and protection, ranging from the challenges arising from the high percentage of private sector ownership of critical infrastructure, to the assistance available from CISA and other agencies to lesser-resourced entities in the 16 CI sectors. Listen and subscribe to the Nexus Podcast on your favorite platform.

How prepared is your business for a ransomware attack? Not just to prevent it, but to continue operating when it happens. In this episode, I sit down with Trevor Dearing, Director of Critical Infrastructure at Illumio, to discuss the latest findings from their global ransomware report and what they reveal about cyber resilience. Trevor shares insight from a survey of more than 3,000 organisations across multiple sectors. The most concerning figure is that 58 percent of those impacted by ransomware were forced to halt operations. That number has risen sharply from 43 percent just two years ago. Despite this, many businesses in the UK still avoid reporting attacks, often due to fears around reputational damage or potential retaliation. Trevor explains why that reluctance is misguided and how public support, improved infrastructure, and more explicit government guidance could encourage more transparency. We also explore the rise of containment as a more practical and cost-effective approach than prevention alone. Rather than trying to stop every attack at the perimeter, organisations are learning how to isolate and limit damage quickly. Trevor explains how zero trust architecture, microsegmentation, and one-click containment tools are being used to keep systems operational even during an incident. Only 13 percent of organisations believe their cyber resilience exceeds what is required. Trevor helps us understand why this number remains low and where organisations should focus to shift from vulnerability to resilience. From evolving regulations to future applications of AI in security, this conversation covers what leaders need to know if they prepare for the next generation of cyber threats. To access Illumio's full ransomware report, visit illumio.com. Is your cyber resilience strategy built for recovery, or just defense?

Joshua Steinman is the co-founder and CEO of Galvanick, a cybersecurity company building tools to secure industrial infrastructure and AI systems.In this episode of World of DaaS, Joshua and Auren discuss:Foreign spies in tech companiesVulnerabilities in critical infrastructureLessons from Stuxnet and UkraineBuilding resilience against cyber threatsLooking for more tech, data and venture capital intel? Head to worldofdaas.com for our podcast, newsletter and events, and follow us on X @worldofdaas.  You can find Auren Hoffman on X at @auren and Josh Steinman on X at @JoshuaSteinman. Editing and post-production work for this episode was provided by The Podcast Consultant (https://thepodcastconsultant.com)

Submarine cables are a hidden wonder. These fiber optic bundles carry data and voice traffic around the world and serve as critical global links for communication and commerce. Today on Packet Protector, guest Andy Champagne dives into the history of submarine cables, the technological and operational advancements that allow voice and data to travel hundreds... Read more »

Submarine cables are a hidden wonder. These fiber optic bundles carry data and voice traffic around the world and serve as critical global links for communication and commerce. Today on Packet Protector, guest Andy Champagne dives into the history of submarine cables, the technological and operational advancements that allow voice and data to travel hundreds... Read more »

During RSAC Conference 2025, Andrew Carney, Program Manager at DARPA, and (remotely via video) Dr. Kathleen Fisher, Professor at Tufts University and Program Manager for the AI Cyber Challenge (AIxCC), guide attendees through an immersive experience called Northbridge—a fictional city designed to showcase the critical role of AI in securing infrastructure through the DARPA-led AI Cyber Challenge.Inside Northbridge: The Stakes Are RealNorthbridge simulates the future of cybersecurity, blending AI, infrastructure, and human collaboration. It's not just a walkthrough — it's a call to action. Through simulated attacks on water systems, healthcare networks, and cyber operations, visitors witness firsthand the tangible impacts of vulnerabilities in critical systems. Dr. Fisher emphasizes that the AI Cyber Challenge isn't theoretical: the vulnerabilities competitors find and fix directly apply to real open-source software relied on by society today.The AI Cyber Challenge: Pairing Generative AI with Cyber ReasoningThe AI Cyber Challenge (AIxCC) invites teams from universities, small businesses, and consortiums to create cyber reasoning systems capable of autonomously identifying and fixing vulnerabilities. Leveraging leading foundation models from Anthropic, Google, Microsoft, and OpenAI, the teams operate with tight constraints—working with limited time, compute, and LLM credits—to uncover and patch vulnerabilities at scale. Remarkably, during semifinals, teams found and fixed nearly half of the synthetic vulnerabilities, and even discovered a real-world zero-day in SQLite.Building Toward DEFCON Finals and BeyondThe journey doesn't end at RSA. As the teams prepare for the AIxCC finals at DEFCON 2025, DARPA is increasing the complexity of the challenge—and the available resources. Beyond the competition, a core goal is public benefit: all cyber reasoning systems developed through AIxCC will be open-sourced under permissive licenses, encouraging widespread adoption across industries and government sectors.From Competition to CollaborationCarney and Fisher stress that the ultimate victory isn't in individual wins, but in strengthening cybersecurity collectively. Whether securing hospitals, water plants, or financial institutions, the future demands cooperation across public and private sectors.The Northbridge experience offers a powerful reminder: resilience in cybersecurity is built not through fear, but through innovation, collaboration, and a relentless drive to secure the systems we all depend on.___________Guest: Andrew Carney, AI Cyber Challenge Program Manager, Defense Advanced Research Projects Agency (DARPA) | https://www.linkedin.com/in/andrew-carney-945458a6/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesThe DARPA AIxCC Experience at RSAC 2025 Innovation Sandbox: https://www.rsaconference.com/usa/programs/sandbox/darpaLearn more and catch more stories from RSAC Conference 2025 coverage: https://www.itspmagazine.com/rsac25___________KEYWORDSandrew carney, kathleen fisher, marco ciappelli, sean martin, darpa, aixcc, cybersecurity, rsac 2025, defcon, ai cybersecurity, event coverage, on location, conference______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

Transcend is fundamentally changing how engineers design our world's essential infrastructure through their generative design platform. With $35 million in funding, including investment from industry giant Autodesk, Transcend is automating and optimizing the planning and conceptual design phases for infrastructure projects that typically cost tens to hundreds of millions of dollars. In this episode of Category Visionaries, we spoke with Adam Tank about how Transcend is creating an entirely new category while helping societies build more sustainable, efficient infrastructure from wastewater treatment plants to power systems. Topics Discussed: How Transcend's platform automates preliminary infrastructure design that traditionally requires months of manual work The shift from a consumption-based pricing model to a flat-rate subscription that accelerated user adoption Building a brand in a highly technical, conservative engineering market Leveraging trade partnerships and owned media to educate potential customers The importance of creating a category around "Generative Design for Critical Infrastructure" How strategic investment from Autodesk removed concerns about startup viability The challenge of selling to technical stakeholders who are resistant to change   GTM Lessons For B2B Founders: Validate before building: Adam emphasizes trying to sell your solution before building it. "A lot of entrepreneurs fall into this mindset of 'if you build it, they will come'... Selling it, marketing it, is substantially harder in most cases than building the actual product itself." Education-first marketing for technical buyers: When selling to engineers, plan for 10x more educational content than you might expect. "If I thought we needed to spend four hours a week doing it, we're spending 40 hours a week doing it across both sales and marketing teams." Create webinars, case studies, and detailed content that helps your technical audience understand and trust your solution. Invest in owned media channels: Don't rely solely on platforms you don't control. Transcend created a newsletter reaching 16,000 engineers worldwide that isn't directly branded as Transcend but provides immense value and establishes authority. "If you rely on SEO only, or LinkedIn only... anything can change overnight." Leverage trade partners for amplified reach: Instead of building everything yourself, tap into established networks in your industry. "We'll spend upwards of $5,000 to tap into someone else's network... and we'll get a thousand or more registrants and we've had half or more show up to the webinar, which is almost unheard of." Challenge assumptions with data: Events are often assumed to be critical for relationship-based B2B sales, but Transcend found that "online events, webinars, our newsletters, our social media even, are far more consistent generator of high quality leads than events are for the spend." Rethink pricing to encourage adoption: For complex products requiring significant user education, consumption-based pricing can unintentionally discourage exploration. "We made a big change about a year and a half or so into the company to move away from that consumption based pricing into just a flat rate model... We just want them in the tool, we just want them playing around with it." Balance founder personal brand with company visibility: Adam maintains what he calls a "70-20-10" approach—70% water industry focus, 20% Transcend, and 10% personal. "People like to buy from people. They don't buy from companies. So the extent that a company can have a face that's out front that they can get to know and trust... is super important." // Sponsors: Front Lines — We help B2B tech companies launch, manage, and grow podcasts that drive demand, awareness, and thought leadership. www.FrontLines.io The Global Talent Co. — We help tech startups find, vet, hire, pay, and retain amazing marketing talent that costs 50-70% less than the US & Europe.  www.GlobalTalent.co

Join The Audit as we dive into the high-stakes intersection of critical infrastructure and cybersecurity with Tim Herman, President of InfraGard Minnesota. InfraGard is a unique public-private partnership with the FBI designed to protect the 85% of America's essential systems owned by the private sector. From power grids to transportation, the vulnerabilities are real—and increasingly complex. In this episode, we discuss: How joystick-operated tugboats on the Mississippi reveal hidden cyber risks Why tabletop exercises are vital for incident readiness Common mistakes in organizational response plans (and how to fix them)  The importance of physical backups and redundant communication systems  Actionable steps to bridge the gap between planning and execution Cybersecurity isn't just an IT issue—it's national security. Don't miss this compelling conversation on how InfraGard is helping organizations build resilience before the next breach hits. Like, share, and subscribe for more expert insights from the frontlines of cybersecurity.

In this episode of Audience 1st Podcast, Dani sits down with Kristin Demoranville, CEO of Anzen Sage and host of the Bites & Bytes podcast, to uncover the hidden vulnerabilities in one of the world's most overlooked critical infrastructure sectors: food and agriculture. From insider threats in peanut processing to cyber attacks that disrupt egg supply chains, Kristin breaks down why OT security in food systems isn't just about uptime, it's about human lives, brand trust, and national resilience. She pulls no punches, sharing raw stories from the frontlines: Why cybersecurity leaders in food facilities are flying blind What happened when nobody spoke up at Boar's Head How misinformation campaigns are now a cyber risk vector Why “brown cows make chocolate milk” isn't just a joke—it's a symptom of a dangerous knowledge gap We also unpack: The behavioral blind spots holding back executive buy-in Why empathy, not just engineering, is the key to securing food systems What must change in the next 5 years to avoid preventable tragedies

In this episode of the cybersecurity month-end review, host Jim Love is joined by Daina Proctor from IBM in Ottawa, Randy Rose from The Center for Internet Security from Saratoga Springs, and David Shipley, CEO of Beauceron Security from Fredericton. The panel discusses major cybersecurity stories from the past month, including the Oracle Cloud breach and its communication failures, the misuse of Signal by U.S. government officials, and global cybersecurity regulation efforts such as the UK's new critical infrastructure laws. They also cover notable incidents like the Kuala Lumpur International Airport ransomware attack and the NHS Scotland cyberattack, the continuous challenges of EDR bypasses, and the importance of fusing anti-fraud and cybersecurity efforts. The discussion emphasizes the need for effective communication and stringent security protocols amidst increasing cyber threats. 00:00 Introduction and Panelist Introductions 01:25 Oracle Cloud Breach: A Case Study in Incident Communication 10:13 Signal Group Chat Controversy 20:16 Leadership and Cybersecurity Legislation 23:30 Cybersecurity Certification Program Overview 24:27 Challenges in Cybersecurity Leadership 24:59 Importance of Data Centers and MSPs 26:53 UK Cybersecurity Bill and MSP Standards 28:09 Cyber Essentials and CMMC Standards 32:47 EDR Bypasses and Small Business Security 39:32 Ransomware Attacks on Critical Infrastructure 43:34 Law Enforcement and Cybercrime 47:24 Conclusion and Final Thoughts

Should space be designated as critical infrastructure? What are the threats we're facing in space for cybersecurity? We tackle these questions with our guest Jake Braun, former White House Principal Deputy National Cyber Director and chairman of DEF CON Franklin. You can connect with Jake on LinkedIn. Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow T-Minus on LinkedIn and Instagram. T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It'll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Roman Arutyunov is the Co-founder and SVP of Products at Xage Security, a Series B startup focused on protecting critical infrastructure—including energy systems—from cyber threats. Xage is backed by investors like Chevron Technology Ventures, Aramco, Piva Capital, Valor Equity Partners, and Overture.Cybersecurity is a growing concern as our energy systems become more distributed, electrified, and digitally connected. We spoke with Roman about the vulnerabilities in today's infrastructure, the motivations behind cyberattacks, and how the rise of AI is changing the cybersecurity landscape.In this episode, we cover: [2:11] Introduction to Xage Security[3:12] Cybersecurity 101: Ransomware, nation-state threats, and attacker motivations[7:10] Operational tech (OT) vs. information tech (IT)[13:29] Xage's Zero Trust security approach[15:45] Customer segments and differing security challenges[20:47] Navigating regulations vs. fast deployment timelines[23:40] How AI is shaping both threats and defenses[28:00] When multifactor authentication becomes a vulnerability[31:59] Real-world cyberattacks on energy systems[34:10] Xage's funding history and growth trajectoryEpisode recorded on Feb 20, 2025 (Published on Mar 26, 2025) Enjoyed this episode? Please leave us a review! Share feedback or suggest future topics and guests at info@mcj.vc.Connect with MCJ:Cody Simms on LinkedInVisit mcj.vcSubscribe to the MCJ Newsletter*Editing and post-production work for this episode was provided by The Podcast Consultant

Michael Lucci is the founder, CEO, and chairman of State Armor. He helps states enact policies and solutions that protect their assets from foreign adversaries like communist China.“They're trying to invade our homeland, and they likely have developed the capacity to make life very difficult, to create crises within the United States—whether it's power, whether it's wastewater treatment, whether it's telecommunications,” he says. “They have laws that require those companies to engage in espionage. So why are we letting them sell connected devices of any type into the United States?”In this episode, we dive deep into how the Chinese regime has managed to infiltrate our critical infrastructure and communications systems at the local, state, and federal levels.“It's the largest military buildup since World War Two is what China is doing right now,” says Lucci. “If they're just in our back doors, listening, reading, following everything we're doing, following the pattern of life for important officials across the country, that's a pretty deep problem.”Views expressed in this video are opinions of the host and the guest, and do not necessarily reflect the views of The Epoch Times.

"PREVIEW: PANAMA CANAL: Colleague Joseph Humire outlines the national security concerns of leaving Panama in the hands of those who have sold critical infrastructure to U.S. adversaries, chiefly the PRC. More to follow." 1910 Panama Canal Zone