EPISODE · Sep 20, 2025 · 30 MIN
Responsibility Without Authority: The CISO's Industrial Cybersecurity Dilemma
from @BEERISAC: OT/ICS Security Podcast Playlist · host Industrial Cybersecurity Insider
Podcast: Industrial Cybersecurity InsiderEpisode: Responsibility Without Authority: The CISO's Industrial Cybersecurity DilemmaPub date: 2025-09-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Craig and Dino address one of the most pressing challenges in industrial cybersecurity: the gap between responsibility and authority for CISOs and their ability to protect manufacturing and critical infrastructure plant floors. While executives are tasked with ensuring resilience and reporting to the board, they often hit resistance at the plant floor where production uptime and safety KPIs take priority. The conversation explores IT/OT convergence, asset visibility blind spots, OEM restrictions, and the risks of relying on remote-only deployments. With insights from decades of hands-on experience in industrial environments, Craig and Dino outline practical steps for building bridges between IT and OT, aligning financial risk with security strategy, and equipping CISOs with the authority they need to succeed.Chapters:00:00:00 - Welcome to the Industrial Cybersecurity Insider Podcast00:01:11 - The CISO's Core Conflict of Responsibility Without Authority00:02:45 - Why Security Efforts Get "Kneecapped at the Front Door"00:04:04 - Understanding the OT Environment and Its Unique Technology00:05:36 - Building Bridges Between IT and OT as the Solution00:07:44 - Overcoming OT's "Skittish" Resistance to IT00:09:43 - The Scaling Problem of Too Few Engineers for Too Many Plants00:10:57 - Why a Remote-First Approach Fails in Manufacturing00:14:44 - The "Epiphany" of Uncovering Operational Benefits for OT Teams00:17:24 - Navigating OEM Warranties and Equipment Restrictions00:19:14 - The "Trust but Verify" Mandate for a CISO00:20:56 - The Danger of Hidden Networks and the "Air Gap" Myth00:23:16 - Speaking the Language of Business in Dollars and Cents00:24:43 - Aligning Security with the Plant's Capital Master Plan00:27:24 - How Company Ownership Affects Security Investment00:28:16 - How to Give the CISO Real AuthorityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
What this episode covers
Podcast: Industrial Cybersecurity Insider Episode: Responsibility Without Authority: The CISO's Industrial Cybersecurity Dilemma Pub date: 2025-09-16 Details: https://www.listennotes.com/e/f7e321c9aa4948d49d795d7fee0d5106/ The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
NOW PLAYING
Responsibility Without Authority: The CISO's Industrial Cybersecurity Dilemma
No transcript for this episode yet
Similar Episodes
Mar 26, 2026 ·1m
Jan 2, 2026 ·47m
Dec 21, 2025 ·46m