@BEERISAC: OT/ICS Security Podcast Playlist podcast artwork

PODCAST · business

@BEERISAC: OT/ICS Security Podcast Playlist

A curated playlist of Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity podcast episodes in any language, compiled by ICS security enthusiasts. Missing something? Contact Anton Shipulin on LinkedIn. Subscribe for updates!

  1. 300

    OT Cybersecurity That Works: Defense in Depth, AI Risks & Protecting Critical Infrastructure

    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: OT Cybersecurity That Works: Defense in Depth, AI Risks & Protecting Critical InfrastructurePub date: 2026-06-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWhen it comes to OT cybersecurity, the fundamentals still matter - even in the age of AI. In this episode of Protect It All, host Aaron Crow sits down with Caleb Davis for a practical discussion on securing industrial environments where uptime, safety, and resilience are non-negotiable. From legacy control systems and tight budgets to AI-powered threats and open-source security tools, Aaron and Caleb explore the real challenges organizations face every day - and the strategies that deliver meaningful protection without requiring massive investments. A major focus of the conversation is defense in depth: building multiple layers of protection, fostering trust between IT and OT teams, and strengthening foundational cybersecurity practices before chasing the latest technology. You'll learn: Why defense in depth remains the cornerstone of OT cybersecurity How to improve security in legacy industrial environments Practical ways to strengthen OT security - even with limited budgets Why asset inventory, segmentation, and basic cyber hygiene still matter most How AI is changing both offensive and defensive cybersecurity The importance of trust and collaboration between IT, engineering, and operations Whether you're responsible for manufacturing, utilities, water treatment, energy, or any critical infrastructure environment, this episode delivers practical strategies you can apply immediately. Tune in to learn how layered defenses, strong relationships, and proven fundamentals create resilient OT security programs - only on Protect It All. Key Moments:  05:41 PLCs and network security challenges 07:24 Challenges in Updating OT Systems 11:33 Impact of Downtime on Security 16:03 Using affordable cybersecurity tools 19:14 Building Trust in Business Deals 23:01 Security challenges in medical devices 25:49 Trust and IT implementation risks 28:35 Using AI for safer software updates 31:05 Cybersecurity best practices for plants 33:40 Balancing Security Costs and Business Needs 37:50 Nurturing OT like raising kids 41:20 AI and cybersecurity concerns About the guest : Caleb Davis is a founding member of SolaSec, a cybersecurity consulting firm specializing in advanced penetration testing for embedded and connected systems. Based in Dallas/Fort Worth, he holds a degree in Electrical Engineering from the University of Texas at Tyler and is a patent-holding expert with vast experience in hardware and firmware security. Caleb leads deep technical assessments across a range of high-impact industries, including medical devices, automotive, industrial control systems, ATMs and financial terminals, aerospace components, and consumer electronics. His work focuses on secure design, trusted boot processes, cryptographic implementations, and threat modeling, helping organizations integrate security throughout the development lifecycle and align with industry and regulatory standards. How to connect Celeb : SolaSec: https://solasec.io  LinkedIn: https://www.linkedin.com/in/caleb-davis-400439100/  OTPCAP (OT PCAP analysis tool): https://github.com/SolaSec/otpcap Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitallpod.com/ep111 X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow | Operational Technology & Cybersecurity Host, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  2. 299

    AIBOM, CBOM, and HBOM with Allan Friedman

    Podcast: Open Source Security (LS 39 · TOP 2% what is this?)Episode: AIBOM, CBOM, and HBOM with Allan FriedmanPub date: 2026-06-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJosh chats with Allan Friedman about all things Bill of Materials. Allan did a ton of work to help turn SBOM into what it is today. He has many thoughts and ideas around the new types of BOMs, a concept he's calling the OmniBOM. Allan is always fun to chat with and he brings a ton of knowledge and advice. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2026/2026-06-allan-omnibom The podcast and artwork embedded on this page are from Josh Bressers, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  3. 298

    From Compliance to Resilience: Securing Digital Mission Systems at Military Scale

    Podcast: Exploited: The Cyber Truth Episode: From Compliance to Resilience: Securing Digital Mission Systems at Military ScalePub date: 2026-06-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Lt. Gen. (Ret.) Bill Bender, former Chief Information Officer of the U.S. Air Force, to discuss what it takes to build true cyber resilience across some of the world's most complex digital environments. Drawing on his experience overseeing a $17 billion IT portfolio and helping establish the first Chief Information Security Officer (CISO) and Chief Data Officer (CDO) offices within the Department of Defense, Bender explains why organizations must move beyond checklist-driven security and adopt a mission-focused approach to risk management. Together, they explore: Why compliance alone cannot secure mission-critical systemsBuilding cybersecurity leadership, accountability, and culture at scaleManaging technical debt and long-lived systems that cannot easily be replacedThe role of Zero Trust in protecting complex defense environmentsHow software supply chains and SBOMs support mission assuranceWhy public-private collaboration is essential for modernization and innovationThe growing impact of AI on cyber defense and critical infrastructure security From defense acquisition to critical infrastructure protection, this episode examines how organizations can strengthen resilience.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  4. 297

    It's Control System Integrity not just OT Cybersecurity

    Podcast: Industrial Cybersecurity InsiderEpisode: It's Control System Integrity not just OT CybersecurityPub date: 2026-06-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMany manufacturers don't realize that an investment in OT Cybersecurity also enhances Control System Integrity.In this rewind episode, Craig and Dino dig into why so many OT intrusion detection platforms get installed but never become truly operational.They address what gets lost when IT owns the tool while OT owns the equipment, and why the word “cybersecurity” itself can stall progress the moment it lands on the plant floor.They land on a question every CISO, plant leader, and engineering director should be asking right now: who at your sites actually knows how to use the tools you have already paid for, and how do you bring the OT ecosystem into the room before the next outage forces you to?Chapters:(00:00:00) Cold Open: The Diagnostic Tool Sitting Unused in Your Plant(00:01:00) Shadow OT Versus Shadow IT and Why the Distinction Matters(00:02:30) Why IT Gets Left Out of Industrial Lifecycle Decisions(00:04:00) Reframing Cybersecurity as Control System Integrity(00:05:00) The 8:10 AM Production Shutdown Mystery(00:07:00) Three Rogue Servers Hiding in Plain Sight(00:08:00) A Brewery, a Misconfigured Module, and a Network No One Could Diagnose(00:10:00) Buying an MRI Machine and Refusing to Turn It On(00:12:00) Bringing the OT Ecosystem to the Table(00:15:00) Why IT Needs New Friends in ManufacturingLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  5. 296

    Rethinking Ransomware and Human Error in Industrial Security | OT Security Made Simple

    Podcast: OT Security Made SimpleEpisode: Rethinking Ransomware and Human Error in Industrial Security | OT Security Made SimplePub date: 2026-06-23Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKlaus Mochalski and OT security veteran Daniel Ehrenreich discuss the true nature and measurement of industrial cyber incidents. Discover why paying for OT ransomware is a critical mistake that won't guarantee safe operations, why applying classic IT SOC concepts to operational technology is fundamentally flawed, and why the biggest threat to your infrastructure isn't necessarily a hacker, but untrained personnel.You can find more information on OT Security Made Simple at rhebo.com or send us your ideas, questions, or guest suggestions at [email protected] podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  6. 295

    Quantum Readiness: The Cybersecurity Threat Most Organizations Aren’t Prepared For

    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Quantum Readiness: The Cybersecurity Threat Most Organizations Aren’t Prepared ForPub date: 2026-06-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationQuantum computing isn't a future problem - it's a cybersecurity challenge organizations need to start preparing for today. In this episode of Protect It All, host Aaron Crow welcomes Jim Sortino for a timely discussion on quantum readiness, cryptographic risk, and the future of cybersecurity. As organizations continue accumulating technical debt and relying on aging cryptographic systems, the arrival of quantum computing threatens to disrupt the very foundations of digital trust. Jim explains why leaders need to think beyond today's threats and begin preparing for a future where current encryption standards may no longer provide adequate protection. Together, Aaron and Jim explore the practical realities of quantum risk, how organizations can identify vulnerable systems, and why crypto agility is becoming one of the most important cybersecurity priorities of the next decade. You'll learn: What quantum computing means for modern cybersecurity Why cryptographic technical debt creates long-term business risk How to assess your organization's quantum readiness The importance of crypto agility and encryption modernization Practical steps security leaders can take today Why IT and OT environments must prepare for the same emerging threats Whether you're a cybersecurity professional, technology leader, board member, or simply curious about the future of digital security, this episode provides actionable insights to help you prepare before quantum disruption arrives. Tune in to learn why the organizations that start preparing today will be the ones best positioned to protect tomorrow. Key Moments:  06:02 Challenges with product maintenance and AI integration 08:42 Importance of Software in Everything 12:30 Addressing cybersecurity risks 16:00 Authentication and trust challenges 18:13 Preparing for technological changes 20:56 Planning and Implementing Projects 25:38 Budget planning for cybersecurity risks 28:54 Challenges for Small Financial Institutions 31:27 Importance of regulations in business 33:37 Legacy security systems and protocols 36:38 Quantum readiness and future risks About the guest :  Jim Sortino is the Chief Revenue Officer and a Board Member at Isera Corporation, where he helps organizations address emerging cybersecurity challenges through innovative identity and cryptographic security solutions. With decades of experience working with global enterprises, Jim specializes in helping leaders navigate complex technology risks, from technical debt and encryption modernization to quantum readiness. He is a passionate advocate for proactive cybersecurity strategies that prepare organizations for the next generation of digital threats. How to connect Jim Sortino : https://www.linkedin.com/in/jamessortino/ Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitallpod.com/ep109 X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4 The podcast and artwork embedded on this page are from Aaron Crow | Operational Technology & Cybersecurity Host, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  7. 294

    Col. (Res.) Dr. Avi Cohen CTO @Kodeglass & Yubo Founder on Cyber Paradigm shifts in a chaotic era

    Podcast: ICS Cyber Talks PodcastEpisode: Col. (Res.) Dr. Avi Cohen CTO @Kodeglass & Yubo Founder on Cyber Paradigm shifts in a chaotic eraPub date: 2026-06-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationמה הקשר בין ממר"ם, ניהול משבר הקורונה בבני ברק, מלחמת ה-7 באוקטובר וסייבר? על פניו, מדובר באירועים מנותקים לחלוטין. בפועל, החוט המקשר ביניהם מבוסס על שתי מילים: טכנולוגיות שו"ב (שליטה ובקרה) ואיש אחד – ד"ר אבי כהן. נחשון פינקו מארח את אל"מ (מיל') ד"ר אבי כהן לשיחה מרתקת על ניהול משברים לאומיים: משדה הקרב ועד למגפות עולמיות, מהפכת ה-AI והסוכנים האוטונומיים (Agents): פיתוח מאובטח ותפקיד ה-DPO בעולם החדש. עידן הקוונטום: האיום (וההזדמנות) שמגיעים אלינו הרבה יותר מהר מהצפוי. הצטרפו לניתוח עמוק של שינויי הפרדיגמה בהגנת הסייבר בעולם כאוטי.The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  8. 293

    THE FISH FLUENCER: James Sibley on How Tech Is Changing the Way We Farm the Sea

    Podcast: Bites and Bytes Podcast (LS 27 · TOP 10% what is this?)Episode: THE FISH FLUENCER: James Sibley on How Tech Is Changing the Way We Farm the SeaPub date: 2026-06-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWelcome to the Seafood Summer Series 2026 on the Bites and Bytes Podcast, and we are kicking it off with a great one!Over 120 million tons of seafood are farmed every year. Most people have no idea. And the technology making it happen: AI-powered feeding systems, underwater robots, satellite-connected ocean farms, is advancing faster than the policy and security frameworks trying to keep up with it.  That disconnect is exactly why this conversation matters.James Sibley, known in the aquaculture world as the Fish Fluencer, is an aquaculture educator and content creator who has spent five years visiting fish farms across four continents to explain one of the most consequential and overlooked food systems on the planet. From salmon farms in Scotland and New Zealand to shellfish operations in Southeast Asia, James has seen firsthand how technology is transforming the way we farm the sea, and what happens when that technology outpaces the people managing it.This episode covers aquaculture technology, smart fish farming, ocean farming innovation, seafood supply chain transparency, and food security. If you eat seafood, work in food and agriculture, or care about where your food comes from, this one is for you.---------------Guest: James Sibley"Fish Fluencer" | Aquaculture Creator & Founder🌐 james-sibley.com💼 linkedin.com/in/jameslsibley📸 Instagram: @sibleyaqua▶️ TikTok: @sibleyaqua---------------Episode Key Highlights00:03:15   Meet James Sibley: The Fish Fluencer00:07:26 James’s Origin Story: From Fishmonger to Content Creator00:14:12   Inside the Farm: AI, 4K Cameras, and Live Monitoring00:18:19   Cleaner Fish: Nature's Answer to Sea Lice00:24:33   Climate Change: The Ocean Feels It First00:36:09   Aquaculture and Global Food Security00:38:39   IoT, Drones, and Tech on the Water00:41:39   Underwater Robots and ROVs00:47:00  Cybersecurity on the Water00:53:04   The Supply Chain Reality: 3 Years vs. 48 Hours---------------📘 Info on Kristin’s upcoming book “Securing What Feeds Us: Cybersecurity in Food and Agriculture.” Publish Date: September 29, 2026, published by Wiley Learn More here: https://securingwhatfeedsus.com/Newsletter: https://kristin-king.kit.com/newsletter---------------🎤 Book Kristin Demoranville to Speak Invite Kristin to speak at your conference, corporate event, webinar, or workshop. Visit the ⁠website⁠ and submit a request.---------------🎤 Bites and Bytes Podcast Info:⁠Website⁠: Explore all our episodes, articles, and more on our official website.  ⁠Merch Shop⁠: Show your support with some awesome Bites and Bytes gear!⁠Substack⁠: Stay updated with the latest insights and stories from the world of cybersecurity in the food industry.Socials: ⁠TikTok⁠; ⁠Instagram⁠; LinkedIn⁠; ⁠BlueSky⁠‍---------------🛡️ About AnzenSage & AnzenOT⁠AnzenSage⁠ is a cybersecurity advisory firm specializing in cyber-physical risk management for the food, agriculture, zoo, and aquarium industries. AnzenSage offers practical, strategic guidance to help organizations anticipate risks and build resilience.  Learn more about their offerings at ⁠anzensage.com⁠.​ ⁠AnzenOT⁠helps organizations understand and prioritize operational risk faster, without slow or static assessments. Compliance supported, including NIST, ISA/IEC 62443-2-1, NIS2 Directive, CMMC, and many other industry-specific frameworks.  Subscription access is available, including a student option. Learn more at ⁠anzenot.com.The podcast and artwork embedded on this page are from AnzenSage, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  9. 292

    Is AI Becoming Your Plant Floor's Biggest Vulnerability?

    Podcast: Industrial Cybersecurity InsiderEpisode: Is AI Becoming Your Plant Floor's Biggest Vulnerability?Pub date: 2026-06-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino dig into the widening gap between IT and OT and why the plant floor keeps getting left behind. They break down what Dragos ' acquisition of Phosphorus signals for the future of IoT security in manufacturing, from cameras and label printers to X-ray inspection systems that ship with default passwords and almost never get patched. The conversation gets sharp on artificial intelligence: the same models helping plants work smarter are now lowering the barrier for attackers, putting Stuxnet-style capabilities into the hands of people who lack the resources and sophistication that nation states once needed. Craig and Dino expose the everyday habits that leave operations vulnerable, including system integrators plugging personal laptops straight into production networks, locked USB ports that solve only half the problem, and remote access so wide open that a single entry point can expose an entire plant. They argue that nobody truly owns OT cyber hygiene, that frameworks like IEC 62443 and the NIST 800 82 series get named in RFPs but rarely enforced, and that leaders keep tripping over dollars to pick up nickels by choosing the cheapest bid over real protection. It's a candid, experience-driven look at why industrial security moves so slowly and what plant leaders, engineers, and security teams can actually do about it.Chapters:(00:00:00) - AI Enters the OT Battlefield(00:01:30) - Why IoT Is Creeping Onto the Plant Floor(00:03:30) - Printers, Cameras, and the Default Passwords Nobody Owns(00:06:00) - Dragos, Phosphorus, and the Managed Services Question(00:08:00) - How AI Lowers the Bar for Attacking Control Systems(00:09:40) - Stuxnet Then vs. AI-Powered Attacks Now(00:12:00) - The Laptop in the Plant: Contractors, USBs, and Open Networks(00:16:00) - Frameworks on Paper vs. Reality (IEC 62443 & NIST 800-82)(00:19:00) - Tripping Over Dollars to Pick Up Nickels(00:24:00) - Short-Tenure CISOs and Why You Shouldn't Go It AloneLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  10. 291

    Cybersecurity vs Resilience: What Business Leaders Need to Know About Managing Risk

    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Cybersecurity vs Resilience: What Business Leaders Need to Know About Managing RiskPub date: 2026-06-15Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarization Cybersecurity isn't the goal. Business resilience is. In this episode of Protect It All, host Aaron Crow sits down with Lee Ward to explore why organizations need to move beyond compliance checklists and start focusing on what really matters: the ability to withstand, recover from, and adapt to disruption. Drawing on more than two decades of experience spanning the UK civil service, logistics, supply chain operations, and governance, risk, and compliance (GRC), Lee shares practical insights on helping boards and executives understand cyber risk in business terms. Together, Aaron and Lee discuss the realities of risk acceptance, operational technology challenges, patching constraints, and why resilience not perfection should be the ultimate objective of any cybersecurity program. You'll learn: Why resilience is a better business objective than security alone How to communicate cyber risk to boards and executive leadership The difference between compliance and meaningful risk reduction Practical approaches to OT security, patching, and operational constraints Why risk acceptance is a critical leadership responsibility How logistics and supply chain organizations approach resilience planning Whether you're a security leader, executive, risk manager, or OT practitioner, this episode provides practical guidance for building organizations that can continue operating when disruptions inevitably occur. Tune in to learn why resilience not just security is becoming the defining metric of successful organizations. Key Moments:  03:59 Understanding Cyber Risks for Leaders 07:16 Discussing non-cyber risks to services 11:12 Understanding business impact of cyber risk 15:45 Evaluating Cybersecurity Risks 19:37 Understanding installation complexities 21:15 Global risks affecting business resilience 24:27 Discussing regulation impacts on business 29:30 People's drive to make good choices 31:27 Industrial control systems demo at DEFCON 34:43 Limitations of technical security 38:06 The future of AI and education About the guest : Lee Ward is a Governance, Risk Management, and Compliance (GRC) leader with more than 20 years of experience spanning the UK civil service, logistics, supply chain operations, and cybersecurity. Specializing in business resilience, risk governance, and operational technology security, Lee helps organizations translate complex cyber risks into meaningful business decisions. He is passionate about moving beyond compliance-driven security programs and helping leaders build resilient organizations that can adapt, recover, and thrive in an increasingly uncertain world. How to connect Lee:  https://www.linkedin.com/in/lee-ward-882a54244/ Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitallpod.com/ep110 X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4 The podcast and artwork embedded on this page are from Aaron Crow | Operational Technology & Cybersecurity Host, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  11. 290

    Krista Arndt on Cyber Resilience in Healthcare

    Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Krista Arndt on Cyber Resilience in HealthcarePub date: 2026-06-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKrista Arndt, the Associate Chief Information Security Officer (CISO) at the St. Luke's University Health Network, a 15-hospital health system in Pennsylvania and New Jersey, joins the Nexus Podcast to discuss cybersecurity and resilience in a large hospital system. Krista and her team talk about the role of healthcare cybersecurity teams in ensuring patient safety, and some of the ongoing challenges in keeping medical devices and the healthcare network available and resilient to attack. Krista also discusses a microsegmentation project implemented through Elisity that helped remove blockers impeding innovation around robotic surgical systems. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  12. 289

    teissTalk: Navigating cloud transformation and IT/OT convergence in CNI

    Podcast: teissPodcast - Cracking Cyber Security (LS 31 · TOP 5% what is this?)Episode: teissTalk: Navigating cloud transformation and IT/OT convergence in CNIPub date: 2026-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBalancing compliance, resilience, data sovereignty and uptime across IT and OT environments - whether a cloud-first strategy is viable in CNIHow the need to harness operations data for optimisation, innovation, risk management, and organisational resilience challenges legacy security modelsAdapting proven resilience models from IT cloud transformation to OT security in CNI and the importance of public-private partnerships in its success - Thom Langford, Host, #teissTalk- Amal Kotecha, Head of Technology, INEOS- Sarah Clarke, Head of Information, Strategic Command- Alex Holben, Strategy & Technology Officer, FortinetThe podcast and artwork embedded on this page are from TEISS, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  13. 288

    Seeing the Invisible: Asset Discovery, Segmentation, and the Reality of OT Security

    Podcast: Exploited: The Cyber Truth Episode: Seeing the Invisible: Asset Discovery, Segmentation, and the Reality of OT SecurityPub date: 2026-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by Shane Fry, CTO of RunSafe Security, and Andrew McPhee, Solutions Manager for Industrial Security at Cisco, to examine why visibility is one of the biggest challenges in OT cybersecurity. As industrial environments become more connected, organizations are struggling to identify unknown assets, understand hidden dependencies, and secure systems that were never designed with cybersecurity in mind. McPhee explains how attackers exploit these blind spots, why traditional IT security approaches often fall short in OT environments, and how visibility and segmentation can help reduce risk. Together, they explore: Why asset visibility is the foundation of OT securityHow unknown assets and communication pathways create riskThe differences between active and passive asset discoveryWhy segmentation remains one of the most effective OT security controlsHow IT/OT convergence is expanding the attack surfaceThe role of risk tolerance and risk acceptance in security decisions From manufacturing facilities to critical infrastructure, this episode explores what security teams must understand before they can effectively protect the systems they depend on.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  14. 287

    Uri Segal serial entrepreneur and CEO @Cyvore on Workspace Security proactive AI-powered defense

    Podcast: ICS Cyber Talks PodcastEpisode: Uri Segal serial entrepreneur and CEO @Cyvore on Workspace Security proactive AI-powered defensePub date: 2026-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationהתוקפים מבינים שטכנולוגיה אפשר לעדכן ולחסום, אך רגשות ותגובות אנושיות נשארים קבועים, והם מנצלים את האמון, הפחד והסקרנות שלנו כדי לגרום לנו לפתוח להם את הדלת מרצוננו. כיום להסתמך על המשתמש בלבד שיזהה פישינג או דייפ-פייק כבר לא עובד, התחכום והתגובה המיידית של מתקפות משולבות AI מצליחות להטעות גם אנשי מקצוע הטובים ביותר לא כול שכן משתמשים רגילים. הפתרון טמון במערכות הגנה אקטיביות מבוססות AI שיכולות לנתח בזמן אמת תגובות, נקודות לחץ, ניתוח עומק של לינקים ולהתעדכן בכול רגע מתקיפות דומות שמתרחשות ברשת. נחשון פינקו מארח את אורי סגל יזם סדרתי ומנכ"ל חברת הסייבר הישראלית Cyvore (סייבור) בשיחה על אבטחת סביבת עבודה (Workspace Security) הגנה פרואקטיבית מפני מגפת הפישינג (דיוג), גניבת זהויות והונאות דיגיטליות Hackers recognize that while technology can be updated and protected, human emotions and behaviors remain predictable. They capitalize on trust, fear, and curiosity, often manipulating individuals into granting them access unintentionally Today, relying solely on users to identify phishing or deepfake attempts is no longer effective. The sophistication and speed of AI-driven attacks can deceive even seasoned professionals, making it increasingly difficult for average users to distinguish threats The answer lies in proactive, AI-powered defense systems that analyze behavioral patterns, stress indicators, and suspicious links in real time. These systems continuously update themselves by learning from emerging threats across the digital landscape Nachshon Pincu hosts Uri Segal, serial entrepreneur and CEO of Israeli cybersecurity firm Cyvore, for an in-depth discussion on Workspace Security and proactive strategies to combat phishing, identity theft, and digital fraud.The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  15. 286

    EP 88: Securing the Infrastructure AI Just Made Vulnerable

    Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 88: Securing the Infrastructure AI Just Made VulnerablePub date: 2026-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCritical infrastructure is under attack. AI just made it easier. Legacy devices can't be patched. Piotr Kupisiewicz, CTO at Elisity, describes how your best defense is the basics that you're ignoring.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  16. 285

    The OT Incident Impact Score and the Value of Near Misses I OT Security Made Simple

    Podcast: OT Security Made SimpleEpisode: The OT Incident Impact Score and the Value of Near Misses I OT Security Made SimplePub date: 2026-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKlaus Mochalski and OT security veteran Dale Peterson (S4 Events) discuss the long-standing discrepancy between predicted cyber doom and the actual lack of catastrophic OT incidents. Discover how the crowdsourced OT Incident Impact Score helps eliminate media FUD, and learn why tracking "near misses" is the true key for asset owners to understand and mitigate real-world threats.You can find more information on OT Security Made Simple at rhebo.com or send us your ideas, questions, or guest suggestions at [email protected] podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  17. 284

    Is Your IIoT Strategy Creating More Security Risks?

    Podcast: Industrial Cybersecurity InsiderEpisode: Is Your IIoT Strategy Creating More Security Risks?Pub date: 2026-06-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino address one of the most overlooked problems in OT security: the IIoT devices your security tools don't automatically detect.Most OT intrusion detection platforms do a reasonable job of identifying core control-layer assets such as PLCs, drives, and motor control centers. The problem is everything else. Laptops plugged into the network, third-party devices brought in by contractors, and a growing range of connected IIoT equipment often go completely undetected. Those are the gaps where risk accumulates.Craig and Dino explain why the belief that machines are air-gapped is a dangerous myth, how PLCs acting as gateways prevent intrusion detection platforms from seeing the devices behind them, and why an asset inventory is not the same as knowing your real risk and CVE exposure in multi-vendor environments.They reframe OT cybersecurity as a process-integrity problem and show how unmanaged network activity, third-party remote access, and even routine IT security scans can quietly degrade OEE and trigger unplanned downtime that costs millions.Using predictive-maintenance analogies such as thermal, harmonics, and vibration sensing, they make the case for treating digital anomalies the same way mature plants already treat mechanical ones.They close by examining why so many OT detection tools become shelfware, how to escape alert fatigue, and the two practical paths to real IT/OT convergence: building the right relationships with OEMs, system integrators, and AEC partners, and designing security-ready facilities from the ground up.It's a practical listen for CISOs, plant and engineering leaders, and OT/IT teams responsible for securing manufacturing and critical infrastructure.Chapters:(00:00:00) - Why No Industrial Asset Is Truly Air-Gapped(00:01:08) - IoT vs. IIoT: How OT Assets Get Classified(00:03:15) - The Control-Layer Blind Spot: Drives, Robots, and Motor Controls(00:05:25) - How PLC Gateways Hide Assets From Intrusion Detection(00:07:30) - Asset Inventory Isn't Risk: The CVE Gap in Multi-Vendor Plants(00:08:55) - When Cyber Blind Spots Become Costly Downtime(00:10:05) - Process Integrity: How Security Scans Disrupt Production(00:11:35) - Predictive Maintenance Meets Digital Anomaly Detection(00:17:45) - Avoiding OT Shelfware and Alert Fatigue(00:19:45) - IT/OT Convergence: Choosing a Partner and Building Secure-by-DesignLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  18. 283

    Continuous Trust in Cybersecurity : Why Identity Is the New Security Perimeter

    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Continuous Trust in Cybersecurity : Why Identity Is the New Security PerimeterPub date: 2026-06-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe podcast and artwork embedded on this page are from Aaron Crow | Operational Technology & Cybersecurity Host, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  19. 282

    Five Federal Agencies. One Zero-Trust OT Briefing. Most Haven't Read it.

    Podcast: Industrial Cybersecurity InsiderEpisode: Five Federal Agencies. One Zero-Trust OT Briefing. Most Haven't Read it.Pub date: 2026-06-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationThe joint CISA, FBI, Department of War, Department of Energy, and Department of State briefing on adapting Zero Trust to operational technology landed on April 29. Has OT leadership read it?In this episode, Craig and Dino address how the European Cyber Resilience Act is quietly forcing US plants into failed audits, why IT teams still see less than a third of OT assets, how EDR tools are taking down $100K-an-hour packaging lines, and why only a handful of integrators in North America have a real OT cybersecurity practice. They walk through what zero trust and micro-segmentation actually look like inside a 20-year-old plant with flat layer-two networks, DLR rings, jump boxes, and Cradlepoint workarounds, and lay out the first concrete move every CISO and CIO should make to start closing the IT/OT gap.Chapters:(00:00:00) - Cold Open: How the European CRA Is Failing US Plants(00:01:30) - The April 29 CISA/FBI Zero Trust in OT Briefing Nobody Read(00:05:00) - Compliance Without Teeth: Why US Regulations Aren't Moving the Needle(00:07:30) - When CrowdStrike Shuts Down a $100K-an-Hour Packaging Line(00:10:30) - The Visibility Gap: IT Sees Less Than a Third of OT Assets(00:15:30) - OEM Resistance: The Million-Dollar, Six-Month Cybersecurity Tax(00:18:30) - The Cradlepoint Workaround: How Plant Managers Bypass IT(00:21:30) - Layering Zero Trust onto a 20-Year-Old Plant Without Rip-and-Replace(00:25:30) - Why Only 5–10 of 1,000 Integrators Have a Real OT Cyber Practice(00:31:30) - Where CISOs Should Actually Be Looking (Hint: Not RSA or Black Hat)Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  20. 281

    132: Solving Problems at Scale: Kenny Mesker on OT Cybersecurity Strategy, Risk, and Leadership

    Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 132: Solving Problems at Scale: Kenny Mesker on OT Cybersecurity Strategy, Risk, and LeadershipPub date: 2026-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKenny Mesker, OT Cybersecurity Strategist and Distinguished Engineer at Chevron, joins Derek Harp to share his remarkable journey from growing up on a farm in West Texas to becoming one of the industry's leading voices in operational technology (OT) cybersecurity.With more than 30 years of experience spanning electric utilities, SCADA systems, industrial control systems, and cybersecurity, Kenny reflects on the evolution of OT security from the days of air-gapped networks to today's interconnected digital environments. He discusses how a passion for problem-solving led him from electrical engineering into industrial operations and ultimately into cybersecurity strategy.Kenny offers practical advice for professionals looking to enter the OT cybersecurity field, explaining why hands-on operational experience remains one of the most valuable foundations for success. He also explores the challenges of IT/OT convergence, the importance of risk assessment, and how cybersecurity leaders must think beyond individual systems to protect entire organizations and critical infrastructure.Looking ahead, Kenny shares his perspective on artificial intelligence, cloud technologies, and the future of OT architectures, highlighting both the opportunities and challenges these emerging technologies will bring to industrial environments.Whether you're an engineer, cybersecurity professional, student, or industry leader, this episode provides valuable insights into building a successful OT cybersecurity career while helping protect the systems that power modern society.The podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  21. 280

    Yigal Gueta CEO & Dor Tuchman VP-Tech @Scadasudo on cyber sales and tailored solutions for customers

    Podcast: ICS Cyber Talks PodcastEpisode: Yigal Gueta CEO & Dor Tuchman VP-Tech @Scadasudo on cyber sales and tailored solutions for customersPub date: 2026-06-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationאחד הנושאים היותר מאתגרים למנהל אבטחת מידע בארגון הוא בחירת טכנולוגיות הגנת סייבר, מאות מוצרים שלכל אחד מהם השטיק שלו, ברושורים ומצגות על כך שהמוצר עושה הכול כולל קפה נוסיף את העובדה שאנשי אבטחת מידע נמצאים תמיד תחת הצף וקשה להם לבדוק מגוון טכנולוגיות ולכן הם נאלצים לקבל סוג של החלטה מושכלת ולבצע בדיקת יתכנות למוצר בודד ומאידך החשש מהחלפת טכנולוגיה מוטמעת במוצר חדש נחשון פינקו מארח את יגאל גויטע מייסד ומנכ"ל ואת דור טוכמן סמנכ"ל הנדסה ופיתוח עסקי בסקאדה סודו, בשיחה על בכירה של טכנולוגיות סייבר בכובע היועץ, הצורך בהכרות עמוקה עם הצרכים של הלקוח לפני שבכלל ניגשים למציאת פתרונות והחשיבות של התאמת פתרון לצורך ולא צורך לפתרון A major challenge for Chief Information Security Officers (CISOs) is choosing the right cybersecurity technologies. With hundreds of vendors touting unique value propositions and comprehensive solutions, the selection process becomes overwhelming. Security teams, often stretched thin, lack the bandwidth to assess multiple platforms at once. As a result, CISOs must make strategic choices and conduct a Proof of Concept (PoC) on a carefully chosen solution. On the other hand, there is apprehension about replacing an embedded, established technology with a new product. Nachshon Pincu hosts Yigal Gueta, Founder & CEO, and Dor Tuchman, VP of Engineering & Business Development at SCADASudo, in a comprehensive discussion on evaluating cyber technologies from a consultant’s perspective. The conversation highlights the importance of thoroughly understanding client needs before engaging with vendors and stresses the necessity of aligning solutions with business requirements—rather than adapting cyber needs to fit a specific product.  The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  22. 279

    Breaking Into Cybersecurity: Soft Skills, Networking & Standing Out in a Crowded Market

    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: Breaking Into Cybersecurity: Soft Skills, Networking & Standing Out in a Crowded MarketPub date: 2026-06-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationTechnical skills might get your attention - but soft skills build cybersecurity careers. In this episode of Protect It All, host Aaron Crow sits down with technology leader and mentor Robert Whetstine for a candid conversation about what it really takes to succeed in today’s cybersecurity job market. As AI reshapes hiring, the market becomes more crowded, and professionals struggle to stand out, Aaron and Robert explore the overlooked factors that often determine long-term success: adaptability, networking, authenticity, and communication. This episode goes beyond résumés and certifications to focus on the human side of career growth. You’ll learn: Why soft skills matter as much as technical ability in cybersecurity How networking and community create real career opportunities The impact of AI and oversaturation on the cybersecurity job market How to stand out without relying only on certifications Why adaptability and continuous learning are critical for long-term success Lessons on leadership, resilience, and professional growth from decades in tech Whether you’re breaking into cybersecurity, navigating a career transition, or trying to stay relevant in a fast-changing industry, this episode delivers practical advice and honest insights for building a sustainable and rewarding career. Tune in to learn why relationships, mindset, and adaptability are becoming the true differentiators in cybersecurity - only on Protect It All. Key Moments:  07:31 Developing essential soft skills 11:44 Embracing leadership and failure 16:14 Evaluating candidates for fit 22:00 Building a career through networking 31:16 Taking risks and finding support 35:16 The importance of empathetic leadership 38:34 Networking for job opportunities 47:28 Discussing layoffs for AI investment 50:07 Concerns about infrastructure cost 53:40 Entering the tech industry About the guest :  Rob Whetstine (#BowTieSecurityGuy) has been in the technology and Cyber Security space for the last two decades. Known for the Mentoring, Making and of course his nerdy bowties. Born with an obsession for problem-solving, Rob's journey into the world of technology began at a young age, where he spent countless hours tinkering with computers found in the trash. When he was laid off a year ago from Disney after almost 20 years of service. He made it his mission to help people anyway he could. Those who were struggling in this job market and people new to Cyber. He started sharing videos on LinkedIn about his journey and sharing leadership stories. He has now started a podcast and mentors people all over the world. How to connect Rob : LinkedIn https://www.linkedin.com/in/bowtiesecurityguy/ Youtube: https://www.youtube.com/@bowtiesecurityguy Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow | Operational Technology & Cybersecurity Host, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  23. 278

    Jon Holzbauer on IT/OT's Divergent Approaches to Asset Security

    Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Jon Holzbauer on IT/OT's Divergent Approaches to Asset SecurityPub date: 2026-05-31Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationJon Holzbauer, OT Systems Manager at Silgan Containers, joins the Nexus Podcast to discuss where IT security teams and OT operations run into challenges in protecting these diverse complicated environments in manufacturing. A clash of approaches may lead to rash decisions around cybersecurity that could disrupt key processes or impact safety and reliability. This interview was pulled from Episode 3 of Nexus Digest, a monthly recap of content published on Nexus. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  24. 277

    The Cyber-Physical Truth: What We Get Wrong About Attacks on Critical Infrastructure

    Podcast: Exploited: The Cyber Truth Episode: The Cyber-Physical Truth: What We Get Wrong About Attacks on Critical InfrastructurePub date: 2026-05-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joseph M. Saunders and Danielle “DJ” Jablanski, Cybersecurity Consulting Program Lead for Operational Technology at STV and former OT Cybersecurity Strategist at CISA, to examine what defenders often get wrong about attacks on critical infrastructure. With experience across government, threat intelligence, engineering, and industrial environments, DJ explains why sectors like water, rail, energy, and manufacturing require a different way of thinking about cybersecurity. Together, they explore: How cyber-physical risk differs from traditional IT riskWhy attacks can target engineering logic, process variables, and safety systemsThe challenge of securing long-lived OT assets and heterogeneous environmentsHow visibility, asset identification, and segmentation shape OT defenseWhy secure-by-design and secure-by-demand both matterWhy patching alone cannot keep up with distributed critical infrastructure From water systems to transportation networks, this episode breaks down what security leaders, asset owners, OEMs, and operators must understand to stay ahead of cyber-physical threats.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  25. 276

    IT vs OT: The Internal Misalignment Costing Manufacturers Millions

    Podcast: Industrial Cybersecurity InsiderEpisode: IT vs OT: The Internal Misalignment Costing Manufacturers MillionsPub date: 2026-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMost manufacturing organizations still operate with a dangerous blind spot: IT and OT teams working in completely different dimensions with no shared visibility into plant floor cybersecurity.In this episode, Dino and Jim break down why 90% of manufacturers remain in the unaware-to-awareness phase when it comes to OT cybersecurity. They address what happens when IT tries to shoehorn enterprise security into operational environments they don't understand, and how the lack of collaboration between these two groups leads to costly unplanned downtime — sometimes at $100,000 per hour or more.Drawing from real client engagements, they reveal why OT must take a leadership role in cybersecurity (just like safety), how OT IDS tools can deliver operational value far beyond threat detection, and what it actually takes to get IT and OT speaking the same language before a breach forces them to.Chapters:(00:00:00) - Why IT and OT Need to Get to the Table Now(00:01:47) - Cats and Dogs Living Together: The IT/OT Culture Clash(00:03:00) - 90% of Manufacturers Are Still in the Dark on OT Cyber(00:06:00) - What Is OT and Why Don't OT People Know They're OT?(00:08:45) - Real Client Story: The Missing OT Team on a Global Kickoff(00:13:00) - Ask Forgiveness, Not Permission: How OT Workarounds Create Risk(00:15:00) - The OT IDS Tool Nobody's Sharing With OT(00:19:30) - Why Manual Discovery Assessments Are Throwing Money Away(00:21:00) - 15 Switch Manufacturers in One Plant: The Architecture Nightmare(00:25:30) - OT Cybersecurity Is the New Safety — Treat It Like One(00:29:00) - Final Advice for IT and OT Teams Ready to ConvergeLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  26. 275

    teissTalk: Measuring the return on security investments for Cyber-Physical Systems

    Podcast: teissPodcast - Cracking Cyber Security (LS 31 · TOP 5% what is this?)Episode: teissTalk: Measuring the return on security investments for Cyber-Physical SystemsPub date: 2026-05-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationQuantifying the tangible impact of unplanned downtime, regulatory fines, and equipment damageStrategies for security teams and asset owners to present CPS security projects in a language that Finance and Operations understandStreamlining asset management and reducing manual audit hours with dedicated IoMT, OT, IoT, and BMS securityThom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Danny Dresner, Professor of Cyber security, The University of Manchesterhttps://www.linkedin.com/in/danny-dresner-fciis-6382381/Elliot Gidley, Field CTO, Clarotyhttps://www.linkedin.com/in/elliotgidley/The podcast and artwork embedded on this page are from TEISS, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  27. 274

    EP 87: Backup, Control Gaps, and the Real Cost of Agentic AI Actions

    Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 87: Backup, Control Gaps, and the Real Cost of Agentic AI ActionsPub date: 2026-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAn AI agent wiped out an entire company’s data in just 9 seconds — no hacker, no ransomware involved. Todd Thorsen, Chief Information Security Officer at CrashPlan, explains how a misconfigured AI agent operating without safeguards may have caused the incident — and asks a troubling question: could your organization be next? The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  28. 273

    Interview With Acting CISA Director Nick Andersen

    Podcast: Unsolicited Response (LS 33 · TOP 5% what is this?)Episode: Interview With Acting CISA Director Nick AndersenPub date: 2026-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDale Peterson interviews acting CISA Director Nick Andersen. They briefly begin with the impact of the personnel changes at CISA, both at the leadership level and widespread exodus of anyone involved in OT. What are the plans for the rebuild of OT capabilities. The bulk of the discussion is on the need, implementation, and metrics related to CISA's ruthless prioritization of efforts and resources. What CISA and US critical infrastructure must do, and what they won't have the resources to do.The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  29. 272

    Kindness and Critical Infrastructure: Rethinking OT Security

    Podcast: Hack the Plant (LS 35 · TOP 3% what is this?)Episode: Kindness and Critical Infrastructure: Rethinking OT SecurityPub date: 2026-05-27Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this bonus episode, Bryson Bort sits down with Andrea Haddad, a leader in technology and infrastructure architecture. Andrea has almost two decades of global experience across infrastructure, including network operations, enterprise architecture, cybersecurity, and cloud strategy. After beginning her career on the IT side, Andrea now specializes in building secure, scalable, and resilient digital foundations. She takes Bryson through her transition from IT to OT, segmentation in the real world, and why the future of manufacturing depends on both better architectures—and better intentions. What are the unique security challenges of a manufacturing environment? What are the best - and worst case scenarios for manufacturing and cyber conflict? And what’s the secret to overcoming cultural differences between IT and OT? “In our industry, our main concern is protecting…. In people, protecting production, protecting society, environment. So we can work all day long to come up with new architecture, new ideas. But if there's another hacker that wants to hack into the organization, he's going to always find a way. So the magic wand, to be honest, would be just simply kindness,” Andrea said.  Join us for this and more on this episode of Hack the Plan[e]t.  This June 17-18, join us for Critical Effect DC! Register here: https://www.eventbrite.com/e/critical-effect-dc-2026-tickets-1987141703327?aff=oddtdtcreator The views and opinions expressed in this podcast represent those of the speaker, and do not necessarily represent the views and opinions of their employers.  Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  30. 271

    Der blinde Fleck der Industrie: Warum das OT Asset Inventory noch lange nicht gelöst ist | OT Security Made Simple

    Podcast: OT Security Made SimpleEpisode: Der blinde Fleck der Industrie: Warum das OT Asset Inventory noch lange nicht gelöst ist | OT Security Made SimplePub date: 2026-05-26Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKlaus Mochalski und David Petrikat (AMDT) beleuchten den blinden Fleck der OT-Security: das Asset Inventory. Erfahren Sie, warum klassische Netzwerk-Scanner oft scheitern, über die Hälfte der Unternehmen noch am Anfang steht und wie intelligentes Konfigurationsmanagement stattdessen eine verlässliche Basis für echte Cyber-Resilienz schafft.Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen, Fragen oder Gastvorschlägen an [email protected].  The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  31. 270

    AI, Cybersecurity & Career Growth: Why Curiosity Matters More Than Credentials

    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: AI, Cybersecurity & Career Growth: Why Curiosity Matters More Than CredentialsPub date: 2026-05-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarization The future of cybersecurity belongs to people who can adapt - not just those with the longest list of certifications. In this episode of Protect It All, host Aaron Crow sits down with Peter Schawacker for a candid conversation about the evolving intersection of AI, cybersecurity, talent, and career growth. With nearly 30 years of experience in cybersecurity and technology leadership, Peter shares real-world insights on what organizations are getting wrong about hiring, why curiosity often matters more than credentials, and how AI is reshaping both technical work and the future of security teams. Together, Aaron and Peter unpack the changing role of CISOs, the dangers of checkbox-driven hiring, and why nontraditional talent may hold the key to solving the industry’s growing skills gap. You’ll learn: Why soft skills and curiosity are becoming critical cybersecurity assets How AI is transforming cybersecurity recruiting and technical roles The growing challenges around technical debt and workforce readiness Why traditional credentials don’t always predict success How CISOs and leaders should think differently about talent and culture Practical career advice for cybersecurity professionals navigating rapid change Whether you’re building a cyber team, hiring talent, or planning your next career move, this episode delivers honest insights into what it really takes to thrive in the AI-driven future of cybersecurity. Tune in to learn why adaptability, curiosity, and human ingenuity still matter most - only on Protect It All.. Key Moments:  04:08 The role of security in business 09:24 Managing Aramis online security 11:22 Hiring mindset for troubleshooting skills 13:55 Evaluating AI talent challenges 16:26 Discussing vulnerabilities in software 22:24 Early days of hacking and tech 25:55 Realizing the power of soft skills 28:15 Browsing eclectic book collections 32:13 Recent grads and AI opportunities 33:24 Getting into cybersecurity careers 37:22 Unexpected paths into security careers 40:41 Importance of critical thinking 44:35 Explaining tech's evolution over time About the Guest : Peter Schawacker is the Founder & CEO of Nearshore Cyber and a cybersecurity executive with more than 25 years of experience across multiple industries. A former CISO in four sectors, Peter specializes in cyber risk, AI governance, and workforce development. He is the creator of ARAMIS Insight, an AI-powered cybersecurity workforce competency platform aligned to the NIST NICE framework, and author of Governing AI at the Edge: An Operating Model for Citizen Development in the Enterprise. How to connect Peter:  LinkedIn: https://www.linkedin.com/in/schawacker  Nearshore Cyber: https://nearshorecyber.com.mx | ARAMIS Insight: https://project-aramis.com/insight  Email: [email protected] Phone: +1 (760) 880-4258 Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow | Operational Technology & Cybersecurity Host, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  32. 269

    Ric Derbyshire on Living-Off-the-Plant OT Cyberattacks

    Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Ric Derbyshire on Living-Off-the-Plant OT CyberattacksPub date: 2026-05-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRic Derbyshire, a Principal Security Researcher at Orange Cyberdefense and an Honorary Researcher at Imperial College London, joins the Nexus Podcast to discuss how attackers are able to gain lateral movement across operational technology (OT) assets through a tactic known as Living Off the Plant.Similar to Living-off-the-Land attacks, Living-Off-the-Plant TTPs leverage native functionality specific to OT, with a potential negative impact on physical assets and safety concerns. Subscribe and listen to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  33. 268

    4/4 Desenlace de la Resiliencia Colectiva en el Sector Ferroviario

    Podcast: Casos de Ciberseguridad IndustrialEpisode: 4/4 Desenlace de la Resiliencia Colectiva en el Sector FerroviarioPub date: 2026-05-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se analiza qué cambios estructurales, en los ámbitos regulatorio, contractual y técnico, son imprescindibles para que la seguridad deje de depender de la buena voluntad y se consolide como una responsabilidad industrial común y obligatoria.The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  34. 267

    You Can’t Patch Your Way Out of This: What Mythos Means for the Future of Cybersecurity

    Podcast: Exploited: The Cyber Truth Episode: You Can’t Patch Your Way Out of This: What Mythos Means for the Future of CybersecurityPub date: 2026-05-21Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Exploited: The Cyber Truth, RunSafe Security Founder and CEO Joe Saunders and EVP and CSO Doug Britton join us for a strategic discussion on what Anthropic’s “Mythos moment” means for the future of cyber defense. Joe and Doug explore why AI-driven vulnerability discovery marks a fundamental turning point for enterprises, critical infrastructure, and national security. As AI accelerates the discovery and weaponization of vulnerabilities, traditional patch-and-remediate strategies are becoming increasingly unsustainable, especially for safety-critical and mission-critical systems that cannot be patched quickly or frequently. Together, Joe and Doug examine: Why “find and fix” alone cannot scale in the AI eraHow AI is shifting the balance between attackers and defendersWhy patch timelines are widening as vulnerability discovery acceleratesThe growing need for resilience-based cybersecurityHow organizations can reduce exploitability without rewriting legacy systemsWhy mitigation technologies are becoming essential for critical infrastructure and national security Whether you secure embedded systems, manage cyber risk across critical infrastructure, or lead product security strategy, this episode makes the case for a new approach: one built not around chasing every vulnerability faster, but around ensuring systems remain resilient even when flaws exist.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  35. 266

    SBA 546: VPN and Remote Access in BAS

    Podcast: The Smart Buildings Academy Podcast | Teaching You Building Automation, Systems Integration, and Information Technology (LS 43 · TOP 1% what is this?)Episode: SBA 546: VPN and Remote Access in BASPub date: 2026-05-21Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRemote access is no longer optional in building automation. But every connection to your BAS can also become a pathway for risk if security is treated as an afterthought. In this episode, you'll learn how VPNs, remote desktop tools, and zero trust strategies are reshaping the way automation professionals manage buildings remotely. You'll also hear why many BAS networks remain vulnerable and where even experienced teams make costly mistakes. Topics Covered • Why BAS cybersecurity is different from traditional IT security • The real differences between site-to-site, client-to-site, and zero trust access • How network segmentation protects building systems from larger threats • Common remote access mistakes that create hidden vulnerabilities • What a practical and secure remote access strategy should include As building systems become more connected, the challenge is no longer just enabling access. It's securing it without compromising operations.The podcast and artwork embedded on this page are from Smart Buildings Academy, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  36. 265

    High-speed train hacks and homicidal lawnmowers

    Podcast: Smashing Security (LS 55 · TOP 0.5% what is this?)Episode: High-speed train hacks and homicidal lawnmowersPub date: 2026-05-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationA 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative excuse we've heard all year.Meanwhile, owners of $4,000 robot lawnmowers are discovering that their gadget can be hijacked over the internet, redirected at journalists who foolishly lie down in front of it, and used to harvest Wi-Fi passwords, email addresses, and GPS coordinates. Change the default password? Sure - until the next firmware update silently resets it back.Plus - don't miss our featured interview with XBOW's Brendan Dolan-Gavitt about how AI is transforming penetration testing.All this and more in episode 468 of the "Smashing Security" podcast with cybersecurity expert and keynote speaker Graham Cluley, and special guest Geoff White.EPISODE LINKS:Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom - TechCrunch.Man accused of stealing Beyoncé’s unreleased music takes guilty plea - ABC News.Shai-Hulud code drop: Open season for supply chain attacks- ReversingLabs.Student hacked Taiwan high-speed rail to trigger emergency brakes - BleepingComputer.Polish teen derails tram after hacking train network - The Register.The Cheap Radio Hack That Disrupted Poland's Railway System - WIRED.The man with an army of Yarbo robot lawn mowers - The Verge.Ever been run over by a robot? I have - for science! - TikTok.RD280UA 28” WQXGA BenQ Programming Monitor with Backlight and Flexible Arm - BenQ.Kai Shun DM-0708 combination sharpening stone, grain 300/1000 - Knives and Tools.AI-Assisted ICS Attack on a Water Utility - Dragos.Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access - Google Cloud Blog.Smashing Security merchandise (t-shirts, mugs, stickers and stuff)SPONSORS:Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!XBOW - The autonomous offensive security platform that helps security teams scale. Start a pentest today.OPSWAT - Read Benny Czarny's book, "Cybersecurity Upside Down", to rethink how you protect your organization from file-based threats, including those powered by AI.SUPPORT THE SHOW:Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!FOLLOW THE SHOW:Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.THANKS:Theme tune: "Vinyl Memories" by Mikael Manvelyan.Assorted sound effects: AudioBlocks.Privacy & Opt-Out: https://redcircle.com/privacyThe podcast and artwork embedded on this page are from Graham Cluley, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  37. 264

    Protecting Critical Infrastructure: NERC CIP-015-01 and Internal Network Security Monitoring (INSM)

    Podcast: Emerson Automation Experts (LS 24 · TOP 10% what is this?)Episode: Protecting Critical Infrastructure: NERC CIP-015-01 and Internal Network Security Monitoring (INSM)Pub date: 2026-05-20Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWe unpack what the NERC CIP-015-01 standard requires, the compliance timelines utilities must plan for, and the practical challenges of deploying monitoring inside operational technology environments.The podcast and artwork embedded on this page are from Emerson Team, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  38. 263

    Liron Ner VP Engineering & Oren Valdman ResiliOTech product manager @DVplan on Cyber Risk Assessment

    Podcast: ICS Cyber Talks PodcastEpisode: Liron Ner VP Engineering & Oren Valdman ResiliOTech product manager @DVplan on Cyber Risk AssessmentPub date: 2026-05-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationהשגרה המקובלת בעולמות אבטחת המידע מבוססת על מחזוריות מתמדת: ביצוע סקר סיכוני סייבר, גיבוש תוכנית פעולה, תיקון פערים ומבדקי חדירות – תהליך החוזר חלילה מדי 12 עד 18 חודשים. למרות ההתקדמות הטכנולוגית בתחום הגנת הסייבר, סקר סיכוני הסייבר נותר אחד התהליכים הבודדים שכמעט ולא השתנו. הוא עדיין נשען במידה רבה על הידע האישי של הסוקר, מומחיותו והמתודולוגיה הנבחרת על ידו. בעתיד הקרוב מגמה זו עשויה להשתנות, עם כניסתם לשימוש של מודלי שפה גדולים במוצר כמו רזיליוטק לעיבוד תשובות משאלונים והצלבתן מול מתקפות סייבר בפועל, סקרי סיכונים אחרים ותקני התעשייה המקובלים. נחשון פינקו מארח את לירון נר, סמנכ"ל הנדסה וטכנולוגיה, ואת אורן ולדמן, מנהל מוצר רזילויוטק בחברת די.וי פלאן בדיון על אופטימיזציה של סקרי סיכוני סייבר במטרה להשיג תוצאות טובות יותר, תוכניות עבודה יישומיות ותיקון פערים אפקטיבי.  The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  39. 262

    OT Security Isn't an IT Problem: What it Takes to Get it Right

    Podcast: Industrial Cybersecurity InsiderEpisode: OT Security Isn't an IT Problem: What it Takes to Get it RightPub date: 2026-05-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig sits down with Wil Klusovsky, a 26-year cybersecurity veteran and CRO at viLogics, to break down why asset visibility and exposure management are the foundation of any solid OT security strategy.From the myth of the air-gapped shop floor to the real-world math behind quantifying cyber risk in dollars and cents, Will and Craig explore how manufacturers can move beyond fear-based selling, bridge the gap between IT and operations, and build programmatic cybersecurity that protects both production uptime and the bottom line.They discuss how to frame cyber risk as business risk, why compensating controls and context matter more than raw vulnerability numbers, and why the CISO's real job is "chief inside selling officer."Chapters:(00:00:00) - Welcoming Will to the Podcast!(00:02:12) - Why Asset Visibility Is the Starting Point for OT Security(00:03:48) - The Air Gap Myth and Legacy Systems on the Shop Floor(00:04:52) - Translating Cyber Risk Into Dollars and Cents(00:07:05) - Quantifying Downtime: Mean Time to Recovery and True Cost of Ownership(00:09:55) - Risk Appetite: Spend to Mitigate or Accept the Exposure?(00:11:32) - Who Really Owns the Risk? Executives, Not CISOs(00:13:00) - Uptime, OEE, and Why Cybersecurity Risk Is Business Risk(00:15:45) - Remote Access Risks and Competing Priorities on the Shop Floor(00:18:04) - The "Chief Inside Selling Officer" — Getting Buy-In Before Budget(00:19:48) - The Get Out of Jail Free Card: Aligning Incentives Across Teams(00:22:30) - Context Over CVE Counts: 600 Critical Vulns, Zero Exploitable(00:25:42) - Prioritizing Remediation by Business Impact, Not Severity Score(00:26:30) - Wrap-Up and Part 2 Preview: Business Impact AnalysisLinks And Resources:Wil Klusovsky on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  40. 261

    AI in OT Cybersecurity: Real-World Risks, Smarter Defenses & the Future of Critical Infrastructure

    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: AI in OT Cybersecurity: Real-World Risks, Smarter Defenses & the Future of Critical InfrastructurePub date: 2026-05-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAI is rapidly transforming cybersecurity but are critical infrastructure environments ready for what comes next? In this episode of Protect It All, host Aaron Crow sits down with longtime colleague and cybersecurity expert Clark Liu to explore how artificial intelligence is reshaping both IT and OT security operations. From incident response and compliance frameworks to workforce shifts and operational resilience, Aaron and Clark unpack the real-world opportunities and very real risks of integrating AI into industrial environments. Together, they tackle the evolving role of frameworks like NERC CIP and NIST, the challenges of balancing compliance with actual security outcomes, and how organizations can responsibly adopt AI without increasing exposure. You’ll learn: How AI is changing OT and IT cybersecurity operations The role of AI in incident response, documentation, and monitoring Why compliance frameworks alone don’t guarantee resilience The risks of adopting AI without strong operational foundations How organizations can prepare for AI-powered threats and workforce changes Practical insights for balancing innovation, budgets, and security priorities Whether you’re leading OT security, managing critical infrastructure, or evaluating AI adoption in your organization, this episode delivers practical guidance for navigating cybersecurity’s next major shift. Tune in to learn how AI is transforming cyber defense and what organizations must do to stay resilient only on Protect It All. Key Moments;  05:33 Understanding cybersecurity compliance frameworks 07:11 Overlooked vulnerabilities in systems 09:59 Balancing multiple firewall vendors 15:17 Delegating tasks to AI 19:11 Importance of documenting commits 21:51 Hospital system shutdown crisis 25:11 AI uncovering software vulnerabilities 26:37 Engineers implementing AI in automation 31:26 AI tools and personal security 32:55 Password security practices 36:46 Using AI for basic tasks 39:38 Transition to off-the-shelf software 42:29 Going back to basics with appliances 47:02 Excitement About Future AI Capabilities Guest Profile :  Clark Liu is a veteran OT cybersecurity expert and one of the original contributors to the NERC CIP standards. With nearly two decades in energy and critical infrastructure security - including leadership roles at EY and GALLO - Clark specializes in OT risk management, compliance strategy, and securing industrial operations from the plant floor to the cloud. How to connect Clark:  LinkedIn :  https://www.linkedin.com/in/clarkliu/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow | Operational Technology & Cybersecurity Host, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  41. 260

    3/4 Acciones de la Resiliencia Colectiva en el Sector Ferroviario

    Podcast: Casos de Ciberseguridad IndustrialEpisode: 3/4 Acciones de la Resiliencia Colectiva en el Sector FerroviarioPub date: 2026-05-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se aborda la gestión práctica de riesgos, superando el enfoque basado puramente en el cumplimiento documental. Se analizan los mecanismos contractuales e industriales más efectivos para garantizar la ciberseguridad a lo largo de todo el ciclo de vida del proyecto y se comparten casos reales donde la colaboración estrecha entre operadores, fabricantes […]The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  42. 259

    The Next Cyber Crisis Won’t Be One Hospital—It Could Be the Entire Health System

    Podcast: Exploited: The Cyber Truth Episode: The Next Cyber Crisis Won’t Be One Hospital—It Could Be the Entire Health SystemPub date: 2026-05-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Greg Garcia, Executive Director for Cybersecurity of the Health Sector Coordinating Council (HSCC) Cybersecurity Working Group, to examine how ransomware, third-party dependencies, and interconnected healthcare infrastructure are shaping cyber risk across the healthcare sector. Drawing on experience spanning DHS, critical infrastructure protection, and healthcare cybersecurity coordination, Garcia explains how disruptions at a single vendor or service provider can cascade across hospitals, pharmacies, insurers, and patients nationwide. Together, they explore: Why healthcare cyber risk is shifting from isolated breaches to systemic disruptionHow ransomware and third-party compromises create cascading operational impactsLessons from the Change Healthcare ransomware attackThe growing challenge of securing connected healthcare systems and medical devicesWhy patching alone cannot keep pace with modern cyber threatsThe role of collaboration and resilience in protecting critical healthcare infrastructure From healthcare providers and medical device manufacturers to policymakers and critical infrastructure leaders, this episode explores what organizations must understand to prepare for the next generation of healthcare cyber threats.The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  43. 258

    OT Cybersecurity: Is the Purdue Model Still Useful?

    Podcast: Industrial Cybersecurity InsiderEpisode: OT Cybersecurity: Is the Purdue Model Still Useful?Pub date: 2026-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIs the Purdue Model outdated, or simply misunderstood? In this episode, Dino sits down with Ken Kully (Rockwell Automation) for a candid, practitioner-level conversation about what the Purdue Model still gets right.They discuss where it falls short in modern environments, and why “IT/OT convergence” remains more of a people-and-process challenge than a technology problem. They break down the reality on the plant floor: long-lived legacy systems, inconsistent architectures across sites, limited maintenance windows, and the operational consequences of downtime. The discussion also tackles the everyday friction points: MFA, shared operator accounts, unmanaged vendor laptops, and remote access “surprises”, and why you can’t improve OT security posture without a trustworthy asset inventory and segmentation that keeps systems “in their lane.”Chapters:(00:00:00) Intro + why this Purdue conversation matters now(00:01:00) Ken’s background: from process environments to OT cyber delivery readiness(00:04:00) The big question: has the Purdue Model outlived its usefulness?(00:07:00) Framework vs. strict blueprint: “Purdue enough” in real plants(00:09:00) IT/OT convergence: why it’s a people + process problem (not tech)(00:12:00) The “silver tsunami” and why security UX fails on the plant floor(00:15:30) MFA, shared logins, and why “security gets in the way” still shows up(00:18:00) Legacy reality: Windows 98/7 boxes, vendor lock-in, and downtime economics(00:21:00) Discovery first: diagrams, configs, and why documentation is always missing(00:23:30) Purdue as a map: brokering traffic, one-up/one-down, and the “3.5” DMZ(00:26:00) When devices try to “escape the box”: unexpected outbound comms + exposure risk(00:28:30) Vendor/OEM access: the unmanaged laptop problem in OT(00:32:00) Asset inventory as the unlock: you can’t defend what you don’t know exists(00:34:00) Why IT often won’t “crawl the plant,” and what that means operationally(00:36:30) Scale problem: 30 plants, 30 realities—standardize globally, execute locally(00:38:30) The SI/OEM “third leg”: why trusted integrators are key to sustainable OT security(00:40:30) Closing + crossover: continuing the discussion on Ken’s OT After Hours podcastLinks And Resources:Kenneth Kully on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  44. 257

    EP 86: The Trusted Channel: AT Command Exploits and Cellular IoT Security

    Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 86: The Trusted Channel: AT Command Exploits and Cellular IoT SecurityPub date: 2026-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCellular modules in your IoT devices are trusted and that trust can be an insecure  pivot point into your network for attackers. Deral Heiland, Principal Security Research for IoT at Rapid 7 discusses his presentation at RSAC 2026 on AT command exploits and supply chain risk.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  45. 256

    Das digitale Nervensystem: Warum Gebäudeautomation echte OT ist | OT Security Made Simple

    Podcast: OT Security Made SimpleEpisode: Das digitale Nervensystem: Warum Gebäudeautomation echte OT ist | OT Security Made SimplePub date: 2026-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationKlaus Mochalski und Tim Bauer (ak-itsga) diskutieren den blinden Fleck in Smart Buildings. Erfahren Sie, warum Gebäudeautomation knallharte OT ist, weshalb die Branche der Industrie-Security um Jahre hinterherhinkt und warum Auftraggeber das Thema ab sofort zwingend in ihre Lastenhefte schreiben müssen.Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen, Fragen oder Gastvorschlägen an [email protected].  The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  46. 255

    Policy Pulse: Regulatory Roundtable - Cyber Strategy, Large Loads, AI & CISA in Flux

    Podcast: Critical Assets PodcastEpisode: Policy Pulse: Regulatory Roundtable - Cyber Strategy, Large Loads, AI & CISA in FluxPub date: 2026-05-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationPatrick Miller reconvenes with Joy Ditto (Joy Ditto Consulting) and Earl Shockley (INPOWERD) for a tour of the past two months in critical infrastructure policy. The episode opens on the administration's new National Cybersecurity Strategy and its six pillars, with focus on the openly offensive "shape adversary behavior" posture and the asymmetric risk it creates for asset owners likely to absorb retaliation.The panel then digs into the pressures reshaping the bulk electric system: data center designation, cloud-hosted control centers running NERC standards while the underlying compute is unregulated, and the physics of computational loads that behave nothing like traditional load. Earl walks through the recent NERC Level 3 alert on large load connections, an unusually serious signal that industry processes are behind.The discussion also covers April infrastructure executive orders that release funding but ignore cybersecurity, hyperscalers displacing utilities as the top buyers of bulk electrical equipment, the multi-agency zero trust in OT guidance, and CISA's leadership uncertainty after Sean Plankey withdrew his nomination. On the AI front, the group unpacks what Anthropic's Mythos and the Glasswing response mean for vulnerability discovery at scale, and why no OT vendors are on the Glasswing list.Closing thoughts include Joy's note on satellite cybersecurity and a rare bipartisan Senate trip to China, Earl's emphasis that computational load is now an enterprise governance issue rather than a technical one, and Patrick's plea to stop making the adversary's job easy.Topics coveredThe new National Cybersecurity Strategy and its six pillarsOffensive cyber posture and the asymmetric risk to asset ownersData center designation as critical infrastructureCloud control centers and the NERC 100-series standardsComputational load, grid stability, and loss of system inertiaNERC Level 3 alert on large load connectionsApril infrastructure executive orders and the missing cyber languageSupply chain shifts and hyperscalers as the top equipment buyersZero trust principles for OT environmentsCISA Fortify guidance and CISA's current leadership statusAnthropic's Mythos, the Glasswing response, and the OT vendor gapSatellite cybersecurity and bipartisan engagement on China policyBasic hygiene: get exposed devices off the internetThe podcast and artwork embedded on this page are from Patrick Miller, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  47. 254

    AI Agents & Cybersecurity: Identity, Compliance, and the New Risks Facing IT and OT

    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)Episode: AI Agents & Cybersecurity: Identity, Compliance, and the New Risks Facing IT and OTPub date: 2026-05-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarization AI agents are changing cybersecurity faster than most organizations can adapt. In this episode of Protect It All, host Aaron Crow welcomes back cybersecurity veteran Ken Foster for a deep dive into how AI is reshaping risk, identity, and resilience across IT and OT environments. With more than 30 years of experience spanning the Navy, manufacturing, fintech, government programs, and startups, Ken brings a grounded, real-world perspective on what organizations are getting right and dangerously wrong about AI adoption. Together, Aaron and Ken explore the growing challenges around AI agents, identity governance, shadow AI, compliance, and attribution in highly regulated industries. As AI tools become embedded into workflows and decision-making, organizations must rethink how they manage access, monitor activity, and maintain resilience against rapidly evolving threats. You’ll learn: Why AI agents introduce new identity and governance risks The dangers of shadow AI inside enterprise environments How AI impacts compliance, attribution, and accountability Why foundational practices like patching, segmentation, and documentation still matter The role of continuous monitoring in AI-driven environments How organizations can balance innovation with resilience and control Whether you’re leading cybersecurity strategy, managing critical infrastructure, or navigating AI adoption inside regulated environments, this episode delivers practical insights for securing the next generation of digital operations. Tune in to learn how AI is transforming cybersecurity - and what leaders must do to stay ahead - only on Protect It All. Key Moments:  07:47 AI guardrails discussion 12:02 Patching and network segmentation 20:44 AI changing job roles 24:24 FISMA and FedRAMP concerns 29:18 Emergency response planning 35:36 Choosing the right tech team 37:14 Discussing accountability and risk 46:31 Developer access problems 51:50 AI Dependence Risks 57:36 AI in pen testing 58:55 AI in risk prevention About the guest : Ken Foster is a veteran cybersecurity leader with 25+ years of experience in enterprise security, risk governance, and global infrastructure strategy. Currently Head of Global Architecture at Adient, Ken has previously led cybersecurity and compliance programs at Fleetcor and Fiserv, specializing in IAM, cloud security, regulatory compliance, and risk-based cybersecurity strategy. He is known for helping organizations balance innovation, resilience, and operational execution in highly regulated environments. How to connect Ken: http://linkedin.com/in/kennethfoster/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: [email protected]  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at [email protected] Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow | Operational Technology & Cybersecurity Host, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  48. 253

    2/4 Análisis de la Resiliencia Colectiva en el Sector Ferroviario

    Podcast: Casos de Ciberseguridad IndustrialEpisode: 2/4 Análisis de la Resiliencia Colectiva en el Sector FerroviarioPub date: 2026-05-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEn este episodio se analiza los riesgos sistémicos derivados de la disparidad en la madurez de ciberseguridad entre operadores, fabricantes y proveedores. Se examina el impacto de las brechas regulatorias en la cadena de suministro y se evalúan las prácticas europeas de cooperación, intercambio de inteligencia y armonización normativa como pilares para alcanzar una resiliencia […]The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  49. 252

    Deral Heiland on Weaponizing Cellular-Based IoT

    Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Deral Heiland on Weaponizing Cellular-Based IoTPub date: 2026-05-10Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRapid7 Principal Security Research (IoT) lead Deral Heiland joins the Nexus Podcast to discuss work his team did on how attackers might weaponize cellular-based IoT. Rapid7 conducted three phases of this research, with the most recent digging into how attackers with access to these systems can abuse them to gain unauthorized access, potentially exfiltrate critical data, or pivot into backend network infrastructure. Subscribe and listen to the Nexus Podcast here. Read the Rapid7 research report.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

  50. 251

    Federal Agencies Can Enter Private Networks to Hunt Malware. Is Your Plant Prepared?

    Podcast: Industrial Cybersecurity InsiderEpisode: Federal Agencies Can Enter Private Networks to Hunt Malware. Is Your Plant Prepared?Pub date: 2026-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino and Jim break down a major shift in the cyber threat landscape: federal agencies obtaining legal authority to enter private networks to hunt down state-sponsored malware, and what that signals for industrial organizations. They discuss why critical infrastructure and supply chains are prime targets, how “soft targets” in OT and building automation get exploited, and why many companies still lack visibility into what’s happening on the plant floor. The conversation zooms in on real-world exposure points, especially unmanaged vendor remote access and end-of-life equipment, and closes with practical themes for leadership.Stop assuming “IT has it covered” Define measurable OT security outcomesStart taking steps that make disruption harder and detection faster.Chapters:(00:00:00) Why identity, trust, and vendor access are breaking down in modern plants(00:01:00) The episode’s trigger: government-led operations to remove malware from private networks(00:03:00) “Machete scanning” and why IT-style tactics can disrupt OT operations(00:05:00) The real target set: critical infrastructure, supply chains, and smaller utilities with limited resources(00:08:00) Collateral damage and how cyber “weapons” trickle down to criminal ransomware(00:13:00) Why OT is still a soft target: visibility gaps, unpatched systems, and weak segmentation(00:14:00) Remote access everywhere: OEM/SI pathways, unknown identities, and lack of governance(00:20:00) The logging gap: what IT sees vs. what OT can’t see (and why that matters for incident response)(00:24:00) Building automation and facilities systems as weak links attackers love(00:26:00) Executive accountability: what boards should be measuring after breaches (and why progress stalls)Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Type above to search every episode's transcript for a word or phrase. Matches are scoped to this podcast.

Searching…

We're indexing this podcast's transcripts for the first time — this can take a minute or two. We'll show results as soon as they're ready.

No matches for "" in this podcast's transcripts.

Showing of matches

No topics indexed yet for this podcast.

Loading reviews...

ABOUT THIS SHOW

A curated playlist of Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity podcast episodes in any language, compiled by ICS security enthusiasts. Missing something? Contact Anton Shipulin on LinkedIn. Subscribe for updates!

HOSTED BY

Anton Shipulin / Listen Notes

CATEGORIES

Frequently Asked Questions

How many episodes does @BEERISAC: OT/ICS Security Podcast Playlist have?

@BEERISAC: OT/ICS Security Podcast Playlist currently has 50 episodes available on PodParley. New episodes are automatically indexed when they're published to the podcast feed.

What is @BEERISAC: OT/ICS Security Podcast Playlist about?

A curated playlist of Operational Technology (OT) and Industrial Control Systems (ICS) cybersecurity podcast episodes in any language, compiled by ICS security enthusiasts. Missing something? Contact Anton Shipulin on LinkedIn. Subscribe for updates!

How often does @BEERISAC: OT/ICS Security Podcast Playlist release new episodes?

@BEERISAC: OT/ICS Security Podcast Playlist has 50 episodes. Check the episode list to see recent publication dates and frequency.

Where can I listen to @BEERISAC: OT/ICS Security Podcast Playlist?

You can listen to @BEERISAC: OT/ICS Security Podcast Playlist on PodParley by clicking any episode. We provide an embedded audio player for direct listening, and you can also subscribe via your preferred podcast app using the RSS feed.

Who hosts @BEERISAC: OT/ICS Security Podcast Playlist?

@BEERISAC: OT/ICS Security Podcast Playlist is created and hosted by Anton Shipulin / Listen Notes.
URL copied to clipboard!