Industrial Cybersecurity Insider

Is the Purdue Model outdated, or simply misunderstood? In this episode, Dino sits down with Ken Kully (Rockwell Automation) for a candid, practitioner-level conversation about what the Purdue Model still gets right.They discuss where it falls short in modern environments, and why “IT/OT convergence” remains more of a people-and-process challenge than a technology problem. They break down the reality on the plant floor: long-lived legacy systems, inconsistent architectures across sites, limited maintenance windows, and the operational consequences of downtime. The discussion also tackles the everyday friction points: MFA, shared operator accounts, unmanaged vendor laptops, and remote access “surprises”, and why you can’t improve OT security posture without a trustworthy asset inventory and segmentation that keeps systems “in their lane.”Chapters:(00:00:00) Intro + why this Purdue conversation matters now(00:01:00) Ken’s background: from process environments to OT cyber delivery readiness(00:04:00) The big question: has the Purdue Model outlived its usefulness?(00:07:00) Framework vs. strict blueprint: “Purdue enough” in real plants(00:09:00) IT/OT convergence: why it’s a people + process problem (not tech)(00:12:00) The “silver tsunami” and why security UX fails on the plant floor(00:15:30) MFA, shared logins, and why “security gets in the way” still shows up(00:18:00) Legacy reality: Windows 98/7 boxes, vendor lock-in, and downtime economics(00:21:00) Discovery first: diagrams, configs, and why documentation is always missing(00:23:30) Purdue as a map: brokering traffic, one-up/one-down, and the “3.5” DMZ(00:26:00) When devices try to “escape the box”: unexpected outbound comms + exposure risk(00:28:30) Vendor/OEM access: the unmanaged laptop problem in OT(00:32:00) Asset inventory as the unlock: you can’t defend what you don’t know exists(00:34:00) Why IT often won’t “crawl the plant,” and what that means operationally(00:36:30) Scale problem: 30 plants, 30 realities—standardize globally, execute locally(00:38:30) The SI/OEM “third leg”: why trusted integrators are key to sustainable OT security(00:40:30) Closing + crossover: continuing the discussion on Ken’s OT After Hours podcastLinks And Resources:Kenneth Kully on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino and Jim break down a major shift in the cyber threat landscape: federal agencies obtaining legal authority to enter private networks to hunt down state-sponsored malware, and what that signals for industrial organizations. They discuss why critical infrastructure and supply chains are prime targets, how “soft targets” in OT and building automation get exploited, and why many companies still lack visibility into what’s happening on the plant floor. The conversation zooms in on real-world exposure points, especially unmanaged vendor remote access and end-of-life equipment, and closes with practical themes for leadership.Stop assuming “IT has it covered” Define measurable OT security outcomesStart taking steps that make disruption harder and detection faster.Chapters:(00:00:00) Why identity, trust, and vendor access are breaking down in modern plants(00:01:00) The episode’s trigger: government-led operations to remove malware from private networks(00:03:00) “Machete scanning” and why IT-style tactics can disrupt OT operations(00:05:00) The real target set: critical infrastructure, supply chains, and smaller utilities with limited resources(00:08:00) Collateral damage and how cyber “weapons” trickle down to criminal ransomware(00:13:00) Why OT is still a soft target: visibility gaps, unpatched systems, and weak segmentation(00:14:00) Remote access everywhere: OEM/SI pathways, unknown identities, and lack of governance(00:20:00) The logging gap: what IT sees vs. what OT can’t see (and why that matters for incident response)(00:24:00) Building automation and facilities systems as weak links attackers love(00:26:00) Executive accountability: what boards should be measuring after breaches (and why progress stalls)Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

A real-world case study shows how a single phishing email led to credential and MFA compromise, creating an urgent question for any industrial organization: Did the attacker reach the OT environment? Dino and Jim walk through how OT visibility, secure remote access controls, and continuous monitoring enabled rapid validation of what happened. They were able to prove the breach did not impact control systems and avoid an expensive, safety-driven shutdown of a continuous manufacturing process. The episode connects technical controls to executive outcomes, including resilience, duty of care, and the financial reality that “not knowing” can be as costly as an actual compromise.Chapters:(00:00:00) Why continuous manufacturing makes “abundance of caution” shutdowns so costly(00:01:00) What “OT continuous monitoring” means and why it matters in real incidents(00:03:00) Safety and connected environments: why “it can go boom” changes the stakes(00:05:00) Baselines: defining “normal” so abnormal behavior is actionable(00:07:00) Incident story: phishing email leads to credential and MFA compromise(00:09:00) What the team validated: tracing access and confirming OT was not impacted(00:10:00) Lessons from Colonial Pipeline: inability to validate can force shutdowns(00:11:00) OT reality check: Windows assets, HMIs, historians, and engineering workstations(00:13:00) Secure OT remote access: why VPN-only access is not sufficient(00:16:00) The payoff: avoided downtime, avoided product loss, and avoided disruption(00:19:00) Executive view: duty of care, liability, compliance, and protecting enterprise value(00:23:00) The “air gap” myth and why defense-in-depth is the only practical pathLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino and LuRae address why system integrators, OEMs, and ecosystem partners are often a manufacturer’s most underused cybersecurity resource. Dino explains why many IT leaders lack real visibility into the plant floor, what it takes to operationalize OT security beyond “checking the box,” and why asset inventory is the first practical step toward protecting control systems. The conversation also covers the realities of remote access after COVID, the need for governance measures such as change control and auditing, and why manufacturers should build real partner relationships rather than purely transactional vendor engagements.Chapters:(00:00:00) OT security requires time inside the plant, not an “ivory tower” view(00:01:00) Introducing Dino and the topic: partners as a cybersecurity asset(00:02:00) Why OT assets get excluded from cybersecurity strategy(00:03:00) The real opportunity: system integrators and OEMs already in the plant(00:05:00) Getting started: identify who’s working in each facility(00:08:00) Step one: accurate OT asset inventory and visibility(00:10:00) Remote access: detect, audit, and control what partners are doing(00:12:00) “Compliance” vs. operational reality on the plant floor(00:16:00) Resourcing reality: why most teams cannot self-perform OT security(00:20:00) Final advice: budget, ROI of downtime, and act before the incidentLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Most cybersecurity teams treat patching like a universal fix. In manufacturing, that assumption can take down a production line, trigger a safety event, or void the warranty on a $2 million piece of equipment.In this episode, Dino Busalachi and Craig Duckworth break down why patching in operational technology environments is a fundamentally different problem than patching enterprise IT — and why closing that gap requires more than just pushing an update.The bottom line: A firewall is not a patching strategy. Neither is hoping your systems are isolated. Organizations that get this right use risk-based prioritization, lab testing, virtual patching, and real collaboration between IT and OT teams.If you are responsible for a plant floor — or for the people who are — this conversation is for you.🎙️ Industrial Cybersecurity Insider is where C-suite leaders, plant managers, engineers, and security teams come to close the gap between IT and OT.🔔 Subscribe so you never miss an episode.Chapters:(00:00:00) Why assessing OT cybersecurity posture and asset visibility is hard(00:01:00) IT patches constantly, OT rarely does, and why that gap matters(00:03:00) Downtime costs: a broken patch in OT can stop the entire plant(00:05:00) OEM “don’t touch it” policies and warranty pressure(00:08:00) M&A due diligence: buying plants without knowing the cyber condition(00:09:00) CrowdStrike outage example and why agent-based tools are risky in OT(00:10:00) Virtual patching: protecting PLCs and legacy assets you cannot patch(00:14:00) Vendor guidance, upgrade rewrites, and “acceptable risk” decisions(00:17:00) Hidden exposure: guest Wi‑Fi, tablets, remote access, and “air gaps”(00:20:00) Best practices: inventory, continuous monitoring, vulnerability metrics, and cross-team alignmentLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino and Craig break down what they are seeing in real industrial environments as companies begin the OT cybersecurity journey. They outline why most organizations are still in an “unaware to awareness” phase, what creates the “oh wow” moment after the first pilot, and why ownership and execution often falls to plant-floor teams and their OEM and integrator partners.The conversation covers the limits of surface-level visibility, why accurate asset inventory and remote access control are foundational, and how practical constraints like flat networks, legacy switches, warranty concerns, and limited human capital can stall progress.They also share cautionary examples of IT-first security tooling causing operational impact, and they close with a clear message: think globally, act locally, and build a defensible OT program that matches how plants actually run.Chapters:(00:00:00) Why OT vulnerabilities and remote access are the real “kicker”(00:01:00) The market reality: 60% unaware, 30% starting, 10% operationalized(00:03:00) Who owns remediation: IT vs OT and the plant-floor accountability gap(00:05:00) Why “visibility” often stops at Purdue Level 3 and misses Level 2 assets(00:07:00) OEMs, integrators, and why support models matter in OT cybersecurity(00:09:00) Flat networks, north-south traffic, and why you still miss panel-level devices(00:11:00) The human capital problem and why outsourcing is often unavoidable(00:18:00) A real-world warning: EDR in ICS can create massive operational cost(00:20:00) Safety, quality, and cybersecurity: the three things leaders will fund(00:24:00) Change management failures and why monitoring PLC edits mattersLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig Duckworth sits down with CIO and Chief Enterprise Architect Shellie D'Angelo to address why so many OT and IT modernization efforts stall out at the foundation.Shellie explains why data governance must come before “another tool,” how inconsistent data quality quietly sabotages reporting and risk decisions, and why leadership transparency is the fastest path to maturity. Craig and Shellie also explore the reality of shadow IT on the plant floor, the growing impact of AI as both a defensive advantage and an attacker accelerator, and the practical steps teams can take to move from reactive chaos to measurable business outcomes.Chapters:(00:00:00) Why honest risk conversations are the starting line(00:01:00) Shellie’s background: rebuilding enterprise tech foundations(00:02:00) OT/IT convergence: start with business drivers and data governance(00:05:00) “Tools first” vs business-first security decisions(00:08:00) Knowing what you have before buying more tools(00:11:00) How far along are most organizations, really?(00:15:00) AI as a double-edged sword: defense vs attacker acceleration(00:18:00) Where to start: inventory first vs governance structure(00:22:00) OT tech is often easier prey: PLCs, HMI/SCADA, cameras(00:25:00) Partnering vs going it alone: don’t reinvent the wheel(00:26:00) Tech debt and why technology can’t be an afterthought(00:29:00) Governance should increase speed, not slow it down(00:30:00) Final advice: “turn chaos into cash” and own your impactLinks And Resources:Shellie D'Angelo on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino Busalachi sits down with Simon Chassar, former Chief Revenue Officer at Claroty and current OT cybersecurity advisor and investor, to explore the evolution and future of industrial cybersecurity. Simon shares insights from his decade-long journey in the space, discussing how OT asset visibility has become commoditized and why the industry is experiencing two major shifts: moving right toward threat-led SOC services and perimeter protection, and moving left toward secure-by-design approaches and attack simulation. They dive into the persistent challenge of self-performing versus partnering with specialized integrators, the critical skills shortage commanding 30-40% salary premiums, and why AI is both accelerating security challenges and offering new solutions. Simon reveals how private equity firms are finally prioritizing OT cybersecurity at the board level, discusses the emerging OT SOC landscape, and explains why the traditional IT security budget model is failing operational technology environments. The conversation addresses the disconnect between IT leadership and the OT ecosystem, the proliferation of unmanaged remote access technologies, and the urgent need for manufacturers to engage their trusted system integrators and OEMs as cybersecurity partners before the next major incident occurs.Chapters:(00:00:00) - Meet Simon : From Claroty's Hypergrowth to OT Security's Next Chapter(00:02:00) - The Commoditization of OT Asset Visibility(00:04:00) - Two Major Industry Shifts: Right and Left(00:07:00) - The Self-Performing Problem: Why OT Security Becomes Shelfware(00:10:00) - IT/OT Convergence and the Skills Gap Crisis(00:13:00) - Secure by Design and the AI Leapfrog(00:15:00) - AI Uncovers Hidden OT Vulnerabilities and Risks(00:18:00) - Funding Models and Private Equity's Cybersecurity Awakening(00:22:00) - Why the OT Ecosystem Must Drive Its Own Security Strategy(00:25:00) - M&A Activity and Consolidation in OT Cybersecurity(00:27:00) - The Rise of OT SOCs and MSP PartnershipsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig and Dino recap their experience at S4X26, the leading global OT cybersecurity conference in Miami.They discuss the conference's "connected" theme and how AI is creating an inflection point in industrial cybersecurity, driving unprecedented connectivity between IT and OT environments.The hosts explore the challenges of the "silver tsunami" as experienced engineers retire, how AI-powered tools are being embedded directly into edge devices and industrial products from vendors like Cisco and Fortinet, and why the regulatory landscape in Europe is advancing faster than other regions.They emphasize the importance of connecting with peers and partners in the OT security community, highlight key vendors and technologies showcased at the event, and explain why both IT and OT professionals should attend S4X together to bridge the knowledge gap.The episode concludes with details about next year's expanded conference in Tampa, February 8-11.Chapters:(00:00:00) - Random Encounter with Team USA Hockey in Miami(00:01:00) - S4X26 Conference Kickoff: The "Connected" Theme(00:03:00) - AI as the Inflection Point for OT Connectivity(00:05:00) - AI Embedded in Edge Devices and Vendor Technologies(00:07:00) - First-Time Attendee Experiences and Key Takeaways(00:10:00) - Europe's Cyber Resiliency Act and Regulatory Advancements(00:12:00) - Vendor Presence and the OT Technology Marketplace(00:14:00) - S4X27 Moving to Tampa: February 8-11, 2027(00:16:00) - AI's Role in Addressing the Silver Tsunami(00:18:00) - Final Thoughts: Why IT and OT Teams Should Attend TogetherLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

As we look back, Craig and Dino tackle a critical disconnect in industrial cybersecurity: the failure to share OT security tool data with the people who actually need it.They explore why IT teams often purchase and deploy OT IDS platforms without engaging plant floor teams, system integrators, and OEMs who are actively working in manufacturing environments.The conversation reveals that 85% of data collected by these tools is meant for OT teams to act on, yet it rarely reaches them.They discuss the consequences of this siloed approach—including system integrators bringing their own tools to fill the gap—and provide practical advice on achieving true IT/OT convergence.The episode emphasizes the importance of working with partners who can "build the car" rather than just "sell the car," and challenges organizations to evaluate whether they're truly practicing IT/OT convergence or just paying lip service to it.Chapters:(00:00:00) - The Data Sharing Problem in OT Cybersecurity(00:01:00) - Why System Integrators Can't Access Security Tool Data(00:04:00) - Who's Keeping the Data and Why(00:08:00) - The IT/OT Oil and Water Problem(00:11:00) - When System Integrators Bring Their Own Tools(00:14:00) - Questions to Ask Your Cybersecurity Partners(00:17:00) - The Car Analogy: Buyers vs. Builders(00:19:00) - Who Asset Owners Really Trust(00:21:00) - The Three-Legged Stool of OT Security(00:23:00) - The Path to True IT/OT ConvergenceLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

LuRae Lumpkin, Producer of Industrial Cybersecurity Insider, sits down with industrial cybersecurity expert Dino Busalachi to break down the 2026 World Economic Forum Global Cybersecurity Outlook Report and what it really means for manufacturers. While the report surveyed nearly a thousand CEOs, CIOs, and CISOs, Dino reveals a critical blind spot: industrial control systems and OT environments are being left dangerously exposed. They discuss how AI is becoming a double-edged sword for attackers and defenders, why supply chain vulnerabilities remain unaddressed, the shocking lack of cybersecurity skills on plant floors, and why most companies still aren't conducting incident response exercises. Dino shares real-world insights from working in nearly 2,000 plants over four decades, explaining why IT and OT remain disconnected, how remote access creates massive security gaps, and why outdated equipment with decades-old vulnerabilities sits unpatched in critical manufacturing environments. The conversation reveals that while enterprises focus on IT security, the plant floor—where revenue is actually generated—remains critically vulnerable, with potentially catastrophic consequences for businesses, supply chains, and even national GDP. Chapters: (00:00:00) - Introduction and Overview of WEF 2026 Cybersecurity Report (00:01:00) - Where Cybersecurity Funding Actually Goes: IT vs OT Reality (00:03:00) - The Myth of Disconnected Legacy Equipment (00:05:00) - AI as a Double-Edged Sword in Industrial Environments (00:08:00) - The Vulnerability Crisis: Thousands of Unpatched Systems (00:09:00) - Third-Party and Supply Chain Security Gaps (00:12:00) - Remote Access: The Hidden Attack Vector (00:14:00) - Critical Supplier Dependencies and Decentralized OT (00:15:00) - The Skills Gap: Why Industrial Cybersecurity Expertise is Scarce (00:19:00) - The Shocking Truth About Incident Response Exercises (00:22:00) - Real-World Impact: When Manufacturers Get Hit (00:24:00) - Getting All Stakeholders in the Same Room (00:28:00) - Insurance vs Prevention: The True Cost of Cyber Incidents (00:29:00) - Final Thoughts: Who Should Own OT Cybersecurity? Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig and Dino tackle the critical differences between IT and OT Security Operations Centers, revealing why traditional IT-centric SOCs are failing to protect manufacturing environments.Drawing from real-world examples, including a global beverage company that discovered they were only monitoring one-third of their OT assets, the hosts expose the fundamental disconnect between IT security teams and operational technology environments.They discuss why IT SOCs struggle with OT visibility, the challenges of asset inventory in dynamic manufacturing environments, and the critical importance of localization in security operations.The conversation covers practical barriers like line changeovers, PLC modifications, remote access vulnerabilities, and the need for OT-specific incident response protocols.Craig and Dino emphasize that effective OT security requires IT teams to become embedded in plant operations, working collaboratively with OEMs and system integrators, and understanding the unique operational context of manufacturing assets.This episode is essential listening for CISOs, plant managers, and security professionals trying to bridge the IT-OT security gap.Chapters:(00:00:00) - The Two-Thirds Problem: When Your SOC Can't See Your Plant Floor(00:01:00) - The OT SOC Asset Visibility Problem: A Case Study(00:03:00) - Why IT SOCs Can't Manage OT Assets(00:05:00) - Line Changeovers and Operational Context(00:07:00) - First Responders and Incident Response Challenges(00:10:00) - The WannaCry Response Gap(00:12:00) - Asset Inventory and Baseline Challenges(00:15:00) - Incident Response and Phone Trees(00:17:00) - Organizational Accountability Problems(00:19:00) - Greenfield Opportunities and Standardization(00:22:00) - The IT-OT Collaboration Challenge(00:24:00) - Think Global, Act Local: Embedding IT in PlantsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino and Craig reunite to tackle the shifts occuring in industrial cybersecurity in 2026.They discuss how OT-focused IDS software companies are shifting away from managed services to partner with systems integrators who understand the plant floor.The conversation explores the challenges manufacturers face—from aging infrastructure spanning decades to flat layer-2 networks that give remote vendors unrestricted access.They emphasize that IT departments cannot effectively manage OT assets they don't own or understand, especially when dealing with equipment older than their cybersecurity staff.The episode covers the pitfalls of penetration testing in live manufacturing environments, the reality of shadow IT versus shadow OT, and why EDR solutions struggle in control system environments.Dino and Craig stress the importance of treating cybersecurity as a marathon rather than a sprint, starting with basic asset inventory and microsegmentation.They call on manufacturing leaders to stop deferring to IT for OT security, attend industry-specific conferences like S4X26, and partner with systems integrators who have deep automation expertise.With threats mounting, the time for action is now—not next quarter.Chapters:(00:00:00) - Welcome & What We've Been Up To(00:00:48) - The Big Shift: Why OT IDS Companies Are Backing Away From Managed Services(00:03:00) - The Shelfware Problem: When Security Tools Sit Unused(00:04:12) - Why Pen Testing Can Be Disruptive (or Dangerous) in Manufacturing Environments(00:05:54) - The Reality of Legacy Infrastructure: Equipment Older Than Your Cybersecurity Team(00:07:43) - Who Can Actually Patch Your Control Systems?(00:09:04) - Supply Chain Vulnerabilities: You're Only as Strong as Your Weakest Link(00:11:01) - The Last Mile Challenge: Asset Inventory, Microsegmentation & Starting Small(00:13:55) - The Shelfware to Tool-Switching Problem: Why Companies Are Reconsidering Their First Choice(00:16:18) - Shadow IT vs. Shadow OT: Who Really Owns Plant Floor Security?(00:19:00) - Why EDR Struggles in Control System Environments(00:21:35) - Time to Step Up: Why Manufacturing Leaders Can't Defer to IT Anymore(00:23:00) - Where to Learn: S4, Automation Fair, and Why You Need to Attend Industry Conferences(00:25:00) - Finding the Right Partner: Systems Integrators Who Speak Automation and Cybersecurity(00:27:00) - Final Thoughts: The Time for Action Is NowLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino sits down with Dick Wilkinson, CTO and co-founder of Proof Labs, to explore the intersection of space technology and industrial cybersecurity.Dick shares his 20-year journey in the U.S. Army with the National Security Agency, transitioning from signals intelligence to becoming a CISO for critical infrastructure organizations, including New Mexico's Supreme Court and the Albuquerque water authority.The conversation dives deep into the challenges of securing satellite systems with onboard intrusion detection and the persistent gap between IT and OT security teams. We also explore why the "castle wall" perimeter security model is dangerously outdated.Dick reveals how AI is lowering the barrier to entry for both attackers and defenders, and discusses the real-world applications of satellite communications in oil and gas operations.He also introduces a revolutionary physical layer-one air gap device called Goldilock Secure, which could transform how we protect remote industrial assets.This episode is essential listening for CISOs, CTOs, and security leaders looking to understand emerging threats in space-based infrastructure and practical solutions for securing distributed industrial environments.Chapters:(00:00:00) - Dick's Journey: From NSA to Space Cybersecurity(00:04:32) - What is Proof Labs and Why Space Security Matters(00:08:15) - Satellites as OT Assets: Oil, Gas, and Critical Infrastructure(00:12:47) - How Onboard Intrusion Detection Works in Spacecraft(00:16:23) - The Castle Wall Problem: Moving Beyond Perimeter Security(00:19:41) - IT vs OT: Bridging the Gap in Manufacturing Cybersecurity(00:24:18) - AI's Impact: Lowering the Barrier for Attackers and Defenders(00:27:35) - The Visibility Challenge: Why Most Plants Don't Know Their Assets(00:30:12) - Goldilock Firebreak: A Physical Air Gap Device That Changes Everything(00:35:20) - Real-World Applications for Remote Industrial Asset ProtectionLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Dick Wilkinson on LinkedInProof Labs WebsiteIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino sits down with Adeel Shaikh Muhammad, a Dubai-based cybersecurity expert and researcher with 16+ years in IT and OT security. They dive into why IT and OT teams still can't communicate effectively. The conversation reveals why most CISOs struggle to secure manufacturing environments. Adeel shares real-world insights from securing industrial systems across the Middle East, Africa, and Asia. They tackle the implementation gap in OT SOCs and why legacy systems remain vulnerable. The discussion covers third-party access risks, OEM warranty restrictions, and system integrator challenges. AI might finally solve IT-OT convergence by acting as a translator between these worlds. But first, organizations need to master the fundamentals: asset inventory, vulnerability management, and network segmentation. Most companies still haven't nailed these basics in their industrial environments. This conversation cuts through the hype to focus on what actually works.Chapters:(00:00:00) - 16 Years in Cybersecurity: Why CISOs Don't Know What a PLC Is(00:01:48) - Career Journey: From IT to OT Cybersecurity Focus(00:02:48) - Books on AI Transforming Security Operations Centers(00:04:44) - The Implementation Gap: Challenges Building OT SOCs(00:06:40) - The IT-OT Cultural Divide and Missing Communication(00:08:40) - Why the OT Ecosystem Must Proactively Bring Cybersecurity Tools(00:10:00) - Can IT-OT Convergence Actually Happen?(00:11:00) - AI as the Bridge: The Black Box Solution for IT-OT Communication(00:12:42) - Legacy Systems Reality: Windows 7 Running $5M Equipment(00:14:00) - OT Cybersecurity Conferences: S4, Intersec, and Rockwell Automation Fair(00:16:00) - Market Consolidation: Who's Been Acquired in OT Security(00:17:48) - Back to Basics: Asset Inventory, Vulnerabilities, and Network Segmentation(00:18:40) - Third-Party Access Control and OEM Warranty Restrictions(00:20:40) - Why We Can't Ignore Asset Inventory and Segmentation in OT AnymoreLinks And Resources:Adeel Shaikh Muhammad on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig and Dino tackle one of industrial cybersecurity's most critical challenges in this Rewind episode: the massive gap between IT and OT patching strategies. IT organizations patch constantly—think Patch Tuesday. OT environments rarely patch at all, creating dangerous vulnerability gaps across connected networks. The hosts explore why this disconnect exists. Production floor downtime costs are astronomical, making patching a risky business decision. OEM restrictions complicate matters further. Many vendors won't support systems or warranties after unauthorized updates. Managing decades-old equipment alongside modern systems creates another layer of complexity. Legacy PLCs weren't designed with patching in mind. The consequences of not patching are mounting. Insurance companies are tightening requirements and regulatory pressures are intensifying. Craig and Dino offer practical solutions that don't require shutting down production lines. Virtual patching technologies can protect legacy control systems without traditional software updates. The hosts emphasize the urgent need for IT-OT collaboration. All stakeholders—including OEMs and system integrators—must be part of strategic cybersecurity conversations. This episode is essential listening for CISOs, plant managers, and anyone responsible for protecting industrial operations. The connected world isn't waiting for OT to catch up. Chapters:00:00:00 - Introduction to Patching Challenges00:01:08 - IT vs OT Patching: Key Differences00:02:55 - Understanding the Cost of Downtime in OT00:03:32 - Overcoming Challenges with Legacy Systems00:05:21 - Navigating OEMs and Safety Concerns00:06:45 - The Role of Safety in OT Patching00:08:52 - Exploring Virtual Patching Solutions00:13:11 - Enhancing Vendor Collaboration and Risk Management00:16:48 - Impact of Mergers and Acquisitions on Cybersecurity00:18:33 - Addressing Insurance and Compliance Issues00:20:12 - Significant Consequences of Not Patching00:23:14 - Building an Effective Collaborative Cybersecurity Strategy00:24:03 - Conclusion and Actionable InsightsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

This compilation episode brings together the most critical insights from Industrial Cybersecurity Insider conversations about the fundamental challenges plaguing OT security implementation and management.Industry experts dissect why traditional IT security approaches fail catastrophically on the plant floor, revealing that the core issue isn't technology—it's ownership, collaboration, and understanding.From the dangers of deploying endpoint detection without vendor qualification to the millions lost in unplanned downtime, this episode exposes the gap between security theory and operational reality.Listeners will discover why cybersecurity tools are often shelfware, how the "have and have-not" world creates vulnerability gaps across manufacturing facilities, and what "left of boom" thinking means for preventing incidents before they happen.Featuring hard-won lessons about shutdown windows, cyber-informed engineering, and the critical importance of building relationships between IT teams and plant floor operations, this episode delivers actionable intelligence for CISOs, plant managers, and anyone responsible for securing industrial control systems.Chapters:(00:00:00) - Introduction: The Core Problem of Ownership in OT Security(00:01:45) - Why IT Security Approaches Fail on the Plant Floor(00:04:30) - The Cloud Analogy: Lessons for OT Implementation(00:07:15) - The Missing Conversation: Capital Plans and OEMs(00:10:20) - IT vs OT Networks: Different Purposes, Different Risks(00:13:35) - EDR in OT: The Aftermarket Parts Problem(00:16:10) - Cyber-Informed Engineering: Building Security into Design(00:19:45) - The Have and Have-Not World of Plant Security(00:23:20) - Left of Boom: Visibility Beyond Security(00:27:15) - Who Should Lead the OT Security DiscussionLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino and Craig tackle one of manufacturing's most pressing challenges: the OEM blockade. They explore why brand-new equipment often ships with hundreds of unpatched vulnerabilities, how the gap between IT and OT teams creates operational blind spots, and why manufacturers can't rely on traditional IT solutions to secure their plant floors.From the CrowdStrike incident that took down HMIs to the "ghost in the machine" causing unexplained downtime, they reveal why OT teams must take ownership of their cybersecurity posture and build partnerships with the right ecosystem of OT-focused service providers.If you've ever wondered why your million-dollar machine center is running Windows 7 or why your cybersecurity reports don't match reality, this episode provides the answers—and a path forward.Chapters:(00:00:00) - The OEM Blockade Problem(00:01:00) - Understanding OEM Software Lock and Remote Access(00:03:00) - The Reality of Unpatched Vulnerabilities in New Equipment(00:06:00) - The IT/OT Blockade and Convergence Challenges(00:09:00) - Why IT Disciplines Don't Translate to OT Environments(00:11:00) - The CrowdStrike Incident: What Really Happened on Plant Floors(00:13:00) - The Lack of Due Diligence in Manufacturing M&A(00:16:00) - Chasing the Ghost in the Machine(00:19:00) - Process Integrity vs. Cybersecurity Tools(00:22:00) - Why OT Teams Must Take Ownership and Build the Right PartnershipsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig and Dino tackle one of the most pressing challenges in industrial cybersecurity: the disconnect between IT security teams and operational technology environments.They explore why traditional CISOs struggle to protect manufacturing plants despite their best intentions, revealing that most security executives get 30 minutes or less per quarter to present cyber risks to their boards—leaving little time to address the complexities of OT environments they barely understand.The conversation digs into the fundamental differences between enterprise IT and plant floor operations, where safety and uptime trump traditional security approaches, and where telling an engineer to remove a Windows 7 machine from the network might mean shutting down millions of dollars in production.Craig and Dino make a compelling case for why external expertise, cross-functional collaboration, and a fundamental shift in how organizations approach industrial cybersecurity are not just recommended—they're essential for survival in an evolving threat landscape where adversaries only need to get lucky once.Chapters:(00:00:00) - The IT Security Mindset vs. OT Reality(00:01:00) - Has the CISO Really Engaged with Industrial Cybersecurity?(00:03:00) - The Disconnect: IT Owns the Network, OT Owns the Assets(00:05:00) - What CISOs Don't Know About the Plant Floor(00:07:00) - Safety and Uptime: The Top Two Priorities CISOs Must Understand(00:10:00) - The Asset Visibility Problem: Do You Really Know What's Out There?(00:13:00) - 30 Minutes or Less Per Quarter: The CISO's Impossible Task(00:16:00) - Why External Expertise Isn't Optional Anymore(00:19:00) - The Cyber Insurance Myth: Why Your Policy Won't Save You(00:22:00) - Secure by Demand: Holding Vendors Accountable(00:25:00) - Getting to the "Know": Where to Start and What to AskLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this rewind episode, Craig and Dino tackle a critical disconnect in industrial cybersecurity: the gap between IT teams deploying OT security tools and the plant floor teams who desperately need the data these tools collect.They reveal why 85% of data from industrial cybersecurity platforms is meant for OT personnel, yet rarely reaches them.The conversation exposes how organizations invest heavily in tools like IDS platforms but fail to share vulnerability data, asset inventories, and network intelligence with the system integrators, OEMs, and plant teams actually working on their control systems.Craig and Dino discuss the consequences of this siloed approach—from incomplete asset visibility to duplicated tooling—and offer practical guidance on achieving true IT-OT convergence.They emphasize that organizations must work with partners who can "build the car, not just buy it," and stress the importance of tabletop exercises, proper vendor vetting, and collaborative frameworks that include the entire industrial ecosystem in cybersecurity planning and execution.Chapters:(00:00:00) - The Growing Problem: OT Teams Lack Access to Critical Security Data(00:01:47) - IT-OT Convergence in Practice: Are We Really Doing It?(00:04:42) - Why IT Teams Keep Security Data Siloed from Plant Floor Partners(00:06:38) - The Consequence: System Integrators Bring Their Own Tools(00:08:38) - The Disconnect Between IT Security Tools and OT Reality(00:11:48) - How to Bridge the Gap: Questions System Integrators Should Ask(00:15:42) - Vetting Your Security Partners: Can They Build the Car or Just Buy It?(00:17:46) - The Three-Legged Stool: Why IT-Only Security Fails in Manufacturing(00:20:48) - Action Steps: Creating a Comprehensive List of Your Industrial Ecosystem(00:22:48) - Final Thoughts: Moving Beyond Security Theater to True CollaborationLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino sits down with cybersecurity expert Wil Klusovsky to discuss the massive gap between IT security practices and OT reality. With 26 years of experience, Wil shares his unconventional journey into operational technology and reveals why most security tools end up as shelfware on plant floors.They dive deep into the communication breakdown between CISOs and plant operations, the critical role of system integrators and OEMs that IT leaders often ignore, and why the "air gap" myth continues to put manufacturing facilities at risk.Wil breaks down his framework for speaking to boards in language they understand, emphasizing business impact over technical jargon. The conversation covers everything from the challenges of MFA implementation in OT environments to why patching isn't always the answer. They discuss how organizations can build effective OT security programs by making cybersecurity everyone's responsibility - not just IT's problem.Chapters:(00:00:00) - Opening: The $50K Security Investment That Nobody Uses(00:01:00) - Will's Unconventional Journey Into OT Cybersecurity(00:03:45) - The Communication Gap Between IT and OT Teams(00:07:15) - Why Asset Visibility Tools Miss 135% of Your Equipment(00:10:30) - Speaking Board Language: Revenue Loss vs. Technical Jargon(00:13:25) - The Missing Third Leg: System Integrators and OEMs(00:17:30) - Making Cybersecurity Everyone's Job, Not Just IT's Problem(00:21:15) - Why Patching Isn't Always the Answer in OT Environments(00:25:45) - The Reality Check: Physical Security in Manufacturing Plants(00:28:30) - Building a Cybersecurity Program as a Journey, Not a DestinationLinks And Resources:Wil Online LinktreeWil Klusovsky on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Katie O'Brien shares her unconventional journey from music teacher to industrial cybersecurity expert, bringing over 25 years of IT experience into the OT world. In this conversation with Dino, Katie discusses the critical gaps in OT cybersecurity—from the lack of university programs teaching industrial security to the disconnect between IT and OT teams. They explore why system integrators and OEMs fail to design cybersecurity into new manufacturing projects from the start, compare it to building cars without safety features, and discuss the emergence of managed services in the OT space. Katie explains how Garland Technology helps organizations get visibility into aging infrastructure with unmanaged switches, and both hosts emphasize the urgent need for the OT ecosystem to drive cybersecurity conversations proactively rather than waiting for IT teams who may never have walked the plant floor.Chapters:(00:00:00) - The Hard Truths About OT Security Nobody Wants to Hear(00:01:06) - Katie's Unconventional Journey: From Music Teacher to OT Cybersecurity Expert(00:04:00) - The Current State of OT Cybersecurity and Future Directions(00:06:00) - The Education Gap: Why Universities Aren't Teaching Industrial Cybersecurity(00:08:00) - The Disconnect Between IT/Security Teams and OT Operations(00:10:00) - Designing Cybersecurity Into New Manufacturing Projects From the Start(00:13:00) - IT Teams Who've Never Walked the Plant Floor(00:16:00) - The Emergence of Managed Services in the OT Space(00:18:00) - Garland Technology: Getting Visibility Into Aging Infrastructure(00:19:00) - Software Defined Automation and the Future of Industrial Control(00:22:00) - Why the OT Ecosystem Must Drive the Cybersecurity Conversation(00:24:00) - The Real Cost of Downtime and Cyber Incidents in ManufacturingLinks And Resources:Katie O'Brien on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino sits down with industrial automation and industrial cybersecurity expert Kevin Kumpf, fresh off the floor of Rockwell Automation Fair 2025. They discuss why OT managed services are finally becoming viable for manufacturing, the critical 80/20 split between people and technology challenges, and how the industry's "silver tsunami" of retiring talent is forcing a reckoning. Kevin shares insights on building unified platforms that can manage everything from 30-year-old paper tape systems to AI-powered smart factories, why IT's "patch now" mentality fails in OT environments, and how the DG 360 platform is delivering true cyber-physical convergence today - not tomorrow. They discuss the reality that most OT cybersecurity tools only discover 30% of plant assets, the importance of human-in-the-loop decision making, and why the OT ecosystem - not IT - must drive the managed services revolution. This is a must-listen for anyone struggling with the complexity of protecting and managing modern manufacturing facilities.Chapters:(00:00:00) - Introduction and Rockwell Automation Fair Recap(00:01:43) - The OT Managed Services Evolution and Rebranding(00:04:15) - The Three-Legged Stool: IT, OT, and OEMs(00:07:32) - Point Solutions vs. Unified Platforms in Manufacturing(00:10:45) - The DG 360 Vision: 360-Degree Plant Visibility(00:14:28) - The Silver Tsunami and Training Challenges(00:18:22) - Alert Fatigue and Actionable Intelligence(00:22:45) - Software Defined Automation and Legacy Systems(00:26:18) - Why OT Must Drive the Cybersecurity Conversation(00:30:35) - Real-Time Demo and Implementation ReadinessLinks And Resources:Kevin Kumpf on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Former U.S. Secret Service Special Agent Richard LaTulip joins Craig Duckworth to reveal the hidden world of cyber criminal networks and infrastructure attacks. Drawing from his undercover work infiltrating dark web forums and catching some of the world's most sophisticated threat actors, Richard breaks down why traditional security approaches fail, how ransomware attacks actually cost organizations millions if not billions beyond the ransom payment itself, and why the timeline between compromise and detection has shrunk from months to minutes. He shares jaw-dropping statistics on vulnerability management failures, explains how adversaries are using AI to become exponentially more dangerous, and provides actionable insights for building resilient security programs that protect what matters most to your business. Whether you're defending critical infrastructure or managing security for a manufacturing organization, this conversation offers a rare insider perspective on the evolving threat landscape and what it takes to stay ahead of increasingly sophisticated cyber criminals.Chapters:(00:00:00) - Meet the Ex-Secret Service Agent Who Infiltrated Underground Cyber Criminal Networks(00:03:00) - Inside Operation Carder Kaos: Going Undercover in the Dark Web(00:06:00) - The Real Price Tag: Why Ransomware Costs Go Far Beyond the Ransom(00:11:00) - When Production Lines Go Dark: The Hidden Costs of Manufacturing Downtime(00:14:00) - Reality Check: How Prepared Is Your Organization for a Cyber Attack?(00:17:00) - The AI Arms Race: How Adversaries Are Weaponizing Artificial Intelligence(00:21:00) - 2027 Threat Landscape: What Keeps a Field CISO Up at Night(00:24:00) - Follow the Bitcoin: How Cyber Criminals Launder Billions Through Cryptocurrency(00:31:00) - Why Speed Matters: The Critical Window for Law Enforcement Notification(00:33:00) - The Security Leader's Playbook: Threat Intelligence + Business ContextLinks And Resources:Richard LaTulip on LinkedInRichard's Book: Operation Carder KaosRecorded FutureWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this eye-opening conversation, Dino and Craig address a critical issue facing manufacturing organizations today: the dangerous gap between perceived and actual cybersecurity preparedness in operational technology (OT) environments.They discuss why many organizations "don't know what they don't know" when it comes to securing industrial control systems, the myth of isolated manufacturing equipment, and why 25% of companies still lack comprehensive OT asset monitoring. Drawing powerful parallels to safety protocols, they explain why cybersecurity must become as ingrained in plant culture as wearing a hard hat on the factory floor.Their bottom line: Back up your beliefs with data, treat every system as if it's connected, and verify, don't just trust, your security posture. In OT cybersecurity, perception isn't reality, and that gap could cost not only millions but also brand perception and even human life.This episode is a must-listen for anyone serious about protecting their industrial environments.Chapters:00:00:00 - Kicking Off: Are You Truly Secure or Just Comfortable?00:01:15 - OT Security Reality Check: Do You Really Know Your Risks?00:01:45 - The Hidden Challenges Holding OT Security Back00:03:15 - Lack of Skilled Resources: The Biggest Barrier to Security00:05:30 - Security Frameworks: Are They Reaching the Plant Floor?00:06:15 - The Dangerous Myth of “Isolated” OT Systems00:07:58 - From Theory to Action: Winning Strategies for OT Security00:12:13 - Leadership’s Role in Cybersecurity: Who’s Driving the Change?00:19:55 - No More Blind Spots: Key Takeaways for a Secure FutureLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this milestone 100th episode, Craig and Dino tackle the critical intersection of workforce retirement and industrial cybersecurity knowledge in manufacturing.They explore how 82% of manufacturing workforce exits are due to retirement, creating a dangerous knowledge vacuum as decades of plant expertise walk out the door. The conversation reveals why traditional IT security tools consistently miss 50-70% of OT assets, the problematic practice of buying equipment that's obsolete before installation, and why plant operators bypass corporate security policies when downtime costs a million dollars per day. Craig and Dino state that the solution isn't just better tools, it's bridging the gap between centralized IT teams and the decentralized OT ecosystem by partnering with the system integrators and OEMs who actually keep plants running. They discuss how manufacturers must choose between multi-million dollar capital investments in modern equipment or implementing proper network segmentation and security around legacy systems.They address the reasons why the next generation of talent won't be attracted to facilities running decades-old technology.Chapters:(00:00:00) - Introduction and Industry Growth Update(00:02:15) - The Silver Tsunami: 82% of Manufacturing Exits Are Retirements(00:05:42) - Why IT Security Tools Miss 50-70% of OT Assets(00:09:18) - The Knowledge Vacuum: What Happens When Experience Walks Out(00:13:05) - Why Plant Operators Bypass Corporate Security Policies(00:16:30) - The Problem with Buying Obsolete Equipment(00:19:45) - Centralized IT vs Decentralized OT: Bridging the Gap(00:23:20) - Building Partnerships with System Integrators and OEMs(00:26:50) - Capital Investment vs Network Segmentation Strategy(00:29:35) - Attracting Next-Gen Talent to Manufacturing EnvironmentsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode of the Industrial Cybersecurity Insider, Craig Duckworth sits down with Matthew Carr, co-founder of Atumcell and OT penetration testing expert with fifteen years of experience securing operational technology systems. Matthew shares his journey from vulnerability research to specializing in cyber-physical security, recounting the pivotal moment when his exploit code stopped a production line at a major car manufacturer. The conversation addresses the critical gaps in OT security, including why most organizations are unaware of what's actually on their networks, the dangers of default passwords on IoT devices, and how attackers often use espionage rather than ransomware to remain undetected. Matthew reveals how his team safely conducts pentests in production environments, develops proprietary detection rule sets, and helps organizations understand their infrastructure through network mapping. The discussion encompasses a range of topics, from the risks associated with smart TVs in conference rooms to the motivations behind nation-states targeting critical infrastructure, culminating in practical advice on developing a cybersecurity roadmap for cyber-physical systems.Chapters:(00:00:00) - Welcome and Introduction to Matthew Carr's OT Security Journey(00:02:30) - The Moment Exploit Code Stopped a Production Line at a Major Car Manufacturer(00:06:15) - Why Most Organizations Don't Know What's Actually on Their OT Networks(00:09:45) - The Three Pillars of Adamzsel: Pentesting, Monitoring, and Tabletop Exercises(00:14:20) - How Attackers Know Your Infrastructure Better Than You Do(00:18:50) - Smart TVs in Conference Rooms: The Hidden Security Risk with Root Access(00:22:30) - Espionage vs Ransomware: The Cyber Attacks No One Is Talking About(00:26:45) - Why Default Passwords on IoT Devices Are an Attacker's Favorite Entry Point(00:30:20) - Building a Cybersecurity Roadmap for Cyber-Physical Systems(00:33:15) - Closing Thoughts and Free OT Security White Paper from AdamzselLinks And Resources:Atumcell WebsiteMatthew Carr on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

What happens when IT cybersecurity practices collide with OT operational realities? In this episode, Jim and Dino expose the costly mistakes organizations make when applying IT security playbooks to manufacturing environments.Discover why zero trust architectures can halt production, how shadow IT thrives on every plant floor, and why remote access policies designed for corporate networks fail in industrial settings. Learn the critical importance of OT-tailored asset inventories, the need for IT/OT collaboration, and why digital safety must be treated with the same urgency as physical safety.If you're struggling to bridge the gap between IT security mandates and OT operational needs—or if you've ever watched a well-intentioned security policy bring production to a halt—this episode is your roadmap to getting it right.Chapters:(00:00:00) - Introduction and Episode Overview(00:01:19) - IT vs OT Security Mindsets(00:02:03) - Zero Trust Challenges in OT Environments(00:05:12) - Remote Access and Change Management Conflicts(00:09:00) - Who Should Learn from Whom: IT or OT?(00:10:23) - Asset Inventory: What OT Engineers Don't Know(00:15:00) - Process Integrity and Operational Value(00:21:57) - Shadow IT: The Backdoors Nobody Talks About(00:26:00) - Designing Security Into New Equipment(00:28:00) - Digital Safety vs Physical SafetyLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInJim Cook on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Craig and Dino tackle IT/OT convergence, operational technology security, and manufacturing cybersecurity challenges head-on. They challenge the notion of OT being a "shadow IT group" and explore the fundamental differences between IT and OT operations in industrial environments. The discussion emphasizes that OT focuses on safety and physical outcomes, while IT prioritizes data security. They stress the importance of collaboration between IT and OT teams, highlighting how system integrators, OEMs, and plant operators must work together to improve cybersecurity posture. The conversation covers practical issues like Overall Equipment Effectiveness (OEE), incident response, and the need for proper funding and governance. Both advocate for CISOs and CIOs to actively engage with OT teams and system integrators, visit manufacturing facilities, and understand the unique challenges of industrial control systems to achieve true convergence and protect manufacturing plants and critical infrastructure.Chapters:00:00:00 - Opening Shot: Who’s Really in Charge—CIOs or the Plant Floor?00:00:57 - Collision Course: IT and OT Can’t Keep Dodging Each Other00:01:52 - Two Worlds, One Mission: Why OT Isn’t Just “IT in a Hard Hat”00:04:07 - When Convergence Fails: What’s Missing in the Middle00:05:54 - Breaking Silos: Why Cybersecurity Demands True Collaboration00:08:22 - Real Talk: What Cyber Protection Looks Like on the Plant Floor00:10:46 - OT’s Tipping Point: Will the Next Move Come from IT, or the Shop Floor?00:17:32 - Your Move: What Leaders Must Do Next (Before It’s Too Late)Links And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode of the Industrial Cybersecurity Insider, host Dino sits down with Dan Cartmill, Sr. Global Product Marketing Director for TXOne Networks, to discuss the often misunderstood world of OT vulnerability management. Dan brings a unique perspective, having started as a practitioner 17 years ago, before transitioning to the vendor side. The conversation explores why simply creating a list of vulnerabilities isn't enough – and what organizations should actually be doing to reduce risk in their OT environments.Chapters:00:00:00 - Introduction and Dan's Background00:02:00 - Biggest Misconceptions About OT Vulnerability Management00:04:00 - Blind Spots in OT Vulnerability Scanning00:07:00 - Finding Vulnerabilities: OT vs IT Differences00:10:00 - Proactive Approaches to Unknown Vulnerabilities00:12:00 - How TX One Addresses Vulnerabilities Non-Disruptively00:15:00 - Virtual Patching and Operations-First Philosophy00:18:00 - IT/OT Convergence and Team Collaboration00:21:00 - Building Relationships with Third-Party Partners00:23:00 - Tabletop Exercises and Incident Response Planning00:26:00 - Key Takeaway: Never Forget Your Original Objectives00:28:00 - Dealing with Event Overload and Zero-Day VulnerabilitiesLinks And Resources:Dan Cartmill on LinkedInTXOne NetworksDino Busalachi on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Craig and Dino address why manufacturers still suffer incidents after spending millions on OT security tools. They discuss how to convert those investments into measurable risk reduction. You'll learn why buying tools isn't a strategy. Get insights into how to validate asset visibility on the floor (not just the network map), practical ways to reduce alert fatigue and assign ownership, how to close the OT incident response gap by connecting SOC to operators, the realities of flat Layer 2 networks and undocumented zones, how to handle technical debt at scale (EOL firmware, unpatched HMIs, safe upgrade paths), and why "everyone is responsible" often means no one is. Expect candid discussion on alert fatigue, flat networks, and the human constraints driving today's gaps, plus a concrete checklist for building a coalition that actually works to protect production environments.Chapters00:00:00 – Why incidents still happen after major OT cyber spend00:02:30 – Tools vs. outcomes: underusing capabilities and alert fatigue00:05:50 – Who owns plant‑floor cyber? Why CISOs, CIOs, OEMs, and SIs talk past each other00:08:10 – Define the use case before tuning sensors and policies00:10:00 – OT IR is missing: operators are the first responders00:11:20 – Network reality check: flat L2, VLAN gaps, and unmanaged switches00:13:30 – Change management and patching in OT: risk, downtime, and technical debt00:15:20 – Skills and staffing: the silver tsunami and "jack of all trades" constraints00:18:00 – What outside partners can and cannot do in plants00:21:00 – Visibility blind spots: validating coverage with floor‑level walkthroughs00:24:00 – It won’t stick without a coalition: getting plant managers, engineering, OEMs, and SOC alignedLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Scott Cargill, Partner of BW Design Group, joins Craig and Dino. Together they dissect the critical vulnerability gap in data center operational technology infrastructure. While most data centers implement robust IT security protocols, their building management systems controlling cooling, power distribution, and environmental controls remain significantly under-protected. Cargill provides technical analysis of how the rapid expansion of data center capacity for AI workloads has outpaced OT security implementation, creating exploitable attack vectors where minutes of system compromise could cascade into millions in equipment damage and service disruption. Through evidence-based examination and industry insights, this episode offers CISOs and OT security professionals a practical framework for addressing the IT-OT security convergence challenge in mission-critical facilities.They offer actionable strategies for vulnerability assessment, segmentation, and defense-in-depth implementation.Chapters:- 00:00:00 - Meet Scott Cargill of BW Design Group- 00:02:30 - Data centers expanding for AI- 00:04:40 - Critical BMS vulnerabilities being ignored- 00:07:40 - Alarming OT security reality- 00:09:40 - Why OT security remains deprioritized- 00:12:10 - IT-OT security convergence challenges persist- 00:16:35 - Manufacturing parallels to data centers- 00:20:10 - Security solutions evolution underway- 00:21:45 - Managed services necessity for OT- 00:24:42 - Thought leadership driving industry standardsLinks and Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityScott Cargill on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Industrial environments are complex. Aging systems, distributed plants, and a crowded vendor landscape make “buy another tool” a tempting but often costly reflex. In this episode, Dino Busalachi talks with Danielle “DJ” Jablanski, about moving from paper programs to measurable progress in OT security. They address why competence and capacity must come before capabilities, how to right-size your technology stack through tool rationalization, and why interdependence mapping is foundational for real resilience.00:00:00 – Why OT maturity often stalls00:06:00 – Where to focus first: assets, segmentation, and access00:08:20 – Governance gaps: frameworks on paper vs. controls in practice00:10:10 – Interdependence mapping beyond "crown jewels"00:12:30 – Operators as first responders and safe-state realities00:16:15 – Vendor and OEM ecosystems: who owns the response plan?00:20:10 – Threat intel's limits: effects‑based security over means‑based noise00:22:00 – Incident readiness in plants: plans, practice, and ownership00:26:00 – Supply chain fragility and concentration risk in manufacturing00:29:30 – Tool rationalization: measuring ROI, coverage, and usabilityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.DJ's Blog on Interdependence Mapping: https://claroty.com/blogDanielle Jablanski on LinkedInIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Hosts Craig and Dino discuss Mitsubishi's billion-dollar acquisition of Nozomi Networks and its implications for operational technology cybersecurity. They address how this major deal affects the industrial security market.The conversation covers IT/OT convergence challenges, managed services, vendor partnerships, and AI in cybersecurity decision-making. Craig and Dino share practical insights for security leaders and engineering professionals working in industrial environments.Topics covered: • Why Mitsubishi made this $1B investment • How this affects choosing security vendors • The growing role of managed services in OT security • What organizations should do to prepare for changesFor cybersecurity professionals, industrial engineers, and executives working with operational technology and cyber defense.Chapters:00:00:00 - Welcome to Industrial Cybersecurity Insider Podcast00:01:26 - A Trend of Cybersecurity Platform Acquisitions00:02:03 - The "Cyber-Informed Engineering" Play00:02:52 - Market Impact: Setting a Billion-Dollar Bar for Competitors00:05:06 - A Lack of Expertise and Resources00:05:48 - The Challenge of Building an In-House Team vs. Using Managed Services00:07:40 - Embedding Security Directly into Hardware Controllers00:09:33 - How Competitors Like Rockwell Might React00:10:00 - IPO or Acquisition?00:14:42 - The On-Prem vs. Cloud Debate in Manufacturing Environments00:16:50 - 87% of Organizations Are Lagging in Cybersecurity Maturity00:17:20 - The IT/OT Resource and Knowledge Gap00:18:54 - The Need for CIOs to Partner with OT Systems Integrators00:21:25 - The "OnStar" Model for Industrial Security00:22:15 - The Reality of Vendor Lock-In and Warranty Issues00:24:14 - OT Needs to Own Its Cybersecurity Strategy00:25:12 - The Risk of Underutilized Security ToolsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Craig and Dino address one of the most pressing challenges in industrial cybersecurity: the gap between responsibility and authority for CISOs and their ability to protect manufacturing and critical infrastructure plant floors. While executives are tasked with ensuring resilience and reporting to the board, they often hit resistance at the plant floor where production uptime and safety KPIs take priority. The conversation explores IT/OT convergence, asset visibility blind spots, OEM restrictions, and the risks of relying on remote-only deployments. With insights from decades of hands-on experience in industrial environments, Craig and Dino outline practical steps for building bridges between IT and OT, aligning financial risk with security strategy, and equipping CISOs with the authority they need to succeed.Chapters:00:00:00 - Welcome to the Industrial Cybersecurity Insider Podcast00:01:11 - The CISO's Core Conflict of Responsibility Without Authority00:02:45 - Why Security Efforts Get "Kneecapped at the Front Door"00:04:04 - Understanding the OT Environment and Its Unique Technology00:05:36 - Building Bridges Between IT and OT as the Solution00:07:44 - Overcoming OT's "Skittish" Resistance to IT00:09:43 - The Scaling Problem of Too Few Engineers for Too Many Plants00:10:57 - Why a Remote-First Approach Fails in Manufacturing00:14:44 - The "Epiphany" of Uncovering Operational Benefits for OT Teams00:17:24 - Navigating OEM Warranties and Equipment Restrictions00:19:14 - The "Trust but Verify" Mandate for a CISO00:20:56 - The Danger of Hidden Networks and the "Air Gap" Myth00:23:16 - Speaking the Language of Business in Dollars and Cents00:24:43 - Aligning Security with the Plant's Capital Master Plan00:27:24 - How Company Ownership Affects Security Investment00:28:16 - How to Give the CISO Real AuthorityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this essential rewind episode, Dino Busalachi and Craig Duckworth address a fundamental challenge facing practitioners in the field: effectively securing operational technology (OT) environments through local expertise and proper data collection.The Power of Local PartnershipDino emphasizes a crucial principle that often gets overlooked in cybersecurity implementations: "The only way you can act local is you've got to work with those folks that are in those plants every day, all day."This insight highlights why external cybersecurity consultants must forge strong partnerships with on-site operational teams who possess intimate knowledge of their industrial environments.These local experts understand the nuanced details that can make or break a security implementation. This includes everything from vendor schedules and machine operations to maintenance windows and downtime planning.They know when critical systems are most vulnerable and which processes absolutely cannot be interrupted.Chapters:00:00:00 - Why Local Collaboration is Critical for Cybersecurity Success00:01:07 - Meet Dino and Craig: Experts in IT/OT Integration00:01:49 - Unpacking the Challenges of IT/OT Convergence00:02:28 - Why IT and OT Teams Often Struggle to Align00:04:48 - Building Collaborative Frameworks for Stronger Cybersecurity00:07:33 - The Role of CIOs and CISOs in Driving Change00:08:44 - Navigating the Complexities of Diverse Plant Environments00:10:23 - Partnering with Vendors to Enhance Security Outcomes00:11:16 - Key Questions to Evaluate System Integrators Effectively00:16:35 - Using Tabletop Exercises to Align IT and OT Teams00:22:20 - Closing Thoughts: Bridging the Divide for Unified CybersecurityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Craig and Dino break down the FBI’s latest cybersecurity advisory and what it means for industrial organizations. From Cisco hardware vulnerabilities on the plant floor to the widening gap between IT and OT security teams, they address the critical blind spots that attackers often exploit. They discuss why manufacturing has become ransomware’s “cash register,” the importance of continuous monitoring and asset visibility, and why every organization must have an incident response plan in place before a crisis. This episode is packed with real-world insights and actionable strategies. It's a must-listen for CISOs, CIOs, OT engineers, and plant leaders safeguarding manufacturing and critical infrastructure.Chapters:00:00:52 - Welcome to Industrial Cybersecurity Insider Podcast00:01:21 - A New FBI Advisory on Nation-State OT Threats00:02:37 - Cisco Hardware on the Plant Floor Targeted in Advisory00:03:18 - The IT/OT Disconnect: OT Assets are Often Invisible to InfoSec Teams00:04:19 - The Awareness Gap: Critical Security Alerts Fail to Reach OT Operations00:04:54 - The OT Cybersecurity Skills Gap and Cultural Divide00:07:32 - Why All Manufacturing is Critical, Citing the JBS Breach00:08:37 - The Staggering Economic Cost of OT Breaches00:09:33 - The "Cash Register" Concept: Why Attackers Target Manufacturing00:10:29 - OT as the New Frontier for Attacks on Unpatched Systems00:11:28 - The "Disinterested Third Party": When OEMs See Security as the Client's Problem00:12:31 - The Foundational First Step: Gaining Asset Visibility & Continuous Monitoring00:13:53 - The Impracticality of Patching in OT Due to Downtime and Safety Risks00:15:25 - Academic vs. Practitioner: Why High-Level Advice Fails on the Plant Floor00:18:25 - The Minimum Requirement: A Practiced, OT-Inclusive Incident Response Plan00:18:58 - Why CISOs Must Build Relationships with Key OT Partners00:22:46 - Practice, Partner, and Protect NowLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this week's rewind episode, Dino Busalachi is joined by Gary Kneeland from Claroty. With over nine years of experience at Claroty, Gary discusses the evolution of OT security, the convergence of IT and OT, and the growing importance of cybersecurity in protecting critical infrastructure. The conversation touches on how regulatory changes, ransomware threats, and AI advancements are shaping the industry. Whether you’re dealing with outdated systems or navigating complex industrial environments, this episode provides practical insights into the challenges and opportunities ahead.Chapters:00:00:00 - Pandemic's Impact on Critical Infrastructure00:01:08 - Introduction to Gary Neelan and Claroty00:01:41 - Gary's Role in OT Cybersecurity00:02:49 - Evolution of OT Cybersecurity: From Compliance to Strategy00:05:23 - IT and OT Convergence: Securing Cyber-Physical Systems00:09:46 - Addressing Complex Challenges in OT Cybersecurity00:11:56 - OT Cybersecurity Talent Shortage and Managed Services00:13:01 - Future of OT Cybersecurity: Adapting to New Threats00:14:36 - Modernizing Manufacturing Systems for Enhanced Security00:15:52 - Global Cybersecurity Trends in Critical Infrastructure00:18:01 - Regional OT Cybersecurity Challenges and Responses00:25:01 - The Role of AI in Defending OT Environments00:28:19 - Final Thoughts on OT Cybersecurity's FutureLinks And Resources:Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityGary Kneeland on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this hard-hitting episode of Industrial Cybersecurity Insider, host Dino Busalachi sits down with two battle-tested experts: Debbie Lay from TXOne Networks and Patrick Gillespie from GuidePoint Security. Together, they pull back the curtain on the messy, complex world of operational technology (OT) cybersecurity, where million-dollar cybersecurity losses happen regularly.This isn't your typical cybersecurity podcast filled with vendor pitches and theoretical frameworks. Instead, you'll get an unvarnished look at what really happens when industrial organizations try to secure their critical infrastructure. From the shocking reality of cyber insurance claims being denied over half-implemented multi-factor authentication to the all-too-common sight of HMI passwords scrawled in permanent marker on the plant floor. This conversation exposes the gap between cybersecurity best practices and industrial implementation and protection reality.What makes this episode essential listening:Real financial impact: Learn why industrial breaches cost $5.5-6 million on average, with downtime running $125,000 per hourPractical solutions that work: Discover how segmentation, virtual patching, and agentless endpoint tools can protect legacy systems without breaking the bankPolitical warfare decoded: Understand the often-toxic dynamics between IT and OT teams that sabotage security initiativesImplementation roadmaps: Get actionable strategies for deploying zero-trust architectures on the plant floorWhether you're a CISO struggling to justify OT security budgets, an engineer trying to protect decades-old industrial systems, or a consultant navigating the minefield of industrial cybersecurity politics, this episode delivers the kind of street-smart insights you won't find in vendor whitepapers.Chapters:00:00:00 - Cyber insurance denied over incomplete MFA 00:03:21 - What clients face as they begin the OT security journey00:06:35 - Industrial breach cost stat ($5.5–$6M; ~$125k/hour downtime) 00:07:36 - Too many IT tools forced into OT00:08:47 - Investment hurdles and budgeting misalignment00:11:05 - Collaboration between OT asset owners and the CISO00:13:24 - Hamilton ransomware: 80% hit; cyber insurance denied for incomplete MFA00:14:26 - HMI username/password written in Sharpie; segue to TXOne solutions00:18:22 - Who embraces TXOne first—IT or OT?00:20:58 - CISOs on OT priorities and piloting top sites00:22:25 - The ugly: Lacking OT inventory, unclear playbooks, starting from zero00:23:26 - The good: Safeguarding OT, anomaly alerts, avoiding risky legacy connections00:24:34 - Healthcare imaging case: XP-based systems, high replacement costs00:27:03 - AI useful in SOC/baselining; humans still required on OT side00:29:15 - Combining best-of-breed solutions to avoid costly deployment gaps00:29:47 - Why deployments stall—overwhelm and fatigue after tech selectionLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Debbie Lay, TXOne Networks on LinkedInPatrick Gillespie, GuidePoint Security on LinkedInIndustrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Many manufacturing leaders believe they’re seeing 80–85% of their OT environment industrial assets. But in this episode, Dino and Craig reveal the reality that most have visibility into only 30–35% of their industrial control system assets, leaving the hidden 70% vulnerable. In this hard-hitting episode, they dismantle the false sense of OT security. They explore why million-dollar cybersecurity tool investments aren't fully utilized, and expose the costly disconnect between corporate IT, plant-floor teams, and third-party vendors. From debunking the air gap myth to stressing the need to trust but verify every connection, they show how to turn underutilized tools into proactive defenses that improve both security and operational efficiency. If you think your ICS is fully protected, this conversation might change your mind.Chapters:00:00:00 - Introduction: When Inefficiency Becomes Expensive00:00:59 - The Hidden Danger of Feeling Secure in Manufacturing00:03:58 - Why True Visibility and Accurate Data Change Everything00:07:18 - Real-World Roadblocks: Missteps and Mixed Messages00:10:24 - Who Holds the Power vs. Who Bears the Blame in Cybersecurity00:21:47 - Charting a Smarter Path to Stronger Cyber Defenses00:25:27 - Conclusion: Actionable Moves to Level Up Your SecurityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode of Industrial Cybersecurity Insider, Craig Duckworth sits down with Ian Bramson, VP of Global Industrial Cybersecurity at Black & Veatch, to explore what it really takes to secure complex industrial systems. Whether you're retrofitting legacy brownfield environments or designing cybersecurity into greenfield builds, Ian unpacks the foundational questions every organization must answer:What do you need to protect? Where are your holes? Can you see what's happening and respond if something goes wrong? From AI-enabled attackers to real-time asset visibility, he shares actionable insights on risk management, OT monitoring, and why leaders must begin treating cybersecurity like safety, not just an IT function. Whether you’re managing a water treatment plant, a power plant, or smart transportation infrastructure, this conversation delivers clarity in complexity - and guidance for what to do next.Chapters:00:00:00 - Uncovering Hidden Dangers in Remote Access00:00:59 - Meet Ian Bramson: Defending the World’s Most Critical Systems00:02:58 - Why Critical Infrastructure Is Everyone’s Business00:03:30 - Power and Water: The Frontlines of Cyber Defense00:09:07 - Decoding NERC CIP: What You Really Need to Know00:10:38 - Walking the Tightrope Between Compliance and True Security00:17:01 - Proven Cybersecurity Tactics That Actually Work00:22:50 - AI in Cybersecurity: Game-Changer or New Threat?00:24:47 - How Public and Private Sectors Tackle Cyber Risk Differently00:29:31 - Ian Bramson’s Final Playbook for Today’s CISOsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig Duckworth sits down with seasoned attorney and cyber crisis strategist Josh Cook, founder of Left of Boom Consulting. Together, they explore the pivotal role of proactive preparation in cybersecurity especially for mid-market and industrial organizations navigating today’s hyper-connected, AI-augmented threat landscape. Josh shares hard-earned insights from decades of incident response leadership, emphasizing why building your cyber playbook before the attack is critical. From legal implications and executive missteps to the psychological attributes needed in your incident command post, this conversation is a masterclass in cyber resilience and proactive protection by design.Chapters:00:00:00 – Kicking Off with Chaos: Why Incident Response Matters00:01:02 – Enter Josh Cook: Legal Strategist Turned Cyber Commander00:01:18 – War Stories and Wisdom: Josh’s Journey to Left of Boom00:02:38 – Planning Beats Panic: Mastering the Art of Pre-Incident Prep00:04:17 – Assembling the A-Team: Who Belongs in Your Cyber War Room00:09:07 – AI at the Front Lines: Friend, Foe, or Something in Between?00:12:42 – Industrial Chaos: What’s Really Holding Cybersecurity Back00:16:07 – Boardroom to Shop Floor: Why the C-Suite Can’t Stay Silent00:25:18 – No Secrets Here: Transparency and the Power of Telling the Truth00:29:08 – Parting Shots: Josh’s Battle-Tested Advice for ResilienceLinks And Resources:Josh Cook on LinkedInWebsiteWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino Busalachi and Craig Duckworth tackle one of the most overlooked threats in cybersecurity: the number of industrial vendors and system integrators in manufacturing environments. The conversation addresses the relationship and communication gap between IT and the teams responsible for designing and supporting industrial control systems. They emphasize the need for improved governance, enhanced vendor accountability, and clear ownership of cyber risk. Whether you're a CISO, CIO, or VP of Engineering, this episode offers actionable insight into bridging the IT/OT divide, securing plant floors, and building a cybersecurity strategy that works at the edge of your business.Chapters:00:00:00 - Kicking Off: Why Transparency in Cyber Matters00:00:43 - Who’s Talking? Meet Craig & Dino00:01:05 - The Big Question: What’s IT’s Role in Industrial Security?00:01:35 - When Too Many Vendors = Chaos00:02:37 - How to Actually Secure OT Environments00:03:46 - Choosing the Right Partners (and Asking the Right Questions)00:12:37 - Why Cyber Teams Need Plant Floor Time00:14:24 - Getting Smarter: Use External Experts & Vendor Summits00:18:22 - IT Meets OT: Closing the Culture Gap00:30:03 - What Now? Practical Next Steps for CISOsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Craig Duckworth and Dino Busalachi discuss the critical role of the C-suite in fortifying manufacturing environments against cyber threats. They discuss the unique challenges that manufacturing organizations face. Their conversation reinforces the importance of executive teams understanding and actively engaging in industrial OT cybersecurity strategies. With compelling arguments for a more involved C-suite, Craig and Dino explore the intersection of cybersecurity and operational efficiency. They emphasize the need for leadership to understand and lead the charge to ensure security for industrial control systems. This episode serves as a wake-up call for executives to embrace their role in protecting their companies from potential adverse events. This episode highlights the fact that cybersecurity is not just an IT issue but a foundational aspect of modern business resilience.Chapters:00:00:00 - Meet Dino and Craig00:01:47 - Deciphering Cybersecurity's Extensive Influence on Manufacturing Dynamics00:03:29 - Unpacking the Costs: The Stark Reality of Ignoring Cybersecurity00:04:08 - The Interplay Between Cyber Insurance, Liability, and Organizational Security00:05:07 - Charting the Course: Fundamental Actions for Cyber Resilience00:07:35 - Implementing Cybersecurity Measures: A Tactical Overview for Manufacturing Leaders00:10:54 - The Imperative of Continuous Monitoring in Mitigating Cyber Risks00:14:11 - Bridging the Divide: Fostering Collaboration Between IT and OT Teams00:17:06 - Cultivating Cyber-Aware Culture: Integrating Security into the Manufacturing DNA00:20:01 - Forward Momentum: Strategic Insights for Executive Leadership on Cybersecurity00:24:28 - Reflecting on the Imperatives of Cybersecurity in the Manufacturing SectorLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino Busalachi and Craig Duckworth tackle a critical disconnect plaguing industrial organizations: the disconnect in understanding and communication between IT and OT regarding industrial cybersecurity.While some IT departments are investing in OT cybersecurity platforms, 85% of the data these tools collect is designed for OT teams to act upon. Unfortunately, plant floor personnel, system integrators, and OEMs working in these environments rarely get access to dashboards, asset inventories, or vulnerability reports.Organizations must move beyond the "oil and water" mentality between IT and OT. This means involving plant personnel in cybersecurity decisions, sharing data with trusted partners who "build the cars" (not just buy them), and recognizing that effective OT security requires collaboration with the people who live and breathe on the plant floor every day.Bottom Line: If you're not sharing cybersecurity data with your system integrators, OEMs, and plant operations teams, you're not practicing true IT-OT convergence. You're missing critical opportunities to improve your security posture where it matters most.Chapters:00:00:00 - Why Local Collaboration is Critical for Cybersecurity Success00:01:07 - Meet Dino and Craig: Experts in IT/OT Integration00:01:49 - Unpacking the Challenges of IT/OT Convergence00:02:28 - Why IT and OT Teams Often Struggle to Align00:04:48 - Building Collaborative Frameworks for Stronger Cybersecurity00:07:33 - The Role of CIOs and CISOs in Driving Change00:08:44 - Navigating the Complexities of Diverse Plant Environments00:10:23 - Partnering with Vendors to Enhance Security Outcomes00:11:16 - Key Questions to Evaluate System Integrators Effectively00:16:35 - Using Tabletop Exercises to Align IT and OT Teams00:22:20 - Closing Thoughts: Bridging the Divide for Unified CybersecurityLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Craig Duckworth and Dino Busalachi discuss the critical but often overlooked or misunderstood role of system integrators (SIs) in industrial cybersecurity.Key Issues Identified:Organizations typically work with multiple specialized integrators across different facilities and systemsSome SIs lack cybersecurity expertise, focusing primarily on equipment functionalityEquipment can remain connected to networks for decades, with ownership and oversight changing hands over timeSystem integrators must exercise proper IT coordination to implement remote access solutions effectivelyRecommendations:IT and OT teams should collaborate more closely with system integrators on cybersecurity planningOrganizations need to evaluate their SIs' cybersecurity capabilities and partnershipsConsider standardizing on integrators with demonstrated cybersecurity practices and vendor certificationsApply the same due diligence used for IT vendor selection to OT system integratorsBottom Line: System integrators are essential partners in executing industrial cybersecurity strategies and protection. Organizations must actively engage them in security conversations and ensure they have the necessary skills and partnerships to implement secure solutions for their plant environments from the start.Chapters:00:00:00 - Real-World Ransomware Hits the Plant Floor00:00:52 - Meet the System Integrators Shaping Your OT Plant Floor Security00:01:17 - What System Integrators Really Do (and Don’t)00:04:13 - Remote Access: The Hidden Backdoor Nobody Sees00:08:34 - Why Ongoing Monitoring Is Non-Negotiable00:13:30 - How to Pick the Right System Integrator For Your Operations00:26:17 - Building Strong Partnerships with Your IntegratorsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig and Dino break down how cyberattacks that start in traditional IT systems can shut down entire manufacturing production lines, leading to massive financial losses. Using real-world examples like UNFI's $500 million drop in market value in 60 hours, they explain how overlooked connections between IT and the OT plant floor are often the weakest links. You’ll hear why simply installing firewalls isn’t enough, how organizational silos between IT and operations cause major blind spots, and what it really takes to secure industrial equipment. Whether you're in leadership, technology, or operations, this episode will change how you think about cyber risk and business continuity in connected environments.Chapters:00:00:00 - Introduction: Where Responsibility Ends and Authority Doesn’t Begin00:01:08 - Meet Your Guides: Dino & Craig On the Frontlines00:01:14 - When Cyber Hits the Plant Floor00:01:28 - Real-World Wake-Up: The Unify IT Incident00:02:36 - The Gaps No One’s Watching in OT Security00:03:18 - How Org Structure Can Make or Break Cyber Defense00:04:03 - Plugging in OT Visibility: IDS in Action00:04:43 - Who’s Really Calling the Shots—Corporate or the Plant?00:07:02 - IT-OT Convergence: What Leaders Must Understand00:13:14 - Building Cyber Defense That Actually Works00:15:25 - Recovery Starts Before the Breach00:17:37 - Why IT Alone Can’t Fix OT Problems00:24:55 - Just Getting Started? Here’s What to Do First00:28:33 - Final Word: You Can’t Secure OT AloneLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

What happens when the CISO inherits responsibility for the security of the plant floor?Dino and Craig discuss a growing trend: CISOs are being expected to oversee cybersecurity for industrial plant floors. Unfortunately, they don't have the background to effectively take on this responsibility.A perpetuating trend exists where cybersecurity leaders are expected to protect factories and industrial assets without the authority, tools, or support to do so effectively.In this conversation, Dino and Craig explain why traditional IT security approaches don’t work in these environments, and how things like outdated equipment, disconnected systems, and outside vendors make the challenge even harder. From weak remote access tools to the confusion around who actually manages plant security, this episode shines a light on the hidden risks most companies overlook.Whether you're in IT, operations, or a leadership role, you’ll walk away with a better understanding of how to approach cybersecurity in complex industrial settings.You'll also gain insights into the steps you can take to protect your people, your technology, and your bottom line.Chapters:00:00:00 - Kicking Off: Smart Tool Choices Start Here00:01:02 - When CISOs Inherit the Factory Floor00:02:17 - Making Friends with OEMs and Integrators00:04:47 - Why OT Security Is a Whole Different Beast00:08:50 - Cyber Budgets: Where’s the Money Really Coming From?00:13:10 - How to Actually Roll Out Security in the Plant00:18:35 - VPNs Aren’t Enough: Fixing Remote Access00:24:42 - What OT Incident Response Really Looks Like00:27:17 - Wrapping It Up: Strategy, Buy-In, and What’s NextLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this rewind episode, cybersecurity leaders revisit some of the hardest-hitting truths about protecting critical infrastructure in an increasingly converged IT/OT world. This conversation explores the disconnect between IT theory and OT reality, from the real-world fallout of the CrowdStrike disruption to the challenges of virtual patching, insider threats, and the cloud’s role on the plant floor. The discussion exposes how legacy systems, poor collaboration, alert fatigue, and vendor dependency continue to sabotage industrial cybersecurity. They discuss tactical strategies for improving, from asset inventory and patching hygiene to choosing the right partners and walking the plant floor.Chapters:00:00:00 - Cyber threats are moving faster than your patch cycle00:00:47 - Crowdstrike, Virtual Patching and Industrial OT Environments with Debbie Lay, TXOne Networks00:07:48 - The #1 Myth Putting Your Industrial OT Assets at Risk00:15:01 - Patch Management and Software Updates: IT versus OTLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino and Craig tackle one of the most misunderstood topics in industrial cybersecurity: IT/OT convergence. But is it truly convergence or more of a collision? Drawing from real-world experiences, they challenge the idea that OT is a “shadow IT group” and argue that operational technology deserves distinct governance, funding, and strategic influence. From secure-by-design to system integrators' evolving role, this conversation is a call to action for CISOs, CIOs, and engineering leaders to rethink how they build cybersecurity partnerships across the plant floor.Chapters:00:00:00 - Opening Shot: Who’s Really in Charge—CIOs or the Plant Floor?00:00:57 - Collision Course: IT and OT Can’t Keep Dodging Each Other00:01:52 - Two Worlds, One Mission: Why OT Isn’t Just “IT in a Hard Hat”00:04:07 - When Convergence Fails: What’s Missing in the Middle00:05:54 - Breaking Silos: Why Cybersecurity Demands True Collaboration00:08:22 - Real Talk: What Cyber Protection Looks Like on the Plant Floor00:10:46 - OT’s Tipping Point: Will the Next Move Come from IT, or the Shop Floor?00:17:32 - Your Move: What Leaders Must Do Next (Before It’s Too Late)Links And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!