@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: Industrial Cybersecurity Insider
Episode: Is AI Becoming Your Plant Floor's Biggest Vulnerability?
Pub date: 2026-06-15

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Craig and Dino dig into the widening gap between IT and OT and why the plant floor keeps getting left behind.
They break down what Dragos ' acquisition of Phosphorus signals for the future of IoT security in manufacturing, from cameras and label printers to X-ray inspection systems that ship with default passwords and almost never get patched.
The conversation gets sharp on artificial intelligence: the same models helping plants work smarter are now lowering the barrier for attackers, putting Stuxnet-style capabilities into the hands of people who lack the resources and sophistication that nation states once needed.
Craig and Dino expose the everyday habits that leave operations vulnerable, including system integrators plugging personal laptops straight into production networks, locked USB ports that solve only half the problem, and remote access so wide open that a single entry point can expose an entire plant.
They argue that nobody truly owns OT cyber hygiene, that frameworks like IEC 62443 and the NIST 800 82 series get named in RFPs but rarely enforced, and that leaders keep tripping over dollars to pick up nickels by choosing the cheapest bid over real protection.
It's a candid, experience-driven look at why industrial security moves so slowly and what plant leaders, engineers, and security teams can actually do about it.
Chapters:
(00:00:00) - AI Enters the OT Battlefield
(00:01:30) - Why IoT Is Creeping Onto the Plant Floor
(00:03:30) - Printers, Cameras, and the Default Passwords Nobody Owns
(00:06:00) - Dragos, Phosphorus, and the Managed Services Question
(00:08:00) - How AI Lowers the Bar for Attacking Control Systems
(00:09:40) - Stuxnet Then vs. AI-Powered Attacks Now
(00:12:00) - The Laptop in the Plant: Contractors, USBs, and Open Networks
(00:16:00) - Frameworks on Paper vs. Reality (IEC 62443 & NIST 800-82)
(00:19:00) - Tripping Over Dollars to Pick Up Nickels
(00:24:00) - Short-Tenure CISOs and Why You Shouldn't Go It Alone

Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)
Episode: Cybersecurity vs Resilience: What Business Leaders Need to Know About Managing Risk
Pub date: 2026-06-15

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Cybersecurity isn't the goal. Business resilience is.

In this episode of Protect It All, host Aaron Crow sits down with Lee Ward to explore why organizations need to move beyond compliance checklists and start focusing on what really matters: the ability to withstand, recover from, and adapt to disruption.

Drawing on more than two decades of experience spanning the UK civil service, logistics, supply chain operations, and governance, risk, and compliance (GRC), Lee shares practical insights on helping boards and executives understand cyber risk in business terms.

Together, Aaron and Lee discuss the realities of risk acceptance, operational technology challenges, patching constraints, and why resilience not perfection should be the ultimate objective of any cybersecurity program.

You'll learn:

Why resilience is a better business objective than security alone

How to communicate cyber risk to boards and executive leadership

The difference between compliance and meaningful risk reduction

Practical approaches to OT security, patching, and operational constraints

Why risk acceptance is a critical leadership responsibility

How logistics and supply chain organizations approach resilience planning

Whether you're a security leader, executive, risk manager, or OT practitioner, this episode provides practical guidance for building organizations that can continue operating when disruptions inevitably occur.

Tune in to learn why resilience not just security is becoming the defining metric of successful organizations.

Key Moments: 

03:59 Understanding Cyber Risks for Leaders

07:16 Discussing non-cyber risks to services

11:12 Understanding business impact of cyber risk

15:45 Evaluating Cybersecurity Risks

19:37 Understanding installation complexities

21:15 Global risks affecting business resilience

24:27 Discussing regulation impacts on business

29:30 People's drive to make good choices

31:27 Industrial control systems demo at DEFCON

34:43 Limitations of technical security

38:06 The future of AI and education

About the guest : Lee Ward is a Governance, Risk Management, and Compliance (GRC) leader with more than 20 years of experience spanning the UK civil service, logistics, supply chain operations, and cybersecurity. Specializing in business resilience, risk governance, and operational technology security, Lee helps organizations translate complex cyber risks into meaningful business decisions. He is passionate about moving beyond compliance-driven security programs and helping leaders build resilient organizations that can adapt, recover, and thrive in an increasingly uncertain world.

How to connect Lee:  https://www.linkedin.com/in/lee-ward-882a54244/

Learn more about PrOTect IT All:

Email: info@protectitall.co 

Website: https://protectitallpod.com/ep110

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

 

To be a guest or suggest a guest/episode, please email us at info@protectitall.co

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)
Episode: Krista Arndt on Cyber Resilience in Healthcare
Pub date: 2026-06-14

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Krista Arndt, the Associate Chief Information Security Officer (CISO) at the St. Luke's University Health Network, a 15-hospital health system in Pennsylvania and New Jersey, joins the Nexus Podcast to discuss cybersecurity and resilience in a large hospital system. 
Krista and her team talk about the role of healthcare cybersecurity teams in ensuring patient safety, and some of the ongoing challenges in keeping medical devices and the healthcare network available and resilient to attack. 
Krista also discusses a microsegmentation project implemented through Elisity that helped remove blockers impeding innovation around robotic surgical systems. 
Subscribe and listen to the Nexus Podcast here. 

The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: teissPodcast - Cracking Cyber Security (LS 31 · TOP 5% what is this?)
Episode: teissTalk: Navigating cloud transformation and IT/OT convergence in CNI
Pub date: 2026-06-11

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Balancing compliance, resilience, data sovereignty and uptime across IT and OT environments - whether a cloud-first strategy is viable in CNI
How the need to harness operations data for optimisation, innovation, risk management, and organisational resilience challenges legacy security models
Adapting proven resilience models from IT cloud transformation to OT security in CNI and the importance of public-private partnerships in its success 
- Thom Langford, Host, #teissTalk
- Amal Kotecha, Head of Technology, INEOS
- Sarah Clarke, Head of Information, Strategic Command
- Alex Holben, Strategy & Technology Officer, Fortinet

The podcast and artwork embedded on this page are from TEISS, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Exploited: The Cyber Truth
Episode: Seeing the Invisible: Asset Discovery, Segmentation, and the Reality of OT Security
Pub date: 2026-06-11

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by Shane Fry, CTO of RunSafe Security, and Andrew McPhee, Solutions Manager for Industrial Security at Cisco, to examine why visibility is one of the biggest challenges in OT cybersecurity.

As industrial environments become more connected, organizations are struggling to identify unknown assets, understand hidden dependencies, and secure systems that were never designed with cybersecurity in mind. McPhee explains how attackers exploit these blind spots, why traditional IT security approaches often fall short in OT environments, and how visibility and segmentation can help reduce risk.

Together, they explore:

Why asset visibility is the foundation of OT security
How unknown assets and communication pathways create risk
The differences between active and passive asset discovery
Why segmentation remains one of the most effective OT security controls
How IT/OT convergence is expanding the attack surface
The role of risk tolerance and risk acceptance in security decisions

From manufacturing facilities to critical infrastructure, this episode explores what security teams must understand before they can effectively protect the systems they depend on.

The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.