Inside Cyber Incident Response: Military Lessons, OT Challenges & the Power of Blameless Culture
Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Inside Cyber Incident Response: Military Lessons, OT Challenges & the Power of Blameless CulturePub date: 2025-12-01Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCyber incidents don’t just test your technology - they test your people, your processes, and your culture.
In this episode of Protect It All, host Aaron Crow sits down with Daniel Swann, Cyber Incident Commander at Rockwell Automation, to pull back the curtain on what really happens during IT and OT incidents. With decades of experience across the U.S. Air Force, enterprise environments, and industrial operations, Daniel shares lessons learned the hard way - from managing chaos in real time to building a culture where teams can learn without blame.
You’ll learn:
Why documentation and scribe roles can make or break an incident response
How blameless postmortems actually strengthen team performance
What military-style discipline can teach us about OT and IT incident handling
How to run effective tabletop exercises that expose real gaps
The human factors - communication, clarity, ownership - that reduce downtime and panic
Practical strategies to evolve your incident response plan before the next breach
Whether you’re developing your first IR playbook or leading seasoned response teams, this episode delivers actionable, real-world insights that help you prepare, respond, and recover with confidence.
Tune in for battle-tested wisdom from military operations to industrial control rooms - only on Protect It All.
Key Moments:
00:00 "Protect IT/OT Cybersecurity Podcast"
03:30 Cybersecurity: Versatility Is Key
07:52 "Balancing Bureaucracy and Flexibility"
10:20 "Practice Makes Plans Effective"
14:17 "Learning While Doing"
18:44 "Document Key Info in Incidents"
19:46 "Versatile Team Role Importance"
22:45 "Tracking Lessons with Visibility"
28:34 Proactive Reporting Encouraged
29:33 Safe Reporting Prevents Phishing Incidents
32:52 "Bridging IT and OT Safely"
37:15 Team Collaboration Enhances Outcomes
41:00 Military Preparedness and Logistics Planning
42:59 Preparing for Unlikely Scenarios
47:20 AI Threats to OT Systems
48:32 "AI's Impact on Learning and Jobs"
About the guest:
Daniel Swann is a seasoned Cyber Incident Commander at Rockwell Automation, bringing 17+ years of IT leadership and nearly a decade of cybersecurity experience. A U.S. Air Force veteran, he has led global cyber operations, responded to major vulnerabilities like Log4J, and driven large-scale improvements in incident response and vulnerability management. Daniel is highly certified, mission-driven, and recognized for building strong, resilient security teams.
Links :
Video of Daniel Swann with Kate Vajda, Director of Vulnerability Research and Malware Threat Research, Dragos : https://www.youtube.com/watch?v=4zotgrPk8vI
Connect with Daniel on LinkedIn : https://www.linkedin.com/in/j-daniel-swann/
Connect With Aaron Crow:
Website: www.corvosec.com
LinkedIn: https://www.linkedin.com/in/aaronccrow
Learn more about PrOTect IT All:
Email:
[email protected]
Website: https://protectitall.co/
X: https://twitter.com/protectitall
YouTube: https://www.youtube.com/@PrOTectITAll
FaceBook: https://facebook.com/protectitallpodcast
To be a guest or suggest a guest/episode, please email us at
[email protected]
Please leave us a review on Apple/Spotify Podcasts:
Apple - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124
Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Netherlands