@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)
Episode: Compliance Isn’t Security: NERC CIP 15 and the Real Gaps in OT Network Monitoring
Pub date: 2026-02-23

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Passing an audit doesn’t mean you’re secure.

In this episode of Protect It All, host Aaron Crow dives into one of the biggest misconceptions in operational technology: the belief that compliance equals protection. Using NERC CIP 15 as a real-world case study, Aaron explores why meeting regulatory requirements is only the starting point - not the finish line.

A major focus of this conversation is OT network monitoring, especially the often-overlooked east-west traffic inside your environment. Many organizations monitor perimeter traffic while internal blind spots remain wide open.

You’ll learn:

Why compliance frameworks don’t automatically create security

The real challenges of implementing NERC CIP 15 at scale

Why internal network visibility (east-west monitoring) matters

How to establish meaningful baselines in legacy OT environments

The difference between audit success and operational resilience

Why architecture, tooling, and skilled personnel must work together

Whether you’re working in utilities, manufacturing, or critical infrastructure, this episode provides practical guidance on how to move beyond checklists and build security programs that truly reduce risk.

Tune in to learn how to transform compliance requirements into real operational protection - only on Protect It All.

Key Moments: 

00:00 OT Security Blind Spots

05:15 "OT Security and Monitoring Challenges"

10:41 Aging Switches and Monitoring Challenges

13:16 OT Protocols and Infrastructure Challenges

15:42 "IT vs OT: Complexity Challenges"

18:03 "Balancing Compliance and Security"

21:57 Securing Critical Infrastructure Spaces

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

 

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad Industrial
Episode: 3/4 Acciones de Orquestando de la seguridad OT
Pub date: 2026-02-23

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

En este episodio se abordan retos reales de integrar la seguridad OT y los errores más comunes en ese proceso. Aborda cómo la automatización del cumplimiento libera a los equipos para tareas de mayor valor. Explica cómo la remediación basada en esfuerzo e impacto cambia la forma de trabajar de OT y seguridad.

The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made Simple
Episode: Warum die Integration von Security Events in Leitwarten entscheidend ist | OT Security Made Simple
Pub date: 2026-02-17

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Dirk Lüders, Director of Marketing & Sales International bei Jungmann Systemtechnik, spricht mit Host Klaus Mochalski über seine mehrjährigen Erfahrungen als Turnkey-Solution-Anbieter für Leitwarten, welche Vorteile KVM-Systeme bieten und was für Herausforderungen durch verstaubte DOS-Altlasten sowie streng regulierte Maustreiber entstehen. 
Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen, Fragen oder Gastvorschlägen an ⁠[email protected]⁠. 

The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)
Episode: EP 81: Root of Trust: Why Security Now Starts in Silicon
Pub date: 2026-02-17

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Rising software complexity in safety-critical industries is forcing cybersecurity requirements on systems previously not thought about before.  David Sequino, CEO of OmniTrust (formerly ISS), talks about the need to secure digital certificates on life critical systems like cars and planes and the challenges in doing so.

The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity Insider
Episode: Your OT Cybersecurity Strategy Is Failing: Here's Why
Pub date: 2026-02-17

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Dino and Craig reunite to tackle the shifts occuring in industrial cybersecurity in 2026.
They discuss how OT-focused IDS software companies are shifting away from managed services to partner with systems integrators who understand the plant floor.
The conversation explores the challenges manufacturers face—from aging infrastructure spanning decades to flat layer-2 networks that give remote vendors unrestricted access.
They emphasize that IT departments cannot effectively manage OT assets they don't own or understand, especially when dealing with equipment older than their cybersecurity staff.
The episode covers the pitfalls of penetration testing in live manufacturing environments, the reality of shadow IT versus shadow OT, and why EDR solutions struggle in control system environments.
Dino and Craig stress the importance of treating cybersecurity as a marathon rather than a sprint, starting with basic asset inventory and microsegmentation.
They call on manufacturing leaders to stop deferring to IT for OT security, attend industry-specific conferences like S4X26, and partner with systems integrators who have deep automation expertise.
With threats mounting, the time for action is now—not next quarter.
Chapters:
(00:00:00) - Welcome & What We've Been Up To
(00:00:48) - The Big Shift: Why OT IDS Companies Are Backing Away From Managed Services
(00:03:00) - The Shelfware Problem: When Security Tools Sit Unused
(00:04:12) - Why Pen Testing Can Be Disruptive (or Dangerous) in Manufacturing Environments
(00:05:54) - The Reality of Legacy Infrastructure: Equipment Older Than Your Cybersecurity Team
(00:07:43) - Who Can Actually Patch Your Control Systems?
(00:09:04) - Supply Chain Vulnerabilities: You're Only as Strong as Your Weakest Link
(00:11:01) - The Last Mile Challenge: Asset Inventory, Microsegmentation & Starting Small
(00:13:55) - The Shelfware to Tool-Switching Problem: Why Companies Are Reconsidering Their First Choice
(00:16:18) - Shadow IT vs. Shadow OT: Who Really Owns Plant Floor Security?
(00:19:00) - Why EDR Struggles in Control System Environments
(00:21:35) - Time to Step Up: Why Manufacturing Leaders Can't Defer to IT Anymore
(00:23:00) - Where to Learn: S4, Automation Fair, and Why You Need to Attend Industry Conferences
(00:25:00) - Finding the Right Partner: Systems Integrators Who Speak Automation and Cybersecurity
(00:27:00) - Final Thoughts: The Time for Action Is Now

Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.