Greg Garcia, Executive Director of the Health Sector Coordinating Council Cybersecurity Working Group, joins the Nexus Podcast to discuss the recent publication of the working group’s Sector Mapping and Risk Toolkit.

The SMART toolkit is a methodology that helps healthcare providers visualize key services that support workflows in the industry and is also used to measure risk appropriately for each of those services.

Listen and subscribe to the Nexus Podcast.

Get the SMART Toolkit here.

As OT environments face rising geopolitical tensions, ransomware threats, and aging infrastructure, vulnerability management has never been more complex. In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Stuxnet expert Ralph Langner, Founder and CEO of Langner, Inc.

Ralph shares from his decades of firsthand experience defending industrial control systems and explains why traditional CVE-focused vulnerability management falls short in OT. He breaks down the three major categories of OT vulnerabilities—design flaws, feature abuse, and configuration errors—and reveals why competent attackers often ignore CVEs entirely. Joe highlights how memory-based vulnerabilities continue to threaten critical systems and why eliminating entire vulnerability classes can create an asymmetric advantage for defenders.

Together, Ralph and Joe explore:

• Why most OT equipment remains insecure by design and why replacement will take decades
• How features, not bugs, often become the real attack vector
• The growing role of ransomware and IT-side weaknesses in OT compromises
• Practical steps OT defenders can take today to incrementally improve resilience
• The value of class-level protections, better architectures, and secure development processes

Whether you secure energy infrastructure, manufacturing systems, or mixed IT/OT networks, this episode delivers experience-driven guidance for strengthening cyber-physical resilience.

In this episode of ICS Arabia, we sit down with Mike Holcomb, Mike breaks down what Remote Mode really means for PLC security and explains why monitoring PLC mode changes is one of the most overlooked—but critical—aspects of protecting industrial systems.