エピソード

  • Dan Ricci on Four Years of the ICS Advisory Project

    Dan Ricci on Four Years of the ICS Advisory Project
    2026/03/10
    Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)
    Episode: Dan Ricci on Four Years of the ICS Advisory Project
    Pub date: 2026-03-08

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    Industrial cybersecurity expert Dan Ricci, the founder and maintainer of the ICS Advisory Project, joins the Nexus Podcast to discuss the evolution of the industry's premier ICS and OT security advisory repository as it turns 4 years old.

    Dan talks about the impact of the project on OT security teams, the dashboards he's created to better parse the volume of data on the site, and unique use cases that asset owners and operators have for this critical information.

    Subscribe and listen to the Nexus Podcast here.



    The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    続きを読む 一部表示
    29 分
  • EP 82: Kerberos in OT: RC4 Downgrade Attacks

    EP 82: Kerberos in OT: RC4 Downgrade Attacks
    2026/03/09
    Podcast: Error Code (LS 27 · TOP 10% what is this?)
    Episode: EP 82: Kerberos in OT: RC4 Downgrade Attacks
    Pub date: 2026-03-04

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    Kerberos, a decades-old authentication protocol, creates hidden risks in OT environments. Dor Segal, security researcher team lead at Silverfort, discusses delegation abuse, cipher downgrade attacks, and person-in-the-middle threats—highlighting why legacy encryption, patching challenges, and operational constraints make identity security critical in industrial networks.



    The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    続きを読む 一部表示
    27 分
  • The Blind Spots Putting Manufacturers at Risk: WEF 2026 Global Cybersecurity Outlook

    The Blind Spots Putting Manufacturers at Risk: WEF 2026 Global Cybersecurity Outlook
    2026/03/08
    Podcast: Industrial Cybersecurity InsiderEpisode: The Blind Spots Putting Manufacturers at Risk: WEF 2026 Global Cybersecurity OutlookPub date: 2026-03-03Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationLuRae Lumpkin, Producer of Industrial Cybersecurity Insider, sits down with industrial cybersecurity expert Dino Busalachi to break down the 2026 World Economic Forum Global Cybersecurity Outlook Report and what it really means for manufacturers. While the report surveyed nearly a thousand CEOs, CIOs, and CISOs, Dino reveals a critical blind spot: industrial control systems and OT environments are being left dangerously exposed. They discuss how AI is becoming a double-edged sword for attackers and defenders, why supply chain vulnerabilities remain unaddressed, the shocking lack of cybersecurity skills on plant floors, and why most companies still aren't conducting incident response exercises. Dino shares real-world insights from working in nearly 2,000 plants over four decades, explaining why IT and OT remain disconnected, how remote access creates massive security gaps, and why outdated equipment with decades-old vulnerabilities sits unpatched in critical manufacturing environments. The conversation reveals that while enterprises focus on IT security, the plant floor—where revenue is actually generated—remains critically vulnerable, with potentially catastrophic consequences for businesses, supply chains, and even national GDP. Chapters: (00:00:00) - Introduction and Overview of WEF 2026 Cybersecurity Report (00:01:00) - Where Cybersecurity Funding Actually Goes: IT vs OT Reality (00:03:00) - The Myth of Disconnected Legacy Equipment (00:05:00) - AI as a Double-Edged Sword in Industrial Environments (00:08:00) - The Vulnerability Crisis: Thousands of Unpatched Systems (00:09:00) - Third-Party and Supply Chain Security Gaps (00:12:00) - Remote Access: The Hidden Attack Vector (00:14:00) - Critical Supplier Dependencies and Decentralized OT (00:15:00) - The Skills Gap: Why Industrial Cybersecurity Expertise is Scarce (00:19:00) - The Shocking Truth About Incident Response Exercises (00:22:00) - Real-World Impact: When Manufacturers Get Hit (00:24:00) - Getting All Stakeholders in the Same Room (00:28:00) - Insurance vs Prevention: The True Cost of Cyber Incidents (00:29:00) - Final Thoughts: Who Should Own OT Cybersecurity? Links And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    続きを読む 一部表示
    32 分
  • NIS-2 kompakt: Was für Unternehmen zählt | OT Security Made Simple

    NIS-2 kompakt: Was für Unternehmen zählt | OT Security Made Simple
    2026/03/07
    Podcast: OT Security Made Simple
    Episode: NIS-2 kompakt: Was für Unternehmen zählt | OT Security Made Simple
    Pub date: 2026-03-03

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    Klaus Mochalski und Rechtsanwalt sowie Partner Thomas Schmeding (BBH Consulting) klären die wichtigsten Fragen zu NIS-2: Wer ist durch die neuen Schwellenwerte betroffen? Welche Haftungsrisiken kommen auf die Geschäftsleitung zu und wie gelingt die Umsetzung? Ein Pflicht-Update zur Cybersicherheit.

    Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen, Fragen oder Gastvorschlägen an podcast@rhebo.com.




    The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    続きを読む 一部表示
    27 分
  • IT SOC vs OT SOC How & Why They’re Different

    IT SOC vs OT SOC How & Why They’re Different
    2026/03/06
    Podcast: Industrial Cybersecurity InsiderEpisode: IT SOC vs OT SOC How & Why They’re DifferentPub date: 2026-02-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationCraig and Dino tackle the critical differences between IT and OT Security Operations Centers, revealing why traditional IT-centric SOCs are failing to protect manufacturing environments.Drawing from real-world examples, including a global beverage company that discovered they were only monitoring one-third of their OT assets, the hosts expose the fundamental disconnect between IT security teams and operational technology environments.They discuss why IT SOCs struggle with OT visibility, the challenges of asset inventory in dynamic manufacturing environments, and the critical importance of localization in security operations.The conversation covers practical barriers like line changeovers, PLC modifications, remote access vulnerabilities, and the need for OT-specific incident response protocols.Craig and Dino emphasize that effective OT security requires IT teams to become embedded in plant operations, working collaboratively with OEMs and system integrators, and understanding the unique operational context of manufacturing assets.This episode is essential listening for CISOs, plant managers, and security professionals trying to bridge the IT-OT security gap.Chapters:(00:00:00) - The Two-Thirds Problem: When Your SOC Can't See Your Plant Floor(00:01:00) - The OT SOC Asset Visibility Problem: A Case Study(00:03:00) - Why IT SOCs Can't Manage OT Assets(00:05:00) - Line Changeovers and Operational Context(00:07:00) - First Responders and Incident Response Challenges(00:10:00) - The WannaCry Response Gap(00:12:00) - Asset Inventory and Baseline Challenges(00:15:00) - Incident Response and Phone Trees(00:17:00) - Organizational Accountability Problems(00:19:00) - Greenfield Opportunities and Standardization(00:22:00) - The IT-OT Collaboration Challenge(00:24:00) - Think Global, Act Local: Embedding IT in PlantsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    続きを読む 一部表示
    26 分
  • Safe AI Automation for Cybersecurity: Practical Workflows Without the Risk

    Safe AI Automation for Cybersecurity: Practical Workflows Without the Risk
    2026/03/05
    Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)
    Episode: Safe AI Automation for Cybersecurity: Practical Workflows Without the Risk
    Pub date: 2026-03-02

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    AI can accelerate cybersecurity - or accidentally expose it.

    In this solo episode of Protect It All, host Aaron Crow breaks down how cybersecurity professionals can safely integrate AI into their IT and OT workflows. As tools like ChatGPT, Copilot, and enterprise AI platforms become part of daily operations, the question isn’t whether to use AI - it’s how to use it responsibly.

    Aaron moves beyond buzzwords to focus on practical, everyday applications: automating reports, summarizing threat intelligence, drafting policies, enhancing documentation, and streamlining repetitive tasks. At the same time, he tackles the real concerns leaders face - data privacy, compliance, policy alignment, and shadow AI risks.

    You’ll learn:

    • Where AI delivers immediate value in cybersecurity workflows
    • How to automate without exposing proprietary or regulated data
    • The difference between enterprise AI tools and public platforms
    • How to align AI usage with corporate security policies
    • Practical ways CISOs and analysts can boost productivity safely
    • Why governance and awareness matter as much as innovation

    Whether you’re leading a security program or working hands-on in IT or OT environments, this episode delivers actionable strategies to use AI smarter—not riskier.

    Tune in to learn how to automate with confidence and stay ahead of the curve—only on Protect It All.

    Connect With Aaron Crow:

    • Website: www.corvosec.com
    • LinkedIn: https://www.linkedin.com/in/aaronccrow

    Learn more about PrOTect IT All:

    • Email: info@protectitall.co
    • Website: https://protectitall.co/
    • X: https://twitter.com/protectitall
    • YouTube: https://www.youtube.com/@PrOTectITAll
    • FaceBook: https://facebook.com/protectitallpodcast

    To be a guest or suggest a guest/episode, please email us at info@protectitall.co

    Please leave us a review on Apple/Spotify Podcasts:

    Apple - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

    Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4



    The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    続きを読む 一部表示
    16 分
  • 4/4 Desenlace de Orquestando de la seguridad OT

    4/4 Desenlace de Orquestando de la seguridad OT
    2026/03/04
    Podcast: Casos de Ciberseguridad Industrial
    Episode: 4/4 Desenlace de Orquestando de la seguridad OT
    Pub date: 2026-03-02

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    En este episodio se exploran las capacidades futuras que necesitarán los responsables de ciberseguridad OT para orquestar y no solo reaccionar. Analiza cómo convertir NIS2 e IEC 62443 en motores de madurez y no en una carga. Propone el primer paso realista para avanzar hacia la orquestación de la seguridad OT.

    The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    続きを読む 一部表示
    11 分
  • OT Security/business resilience, lack of incentives for securing software & the news - Ben Worthy - ESW #448

    OT Security/business resilience, lack of incentives for securing software & the news - Ben Worthy - ESW #448
    2026/03/04
    Podcast: Security Weekly Podcast Network (Audio) (LS 47 · TOP 1% what is this?)Episode: OT Security/business resilience, lack of incentives for securing software & the news - Ben Worthy - ESW #448Pub date: 2026-03-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationInterview - Ben Worthy from Airbus Protect The current state of OT security and business resilience In this episode of Enterprise Security Weekly, we sit down with Ben Worthy, OT Security Specialist at Airbus Protect, to explore the evolving landscape of business resilience in safety-critical sectors. With over 25 years of experience across aerospace, nuclear, water, oil & gas, and other industries, Ben shares insights on how organizations are adapting to the surge in disruptive cyberattacks—from ransomware targeting operational technology to GPS spoofing and supply chain incidents. We discuss major cases including the Boeing/LockBit ransom demand, the Jaguar Land Rover production shutdown, and the SITA passenger data breach, examining how aviation and other critical infrastructure sectors are separating safety risk from business continuity risk. Ben also breaks down the regulatory changes reshaping the industry, including EASA's October 2025 and February 2026 deadlines that tie cyber assurance directly to safety oversight, and what ENISA's latest numbers reveal about hacktivism and ransomware trends. Whether you're in aviation, nuclear, or any safety-critical sector, this conversation offers practical lessons on building resilience that keeps operations moving while addressing threats in real time. This segment is sponsored by Airbus Protect. Visit https://securityweekly.com/airbusprotect to learn more about them! Topic: Where are the business incentives to build secure products and software? "It's the right thing to do," so of course businesses will make their products secure, right? Well, it turns out that breaches and vulnerabilities don't traditionally hurt financial performance all that much. Stocks recover, insurance covers the bulks of the losses, fines are paid, and lawsuits are settled. Most businesses can comfortably absorb the impact, so the threat of reputational harm or financial losses just aren't slowing them down. In the case of Ivanti, where the reputational harm was extreme, the company's companies continue to get hacked as critical vulnerabilities keep getting discovered in their products. https://www.bloomberg.com/news/features/2026-02-19/vpn-used-by-us-government-failed-to-stop-china-state-sponsored-hackers In this topic segment, we don't aim to provide solutions to this problem, just the awareness that ethics, doing the right thing, and even signing the Secure by Design pledge don't seem to be enough to change vendor behavior when it comes to securing products. The Weekly Enterprise Security News Finally, in the enterprise security news, RSA Innovation Sandbox hot takesDid AI solve cyber?fundings and acquisitionsa free app to warn you about smart glassesdeep thoughts about OpenClawreplacing US tech with EU equivalents is hardshould you turn off dependabot?accidentally taking over 7000 robot vacuumsthe director of AI Safety at Meta loses her email somehowshould you go back to using a blackberry? All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-448The podcast and artwork embedded on this page are from Security Weekly Productions, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    続きを読む 一部表示
    1 時間 54 分