Kerberos, a decades-old authentication protocol, creates hidden risks in OT environments. Dor Segal, security researcher team lead at Silverfort, discusses delegation abuse, cipher downgrade attacks, and person-in-the-middle threats—highlighting why legacy encryption, patching challenges, and operational constraints make identity security critical in industrial networks.

Rising software complexity in safety-critical industries is forcing cybersecurity requirements on systems previously not thought about before. David Sequino, CEO of OmniTrust (formerly ISS), talks about the need to secure digital certificates on life critical systems like cars and planes and the challenges in doing so.

Many devices on modern networks aren’t what their labels claim. This episode, Rob King, Director of Applied Security Research at runZero, explores white-labeled surveillance and IoT hardware, why some vendors are banned by governments, and how hidden risks can spread across enterprises. Discovery, device fingerprinting, and protocol analysis reveal what’s really connected—and why knowing your true inventory is now essential for security, compliance, and trust.

The growing importance of OT security, highlighting overlooked risks in critical infrastructure, legacy systems, and supply chains. Through real-world examples, Eric Durr, Chief Product Officer at Tenable, shows why OT security differs from IT, emphasizing visibility, resilience, and risk prioritization to protect safety, operations, and business continuity.

At Black Hat USA 2025, Dan Berte, IoT Director at Bitdefender, discusses the successes and failures of ride-sharing autonomous vehicles in San Francisco, and how these lessons might help design better IoT integrations of cities and AVs in the future.

Do you really know what’s on your network? A lot of OT devices are white labeled, meaning they have a brand name but under the hood they’re made by someone else. Sean Tufts, Field CTO for Claroty, explains how his team is using AI to sift through all the available data and build a cyber physical library that starts to add specificity to remediation operations, and improve cyber physical security overall

Diversity in healthcare devices complicates segmentation, security controls, and zero-trust approaches. New certifications aim to help. Bob Lyle, CRO of Medcrypt, identifies how layered defenses, rigorous cybersecurity requirements for new devices, continuous monitoring, and dark-web credential surveillance can reduce risk.

At Black Hat USA 2025, Dan Berte, IoT Director at BitDefender, revisits his talk last year about hacking solar panels in light of the blackout in Spain and Portugal. While the Iberian Peninsula blackout wasn’t an attack, it shows how sensitive these systems are when mixing old and new technologies, and how living off the land attacks might someday take advantage of that.