Shiny tools don’t break attackers in basic mistakes.

In Episode 92 of Protect It All, host Aaron Crow sits down with Corey LeBleu, founder of Relix Security and seasoned penetration tester, for a candid look at what actually causes organizations to get compromised and why fundamentals still matter more than the latest security trends.

Drawing from years of red-team and penetration-testing experience, Corey shares real stories from the field: forgotten printers, unmanaged IoT devices, legacy systems no one owns anymore, and misconfigurations hiding in plain sight. Together, Aaron and Corey unpack why asset visibility, patching, and change management continue to be the weakest links - even as AI and automation enter the security conversation.

You’ll learn:

• Why old printers, IoT devices, and “temporary” systems are prime attack paths
• What most organizations misunderstand about pen testing and red teaming
• How poor asset inventory and change management undermine security programs
• The real risks behind shadow IT and unmanaged tools
• Where AI helps in pen testing and where experience still wins
• Why mastering the basics beats chasing new security gadgets every time
  
  

Whether you’re a security professional, IT leader, or someone looking to break into cybersecurity, this episode delivers practical, no-nonsense lessons from the front lines - focused on what actually reduces risk.

Tune in to hear why cybersecurity success still starts with the fundamentals - only on Protect It All.

Key Moments:

03:57 Critical Infrastructure: Finding Vulnerabilities

06:44 "Cyber Risks from Hidden Devices"

11:25 Cybersecurity: Focus on Basics

16:09 Complex Systems Demand Continuous Testing

18:17 Understanding Complex System Security

22:54 "Testing: External vs. Internal"

24:12 Enterprise Challenges with AI Integration

27:40 AI Lowers Barriers for Hacking

About the guest :

Corey LeBleu has built a career around application security testing, becoming deeply involved in integrating vulnerability assessments throughout the software testing lifecycle. Noticing shifts in industry practices, Corey observed major international financial institutions moving to routinely pentest every application- even legacy IBM systems - leading the way in robust cybersecurity practices. In contrast, Corey also highlights the challenges faced by manufacturing, where operational technology often suffers from outdated, vulnerable systems. Corey’s experience showcases the evolving landscape of application security, emphasizing the need for continuous testing and vigilance across diverse industries.

How to connect Corey :
https://www.linkedin.com/in/coreylebleu/

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: info@protectitall.co
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

Remote access transformed overnight - and OT environments are still feeling the impact.

In this episode of Protect It All, host Aaron Crow is joined by Steve Rutherford, VP of Sales at Hyperport and former military officer, for a candid conversation on how secure remote access in operational technology (OT) has evolved - and where it’s heading next.

They unpack how COVID accelerated remote connectivity across critical infrastructure, why many traditional IT security tools fall short in OT environments, and what protection really looks like when safety, reliability, and uptime are non-negotiable. Drawing from military discipline and frontline OT experience, Steve shares a grounded perspective on managing risk in environments where failure has physical-world consequences.

You’ll learn:

• How COVID permanently changed OT remote access expectations
• Why IT-first security approaches don’t translate well to OT
• The role of layered access controls and policy-driven permissions
• How dynamic access and trust scoring are reshaping OT security
• Where IT/OT convergence helps - and where it creates new risk
• What leaders must prioritize to balance access, safety, and resilience
  
  

If you’re responsible for enabling remote access while protecting critical operations, this episode delivers real-world insight, practical guidance, and a forward-looking view of OT cybersecurity.

Tune in to understand what secure OT access really requires in today’s threat landscape- only on Protect It All.

Key Moments:

00:00 Securing Critical Infrastructure Access

03:59 "OT Mindset: Defense and Offense"

07:26 "Remote Access Challenges in Operations"

11:45 "Challenges in OT-IT Integration"

16:07 Authority Must Match Responsibility

18:23 Simplifying OT Authentication Challenges

21:53 "Dynamic Trust Scoring with AI"

24:05 "Access Control and Segmentation"

28:57 "Secure Access Without Overreach"

33:12 "Left of Boom Awareness"

35:56 OT Security and Local Control

39:35 "Driving Early Adoption Awareness"

41:54 "Proactive Support for Critical Infrastructure"

45:52 "Remote Work Enhances Team Efficiency"

47:17 "Exciting Tech for Cybersecurity"

About the guest :
Steve Rutherford is a former U.S. Army officer and aviator who transitioned his mission-driven mindset from military service to protecting critical infrastructure through operational technology (OT) security. After exploring multiple industries, Steve found a natural alignment between military operations and OT environments - where safety, reliability, and uptime are non-negotiable. Today, he works in secure user access for OT, helping organizations protect the systems that power modern life.

How to connect steve :

Website : https://hyperport.io/

Linkedin: https://www.linkedin.com/in/steverutherford1/

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: info@protectitall.co
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall

Remote access is no longer optional in OT - but unmanaged connectivity is one of the fastest ways to lose control of critical systems.

In this episode of Protect It All, host Aaron Crow breaks down the real challenges of securing connectivity across IT and OT environments. As vendors, technicians, and support teams increasingly rely on remote access, many organizations struggle with poor visibility, legacy systems, and unclear network boundaries - creating unnecessary risk.

Aaron walks through newly released secure connectivity guidance from CISA and the UK National Cyber Security Centre, translating an eight-point framework into practical, real-world steps that security and operations teams can actually implement.

You’ll learn:

• Why remote access is one of the biggest OT risk multipliers
• How poor visibility creates blind spots attackers love
• Why asset inventory and documentation are foundational - not optional
• How segmentation and least-privilege design shrink the attack surface
• What compliance frameworks get right - and what they don’t
• Best practices for vendor access, MFA, session recording, and monitoring
• How to design secure connectivity without breaking operations
  
  

Whether you’re responsible for OT security, managing vendors, or bridging IT and OT teams, this episode delivers actionable guidance to help you regain control of connectivity and protect critical infrastructure.

Tune in to learn how to secure access without sacrificing operations - only on Protect It All.

Key Moments:

01:11 "Secure Connectivity in OT"

05:10 "Reducing Attack Surface Through Access Limits"

10:02 "Control System Upgrade Failure Impact"

12:00 Beyond Passwords: Strengthening Security

17:16 "Strengthening Cybersecurity Basics"

18:26 "Balancing Compliance and Security"

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: info@protectitall.co
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at info@protectitall.co

Please leave us a review on Apple/Spotify Podcasts:

Apple - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4