Send us a text

While there are plenty to pick from, one of the biggest challenges for cybersecurity professionals in the industrial realm can be getting financial support. In manufacturing there are always a number of viable spending options, and working to make cybersecurity a priority can be tough, especially when enterprises are faced with initiatives seen as more fundamental to the core mission of getting finished product out the door.

However, a couple of recent reports could help connect the dots between production and security, and the need to fund both.

First, there’s Adaptiva’s State of Patch Management Report that found 75 percent of manufacturing companies have critical vulnerabilities with a CVSS score of 8 or higher, and 65 percent have at least one vulnerability listed in the CISA Known Exploited Vulnerabilities Catalog. So, hackers know about these weaknesses and they’re taking advantage of them.

And, according to Black Kite’s 2025 Manufacturing Report, 51 percent of those surveyed indicate that patching has become a bigger challenge than intrusion detection, and more than 75 percent indicate that both IT and security must approve patches before deployment.

Reading between the lines – patching takes too long and is too complicated, so the vulnerabilities persist and the hackers keep winning.

Watch/listen as we discuss these and other topics with Chaz Spahn, the Director of Product Management at Adaptiva.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

When talking to the experts and leading authorities that have participated in the 140+ episodes of Security Breach, there’s always a slight pause when directing their attention specifically to the industrial sector. That’s because, well, we’re special.

There’s the unique juxtaposition of old and bleeding edge technology.

There’s the influx of greater connectivity combatting the struggles to identify and secure the growing number of endpoints.

And there are the ongoing battles related to secure-by-design responsibilities, cloud networks and the ever popular building and breaking down of IT/OT silos.

The good news is that we’re getting better. Better at identifying the problems and better at elevating solutions from some of the sharpest minds in the sector. And we’re fortunate to be able share these insights from an incredible collective on today’s episode.

Watch/listen as Max Clausen, senior VP of Network Connectivity at Zayo, John Carse, Field CISO at SquareX, Sophos’ Chester Wisniewski and ExtraHop’s Chad Lemaire tackle topics that include:

• Visibility
• Secure-by-Design
• Artificial Intelligence
• IT/OT Silos
• Patching
• LOTL and Phishing Attacks
• Non-standard OT Architecture

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

I know that we’re constantly talking about artificial intelligence - the best ways to use it, the ways hackers are using it, and the overall good, bad and ugly of implementing AI into your security infrastructure.

But what if we took a little different route.

In this episode we're going to explore how AI can help make your people better at managing cybersecurity. We know there’s a huge talent pool shortage, and the challenges of keeping employees vigilant against repeated attacks continues to grow.

So, watch/listen as I explore these dynamics, well as many others, with Grant Oviatt - Head of Security Operations for Prophet Security – a company that recently unveiled their State of AI in SecOps 2025 research report. A lot of the data from the report was rather shocking, especially when the survey repeatedly uncovered how many SOCs, inundated with constant intrusion alerts, have experienced numerous breaches simply because the volume of critical alert notifications has made them easier to ignore.

It was a great conversation, with numerous takeaways, including:

• Why 60 percent of security teams have experienced critical breaches stemming from overlooked alerts.
• How security leaders anticipate AI solutions handling more tasks within the SOC over the next 3 years.
• Reasons for 57 percent of organizations deliberately suppressing detection rules and accepting higher risks to keep operations moving.
• How hackers are using AI beyond just phishing campaigns to get access to critical assets and networks.
• How the industrial sector can better implement AI without yielding to internal pressures.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Discussing the ever-expanding threat landscape is something we do a lot on Security Breach, but this episode is dedicated exclusively to topics like zero-day vulnerabilities, nation-state threats, phishing schemes, ransomware, and of course, the role artificial intelligence continues to play in making the good guys smarter and the bad guys tougher to pin down.

But we’re not doing to dwell on the doom and gloom, we’ll also touch on the growing number of solutions and strategies that can help ensure your OT environment is as secure as possible.

To help guide us on this journey, we’ll first hear from Chad LeMaire at ExtraHop, followed by Chester (Chet) Wisniewski at Sophos. Watch/listen as we discuss:

• Llegacy and human-based vulnerabilities.
• Ransomware.
• Deepfakes.
• Patch management.
• Supply chain defenses.
• Social engineering ploys.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

As loyal listeners of this podcast know, I’m a big believer in paying close attention to the little things, the blocking and tackling, the basics, the fundamentals. All those elementary elements that comprise the building blocks of stronger cybersecurity plans and successful defensive strategies.

Spoiler alert – that comes through again … and again in this episode, but what makes it worth your time is how my guest, Jesper Sønderby Andersen, the Global Head of Customer Success at Secomea, goes beyond just discussing how all these little things can both kill and cure you cyber defenses, but how they all should fit together.

If you’ll allow me to channel a childhood hero, Hannibal Smith from TV’s The A-Team, it’s not just about the plan, but how it comes together. Listen as Jesper and I discuss:

• How football coach Bill Belichick influenced his cybersecurity philosophy.
• The growing importance of breaking down silos in establishing accountability for remote access management.
• Why IT approaches do not work in OT.
• The similar and unique challenges of managing remote access with employees and vendors.
• Why proper segmentation strategies are vital, but must start with asset visibility and a true understanding of your crown jewels.
• How attacks are continuing to increase due to the "little stuff" that goes unprotected, and why AI will help escalate the severity and success of these hacks.
• Why Jesper believes larger attacks will be felt from supply chain vulnerabilities.
• Reinforcing the competitive advantages of investing in cybersecurity.
• The importance of being a tool and technology enabler to improve security.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

As all of you know, there are no silver bullets when it comes to cybersecurity success in the industrial sector. Every enterprise has its own unique characteristics, each plant floor its different connectivity elements, and each business is comprised of diverse human dynamics that fuel its culture.

However, regardless of the environment, there continues to be a handful of best practices that can be universally applied. As I journey across the cybersecurity realm, one of these reoccurring themes is avoiding that urge to “eat the elephant” or “drink the ocean” when implementing cybersecurity strategies.

Rather, the thought process is to set priorities and check things off as you go. Our guest for this episode mentioned this numerous times, whether it comes to responding to an increasingly complex collection of threat actors, or tackling the right uses of artificial intelligence.

Watch/listen as we discuss a number of topics with Casey Ellis, Founder and Chief Strategy Officer of BugCrowd, including:

• The very real threat of IABs (initial access brokers) and state-sponsored hackers.
• How his organization works to reinforce why it's cool to be a White Hat.
• How thinking like a criminal helps improve defenses through penetration testing and other exercises.
• Developing strategies that prioritize resilience over perfection.
• Integrating new technologies with patching in mind.
• Using AI to develop faster response times and focusing on "which part of the elephant to eat first," instead of doing "stupid stuff" because of the pressure to implement it.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

We’ve heard it before – hacker tactics are not changing, but the hackers are getting a lot smarter in how they deploy their time-tested attacks.

Additionally, honing in on the human element of cybersecurity is nothing new. We’ve spoken with numerous guests about getting buy-in, improving training, and how creating a cyber-receptive culture is key in getting any cybersecurity plan to stick.

But Dave Taku, Head of Product Management and User Experience at RSA, and our guest for this episode, offers some unique takes on how these two key variables are intersecting to create new challenges in industrial cybersecurity. He also discusses recent findings found in RSA's ID IQ Research report. Watch/listen as we discuss:

• How attacks are focusing more on humans than networks or systems.
• Evolving hacking strategies like prompt bombing that's focused on stealing credentials or bypassing logins.
• The role AI can play in establishing ways to improve employee training and address the biggest threat to OT security - people.
• Ways to manage remote access without sacrificing identity security best practices.
• Strategies that make zero trust and other identity security tools more user-friendly.
• How AI is helping manufacturers establish priorities in achieving asset visibility.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.

Send us a text

Who are you?

This episode dives into one of the most challenging cybersecurity topics currently on the docket – identity management.

My conversation with Brandon Traffanstedt, Sr. Director and Global Technology Officer at CyberArk, took us in two equally important directions. The first deals with individuals and how to properly manage those accessing your systems and networks. The second, equally as challenging, but potentially more complex, focused on machine or asset identities and understanding how to keep this sprawling attack landscape more secure.

Perhaps most interestingly, Brandon also offers some insight on cookies-based attacks and how, like so many cybersecurity challenges, the answers doesn’t lie in the tech stack.

Watch/listen as we also discuss:

• Solving identify management strategies by finding baseline controls.
• The unique dynamics of manufacturing when it comes to risk analysis and establishing these baselines.
• The role of asset visibility when it comes to identity management strategies.
• How to prevent those age-old turf battles between IT and OT.
• Why machine identities might pose the greatest cybersecurity risk.
• The importance of empathy in getting people to buy in to cybersecurity strategies and training.

As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts.
Click Here to Become a Sponsor.

Listen on: Apple Podcasts Spotify

To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast.

If you have a cybersecurity story or topic that you’d like to have us explore on Security Breach, you can reach me at jeff@ien.com.