Prevention tools are essential, but have their limits; no one can prevent every breach. Readiness determines how quickly and effectively you regain control once it happens.

Tabletop exercises, crisis playbooks, and decision-making drills are the true differentiators.

Nachshon Pincu hosts Mark Korman, Chief Legal and Strategy Officer at Critical-Impact, an incident response company, in a conversation about cyber crisis

Investing in Readiness, Not Just Prevention

The Paradox: Tech Is Better, Attacks Are Worse, and the AI game changer for good and for bad

Data Leaks and Privacy with the 13th Amendment and more

In this episode, Craig and Dino tackle IT/OT convergence, operational technology security, and manufacturing cybersecurity challenges head-on.

They challenge the notion of OT being a "shadow IT group" and explore the fundamental differences between IT and OT operations in industrial environments.

The discussion emphasizes that OT focuses on safety and physical outcomes, while IT prioritizes data security.

They stress the importance of collaboration between IT and OT teams, highlighting how system integrators, OEMs, and plant operators must work together to improve cybersecurity posture.

The conversation covers practical issues like Overall Equipment Effectiveness (OEE), incident response, and the need for proper funding and governance.

Both advocate for CISOs and CIOs to actively engage with OT teams and system integrators, visit manufacturing facilities, and understand the unique challenges of industrial control systems to achieve true convergence and protect manufacturing plants and critical infrastructure.

Chapters:

• 00:00:00 - Opening Shot: Who’s Really in Charge—CIOs or the Plant Floor?
• 00:00:57 - Collision Course: IT and OT Can’t Keep Dodging Each Other
• 00:01:52 - Two Worlds, One Mission: Why OT Isn’t Just “IT in a Hard Hat”
• 00:04:07 - When Convergence Fails: What’s Missing in the Middle
• 00:05:54 - Breaking Silos: Why Cybersecurity Demands True Collaboration
• 00:08:22 - Real Talk: What Cyber Protection Looks Like on the Plant Floor
• 00:10:46 - OT’s Tipping Point: Will the Next Move Come from IT, or the Shop Floor?
• 00:17:32 - Your Move: What Leaders Must Do Next (Before It’s Too Late)

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

At Black Hat USA 2025, Noam Moshe from Claroty’s Team 82 revealed several vulnerabilities in Axis Communications’ IP camera systems, including a deserialization flaw that could let attackers run remote code. The team worked with Axis to patch the issues. Moshe says that this case highlights the broader security risks still common in the billions of common IoT devices in the world today.

In this episode of Protect It All, host Aaron Crow takes a hard look at one of the biggest blind spots in OT cybersecurity: legacy Windows environments still running inside plants, refineries, and utilities. From Windows XP to Windows 10’s upcoming end of support, Aaron breaks down why these systems persist, the true cost of “doing nothing,” and the high-stakes trade-offs between replacement, isolation, and risk mitigation.

You’ll discover:

• Why outdated Windows systems remain critical yet dangerously exposed.
  
  
• The myths of “true air gaps” and why they don’t protect you anymore.
  
  
• Practical isolation tactics, segmentation, strict access control, and monitoring.
  
  
• How to manage asset visibility, vendor dependencies, and downtime risks.
  
  

Whether you’re a cybersecurity leader, plant manager, or operations engineer, this episode is your roadmap to making smarter, safer decisions about legacy systems before they cause costly disruptions.

Tune in to learn how to balance operations, cost, and security and protect your OT world from old-system vulnerabilities.

Key Moments:

01:22 "End-of-Life Systems in OT"

04:15 Upgrading Systems in Regulated Industries

07:35 Reducing Risk with Network Segmentation

12:02 "Firewall Rules and System Security"

15:52 Understanding Risks in End-of-Life Systems

18:54 Securing Legacy Systems Effectively

Connect With Aaron Crow:

• Website: www.corvosec.com
• LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

• Email: info@protectitall.co
• Website: https://protectitall.co/
• X: https://twitter.com/protectitall
• YouTube: https://www.youtube.com/@PrOTectITAll
• FaceBook: https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at info@protectitall.co

Please leave us a review on Apple/Spotify Podcasts:

Apple - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

The industrial threat landscape never stands still — and neither can defenders. In this episode of Simply ICS Cyber, Don and Tom sit down with Joe Slowik, a globally recognized expert in cyber threat intelligence (CTI), detection engineering, and incident response for ICS, OT, and critical infrastructure environments.

With over 15 years of experience spanning offensive operations, threat research, and leadership roles in both government and private sectors, Joe brings an unparalleled perspective on how adversaries target industrial systems — and how defenders can stay ahead.

Listeners will hear how Joe’s work connects cutting-edge artificial intelligence and detection development with the real-world challenges of protecting operational environments. His insights reveal where the next evolution of ICS threat intelligence is headed — and what teams should focus on now to stay resilient.

⚙️ Tune in to learn how threat intelligence is evolving across industrial control systems and what it takes to keep pace in a rapidly changing landscape.

Connect with Joe on LinkedIn: Joe Slowik
https://www.linkedin.com/in/joe-slowik

👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.

Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman

Learn about ICS Village: https://www.linkedin.com/company/icsvillage
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials

Peter Lukesch, CEO des OT-Clientmanagement-Entwicklers ondeso, erklärt, wie in der OT passive Angriffserkennung und aktives Client Management sinnvoll zusammengeführt werden können. Er erörtert, wie die Handlungsfähigkeit der Verantwortlichen gesteigert, der Zeitaufwand reduziert und zugleich die Verfügbarkeit der sensiblen industriellen Prozesse geschützt werden.

Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen & Fragen an ⁠podcast@rhebo.com⁠.