Épisodes

  • Policy Pulse: Regulatory Roundtable - NERC CIP, Cybersecurity Strategy, AI & Electric Sector

    Policy Pulse: Regulatory Roundtable - NERC CIP, Cybersecurity Strategy, AI & Electric Sector
    Feb 3 2026
    Podcast: Critical Assets Podcast
    Episode: Policy Pulse: Regulatory Roundtable - NERC CIP, Cybersecurity Strategy, AI & Electric Sector
    Pub date: 2026-02-01

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    Welcome to the Policy Pulse Panel, a new monthly series within the Critical Assets Podcast. Hosted by Patrick Miller (Ampyx Cyber), Earl Shockley (CEO, Inpowerd), and Joy Ditto (CEO, Joy Ditto Consulting), this recurring panel dives into the most significant policy shifts and regulatory developments impacting critical infrastructure, operational technology (OT), and industrial cybersecurity. Each month, we unpack emerging legislation, agency actions, and standards updates - connecting the dots between policy and the practical realities faced by asset owners, utilities, vendors, and government partners. If you're trying to stay ahead of your auditors and your legislators, this is your monthly must-listen.

    https://ampyxcyber.com/podcast/policy-pulse-regulatory-roundtable-nerc-cip-cybersecurity-strategy-ai-electric-sector



    The podcast and artwork embedded on this page are from Patrick Miller, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    Voir plus Voir moins
    1 h et 2 min
  • Medical Devices Exposed | 29

    Medical Devices Exposed | 29
    Feb 3 2026
    Podcast: ICS Arabia Podcast
    Episode: Medical Devices Exposed | 29
    Pub date: 2026-01-31

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    In this episode , I’m joined by Alessio Rosas, an OT cybersecurity expert from Italy, to dive deep into the world of medical devices and the potential risks they face when exposed to the internet.



    The podcast and artwork embedded on this page are from ICS ARABIA PODCAST, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    Voir plus Voir moins
    42 min
  • FAT/SAT for ICS/OT: Break Early, Build Secure | 70

    FAT/SAT for ICS/OT: Break Early, Build Secure | 70
    Feb 2 2026
    Podcast: ICS Arabia Podcast
    Episode: FAT/SAT for ICS/OT: Break Early, Build Secure | 70
    Pub date: 2026-01-31

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    We’re excited to host Dieter Sarrazyn , Industrial Security Advisor and Founder of Secudea — a specialist in SCADA/ICS/OT cybersecurity, IEC 62443, and FAT/SAT security validation.In this episode, we dive into:

    🔹 Dieter’s background and his journey in OT security

    🔹 FAT & SAT and why they matter for secure system delivery 🔹 How IEC 62443 fits across the project lifecycle

    🔹 Cybersecurity validation steps during FAT & SAT

    🔹 Common challenges and practical lessons from the field

    🔹 Best practices for vendors, integrators, and asset owners



    The podcast and artwork embedded on this page are from ICS ARABIA PODCAST, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    Voir plus Voir moins
    1 h et 11 min
  • A destructive cyberattack in Poland raises NATO 'red-line' questions

    A destructive cyberattack in Poland raises NATO 'red-line' questions
    Feb 1 2026
    Podcast: Three Buddy Problem (LS 39 · TOP 2% what is this?)Episode: A destructive cyberattack in Poland raises NATO 'red-line' questionsPub date: 2026-01-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarization(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 83: Poland's CERT documents a rare, explicit wiper attack on civilians in a NATO country, including detailed attribution of a Russian government op targeting the electric grid in the heart of winter. We examine why this crosses a long-avoided threshold, why attribution suddenly matters again, and what it says about pre-positioned access, vendor insecurity, and the shrinking gap between cyber operations and acts of war. Plus, another Fortinet fiasco, a new batch of Ivanti zero-days under attack, an emergency patch from Microsoft and the return of the mysterious KasperSekrets account. Cast: Juan Andres Guerrero-Saade, Ryan Naraine and Costin Raiu.Links:Transcript (unedited, AI-generated)Material Security (Use Cases)ESET DynoWiper update: Technical analysis and attributionPoland CERT on Russian wiper attacksPoland blames two Ukrainians allegedly working for Russia for railway blastBritain’s New Spy Chief Has a New MissionTwo New Ivanti 0days ExploitedMicrosoft ships emergency Office patch to thwart attacksAnalysis of Single Sign-On Abuse on FortiOSFortinet PSIRT: Administrative FortiCloud SSO authentication bypassDiverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088WhatsApp Strict Account SettingsChina Executes 11 People Linked to Cyberscam Centers in MyanmarSingapore to start caning for scammersGermany on hacking attacks: "We will strike back, including abroad"Acting CISA chief uploaded sensitive files into a public version of ChatGPTTLP BLACKLABScon 2026KasperSekretsThe podcast and artwork embedded on this page are from Security Conversations, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    Voir plus Voir moins
    2 h et 53 min
  • Embedded Industrial Security: The Network-Native Advantage

    Embedded Industrial Security: The Network-Native Advantage
    Jan 31 2026
    Podcast: SecurityWeek Podcast Series - Cybersecurity Insights
    Episode: Embedded Industrial Security: The Network-Native Advantage
    Pub date: 2026-01-29

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    Andrew McPhee, Industrial IoT Security Solution Manager at Cisco, joins the SecurityWeek podcast and dives into why traditional monitoring and SPAN-based approaches fail to deliver true visibility in industrial environments, and how network-native security embeds inspection, segmentation, and protection directly into the network. We discuss real-world implementation challenges, economic tradeoffs, and how to move from visibility to action without disrupting operations. (Want to continue the discussion? Contact Cisco.)


    Follow SecurityWeek on LinkedIn



    The podcast and artwork embedded on this page are from SecurityWeek, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    Voir plus Voir moins
    28 min
  • Ramy Nahum CEO & owner @Triple C veteran of Israeli IT infrastructure industry on BCP, recovery & backup

    Ramy Nahum CEO & owner @Triple C veteran of Israeli IT infrastructure industry on BCP, recovery & backup
    Jan 31 2026
    Podcast: ICS Cyber Talks Podcast
    Episode: Ramy Nahum CEO & owner @Triple C veteran of Israeli IT infrastructure industry on BCP, recovery & backup
    Pub date: 2026-01-30

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    נושא ההתאוששות מכשל מערכות ו/או אירוע סייבר דורש הכנה אפקטיבית שמתחילה בגיבוש תוכנית המשכיות עסקית (ביי.סיי.פיי) ותוכנית להתאוששות מאסון (דיי. אר. פיי) המגדירות תפקידים ושלבי פעולה ברורים בזמן אמת. נדבך מרכזי בהכנה הוא יישום מערך גיבויים אוטומטי ומבוזר (כולל גיבויים "קרים" המנותקים מהרשת הראשית) ובדיקת תקינותם באופן תקופתי. בנוסף, על הארגון לקיים תרגולים המדמים תרחישי קיצון בקנה מידה משמעותי

    ממפגשים עם ארגונים רבים נראה שיש חוסר הבנה על ההבדל בין דיי.אר וגיבוי, תרומה משמעותית לבלבול הזה מגיע מכיוון יצרני תוכנות הגיבוי והמעבר להתאוששות וגיבוי בענן. הפרק הזה הוא חובה לכול מנכ"ל, מנהל מערכות מידע ומנהל אבטחת מידע ונועד לעשות סדר במונחים והפעולות השונות

    נחשון פינקו מארח את רמי נחום המנכ"ל והבעלים של חברת טריפל סי מוותיקי התחום בישראל, בשיחה על התאוששות, גיבוי וכול מה שביניהם.

    מה ההבדל בין אתר התאוששות לבין מערכת גיבויים

    מתי מספיק גיבוי באמצעי איחסון אלקטרונים ומתי מומלץ להוסיף גם קלטות כגיבוי קר (מבחינתי תמיד!) למה נדרש לבצע תרגולים בקנה מידה גדול ולא רק ע"ג שרת או שניים ומספר קטן של משתמשים

    למה נדרש לבדוק גיבויים באופן שוטף ועוד



    The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    Voir plus Voir moins
    46 min
  • Opportunistic by Default: How OT gets pulled into the blast radius

    Opportunistic by Default: How OT gets pulled into the blast radius
    Jan 30 2026
    Podcast: Safe Mode Podcast (LS 25 · TOP 10% what is this?)
    Episode: Opportunistic by Default: How OT gets pulled into the blast radius
    Pub date: 2026-01-29

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    In this episode of Safe Mode, we look at how opportunistic campaigns—often starting as loud disruption like DDoS—can probe for weak points and, in some cases, move closer to operational technology and industrial control systems. Using a recent Justice Department case tied to pro‑Russia hacktivist groups as a jumping-off point, we discuss what this pattern says about the OT threat landscape in 2025, from remote access and trust boundaries to engineering workflows and data integrity risk. Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, joins to explain what defenders should prioritize now to keep “noise” from becoming real-world operational impact.

    The podcast and artwork embedded on this page are from Safe Mode Podcast, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    Voir plus Voir moins
    34 min
  • Balancing Speed and Security: The Open Source Dilemma in Embedded Development

    Balancing Speed and Security: The Open Source Dilemma in Embedded Development
    Jan 30 2026
    Podcast: Exploited: The Cyber Truth
    Episode: Balancing Speed and Security: The Open Source Dilemma in Embedded Development
    Pub date: 2026-01-29

    Get Podcast Transcript →
    powered by Listen411 - fast audio-to-text and summarization



    In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and embedded systems expert Elecia White, host of Embedded.fm and author of Making Embedded Systems, to discuss the trade-offs of using open source in embedded development.

    The conversation goes beyond debates about “open vs. proprietary” to explore how a single library can quietly introduce sprawling dependency chains, unclear maintenance responsibilities, licensing obligations, and long-term security exposure, especially in devices expected to operate for years or decades.

    Elecia and Joe share guidance for using open source intentionally, including how to set guardrails early, limit dependency blast radius, and design systems that can respond when vulnerabilities emerge, even when patching isn’t easy.

    Together, they cover:

    • Why embedded teams don’t get burned by open source, they get burned by unexamined dependencies
    • How transitive dependencies and “helpful” packages quietly expand attack surface
    • Why professionalism, documentation, and disclosure practices signal trustworthy projects
    • Why build-time SBOMs matter more than after-the-fact analysis
    • How Secure by Design thinking reduces reliance on emergency patching

    For embedded engineers, product leaders, and security teams balancing delivery pressure with long-lived risk, this episode offers advice for using open source without inheriting future incidents.



    The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
    Voir plus Voir moins
    30 min