In this episode of Simply ICS Cyber, Don and Tom welcome Sam Blaney, retired Chief Warrant Officer (CW3) from the Georgia National Guard and current cybersecurity professor at the University of North Georgia.

Sam shares insights from his career building and leading Cyber Protection Team 170, his transition into teaching, and his continued work helping state and local governments strengthen cybersecurity.

The conversation digs into Sam’s recent experience coaching students at the Department of Energy CyberForce Competition, where the University of North Georgia team defended a simulated offshore drilling platform with both IT and OT components.

Sam discusses what made the event realistic, how students approached identity and access management, OT network analysis, and what they learned about preparation, tooling, and industrial control system challenges.

The group also explores:

- Effective defense preparation for cyber competitions
- Building and tuning SIEM tools for constrained environments
- The value of exercises like CCDC and CyberShield
- How multidisciplinary tabletops improve communication across organizations
- The increasing role of AI in attack and defense, including the Anthropic AI-assisted malware research
- Concerns about AI-driven automation, skill multiplier effects, and the importance of understanding fundamentals

Resources:

Sam Blaney: https://www.linkedin.com/in/samblaney65/
University of North Georgia: https://ung.edu/DOE
CyberForce Program: https://cyberforce.energy.gov/
US CyberCom: https://www.cybercom.mil/
National Guard Cyber Defense Team: https://www.nationalguard.mil/Portals/31/Resources/Fact%20Sheets/Cyber%20Defense%20Team%202022.pdf
National Guard CyberShield: https://www.dvidshub.net/feature/CyberShield25
Anthropic Malware Write-up: https://www.anthropic.com/news/disrupting-AI-espionage

=========================
👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.

Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman

Learn about ICS Village: https://www.linkedin.com/company/icsvillage
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials

The growing need for visibility and response in industrial environments is driving more organizations to consider ICS/OT Security Operations Centers — but what does that actually look like for small and medium-sized operations?

In this episode of Simply ICS Cyber, Don and Tom sit down with Dan Gunter, CEO and founder of Insane Cyber, to discuss how ICS/OT SOCs function, what data truly matters for monitoring, and how incident response changes when operators have (or don’t have) the right information at hand.

Drawing on experience from the Air Force CERT to founding an OT-focused security company, Dan shares a practical look at the realities of SOC implementation across industries — from utilities with limited staff to large-scale enterprises managing thousands of assets.

Listeners will gain insight into how to start building visibility, selecting the right MSSP partners, and managing SOC fatigue — all while keeping industrial operations safe and resilient.

⚙️ Tune in to learn how data, process, and people come together to make ICS/OT SOCs work in the real world.

Connect with Dan on LinkedIn: https://www.linkedin.com/in/dan-gunter

👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.

Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman

Learn about ICS Village: https://www.linkedin.com/company/icsvillage
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials

The industrial threat landscape never stands still — and neither can defenders. In this episode of Simply ICS Cyber, Don and Tom sit down with Joe Slowik, a globally recognized expert in cyber threat intelligence (CTI), detection engineering, and incident response for ICS, OT, and critical infrastructure environments.

With over 15 years of experience spanning offensive operations, threat research, and leadership roles in both government and private sectors, Joe brings an unparalleled perspective on how adversaries target industrial systems — and how defenders can stay ahead.

Listeners will hear how Joe’s work connects cutting-edge artificial intelligence and detection development with the real-world challenges of protecting operational environments. His insights reveal where the next evolution of ICS threat intelligence is headed — and what teams should focus on now to stay resilient.

⚙️ Tune in to learn how threat intelligence is evolving across industrial control systems and what it takes to keep pace in a rapidly changing landscape.

Connect with Joe on LinkedIn: Joe Slowik
https://www.linkedin.com/in/joe-slowik

👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.

Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman

Learn about ICS Village: https://www.linkedin.com/company/icsvillage
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials

Selecting and managing ICS/OT cybersecurity vendors and integrators isn’t just a procurement step - it’s a strategic decision that shapes resilience, compliance, and long-term security outcomes. The best approach depends on organization size, resources, and security objectives.

In this episode, Don and Tom are joined by Saltanat Mashirova, OT Cybersecurity Lead at CPX and OTCEP member with the Cyber Security Agency of Singapore. Salt brings deep global expertise across cybersecurity risk assessments (csHAZOP), ISA/IEC 62443 compliance, OT/ICS product development, governance, training, and the integration of both brownfield and greenfield assets.

They’ll also dive into how these challenges play out in industries like oil & gas, mining, energy, manufacturing, and more - where vendor and integrator choices can directly impact both safety and business outcomes.

Salt shares her perspective as an industry-recognized leader, speaker, and award-winner (Top 40 Under 40 in Cybersecurity, SC Media “Women to Watch,” and more), with experience guiding global projects and engaging with everyone from engineers to CEOs.

📢 This is a rare opportunity to hear practical insights on navigating the evolving vendor and integrator landscape in ICS/OT cybersecurity.

👉 Tune in to hear Salt’s perspective and learn how organizations can align security objectives with the right vendor and integrator partnerships.

Connect with Salt on LinkedIn: https://www.linkedin.com/in/saltanat-mashirova-b88bba193

Publications:
Co-Author of Framework in Disaster Recovery “An Approach to Disaster Recover in OT,” links (whitepaper is coming up soon):
https://www.youtube.com/watch?v=zjwUwGa3rLw&t=135s
https://www.controlglobal.com/show-coverage/honeywell-users-group/article/55232981/preparedness-smooths-cyber-recovery
https://www.youtube.com/watch?v=ATx7cYaX6BY

Cyber-Physical Risk Assessment:
https://www.hydrocarbonengineering.com/magazine/hydrocarbon-engineering/april-2024/
https://www.youtube.com/watch?v=dsOwAX5cc_c

👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.

Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman

Learn about ICS Village: https://www.linkedin.com/company/icsvillage
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials

Industrial control systems (ICS) and operational technology (OT) are the backbone of modern society—powering electricity, water, gas, communications, manufacturing, chemicals, and even medical technology. But what happens when these systems must be secured in the middle of a warzone?

On this episode of Simply ICS Cyber, hosts Don C. Weber and Tom VanNorman sit down with special guest Patrick C. Miller, President & CEO of Ampyx Cyber, a company dedicated to protecting the industrial world.

Learn more about:

• The challenges of defending critical infrastructure in conflict environments
• Real-world insights from one of the most experienced leaders in ICS/OT security
• Why these conversations are vital for the future of cybersecurity

This is a rare opportunity to hear experts break down industrial cybersecurity in the harshest conditions. Whether you’re in IT, OT, or just want to understand the stakes, you’ll walk away with practical lessons and a deeper appreciation of what’s at risk.

Connect with Patrick on LinkedIn: https://www.linkedin.com/in/millerpatrickc/

Episode Links:
-The 5 Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls
- KEV: https://www.cisa.gov/known-exploited-vulnerabilities

👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.

Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman

Learn about ICS Village: https://www.linkedin.com/company/icsvillage
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials

In this episode of Simply ICS Cyber, co-hosts Don C. Weber and Tom VanNorman are joined by maritime and energy cybersecurity expert Marco (Marc) Ayala — vOT-CISO, Senior Principal Advisor for Energy, Oil, and Gas at the Cyber Infrastructure Protection Innovation Center (CIPIC), President of InfraGard Houston Members Alliance, and National Sector Chief of Energy for InfraGard.

Marc has spent his career at the intersection of ICS/OT security, maritime operations, and critical infrastructure protection. His work includes advancing cybersecurity for the energy and oil & gas industries, driving innovation at CIPIC, and building collaborative bridges between public and private sectors to defend against nation-state and criminal threats.

If you’re interested in the challenges of maritime cyber resilience, industrial control systems, operational technology, or energy sector defense, this episode offers rare insights from one of the field’s most active leaders.

Connect with Marc on LinkedIn: https://www.linkedin.com/in/marco-marc-ayala-a3b26934

Episode Links:

• InfraGuard: https://www.infragardnational.org/
• ISA Fellows: https://www.isa.org/membership/recognition/fellows
• Port of Corpus Christi, Texas: https://portofcc.com/
• Port of Galveston, Texas: https://www.portofgalveston.com/
• Port of Houston, Texas: https://porthouston.com/

👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.

Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials

In this episode of Simply ICS Cyber, Don C. Weber and Tom VanNorman sit down with Chris Sistrunk to dive into the challenges and realities of Substation Security.

Chris, now a Technical Leader at ⁨Mandiant⁩ & Google Cloud Security, brings years of experience from his time at Entergy, where he specialized in Transmission & Distribution SCADA systems and cybersecurity labs. He’s a recognized leader in ICS/OT security and an active contributor to the community through events like DEF CON’s ⁨ICS Village⁩ and BEER-ISAC.

Join us as we discuss securing critical infrastructure, modern threats to substations, and what defenders need to know to stay ahead.

Tune in to get expert insights into protecting the grid.

Connect with Chris on LinkedIn: https://www.linkedin.com/in/chrissistrunk

Episode Links:
https://cloud.google.com/blog/topics/threat-intelligence/securing-protection-relays-modern-substations
https://techcrunch.com/2025/07/14/mark-zuckerberg-says-meta-is-building-a-5gw-ai-data-center/

Connect with your hosts on LinkedIn:
- Don https://linkedin.com/in/cutaway
- Tom https://linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
Presented by Simply Cyber Media Group
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials

Join Don Weber and Tom VanNorman for the Season 2 premiere of Simply ICS Cyber!

In this episode, your hosts interview special guest and ICS professional, Dan Ricci.

Dan is a Power Systems Engineer and Researcher with Idaho National Labs and sits down with the hosts to explore vulnerability management, feeds, and learn more about ICS Advisory Board Project.

Episode Links:
- https://www.icsadvisoryproject.com/
- https://www.icsadvisoryproject.com/ics-advisory-dashboards/cisa-kev-for-cisa-ics-advisories

Connect with Dan Ricci on LinkedIn:
https://www.linkedin.com/in/danricci14

Connect with your hosts on LinkedIn:
- Don linkedin.com/in/cutaway
- Tom linkedin.com/in/thomasvannorman
=========================
Simply Cyber empowers people who want a rewarding cybersecurity career
=========================
All the ways to connect with Simply Cyber
https://SimplyCyber.io/Socials