@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: Industrial Cybersecurity Insider [https://www.listennotes.com/podcasts/industrial-cybersecurity-insider-industrial-lkzZPU8EYci/] Episode: The System Integrator’s Role in Supporting OT Security [https://www.listennotes.com/e/313a9043ede542109be27d1ca2313b6e/] Pub date: 2025-07-01 Get Podcast Transcript → [https://www.listen411.com/?audio_url=https://audio.listennotes.com/e/p/313a9043ede542109be27d1ca2313b6e/¬es=The System Integrator’s Role in Supporting OT Security] powered by Listen411 [https://www.listen411.com/] - fast audio-to-text and summarization [https://cdn-images-3.listennotes.com/podcasts/industrial-cybersecurity-insider-velta-nPobcUYlNwM-lkzZPU8EYci.300x300.jpg] In this episode, Craig Duckworth [https://www.linkedin.com/in/craigaduckworth?miniProfileUrn=urn%3Ali%3Afs_miniProfile%3AACoAAAWDtWgBfTwMHKBYPPoK7CQfoCNLFzF2FZQ] and Dino Busalachi [https://www.linkedin.com/in/dinobusalachi?miniProfileUrn=urn%3Ali%3Afs_miniProfile%3AACoAAABl-dIBCwDr1jfVnIDKmyxpFlQ5LSXqIr8] discuss the critical but often overlooked or misunderstood role of system integrators (SIs) in industrial cybersecurity. Key Issues Identified: * Organizations typically work with multiple specialized integrators across different facilities and systems * Some SIs lack cybersecurity expertise, focusing primarily on equipment functionality * Equipment can remain connected to networks for decades, with ownership and oversight changing hands over time * System integrators must exercise proper IT coordination to implement remote access solutions effectively Recommendations: * IT and OT teams should collaborate more closely with system integrators on cybersecurity planning * Organizations need to evaluate their SIs' cybersecurity capabilities and partnerships * Consider standardizing on integrators with demonstrated cybersecurity practices and vendor certifications * Apply the same due diligence used for IT vendor selection to OT system integrators Bottom Line: System integrators are essential partners in executing industrial cybersecurity strategies and protection. Organizations must actively engage them in security conversations and ensure they have the necessary skills and partnerships to implement secure solutions for their plant environments from the start. Chapters: * 00:00:00 - Real-World Ransomware Hits the Plant Floor * 00:00:52 - Meet the System Integrators Shaping Your OT Plant Floor Security * 00:01:17 - What System Integrators Really Do (and Don’t) * 00:04:13 - Remote Access: The Hidden Backdoor Nobody Sees * 00:08:34 - Why Ongoing Monitoring Is Non-Negotiable * 00:13:30 - How to Pick the Right System Integrator For Your Operations * 00:26:17 - Building Strong Partnerships with Your Integrators Links And Resources: * Want to Sponsor an episode or be a Guest? Reach out here. [https://www.linkedin.com/in/luraelumpkin] * Industrial Cybersecurity Insider on LinkedIn [https://www.linkedin.com/company/industrial-cybersecurity-insider] * Cybersecurity & Digital Safety on LinkedIn [https://www.linkedin.com/groups/12450584/] * BW Design Group Cybersecurity [https://www.bwdesigngroup.com/sub-capability/cybersecurity] * Dino Busalachi on LinkedIn [https://www.linkedin.com/in/dinobusalachi/] * Craig Duckworth on LinkedIn [https://www.linkedin.com/in/craigaduckworth/] Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify [https://open.spotify.com/show/6y0fvWaYstCG604LYveckc], Apple Podcasts [https://podcasts.apple.com/us/podcast/industrial-cybersecurity-insider/id1713811546], and YouTube [https://www.youtube.com/@veltatechnology] to leave us a review! The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made Simple [https://www.listennotes.com/podcasts/ot-security-made-simple-klaus-mochalski-vE6iLZ2VHfd/] Episode: The Evolution of Procurement in OT Security | OT Security Made Simple [https://www.listennotes.com/e/957e1c5f0b8b469c89d147994d0ffe33/] Pub date: 2025-07-01 Get Podcast Transcript → [https://www.listen411.com/?audio_url=https://audio.listennotes.com/e/p/957e1c5f0b8b469c89d147994d0ffe33/¬es=The Evolution of Procurement in OT Security | OT Security Made Simple] powered by Listen411 [https://www.listen411.com/] - fast audio-to-text and summarization [https://cdn-images-3.listennotes.com/podcasts/ot-security-made-simple-klaus-mochalski-8KiYyg12-wd-vE6iLZ2VHfd.300x300.jpg] In this episode of OT Security Made Simple, Klaus Mochalski and Søren Knudsen discuss the evolving landscape of OT security in light of current geopolitical tensions. They explore how procurement processes have shifted, the importance of evaluating a broader range of security solutions, and the risks associated with relying on specific vendors. The conversation emphasizes the need for organizations to conduct thorough research and consider local providers to mitigate risks effectively. The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All [https://www.listennotes.com/podcasts/protect-it-all-aaron-crow-nHYAjbOusmi/] (LS 26 · TOP 10% what is this? [https://www.listennotes.com/listen-score/]) Episode: How to Harness AI Without Breaking Security or Corporate Policies [https://www.listennotes.com/e/6fdf83f7c4de4d4aa02a86bc6d5e2b08/] Pub date: 2025-06-30 Get Podcast Transcript → [https://www.listen411.com/?audio_url=https://audio.listennotes.com/e/p/6fdf83f7c4de4d4aa02a86bc6d5e2b08/¬es=How to Harness AI Without Breaking Security or Corporate Policies] powered by Listen411 [https://www.listen411.com/] - fast audio-to-text and summarization [https://cdn-images-3.listennotes.com/podcasts/protect-it-all-aaron-crow-rc3G6uJYmNL-nHYAjbOusmi.300x300.jpg] In this episode, host Aaron Crow dives deep into the fast-evolving world of AI automation and its impact on cybersecurity. Aaron breaks down practical, real-world ways security professionals can leverage AI to streamline their workflows without breaking data loss prevention policies or putting proprietary information at risk.  From drafting reports and playbooks to automating repetitive tasks and managing vulnerability data, Aaron offers actionable advice for using both public AI tools like ChatGPT and more advanced private AI models. He also addresses common fears CISOs and business leaders have about unsanctioned AI use in the workplace and shares tips for staying safe and compliant while taking advantage of AI’s efficiencies.  Whether you’re in a large enterprise or a lean team with limited resources, you’ll come away with a fresh perspective on how to use AI responsibly to work smarter and protect your organization. Plus, Aaron invites listeners to share their own creative AI use cases and lessons learned. Let’s jump in and explore how to protect it all as AI advances. Key Moments :  01:20 AI's Rising Role in Media 03:22 Guidelines for Using AI Safely 07:06 "AI Integration and Automation Strategies" 10:03 Automating Windows Management Tasks 14:29 Exploring AI for Personal Tasks Connect With Aaron Crow: * Website: www.corvosec.com [http://www.corvosec.com]  * LinkedIn: https://www.linkedin.com/in/aaronccrow [https://www.linkedin.com/in/aaronccrow]   Learn more about PrOTect IT All: * Email: info@protectitall.co  * Website: https://protectitall.co/ [https://protectitall.co/]  * X: https://twitter.com/protectitall [https://twitter.com/protectitall]  * YouTube: https://www.youtube.com/@PrOTectITAll [https://www.youtube.com/@PrOTectITAll]  * FaceBook:  https://facebook.com/protectitallpodcast [https://facebook.com/protectitallpodcast]    To be a guest or suggest a guest/episode, please email us at info@protectitall.co [info@protectitall.co]   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 [https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124] Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4 [https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4] The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast [https://www.listennotes.com/podcasts/nexus-a-claroty-podcast-claroty-zCh-SjZqY3A/] (LS 32 · TOP 5% what is this? [https://www.listennotes.com/listen-score/]) Episode: Pedro Umbelino on Exploiting ATG Devices in Fuel Storage [https://www.listennotes.com/e/db2d9d99b90b40c6b184f8f50a28dd27/] Pub date: 2025-06-29 Get Podcast Transcript → [https://www.listen411.com/?audio_url=https://audio.listennotes.com/e/p/db2d9d99b90b40c6b184f8f50a28dd27/¬es=Pedro Umbelino on Exploiting ATG Devices in Fuel Storage] powered by Listen411 [https://www.listen411.com/] - fast audio-to-text and summarization [https://cdn-images-3.listennotes.com/podcasts/aperture-a-claroty-podcast-claroty-gfm6LNCx14s-zCh-SjZqY3A.300x300.jpg] Pedro Umbelino, Principal Research Scientist at Bitsight Technologies, joins the Nexus Podcast to discuss his team's research into Automatic Tank Gauge (ATG) systems and how they uncovered 11 vulnerabilities in ATGs manufactured by five different vendors.  ATG systems are an industrial control system that monitors fuel levels inside storage tanks, including those at gasoline stations, military bases, hospitals, airports, and elsewhere. ATGs track fuel levels, and are meant to detect leaks, help with inventory management, and are key in regulatory compliance efforts. The vulnerabilities uncovered by Pedro and his team expose these systems to catastrophic risks, from environmental hazards to significant economic losses, including physical damage. Worse yet is that these systems are old and challenging to update.  Read Bitsight's research here [https://www.bitsight.com/blog/critical-vulnerabilities-discovered-automated-tank-gauge-systems]. Listen to the Nexus Podcast on your favorite podcast platform [https://nexusconnect.io/podcasts].   The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code [https://www.listennotes.com/podcasts/error-code-robert-vamosi-3BP9iDHMO65/] (LS 27 · TOP 10% what is this? [https://www.listennotes.com/listen-score/]) Episode: EP 65: Hacking Critical Infrastructure Through Supply Chains [https://www.listennotes.com/e/f5ffec8ea0294a9ea65ab2603e83d6cc/] Pub date: 2025-06-24 Get Podcast Transcript → [https://www.listen411.com/?audio_url=https://audio.listennotes.com/e/p/f5ffec8ea0294a9ea65ab2603e83d6cc/¬es=EP 65: Hacking Critical Infrastructure Through Supply Chains] powered by Listen411 [https://www.listen411.com/] - fast audio-to-text and summarization [https://cdn-images-3.listennotes.com/podcasts/error-code-robert-vamosi-G96HYb-qy0_-3BP9iDHMO65.300x300.jpg] Critical Infrastructure software lacks the strict liability standards found in industries like automotive manufacturing, leading to minimal accountability for insecure products when they get exploited.  Alex Santos, CEO of Fortress Information Security [https://www.fortressinfosec.com/], explains how they’re typically hired by buyers of ICS equipment—such as utilities—to assess and mitigate supply chain risks, including working with OEMs to improve security. The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.