When Containment Fails Recovery

Beyond Asset Coverage

Can a single overlooked device really bring down your entire network, and are you unwittingly leaving the door open to cyberattacks by focusing on the wrong security strategy? In this episode we break down the flaws in traditional network visibility programs and explore how microsegmentation can limit the damage of unseen assets. We walk through real-world examples of how IT dependencies and vendor access have led to devastating breaches, and discuss the importance of structuring conversations around asset risk and function. By the end of this episode, you'll understand why treating inventory as a containment strategy is a recipe for disaster, and how a different approach can save you from costly disruptions. Subscribe to our podcast for more insights on how to secure your network and stay one step ahead of emerging threats. #cybersecurity #networkvisibility #microsegmentation

When Containment Fails Recovery

What if your team contained a cyber incident, but the real damage was only just beginning? In this episode we break down the disconnect between IT and engineering timelines, and explore how the NIS2 directive is raising the bar for incident recovery and accountability. We walk through the implications of Articles 20, 21, and 34, and what they mean for management bodies and cybersecurity teams. We argue that a single incident command model is the key to true recovery. The ability to recover from a cyber incident quickly and effectively is no longer a nice-to-have, but a critical component of business continuity and risk management. Subscribe to our podcast for more insights on cybersecurity and operational risk, and join the conversation on how to stay ahead of emerging threats. #cybersecurity #NIS2 #incidentrecovery #operationalrisk #businesscontinuity

Exposed Paths in OT Networks

What if the biggest security risk to your industrial control systems isn't a malicious hacker, but rather a simple disconnect between when a work order closes and when network access is actually shut off? In this episode we break down the hidden dangers of insecure remote access conditions and explore why PAM is not failing in OT, but rather being asked to enforce a physical work state it cannot see. We walk through real-world examples of exposed engineering paths and unpatched VPNs, and discuss the consequences of a visibility gap between operations and network access. We argue that the problem lies not with the tools, but with the disconnection between different states that never converge. The reality is that this gap can have devastating consequences, from allowing attackers to gain access to sensitive systems to putting entire operations at risk. Subscribe to our podcast to learn more about the intersection of industrial control systems and cybersecurity, and to stay up to date on the latest threats and solutions. #OTSecurity #ZeroTrust #IndustrialCybersecurity

Shipping the Code That Security Rejected

Your vehicle's biggest security threat might be arriving with a perfectly valid digital signature and your company's own stamp of approval. In this episode, we break down why the shift to software-defined vehicles is currently failing at the release gate. We walk through the uncomfortable reality of SOP pressure and argue that current security assessments are often treated as advisory rather than hard controls. It is time to stop asking for attention and start controlling the release, because a "safe" binary that your organization doesn't actually understand is just a liability waiting to happen. Drop your take in the comments or share this episode with a colleague who is fighting against weak provenance and unrealistic deadlines right now. #AutomotiveCybersecurity #SDV #SupplyChainSecurity #CyberSecurity #AutomotiveSoftware

When a Patch Reopens the Safety Case

A simple security patch can fix a vulnerability and still become a total operational nightmare that brings an entire railway network to a standstill. In this episode, we break down the high-stakes collision between the new Cyber Resilience Act and the rigid, uncompromising world of railway safety certification. We walk through why architectural perfection is a myth for brownfield systems and how to use protocol-aware filtering to keep your network secure without triggering a massive, budget-breaking reassessment. We argue that the strongest cyber programs are not the ones with the fastest patch cycles, but the ones that know how to improve risk posture while keeping the trains moving. This conversation is about making security maintenance survivable in a sector where you simply cannot afford to touch the binary. Subscribe to the show and share this episode with anyone currently trying to navigate the impossible tension between rapid response and safety-critical stability. #RailCybersecurity #CyberResilienceAct #CriticalInfrastructure #OTSecurity