Industrial Cybersecurity Insider

• Former U.S. Secret Service Special Agent Shares Cyber Criminal Secrets

  Former U.S. Secret Service Special Agent Richard LaTulip joins Craig Duckworth to reveal the hidden world of cyber criminal networks and infrastructure attacks. Drawing from his undercover work infiltrating dark web forums and catching some of the world's most sophisticated threat actors, Richard breaks down why traditional security approaches fail, how ransomware attacks actually cost organizations millions if not billions beyond the ransom payment itself, and why the timeline between compromise and detection has shrunk from months to minutes. He shares jaw-dropping statistics on vulnerability management failures, explains how adversaries are using AI to become exponentially more dangerous, and provides actionable insights for building resilient security programs that protect what matters most to your business. Whether you're defending critical infrastructure or managing security for a manufacturing organization, this conversation offers a rare insider perspective on the evolving threat landscape and what it takes to stay ahead of increasingly sophisticated cyber criminals.Chapters:(00:00:00) - Meet the Ex-Secret Service Agent Who Infiltrated Underground Cyber Criminal Networks(00:03:00) - Inside Operation Carder Kaos: Going Undercover in the Dark Web(00:06:00) - The Real Price Tag: Why Ransomware Costs Go Far Beyond the Ransom(00:11:00) - When Production Lines Go Dark: The Hidden Costs of Manufacturing Downtime(00:14:00) - Reality Check: How Prepared Is Your Organization for a Cyber Attack?(00:17:00) - The AI Arms Race: How Adversaries Are Weaponizing Artificial Intelligence(00:21:00) - 2027 Threat Landscape: What Keeps a Field CISO Up at Night(00:24:00) - Follow the Bitcoin: How Cyber Criminals Launder Billions Through Cryptocurrency(00:31:00) - Why Speed Matters: The Critical Window for Law Enforcement Notification(00:33:00) - The Security Leader's Playbook: Threat Intelligence + Business ContextLinks And Resources:Richard LaTulip on LinkedInRichard's Book: Operation Carder KaosRecorded FutureWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on

  --------  

  38:23

  --------

  38:23
• Perception vs. Reality: Why Your Plant Floor Might Not Be as Secure as You Think

  In this eye-opening conversation, Dino and Craig address a critical issue facing manufacturing organizations today: the dangerous gap between perceived and actual cybersecurity preparedness in operational technology (OT) environments.They discuss why many organizations "don't know what they don't know" when it comes to securing industrial control systems, the myth of isolated manufacturing equipment, and why 25% of companies still lack comprehensive OT asset monitoring. Drawing powerful parallels to safety protocols, they explain why cybersecurity must become as ingrained in plant culture as wearing a hard hat on the factory floor.Their bottom line: Back up your beliefs with data, treat every system as if it's connected, and verify, don't just trust, your security posture. In OT cybersecurity, perception isn't reality, and that gap could cost not only millions but also brand perception and even human life.This episode is a must-listen for anyone serious about protecting their industrial environments.Chapters:00:00:00 - Kicking Off: Are You Truly Secure or Just Comfortable?00:01:15 - OT Security Reality Check: Do You Really Know Your Risks?00:01:45 - The Hidden Challenges Holding OT Security Back00:03:15 - Lack of Skilled Resources: The Biggest Barrier to Security00:05:30 - Security Frameworks: Are They Reaching the Plant Floor?00:06:15 - The Dangerous Myth of “Isolated” OT Systems00:07:58 - From Theory to Action: Winning Strategies for OT Security00:12:13 - Leadership’s Role in Cybersecurity: Who’s Driving the Change?00:19:55 - No More Blind Spots: Key Takeaways for a Secure FutureLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

  --------  

  22:46

  --------

  22:46
• The Silver Tsunami: Manufacturing's Talent and Knowledge Retirement Crisis

  In this milestone 100th episode, Craig and Dino tackle the critical intersection of workforce retirement and industrial cybersecurity knowledge in manufacturing.They explore how 82% of manufacturing workforce exits are due to retirement, creating a dangerous knowledge vacuum as decades of plant expertise walk out the door. The conversation reveals why traditional IT security tools consistently miss 50-70% of OT assets, the problematic practice of buying equipment that's obsolete before installation, and why plant operators bypass corporate security policies when downtime costs a million dollars per day. Craig and Dino state that the solution isn't just better tools, it's bridging the gap between centralized IT teams and the decentralized OT ecosystem by partnering with the system integrators and OEMs who actually keep plants running. They discuss how manufacturers must choose between multi-million dollar capital investments in modern equipment or implementing proper network segmentation and security around legacy systems.They address the reasons why the next generation of talent won't be attracted to facilities running decades-old technology.Chapters:(00:00:00) - Introduction and Industry Growth Update(00:02:15) - The Silver Tsunami: 82% of Manufacturing Exits Are Retirements(00:05:42) - Why IT Security Tools Miss 50-70% of OT Assets(00:09:18) - The Knowledge Vacuum: What Happens When Experience Walks Out(00:13:05) - Why Plant Operators Bypass Corporate Security Policies(00:16:30) - The Problem with Buying Obsolete Equipment(00:19:45) - Centralized IT vs Decentralized OT: Bridging the Gap(00:23:20) - Building Partnerships with System Integrators and OEMs(00:26:50) - Capital Investment vs Network Segmentation Strategy(00:29:35) - Attracting Next-Gen Talent to Manufacturing EnvironmentsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

  --------  

  31:20

  --------

  31:20
• The Nation-State Attacks Hiding in Your OT Network

  In this episode of the Industrial Cybersecurity Insider, Craig Duckworth sits down with Matthew Carr, co-founder of Atumcell and OT penetration testing expert with fifteen years of experience securing operational technology systems. Matthew shares his journey from vulnerability research to specializing in cyber-physical security, recounting the pivotal moment when his exploit code stopped a production line at a major car manufacturer. The conversation addresses the critical gaps in OT security, including why most organizations are unaware of what's actually on their networks, the dangers of default passwords on IoT devices, and how attackers often use espionage rather than ransomware to remain undetected. Matthew reveals how his team safely conducts pentests in production environments, develops proprietary detection rule sets, and helps organizations understand their infrastructure through network mapping. The discussion encompasses a range of topics, from the risks associated with smart TVs in conference rooms to the motivations behind nation-states targeting critical infrastructure, culminating in practical advice on developing a cybersecurity roadmap for cyber-physical systems.Chapters:(00:00:00) - Welcome and Introduction to Matthew Carr's OT Security Journey(00:02:30) - The Moment Exploit Code Stopped a Production Line at a Major Car Manufacturer(00:06:15) - Why Most Organizations Don't Know What's Actually on Their OT Networks(00:09:45) - The Three Pillars of Adamzsel: Pentesting, Monitoring, and Tabletop Exercises(00:14:20) - How Attackers Know Your Infrastructure Better Than You Do(00:18:50) - Smart TVs in Conference Rooms: The Hidden Security Risk with Root Access(00:22:30) - Espionage vs Ransomware: The Cyber Attacks No One Is Talking About(00:26:45) - Why Default Passwords on IoT Devices Are an Attacker's Favorite Entry Point(00:30:20) - Building a Cybersecurity Roadmap for Cyber-Physical Systems(00:33:15) - Closing Thoughts and Free OT Security White Paper from AdamzselLinks And Resources:Atumcell WebsiteMatthew Carr on LinkedInWant to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

  --------  

  33:34

  --------

  33:34
• When IT Security Meets OT Reality: Why One Size Doesn't Fit All

  What happens when IT cybersecurity practices collide with OT operational realities? In this episode, Jim and Dino expose the costly mistakes organizations make when applying IT security playbooks to manufacturing environments.Discover why zero trust architectures can halt production, how shadow IT thrives on every plant floor, and why remote access policies designed for corporate networks fail in industrial settings. Learn the critical importance of OT-tailored asset inventories, the need for IT/OT collaboration, and why digital safety must be treated with the same urgency as physical safety.If you're struggling to bridge the gap between IT security mandates and OT operational needs—or if you've ever watched a well-intentioned security policy bring production to a halt—this episode is your roadmap to getting it right.Chapters:(00:00:00) - Introduction and Episode Overview(00:01:19) - IT vs OT Security Mindsets(00:02:03) - Zero Trust Challenges in OT Environments(00:05:12) - Remote Access and Change Management Conflicts(00:09:00) - Who Should Learn from Whom: IT or OT?(00:10:23) - Asset Inventory: What OT Engineers Don't Know(00:15:00) - Process Integrity and Operational Value(00:21:57) - Shadow IT: The Backdoors Nobody Talks About(00:26:00) - Designing Security Into New Equipment(00:28:00) - Digital Safety vs Physical SafetyLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInJim Cook on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

  --------  

  35:14

  --------

  35:14

More Business podcasts

Trending Business podcasts

About Industrial Cybersecurity Insider