PodcastsBusinessIndustrial Cybersecurity Insider

Industrial Cybersecurity Insider

Industrial Cybersecurity Insider
Industrial Cybersecurity Insider
Latest episode

134 episodes

  • Industrial Cybersecurity Insider

    The Real Cost of Delaying OT Cybersecurity Investment

    07/07/2026 | 35 mins.
    Craig and Jim revisit one of their most practical conversations: how to build a compelling business case for OT cybersecurity budget.
    They break down the IT/OT ownership gap that leaves manufacturers exposed, explain how to frame liability, physical risk, and financial impact in language executives actually care about, and walk through the options every organization faces.
    From doing nothing to running a proof-of-concept pilot site that generates real, quantifiable data. They also tackle the role of cybersecurity insurance, why every company needs OT on its risk register, and how the concept of technology debt can finally help leadership understand the cost of decades of deferred OT security investment.
    Whether you're approaching this from the IT side, the OT side, or somewhere in between, this episode gives you the framework to start the budget conversation before a breach forces it.
    Chapters:
    (00:00:00) - Introduction: The High Stakes of OT Cybersecurity
    (00:01:00) - Why Budgeting for OT Security Is So Difficult
    (00:04:00) - How to Get Executives to Actually Listen
    (00:06:00) - Liability: Speaking the Language of Leadership
    (00:11:00) - Building Your OT Cybersecurity Business Case
    (00:13:00) - Ownership and Visibility: The First Questions to Ask
    (00:17:00) - Proof of Concept: Using Real Data to Drive Decisions
    (00:20:00) - Cybersecurity Insurance and the Third Leg of the Stool
    (00:26:00) - Risk Management, Roadmaps, and Playing the Long Game
    (00:31:00) - Technology Debt and Final Takeaways

    Links And Resources:
    Want to Sponsor an episode or be a Guest? Reach out here.
    Industrial Cybersecurity Insider on LinkedIn
    Cybersecurity & Digital Safety on LinkedIn
    BW Design Group Cybersecurity
    Dino Busalachi on LinkedIn
    Craig Duckworth on LinkedIn
    Jim Cook on LinkedIn

    Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!
  • Industrial Cybersecurity Insider

    Your Organization Says It's 'Green' on Manufacturing Security: Here's Why That's Dangerous

    30/06/2026 | 22 mins.
    Who actually owns OT cybersecurity? And when something breaks, who's accountable?
    In this episode, Craig and Dino tackle a question most manufacturing organizations still haven't answered.
    They address why CISOs are often handed responsibility for OT security without the authority to act on it, and how plants can score "green" on a compliance dashboard while remaining blind to 80% of their actual assets.
    They also dig into the role OEMs and system integrators should be playing in building security into project proposals from day one, and why most still aren't.
    From virtual patching for legacy systems that can't be touched, to the fast-growing OT security market, this is a grounded conversation for plant leaders, engineers, and security teams trying to close the gap between IT and OT.
    Chapters:
    (00:00:00) - Who Really Owns OT Cybersecurity?
    (00:02:00) - Asset Owners Bear the Ultimate Responsibility
    (00:04:00) - Responsibility Without Authority: The CISO's Dilemma
    (00:06:00) - Why OEMs and SIs Aren't Including Cybersecurity in Their Proposals
    (00:08:00) - The False Sense of Security Driving Dangerous Blind Spots
    (00:10:00) - How Organizations Claim "Green" While Missing 80% of Their Assets
    (00:13:00) - Half Measures vs. a Real OT Cybersecurity Strategy
    (00:16:00) - The Growing OT Security Market and Why Some Still Aren't Paying Attention
    (00:18:00) - Incident Response Drills and AI Accelerating the Threat Landscape
    (00:20:00) - Breaking Down the IT/OT Trust Barrier for Good

    Links And Resources:
    Want to Sponsor an episode or be a Guest? Reach out here.
    Industrial Cybersecurity Insider on LinkedIn
    Cybersecurity & Digital Safety on LinkedIn
    BW Design Group Cybersecurity
    Dino Busalachi on LinkedIn
    Craig Duckworth on LinkedIn

    Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!
  • Industrial Cybersecurity Insider

    It's Control System Integrity not just OT Cybersecurity

    24/06/2026 | 18 mins.
    Many manufacturers don't realize that an investment in OT Cybersecurity also enhances Control System Integrity.
    In this rewind episode, Craig and Dino dig into why so many OT intrusion detection platforms get installed but never become truly operational.
    They address what gets lost when IT owns the tool while OT owns the equipment, and why the word “cybersecurity” itself can stall progress the moment it lands on the plant floor.
    They land on a question every CISO, plant leader, and engineering director should be asking right now: who at your sites actually knows how to use the tools you have already paid for, and how do you bring the OT ecosystem into the room before the next outage forces you to?
    Chapters:
    (00:00:00) Cold Open: The Diagnostic Tool Sitting Unused in Your Plant
    (00:01:00) Shadow OT Versus Shadow IT and Why the Distinction Matters
    (00:02:30) Why IT Gets Left Out of Industrial Lifecycle Decisions
    (00:04:00) Reframing Cybersecurity as Control System Integrity
    (00:05:00) The 8:10 AM Production Shutdown Mystery
    (00:07:00) Three Rogue Servers Hiding in Plain Sight
    (00:08:00) A Brewery, a Misconfigured Module, and a Network No One Could Diagnose
    (00:10:00) Buying an MRI Machine and Refusing to Turn It On
    (00:12:00) Bringing the OT Ecosystem to the Table
    (00:15:00) Why IT Needs New Friends in Manufacturing

    Links And Resources:
    Want to Sponsor an episode or be a Guest? Reach out here.
    Industrial Cybersecurity Insider on LinkedIn
    Cybersecurity & Digital Safety on LinkedIn
    BW Design Group Cybersecurity
    Dino Busalachi on LinkedIn
    Craig Duckworth on LinkedIn

    Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!
  • Industrial Cybersecurity Insider

    Is AI Becoming Your Plant Floor's Biggest Vulnerability?

    15/06/2026 | 27 mins.
    Craig and Dino dig into the widening gap between IT and OT and why the plant floor keeps getting left behind.
    They break down what Dragos ' acquisition of Phosphorus signals for the future of IoT security in manufacturing, from cameras and label printers to X-ray inspection systems that ship with default passwords and almost never get patched.
    The conversation gets sharp on artificial intelligence: the same models helping plants work smarter are now lowering the barrier for attackers, putting Stuxnet-style capabilities into the hands of people who lack the resources and sophistication that nation states once needed.
    Craig and Dino expose the everyday habits that leave operations vulnerable, including system integrators plugging personal laptops straight into production networks, locked USB ports that solve only half the problem, and remote access so wide open that a single entry point can expose an entire plant.
    They argue that nobody truly owns OT cyber hygiene, that frameworks like IEC 62443 and the NIST 800 82 series get named in RFPs but rarely enforced, and that leaders keep tripping over dollars to pick up nickels by choosing the cheapest bid over real protection.
    It's a candid, experience-driven look at why industrial security moves so slowly and what plant leaders, engineers, and security teams can actually do about it.
    Chapters:
    (00:00:00) - AI Enters the OT Battlefield
    (00:01:30) - Why IoT Is Creeping Onto the Plant Floor
    (00:03:30) - Printers, Cameras, and the Default Passwords Nobody Owns
    (00:06:00) - Dragos, Phosphorus, and the Managed Services Question
    (00:08:00) - How AI Lowers the Bar for Attacking Control Systems
    (00:09:40) - Stuxnet Then vs. AI-Powered Attacks Now
    (00:12:00) - The Laptop in the Plant: Contractors, USBs, and Open Networks
    (00:16:00) - Frameworks on Paper vs. Reality (IEC 62443 & NIST 800-82)
    (00:19:00) - Tripping Over Dollars to Pick Up Nickels
    (00:24:00) - Short-Tenure CISOs and Why You Shouldn't Go It Alone

    Links And Resources:
    Want to Sponsor an episode or be a Guest? Reach out here.
    Industrial Cybersecurity Insider on LinkedIn
    Cybersecurity & Digital Safety on LinkedIn
    BW Design Group Cybersecurity
    Dino Busalachi on LinkedIn
    Craig Duckworth on LinkedIn

    Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!
  • Industrial Cybersecurity Insider

    Is Your IIoT Strategy Creating More Security Risks?

    09/06/2026 | 22 mins.
    Craig and Dino address one of the most overlooked problems in OT security: the IIoT devices your security tools don't automatically detect.
    Most OT intrusion detection platforms do a reasonable job of identifying core control-layer assets such as PLCs, drives, and motor control centers. The problem is everything else. Laptops plugged into the network, third-party devices brought in by contractors, and a growing range of connected IIoT equipment often go completely undetected. Those are the gaps where risk accumulates.
    Craig and Dino explain why the belief that machines are air-gapped is a dangerous myth, how PLCs acting as gateways prevent intrusion detection platforms from seeing the devices behind them, and why an asset inventory is not the same as knowing your real risk and CVE exposure in multi-vendor environments.
    They reframe OT cybersecurity as a process-integrity problem and show how unmanaged network activity, third-party remote access, and even routine IT security scans can quietly degrade OEE and trigger unplanned downtime that costs millions.
    Using predictive-maintenance analogies such as thermal, harmonics, and vibration sensing, they make the case for treating digital anomalies the same way mature plants already treat mechanical ones.
    They close by examining why so many OT detection tools become shelfware, how to escape alert fatigue, and the two practical paths to real IT/OT convergence: building the right relationships with OEMs, system integrators, and AEC partners, and designing security-ready facilities from the ground up.
    It's a practical listen for CISOs, plant and engineering leaders, and OT/IT teams responsible for securing manufacturing and critical infrastructure.
    Chapters:
    (00:00:00) - Why No Industrial Asset Is Truly Air-Gapped
    (00:01:08) - IoT vs. IIoT: How OT Assets Get Classified
    (00:03:15) - The Control-Layer Blind Spot: Drives, Robots, and Motor Controls
    (00:05:25) - How PLC Gateways Hide Assets From Intrusion Detection
    (00:07:30) - Asset Inventory Isn't Risk: The CVE Gap in Multi-Vendor Plants
    (00:08:55) - When Cyber Blind Spots Become Costly Downtime
    (00:10:05) - Process Integrity: How Security Scans Disrupt Production
    (00:11:35) - Predictive Maintenance Meets Digital Anomaly Detection
    (00:17:45) - Avoiding OT Shelfware and Alert Fatigue
    (00:19:45) - IT/OT Convergence: Choosing a Partner and Building Secure-by-Design

    Links And Resources:
    Want to Sponsor an episode or be a Guest? Reach out here.
    Industrial Cybersecurity Insider on LinkedIn
    Cybersecurity & Digital Safety on LinkedIn
    BW Design Group Cybersecurity
    Dino Busalachi on LinkedIn
    Craig Duckworth on LinkedIn

    Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!
More Business podcasts
About Industrial Cybersecurity Insider
Industrial Cybersecurity Insider offers a thorough look into the field of industrial cybersecurity for manufacturing and critical infrastructure. The podcast delves into key topics, including industry trends, policy changes, and groundbreaking innovations. Each episode will feature insights from key influencers, policy makers, and industry leaders. Subscribe and tune in weekly to stay in the know on everything important in the industrial cybersecurity world!
Podcast website

Listen to Industrial Cybersecurity Insider, Think Fast Talk Smart: Communication Techniques and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features