Industrial Cybersecurity Insider

Dino sits down with Dick Wilkinson, CTO and co-founder of Proof Labs, to explore the intersection of space technology and industrial cybersecurity.
Dick shares his 20-year journey in the U.S. Army with the National Security Agency, transitioning from signals intelligence to becoming a CISO for critical infrastructure organizations, including New Mexico's Supreme Court and the Albuquerque water authority.
The conversation dives deep into the challenges of securing satellite systems with onboard intrusion detection and the persistent gap between IT and OT security teams. We also explore why the "castle wall" perimeter security model is dangerously outdated.
Dick reveals how AI is lowering the barrier to entry for both attackers and defenders, and discusses the real-world applications of satellite communications in oil and gas operations.
He also introduces a revolutionary physical layer-one air gap device called Goldilock Secure, which could transform how we protect remote industrial assets.
This episode is essential listening for CISOs, CTOs, and security leaders looking to understand emerging threats in space-based infrastructure and practical solutions for securing distributed industrial environments.
Chapters:
(00:00:00) - Dick's Journey: From NSA to Space Cybersecurity
(00:04:32) - What is Proof Labs and Why Space Security Matters
(00:08:15) - Satellites as OT Assets: Oil, Gas, and Critical Infrastructure
(00:12:47) - How Onboard Intrusion Detection Works in Spacecraft
(00:16:23) - The Castle Wall Problem: Moving Beyond Perimeter Security
(00:19:41) - IT vs OT: Bridging the Gap in Manufacturing Cybersecurity
(00:24:18) - AI's Impact: Lowering the Barrier for Attackers and Defenders
(00:27:35) - The Visibility Challenge: Why Most Plants Don't Know Their Assets
(00:30:12) - Goldilock Firebreak: A Physical Air Gap Device That Changes Everything
(00:35:20) - Real-World Applications for Remote Industrial Asset Protection

Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Dick Wilkinson on LinkedIn
Proof Labs Website
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design

Dino sits down with Adeel Shaikh Muhammad, a Dubai-based cybersecurity expert and researcher with 16+ years in IT and OT security. They dive into why IT and OT teams still can't communicate effectively.
The conversation reveals why most CISOs struggle to secure manufacturing environments. Adeel shares real-world insights from securing industrial systems across the Middle East, Africa, and Asia.
They tackle the implementation gap in OT SOCs and why legacy systems remain vulnerable. The discussion covers third-party access risks, OEM warranty restrictions, and system integrator challenges.
AI might finally solve IT-OT convergence by acting as a translator between these worlds. But first, organizations need to master the fundamentals: asset inventory, vulnerability management, and network segmentation.
Most companies still haven't nailed these basics in their industrial environments. This conversation cuts through the hype to focus on what actually works.
Chapters:
(00:00:00) - 16 Years in Cybersecurity: Why CISOs Don't Know What a PLC Is
(00:01:48) - Career Journey: From IT to OT Cybersecurity Focus
(00:02:48) - Books on AI Transforming Security Operations Centers
(00:04:44) - The Implementation Gap: Challenges Building OT SOCs
(00:06:40) - The IT-OT Cultural Divide and Missing Communication
(00:08:40) - Why the OT Ecosystem Must Proactively Bring Cybersecurity Tools
(00:10:00) - Can IT-OT Convergence Actually Happen?
(00:11:00) - AI as the Bridge: The Black Box Solution for IT-OT Communication
(00:12:42) - Legacy Systems Reality: Windows 7 Running $5M Equipment
(00:14:00) - OT Cybersecurity Conferences: S4, Intersec, and Rockwell Automation Fair
(00:16:00) - Market Consolidation: Who's Been Acquired in OT Security
(00:17:48) - Back to Basics: Asset Inventory, Vulnerabilities, and Network Segmentation
(00:18:40) - Third-Party Access Control and OEM Warranty Restrictions
(00:20:40) - Why We Can't Ignore Asset Inventory and Segmentation in OT Anymore

Links And Resources:
Adeel Shaikh Muhammad on LinkedIn
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on

Craig and Dino tackle one of industrial cybersecurity's most critical challenges in this Rewind episode: the massive gap between IT and OT patching strategies.
IT organizations patch constantly—think Patch Tuesday. OT environments rarely patch at all, creating dangerous vulnerability gaps across connected networks.
The hosts explore why this disconnect exists. Production floor downtime costs are astronomical, making patching a risky business decision.
OEM restrictions complicate matters further. Many vendors won't support systems or warranties after unauthorized updates.
Managing decades-old equipment alongside modern systems creates another layer of complexity. Legacy PLCs weren't designed with patching in mind.
The consequences of not patching are mounting. Insurance companies are tightening requirements and regulatory pressures are intensifying.
Craig and Dino offer practical solutions that don't require shutting down production lines. Virtual patching technologies can protect legacy control systems without traditional software updates.
The hosts emphasize the urgent need for IT-OT collaboration. All stakeholders—including OEMs and system integrators—must be part of strategic cybersecurity conversations.
This episode is essential listening for CISOs, plant managers, and anyone responsible for protecting industrial operations. The connected world isn't waiting for OT to catch up.
Chapters:
00:00:00 - Introduction to Patching Challenges
00:01:08 - IT vs OT Patching: Key Differences
00:02:55 - Understanding the Cost of Downtime in OT
00:03:32 - Overcoming Challenges with Legacy Systems
00:05:21 - Navigating OEMs and Safety Concerns
00:06:45 - The Role of Safety in OT Patching
00:08:52 - Exploring Virtual Patching Solutions
00:13:11 - Enhancing Vendor Collaboration and Risk Management
00:16:48 - Impact of Mergers and Acquisitions on Cybersecurity
00:18:33 - Addressing Insurance and Compliance Issues
00:20:12 - Significant Consequences of Not Patching
00:23:14 - Building an Effective Collaborative Cybersecurity Strategy
00:24:03 - Conclusion and Actionable Insights

Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn

This compilation episode brings together the most critical insights from Industrial Cybersecurity Insider conversations about the fundamental challenges plaguing OT security implementation and management.
Industry experts dissect why traditional IT security approaches fail catastrophically on the plant floor, revealing that the core issue isn't technology—it's ownership, collaboration, and understanding.
From the dangers of deploying endpoint detection without vendor qualification to the millions lost in unplanned downtime, this episode exposes the gap between security theory and operational reality.
Listeners will discover why cybersecurity tools are often shelfware, how the "have and have-not" world creates vulnerability gaps across manufacturing facilities, and what "left of boom" thinking means for preventing incidents before they happen.
Featuring hard-won lessons about shutdown windows, cyber-informed engineering, and the critical importance of building relationships between IT teams and plant floor operations, this episode delivers actionable intelligence for CISOs, plant managers, and anyone responsible for securing industrial control systems.
Chapters:
(00:00:00) - Introduction: The Core Problem of Ownership in OT Security
(00:01:45) - Why IT Security Approaches Fail on the Plant Floor
(00:04:30) - The Cloud Analogy: Lessons for OT Implementation
(00:07:15) - The Missing Conversation: Capital Plans and OEMs
(00:10:20) - IT vs OT Networks: Different Purposes, Different Risks
(00:13:35) - EDR in OT: The Aftermarket Parts Problem
(00:16:10) - Cyber-Informed Engineering: Building Security into Design
(00:19:45) - The Have and Have-Not World of Plant Security
(00:23:20) - Left of Boom: Visibility Beyond Security
(00:27:15) - Who Should Lead the OT Security Discussion

Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on

In this episode, Dino and Craig tackle one of manufacturing's most pressing challenges: the OEM blockade. They explore why brand-new equipment often ships with hundreds of unpatched vulnerabilities, how the gap between IT and OT teams creates operational blind spots, and why manufacturers can't rely on traditional IT solutions to secure their plant floors.
From the CrowdStrike incident that took down HMIs to the "ghost in the machine" causing unexplained downtime, they reveal why OT teams must take ownership of their cybersecurity posture and build partnerships with the right ecosystem of OT-focused service providers.
If you've ever wondered why your million-dollar machine center is running Windows 7 or why your cybersecurity reports don't match reality, this episode provides the answers—and a path forward.
Chapters:
(00:00:00) - The OEM Blockade Problem
(00:01:00) - Understanding OEM Software Lock and Remote Access
(00:03:00) - The Reality of Unpatched Vulnerabilities in New Equipment
(00:06:00) - The IT/OT Blockade and Convergence Challenges
(00:09:00) - Why IT Disciplines Don't Translate to OT Environments
(00:11:00) - The CrowdStrike Incident: What Really Happened on Plant Floors
(00:13:00) - The Lack of Due Diligence in Manufacturing M&A
(00:16:00) - Chasing the Ghost in the Machine
(00:19:00) - Process Integrity vs. Cybersecurity Tools
(00:22:00) - Why OT Teams Must Take Ownership and Build the Right Partnerships

Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify,