OT After Hours

In this episode of OT After Hours, Ken Kully (Delivery Readiness at Rockwell Automation) is joined Lance Lamont (Special Projects & Protocols Team Lead at Rockwell Automation), to bid a bittersweet farewell to Natalie Kalinowski, who is leaving Rockwell after 4 years to take on a new and exciting opportunity.
But leave it to Natalie to bring up one last timely topic, in this case the importance of using layered security strategies when defending OT environments.
Key Takeaways
Layered Security Strategies in OT Environments: When consistent patching and regular hardware update cycles are unavailable, layered security approaches become a vital means of defending operational technology (OT) environments, especially practices such as network segmentation, compensating controls, and other practical approaches to securing legacy devices.
Practical Security Recommendations and Tools: What are some actionable recommendations for OT security? There are many, including the use of change detection, network monitoring, and leveraging available frameworks and tools to enhance resilience.
Device Interoperability and Undocumented Vulnerabilities: Lance's team within the SecureOT family researches device interoperability, often discovering undocumented vulnerabilities in the things that keep plants running. This underscores the importance of not relying solely on published vulnerability databases.
Subscribe
Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts.
Get in Touch
🔗 LinkedIn | YouTube | X | Contact Us

In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT) is joined by Natalie Kalinowski (Network & Cybersecurity Specialist), and Mustafa Aamir (Application Consultant Cyber-NCS), for a timely discussion about the December 2025 cyber attack on Poland's power infrastructure, a contemporaneous physical infrastructure attack in Germany, and cyber attacks that have surrounded the recent war in Iran.
But it's not all doom and gloom! Many of these attacks follow a familiar script, exploiting basic vulnerabilities like lack of MFA and reused credentials; addressing these can significantly improve security posture. And many of these "low hanging" mitigations, such as changing credentials and implementing MFA, can be undertaken internally without extensive external support, enabling quick improvements.
Key Takeaways
Asset Management and Risk Analysis: Use "crown jewels" analysis, risk assessment, and understanding operational risk versus CVSS scores to prioritize protection of critical devices and vulnerabilities.
Basic Cyber Hygiene: Implement cybersecurity controls such as network segmentation, VLAN configuration, basic hardening, and eliminating static credentials; these measures are cost-effective and provide significant risk reduction.
External Expertise and Virtual Advisors: Bring in external consultants or virtual security advisors on a flexible basis to supplement in-house expertise, especially for organizations with diverse infrastructure and limited budgets.
Incident Response and Tabletop Exercises: Perform regular review and rehearsal of incident response plans, including tabletop exercises based on real-world attack scenarios, to evaluate preparedness and identify gaps.
Leveraging Open Source Intelligence: Use available tools to proactively identify exposed assets and low-hanging fruit, enabling operators to secure their attack surface before adversaries exploit it.
Subscribe
Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts.
Get in Touch
🔗 LinkedIn | YouTube | X | Contact Us

In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT), sits down with Rick Kaun (Global Director of Cybersecurity Sales), Natalie Kalinowski (Network & Cybersecurity Specialist), and Lance Lamont (Special Projects & Protocols Team Lead), for a lengthy discussion about IT/OT convergence, how Rockwell's SecureOT platform can enable and accelerate advanced security, asset management, and operational efficiency for Rockwell's clients, and why Verve was renamed to SecureOT late last year.
Key Takeaways
Rockwell's Secure OT Rebranding and Strategic Direction: What was behind the transition from Verve to Rockwell's SecureOT branding? What were the strategic motivations, the business strategy review process, and the implications for product positioning and market approach?
Secure OT Platform Capabilities and Value Proposition: What are the SecureOT Platform's technical capabilities? How can it serve as data repository, support advanced security, enable asset management, and drive operational efficiency for Rockwell's clients?
Secure Digital Operations (SDO) and IT/OT Convergence: What are Secure Digital Operations (SDO)? What is its organizational structure, and how can it help bridge the gap between IT and OT security practices within manufacturing environments?
Regulatory Environment and Security Program Evolution: How does SecureOT address the expanding regulatory landscape for critical infrastructure, the importance of defensible security decisions, and the shift from compliance-driven to programmatic security strategies.
Security Culture Versus Rules: What is the distinction between enforcing security through rigid rules versus fostering a culture of security?
Subscribe
Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts.
Get in Touch
🔗 LinkedIn | YouTube | X | Contact Us

In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT), sits down with Natalie Kalinowski (Network & Cybersecurity Specialist), Lance Lamont (Special Projects & Protocols Team Lead), Zach Woltjer (Technical Account Manager), and Rick Herzing (Systems Support Analyst)
The team reviews last year's predictions for 2025 in industrial cybersecurity, confirming that most came true and discussing their impact on hybrid workforces, regulatory compliance, AI integration, dynamic detection, zero trust, legacy device security, monitoring, and third-party risks. They then discuss emerging cybersecurity threats and trends for 2026, focusing on AI-driven attacks, deep fakes, mandatory MFA, compliance enforcement, insurance-driven resilience, and ongoing supply chain risks.
2025 Predictions Reviewed
Hybrid Workforce Risks: TRUE. The expansion of hybrid workforces has increased device risks, with companies adopting solutions like VPNs, MFA, and endpoint protection to mitigate new attack vectors.
Regulatory Compliance Challenges: PARTIALLY TRUE. The vagueness of some regulations, the struggle for end users to translate them into actionable metrics, and the slow pace of regulatory change, leave much to be desired.
AI Integration in Cybersecurity: TRUE. There has been growing use of AI in cybersecurity products. The SecureOT research team has found AI to be highly confident but only moderately accurate, underscoring the importance of human oversight.
Dynamic Detection and Zero Trust: TRUE. The shift from signature-based detection to dynamic methods due to adaptive malware, has been ongoing for years. Zero trust policies have become more prevalent.
Legacy Device Security and Obsolescence Planning: TRUE. The persistent challenge of securing legacy devices in industrial environments continues unabated.
Monitoring and Third-Party Risks: PARTIALLY TRUE. Combining passive and active monitoring tools is not on track to become a standard in OT cybersecurity. But there is growing concern over third-party risks and the mitigation thereof, especially with new compliance requirements like the Cyber Resiliency Act.
Predictions and Trends for 2026:
AI-Driven Cyber Attacks: We can expect to see more end-to-end AI cyber attacks. There is potential for increased automation and sophistication, including lateral movement into OT environments.
Deep Fakes and Social Engineering: We can expect to see an expansion in the ongoing threat posed by deep fakes and phishing, given the growing ease of generating convincing audio and images.
Mandatory MFA and Compliance Enforcement: We are unlikely to see truly mandatory MFA adoption; that legal compliance and fines may well be necessary for widespread adoption, especially in OT.
Insurance-Driven Cyber Resilience: Insurers may drive faster adoption of cyber hygiene practices by requiring verified resilience for coverage. Some companies may choose pay fines instead.
Supply Chain and Open Source Risks: The threat of supply chain infections, especially with increased AI-generated code contributions, will grow in the year to come. Organizations should focus on retaining skilled software engineers to validate code.
Subscribe
Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts.
Get in Touch
🔗 LinkedIn | YouTube | X | Contact Us

In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT), sits down with Natalie Kalinowski (Network & Cybersecurity Specialist), Tyler Bergman (Operations Team Lead) and Lance Lamont (Special Projects & Protocols Team Lead) to discuss the recently-concluded Rockwell Automation Fair.
And if you weren't able to attend Automation Fair, you can still find videos and presentations from it on the Rockwell YouTube channel.
Key Takeaways
Automation Fair is a major annual event held by Rockwell Automation, attracting both employees and customers. The event features workshops, tech demos, and product displays, not unlike a mini-CES for Rockwell, its partners, and its clients.
Workshops ranged from basic controller programming to advanced topics like CPWE design with Cisco and Powerflex fundamentals. Keynotes are a valuable way to gauge Rockwell's strategic direction, including the announcement of a $2 billion investment in a new greenfield facility in southeastern Wisconsin, set to open in 2028 as a showcase for automation, AI, robotics, and cybersecurity.
Numerous robotics demos at the Automation Fair, including collaborative robots (cobots), multi-brand robot arm interoperability, and advanced material handling systems.
Verve Industrial Protection has been rebranded to Rockwell Secure OT, which was a prominent presence in Rockwell's display area. Lots of conversations at the SecureOT booth, discussing asset inventory, risk analysis, and the new risk scoring features, while engaging with customers and IT/OT professionals to address practical use cases and integration challenges.
Vibrant event culture, including pin-collecting, and swag at the SecureOT booth, the role of casual interactions in networking, and the significance of shared spaces like the lunch hall in fostering connections among attendees.
Timestamps
00:36 – Preamble and recording kickoff
00:56 – Introductions by Lance, Tyler, and Natalie
01:37 – What is the Automation Fair, and where was it held?
04:54 – Robots, cobots, and robot inter-operatbility
18:04 – Workshops, keynotes, and collectible pins
27:26 – Massive space for lunch...and networking
28:11 – FIRST Robotics and Student Mentorship
32:25 – The SecureOT Booth Experience
46:24 – Wrap-ups, more robotics, and final takeaways
Subscribe
Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts.
Get in Touch
🔗 LinkedIn | YouTube | X | Contact Us