@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: Smashing Security (LS 55 · TOP 0.5% what is this?)
Episode: High-speed train hacks and homicidal lawnmowers
Pub date: 2026-05-20

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

A 23-year-old radio enthusiast spent £300 on a piece of kit from the internet, and used it to bring four packed high-speed trains to a screeching halt. His defence in court? Possibly the most creative excuse we've heard all year.
Meanwhile, owners of $4,000 robot lawnmowers are discovering that their gadget can be hijacked over the internet, redirected at journalists who foolishly lie down in front of it, and used to harvest Wi-Fi passwords, email addresses, and GPS coordinates. Change the default password? Sure - until the next firmware update silently resets it back.
Plus - don't miss our featured interview with XBOW's Brendan Dolan-Gavitt about how AI is transforming penetration testing.
All this and more in episode 468 of the "Smashing Security" podcast with cybersecurity expert and keynote speaker Graham Cluley, and special guest Geoff White.

EPISODE LINKS:

Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom - TechCrunch.
Man accused of stealing Beyoncé’s unreleased music takes guilty plea - ABC News.
Shai-Hulud code drop: Open season for supply chain attacks- ReversingLabs.
Student hacked Taiwan high-speed rail to trigger emergency brakes - BleepingComputer.
Polish teen derails tram after hacking train network - The Register.
The Cheap Radio Hack That Disrupted Poland's Railway System - WIRED.
The man with an army of Yarbo robot lawn mowers - The Verge.
Ever been run over by a robot? I have - for science! - TikTok.
RD280UA 28” WQXGA BenQ Programming Monitor with Backlight and Flexible Arm - BenQ.
Kai Shun DM-0708 combination sharpening stone, grain 300/1000 - Knives and Tools.
AI-Assisted ICS Attack on a Water Utility - Dragos.
Adversaries Leverage AI for Vulnerability Exploitation, Augmented Operations, and Initial Access - Google Cloud Blog.
Smashing Security merchandise (t-shirts, mugs, stickers and stuff)

SPONSORS:
Vanta - Expand the scope of your security program with market-leading compliance automation… while saving time and money. Smashing Security listeners get $1000 off!
XBOW - The autonomous offensive security platform that helps security teams scale. Start a pentest today.
OPSWAT - Read Benny Czarny's book, "Cybersecurity Upside Down", to rethink how you protect your organization from file-based threats, including those powered by AI.

SUPPORT THE SHOW:
Tell your friends and colleagues about “Smashing Security”, and leave us a review on Apple Podcasts or Podchaser.
Become a supporter! Join Smashing Security PLUS via Patreon or Apple Podcasts for ad-free episodes on our early-release feed!

FOLLOW THE SHOW:
Follow us on Bluesky or Mastodon, or on the Smashing Security subreddit, and visit our website for more episodes.

THANKS:
Theme tune: "Vinyl Memories" by Mikael Manvelyan.
Assorted sound effects: AudioBlocks.

Privacy & Opt-Out: https://redcircle.com/privacy

The podcast and artwork embedded on this page are from Graham Cluley, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Emerson Automation Experts (LS 24 · TOP 10% what is this?)
Episode: Protecting Critical Infrastructure: NERC CIP-015-01 and Internal Network Security Monitoring (INSM)
Pub date: 2026-05-20

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

We unpack what the NERC CIP-015-01 standard requires, the compliance timelines utilities must plan for, and the practical challenges of deploying monitoring inside operational technology environments.

The podcast and artwork embedded on this page are from Emerson Team, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: ICS Cyber Talks Podcast
Episode: Liron Ner VP Engineering & Oren Valdman ResiliOTech product manager @DVplan on Cyber Risk Assessment
Pub date: 2026-05-19

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

השגרה המקובלת בעולמות אבטחת המידע מבוססת על מחזוריות מתמדת: ביצוע סקר סיכוני סייבר, גיבוש תוכנית פעולה, תיקון פערים ומבדקי חדירות – תהליך החוזר חלילה מדי 12 עד 18 חודשים.

למרות ההתקדמות הטכנולוגית בתחום הגנת הסייבר, סקר סיכוני הסייבר נותר אחד התהליכים הבודדים שכמעט ולא השתנו. הוא עדיין נשען במידה רבה על הידע האישי של הסוקר, מומחיותו והמתודולוגיה הנבחרת על ידו. בעתיד הקרוב מגמה זו עשויה להשתנות, עם כניסתם לשימוש של מודלי שפה גדולים במוצר כמו רזיליוטק לעיבוד תשובות משאלונים והצלבתן מול מתקפות סייבר בפועל, סקרי סיכונים אחרים ותקני התעשייה המקובלים.

נחשון פינקו מארח את לירון נר, סמנכ"ל הנדסה וטכנולוגיה, ואת אורן ולדמן, מנהל מוצר רזילויוטק בחברת די.וי פלאן בדיון על אופטימיזציה של סקרי סיכוני סייבר במטרה להשיג תוצאות טובות יותר, תוכניות עבודה יישומיות ותיקון פערים אפקטיבי.

 

The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity Insider
Episode: OT Security Isn't an IT Problem: What it Takes to Get it Right
Pub date: 2026-05-19

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Craig sits down with Wil Klusovsky, a 26-year cybersecurity veteran and CRO at viLogics, to break down why asset visibility and exposure management are the foundation of any solid OT security strategy.
From the myth of the air-gapped shop floor to the real-world math behind quantifying cyber risk in dollars and cents, Will and Craig explore how manufacturers can move beyond fear-based selling, bridge the gap between IT and operations, and build programmatic cybersecurity that protects both production uptime and the bottom line.
They discuss how to frame cyber risk as business risk, why compensating controls and context matter more than raw vulnerability numbers, and why the CISO's real job is "chief inside selling officer."
Chapters:
(00:00:00) - Welcoming Will to the Podcast!
(00:02:12) - Why Asset Visibility Is the Starting Point for OT Security
(00:03:48) - The Air Gap Myth and Legacy Systems on the Shop Floor
(00:04:52) - Translating Cyber Risk Into Dollars and Cents
(00:07:05) - Quantifying Downtime: Mean Time to Recovery and True Cost of Ownership
(00:09:55) - Risk Appetite: Spend to Mitigate or Accept the Exposure?
(00:11:32) - Who Really Owns the Risk? Executives, Not CISOs
(00:13:00) - Uptime, OEE, and Why Cybersecurity Risk Is Business Risk
(00:15:45) - Remote Access Risks and Competing Priorities on the Shop Floor
(00:18:04) - The "Chief Inside Selling Officer" — Getting Buy-In Before Budget
(00:19:48) - The Get Out of Jail Free Card: Aligning Incentives Across Teams
(00:22:30) - Context Over CVE Counts: 600 Critical Vulns, Zero Exploitable
(00:25:42) - Prioritizing Remediation by Business Impact, Not Severity Score
(00:26:30) - Wrap-Up and Part 2 Preview: Business Impact Analysis

Links And Resources:
Wil Klusovsky on LinkedIn
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: PrOTect It All (LS 27 · TOP 10% what is this?)
Episode: AI in OT Cybersecurity: Real-World Risks, Smarter Defenses & the Future of Critical Infrastructure
Pub date: 2026-05-18

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

AI is rapidly transforming cybersecurity but are critical infrastructure environments ready for what comes next?

In this episode of Protect It All, host Aaron Crow sits down with longtime colleague and cybersecurity expert Clark Liu to explore how artificial intelligence is reshaping both IT and OT security operations.

From incident response and compliance frameworks to workforce shifts and operational resilience, Aaron and Clark unpack the real-world opportunities and very real risks of integrating AI into industrial environments.

Together, they tackle the evolving role of frameworks like NERC CIP and NIST, the challenges of balancing compliance with actual security outcomes, and how organizations can responsibly adopt AI without increasing exposure.

You’ll learn:

How AI is changing OT and IT cybersecurity operations

The role of AI in incident response, documentation, and monitoring

Why compliance frameworks alone don’t guarantee resilience

The risks of adopting AI without strong operational foundations

How organizations can prepare for AI-powered threats and workforce changes

Practical insights for balancing innovation, budgets, and security priorities

Whether you’re leading OT security, managing critical infrastructure, or evaluating AI adoption in your organization, this episode delivers practical guidance for navigating cybersecurity’s next major shift.

Tune in to learn how AI is transforming cyber defense and what organizations must do to stay resilient only on Protect It All.

Key Moments; 

05:33 Understanding cybersecurity compliance frameworks

07:11 Overlooked vulnerabilities in systems

09:59 Balancing multiple firewall vendors

15:17 Delegating tasks to AI

19:11 Importance of documenting commits

21:51 Hospital system shutdown crisis

25:11 AI uncovering software vulnerabilities

26:37 Engineers implementing AI in automation

31:26 AI tools and personal security

32:55 Password security practices

36:46 Using AI for basic tasks

39:38 Transition to off-the-shelf software

42:29 Going back to basics with appliances

47:02 Excitement About Future AI Capabilities

Guest Profile : 

Clark Liu is a veteran OT cybersecurity expert and one of the original contributors to the NERC CIP standards. With nearly two decades in energy and critical infrastructure security - including leadership roles at EY and GALLO - Clark specializes in OT risk management, compliance strategy, and securing industrial operations from the plant floor to the cloud.

How to connect Clark: 

LinkedIn :  https://www.linkedin.com/in/clarkliu/

Connect With Aaron Crow:

Website: www.corvosec.com 

LinkedIn: https://www.linkedin.com/in/aaronccrow

Learn more about PrOTect IT All:

Email: [email protected] 

Website: https://protectitall.co/ 

X: https://twitter.com/protectitall 

YouTube: https://www.youtube.com/@PrOTectITAll 

FaceBook:  https://facebook.com/protectitallpodcast

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.