@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: Casos de Ciberseguridad Industrial
Episode: 3/4 Acciones de la Resiliencia Colectiva en el Sector Ferroviario
Pub date: 2026-05-18

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

En este episodio se aborda la gestión práctica de riesgos, superando el enfoque basado puramente en el cumplimiento documental. Se analizan los mecanismos contractuales e industriales más efectivos para garantizar la ciberseguridad a lo largo de todo el ciclo de vida del proyecto y se comparten casos reales donde la colaboración estrecha entre operadores, fabricantes […]

The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Exploited: The Cyber Truth
Episode: The Next Cyber Crisis Won’t Be One Hospital—It Could Be the Entire Health System
Pub date: 2026-05-14

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security CEO Joe Saunders and Greg Garcia, Executive Director for Cybersecurity of the Health Sector Coordinating Council (HSCC) Cybersecurity Working Group, to examine how ransomware, third-party dependencies, and interconnected healthcare infrastructure are shaping cyber risk across the healthcare sector.

Drawing on experience spanning DHS, critical infrastructure protection, and healthcare cybersecurity coordination, Garcia explains how disruptions at a single vendor or service provider can cascade across hospitals, pharmacies, insurers, and patients nationwide.

Together, they explore:

Why healthcare cyber risk is shifting from isolated breaches to systemic disruption
How ransomware and third-party compromises create cascading operational impacts
Lessons from the Change Healthcare ransomware attack
The growing challenge of securing connected healthcare systems and medical devices
Why patching alone cannot keep pace with modern cyber threats
The role of collaboration and resilience in protecting critical healthcare infrastructure

From healthcare providers and medical device manufacturers to policymakers and critical infrastructure leaders, this episode explores what organizations must understand to prepare for the next generation of healthcare cyber threats.

The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity Insider
Episode: OT Cybersecurity: Is the Purdue Model Still Useful?
Pub date: 2026-05-12

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Is the Purdue Model outdated, or simply misunderstood? In this episode, Dino sits down with Ken Kully (Rockwell Automation) for a candid, practitioner-level conversation about what the Purdue Model still gets right.
They discuss where it falls short in modern environments, and why “IT/OT convergence” remains more of a people-and-process challenge than a technology problem.
They break down the reality on the plant floor: long-lived legacy systems, inconsistent architectures across sites, limited maintenance windows, and the operational consequences of downtime.
The discussion also tackles the everyday friction points: MFA, shared operator accounts, unmanaged vendor laptops, and remote access “surprises”, and why you can’t improve OT security posture without a trustworthy asset inventory and segmentation that keeps systems “in their lane.”
Chapters:
(00:00:00) Intro + why this Purdue conversation matters now
(00:01:00) Ken’s background: from process environments to OT cyber delivery readiness
(00:04:00) The big question: has the Purdue Model outlived its usefulness?
(00:07:00) Framework vs. strict blueprint: “Purdue enough” in real plants
(00:09:00) IT/OT convergence: why it’s a people + process problem (not tech)
(00:12:00) The “silver tsunami” and why security UX fails on the plant floor
(00:15:30) MFA, shared logins, and why “security gets in the way” still shows up
(00:18:00) Legacy reality: Windows 98/7 boxes, vendor lock-in, and downtime economics
(00:21:00) Discovery first: diagrams, configs, and why documentation is always missing
(00:23:30) Purdue as a map: brokering traffic, one-up/one-down, and the “3.5” DMZ
(00:26:00) When devices try to “escape the box”: unexpected outbound comms + exposure risk
(00:28:30) Vendor/OEM access: the unmanaged laptop problem in OT
(00:32:00) Asset inventory as the unlock: you can’t defend what you don’t know exists
(00:34:00) Why IT often won’t “crawl the plant,” and what that means operationally
(00:36:30) Scale problem: 30 plants, 30 realities—standardize globally, execute locally
(00:38:30) The SI/OEM “third leg”: why trusted integrators are key to sustainable OT security
(00:40:30) Closing + crossover: continuing the discussion on Ken’s OT After Hours podcast

Links And Resources:
Kenneth Kully on LinkedIn
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 27 · TOP 10% what is this?)
Episode: EP 86: The Trusted Channel: AT Command Exploits and Cellular IoT Security
Pub date: 2026-05-12

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Cellular modules in your IoT devices are trusted and that trust can be an insecure  pivot point into your network for attackers. Deral Heiland, Principal Security Research for IoT at Rapid 7 discusses his presentation at RSAC 2026 on AT command exploits and supply chain risk.

The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: OT Security Made Simple
Episode: Das digitale Nervensystem: Warum Gebäudeautomation echte OT ist | OT Security Made Simple
Pub date: 2026-05-12

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Klaus Mochalski und Tim Bauer (ak-itsga) diskutieren den blinden Fleck in Smart Buildings. Erfahren Sie, warum Gebäudeautomation knallharte OT ist, weshalb die Branche der Industrie-Security um Jahre hinterherhinkt und warum Auftraggeber das Thema ab sofort zwingend in ihre Lastenhefte schreiben müssen.
Mehr zum Thema OT Security Made simple findet Ihr auf rhebo.com oder schreibt uns mit Euren Ideen, Fragen oder Gastvorschlägen an [email protected].  

The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.