@BEERISAC: OT/ICS Security Podcast Playlist

Podcast: Safe Mode Podcast (LS 25 · TOP 10% what is this?)
Episode: Opportunistic by Default: How OT gets pulled into the blast radius
Pub date: 2026-01-29

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

In this episode of Safe Mode, we look at how opportunistic campaigns—often starting as loud disruption like DDoS—can probe for weak points and, in some cases, move closer to operational technology and industrial control systems. Using a recent Justice Department case tied to pro‑Russia hacktivist groups as a jumping-off point, we discuss what this pattern says about the OT threat landscape in 2025, from remote access and trust boundaries to engineering workflows and data integrity risk. Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, joins to explain what defenders should prioritize now to keep “noise” from becoming real-world operational impact.

The podcast and artwork embedded on this page are from Safe Mode Podcast, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Exploited: The Cyber Truth
Episode: Balancing Speed and Security: The Open Source Dilemma in Embedded Development
Pub date: 2026-01-29

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

In this episode of Exploited: The Cyber Truth, host Paul Ducklin is joined by RunSafe Security Founder and CEO Joseph M. Saunders and embedded systems expert Elecia White, host of Embedded.fm and author of Making Embedded Systems, to discuss the trade-offs of using open source in embedded development.

The conversation goes beyond debates about “open vs. proprietary” to explore how a single library can quietly introduce sprawling dependency chains, unclear maintenance responsibilities, licensing obligations, and long-term security exposure,  especially in devices expected to operate for years or decades.

Elecia and Joe share guidance for using open source intentionally, including how to set guardrails early, limit dependency blast radius, and design systems that can respond when vulnerabilities emerge, even when patching isn’t easy.

Together, they cover:

Why embedded teams don’t get burned by open source, they get burned by unexamined dependencies
How transitive dependencies and “helpful” packages quietly expand attack surface
Why professionalism, documentation, and disclosure practices signal trustworthy projects
Why build-time SBOMs matter more than after-the-fact analysis
How Secure by Design thinking reduces reliance on emergency patching

For embedded engineers, product leaders, and security teams balancing delivery pressure with long-lived risk, this episode offers advice for using open source without inheriting future incidents.

The podcast and artwork embedded on this page are from RunSafe Security, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: CYBR.SEC.CAST
Episode: OT.SEC.CAST – The OT.SEC.CON. Podcast with Mike Holcomb
Pub date: 2026-01-28

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

This week, Michael and Sam chat with educator, founder, and OT.SEC.CON opening keynote speaker Mike Holcomb! They discuss his free, in-person training coming up on March 31 in Houston, how—like many others—the movie WarGames played a role in his journey into the cybersecurity industry, and how his focus has shifted toward OT/ICS security education
Things Mentioned:
Mike’s site - https://www.mikeholcomb.com/
Mike’s YouTube Channel - https://www.youtube.com/@utilsec
BSides ICS - https://www.bsidesics.org/
Sign up for Mike’s free class on March 31, 2026 when you sign up for OT.SEC.CON. - https://www.xcdsystem.com/cybrseccommunity/attendee/index.cfm?ID=DwWuEm5
Register for Jeremiah Grossman's Webinar - https://www.cybrsecmedia.com/webinar/
Do you have a question for the hosts? Reach out to us at [email protected] 
Keep up with CYBR.SEC.CON.:
LinkedIn
X
Facebook
Instagram
Keep up with CYBR.SEC.Media:
LinkedIn
X
Facebook
Instagram
Check out our Conferences and Events:
CYBR.SEC.CON.
OT.SEC.CON.
CYBR.HAK.CON.
EXEC.SEC.CON.
CSC User Group
Support or apply to our Scholarship Program:
TAB Cyber Foundation
Subscribe to the podcast: 
Apple
Spotify
Listen to our other show:
CYBR.HAK.CAST
 In this episode:
Host: Michael Farnum
Host: Sam Van Ryder
Guest: Mike Holcomb
Production and editing: Lauren Andrus
Music by: August Honey

The podcast and artwork embedded on this page are from CYBR.SEC.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Industrial Cybersecurity Insider
Episode: The Patching Gap Putting Industrial Operations at Risk: IT vs OT
Pub date: 2026-01-27

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Craig and Dino tackle one of industrial cybersecurity's most critical challenges in this Rewind episode: the massive gap between IT and OT patching strategies.
IT organizations patch constantly—think Patch Tuesday. OT environments rarely patch at all, creating dangerous vulnerability gaps across connected networks.
The hosts explore why this disconnect exists. Production floor downtime costs are astronomical, making patching a risky business decision.
OEM restrictions complicate matters further. Many vendors won't support systems or warranties after unauthorized updates.
Managing decades-old equipment alongside modern systems creates another layer of complexity. Legacy PLCs weren't designed with patching in mind.
The consequences of not patching are mounting. Insurance companies are tightening requirements and regulatory pressures are intensifying.
Craig and Dino offer practical solutions that don't require shutting down production lines. Virtual patching technologies can protect legacy control systems without traditional software updates.
The hosts emphasize the urgent need for IT-OT collaboration. All stakeholders—including OEMs and system integrators—must be part of strategic cybersecurity conversations.
This episode is essential listening for CISOs, plant managers, and anyone responsible for protecting industrial operations. The connected world isn't waiting for OT to catch up.
Chapters:
00:00:00 - Introduction to Patching Challenges
00:01:08 - IT vs OT Patching: Key Differences
00:02:55 - Understanding the Cost of Downtime in OT
00:03:32 - Overcoming Challenges with Legacy Systems
00:05:21 - Navigating OEMs and Safety Concerns
00:06:45 - The Role of Safety in OT Patching
00:08:52 - Exploring Virtual Patching Solutions
00:13:11 - Enhancing Vendor Collaboration and Risk Management
00:16:48 - Impact of Mergers and Acquisitions on Cybersecurity
00:18:33 - Addressing Insurance and Compliance Issues
00:20:12 - Significant Consequences of Not Patching
00:23:14 - Building an Effective Collaborative Cybersecurity Strategy
00:24:03 - Conclusion and Actionable Insights

Links And Resources:
Want to Sponsor an episode or be a Guest? Reach out here.
Industrial Cybersecurity Insider on LinkedIn
Cybersecurity & Digital Safety on LinkedIn
BW Design Group Cybersecurity
Dino Busalachi on LinkedIn
Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Casos de Ciberseguridad Industrial
Episode: 3/4 Acciones en Monitorización de seguridad OT con telemetría del proceso
Pub date: 2026-01-26

Get Podcast Transcript →
powered by Listen411 - fast audio-to-text and summarization

Este episodio trata de las acciones prácticas: los primeros pasos para iniciar un proyecto de telemetría aplicada a la seguridad, la conexión con equipos de operación y mantenimiento, y el papel de los proveedores de automatización.

The podcast and artwork embedded on this page are from Centro de Ciberseguridad Industrial, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.