What happens when the CISO inherits responsibility for the security of the plant floor?

Dino and Craig discuss a growing trend: CISOs are being expected to oversee cybersecurity for industrial plant floors. Unfortunately, they don't have the background to effectively take on this responsibility.

A perpetuating trend exists where cybersecurity leaders are expected to protect factories and industrial assets without the authority, tools, or support to do so effectively.

In this conversation, Dino and Craig explain why traditional IT security approaches don’t work in these environments, and how things like outdated equipment, disconnected systems, and outside vendors make the challenge even harder.

From weak remote access tools to the confusion around who actually manages plant security, this episode shines a light on the hidden risks most companies overlook.

Whether you're in IT, operations, or a leadership role, you’ll walk away with a better understanding of how to approach cybersecurity in complex industrial settings.

You'll also gain insights into the steps you can take to protect your people, your technology, and your bottom line.

Chapters:

• 00:00:00 - Kicking Off: Smart Tool Choices Start Here
• 00:01:02 - When CISOs Inherit the Factory Floor
• 00:02:17 - Making Friends with OEMs and Integrators
• 00:04:47 - Why OT Security Is a Whole Different Beast
• 00:08:50 - Cyber Budgets: Where’s the Money Really Coming From?
• 00:13:10 - How to Actually Roll Out Security in the Plant
• 00:18:35 - VPNs Aren’t Enough: Fixing Remote Access
• 00:24:42 - What OT Incident Response Really Looks Like
• 00:27:17 - Wrapping It Up: Strategy, Buy-In, and What’s Next

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this rewind episode, cybersecurity leaders revisit some of the hardest-hitting truths about protecting critical infrastructure in an increasingly converged IT/OT world.

This conversation explores the disconnect between IT theory and OT reality, from the real-world fallout of the CrowdStrike disruption to the challenges of virtual patching, insider threats, and the cloud’s role on the plant floor.

The discussion exposes how legacy systems, poor collaboration, alert fatigue, and vendor dependency continue to sabotage industrial cybersecurity.

They discuss tactical strategies for improving, from asset inventory and patching hygiene to choosing the right partners and walking the plant floor.

Chapters:

• 00:00:00 - Cyber threats are moving faster than your patch cycle
• 00:00:47 - Crowdstrike, Virtual Patching and Industrial OT Environments with Debbie Lay, TXOne Networks
• 00:07:48 - The #1 Myth Putting Your Industrial OT Assets at Risk
• 00:15:01 - Patch Management and Software Updates: IT versus OT

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino and Craig tackle one of the most misunderstood topics in industrial cybersecurity: IT/OT convergence.

But is it truly convergence or more of a collision?

Drawing from real-world experiences, they challenge the idea that OT is a “shadow IT group” and argue that operational technology deserves distinct governance, funding, and strategic influence.

From secure-by-design to system integrators' evolving role, this conversation is a call to action for CISOs, CIOs, and engineering leaders to rethink how they build cybersecurity partnerships across the plant floor.

Chapters:

• 00:00:00 - Opening Shot: Who’s Really in Charge—CIOs or the Plant Floor?
• 00:00:57 - Collision Course: IT and OT Can’t Keep Dodging Each Other
• 00:01:52 - Two Worlds, One Mission: Why OT Isn’t Just “IT in a Hard Hat”
• 00:04:07 - When Convergence Fails: What’s Missing in the Middle
• 00:05:54 - Breaking Silos: Why Cybersecurity Demands True Collaboration
• 00:08:22 - Real Talk: What Cyber Protection Looks Like on the Plant Floor
• 00:10:46 - OT’s Tipping Point: Will the Next Move Come from IT, or the Shop Floor?
• 00:17:32 - Your Move: What Leaders Must Do Next (Before It’s Too Late)

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this special rewind edition of Industrial Cybersecurity Insider, we revisit some of the most powerful insights shared on how to elevate OT cybersecurity across complex, distributed environments.

From budget allocation strategies to disaster recovery frameworks and the nuances of executive engagement, this episode distills frontline lessons into a compact, high-impact listen.

Whether you're navigating remote access risks, managing hybrid architectures, or striving to align plant managers with corporate cybersecurity goals, these reflections are a roadmap for driving resilience and maturity in your OT security strategy.

Chapters:

• 00:00:00 - Rewind Kickoff: From Blind Spots to Bold Predictions
• 00:00:46 - The A-Z of Industrial Cybersecurity for OT Environments with Industry Expert Bryson Bort
• 00:10:57 - Gartner, DOGE, and the Future of OT Cybersecurity Policy
• 00:21:38 - Uncovering Blind Spots in OT Cybersecurity

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino and Craig tackle one of the most misunderstood challenges in cybersecurity for industrial environments. The persistent disconnect between IT-led cybersecurity tools and operational technology realities.

They explore the concept of "shadow OT," as well as the limits of traditional IDS deployments.

They discuss why visibility is key to protecting critical systems. Vulnerability scanning alone isn't enough.

Real world case studies reveal how failing to engage OT teams derails cybersecurity strategies.

One case involved rogue servers causing daily production failures. Another featured misconfigured modules choking brewery operations. These examples show that even the most advanced strategies fail without OT team involvement.

For leaders in manufacturing, utilities, and critical infrastructure, this is a must-listen conversation. It's about redefining risk management through OT-first thinking.

Chapters:

• 00:00:00 - When Machines Stop, Money Bleeds: The Downtime Dilemma
• 00:00:47 - Shadow IT or Ingenious OT? Rethinking Rogue Tech
• 00:02:29 - Cybersecurity Isn’t Enough: The OT Risk You’re Missing
• 00:04:37 - Server Ghosts & Brewery Blunders: Fixing What IT Can’t See
• 00:06:41 - Visibility is Power: Using the Tools You Already Own
• 00:09:50 - IT vs. OT: Breaking Silos, Building Alliances
• 00:13:28 - Final Thoughts: Who Really Owns OT Security?

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this special rewind episode we highlight outside influences shaping control system integrity, the impact of AI, emerging technologies, and the dynamics of building a career in OT cybersecurity.

Drawing from frontline experiences and industry events like the S4 Conference, the discussion explores the growing organizational shift toward dedicated OT cybersecurity roles.

We address the critical need for alignment between capital and operational expenditures, and the importance of selecting technologies that provide actionable visibility across diverse plant environments.

Listeners will gain strategic guidance on integrating cybersecurity into capital planning, addressing asset variability across sites, and implementing scalable, non-disruptive security frameworks.

From OT-specific IDS deployment to balancing remote access with zero-trust principles, this episode offers practical, forward-looking advice.

Whether you're a practitioner or a decision-maker, focused on securing extended IIoT environments while maintaining operational resilience, this episode covers practical and relatable challenges and solutions.

Chapters:

• 00:00:00 – A Strategic Rewind: Exploring the Emerging Roles, Budget Realities, and Lessons Learned in OT Cybersecurity
• 00:00:41 - Gartner, DOGE, and the Future of OT Cybersecurity Policy
• 00:12:12 - The Future Looks Bright : Building a Career in OT Cybersecurity
• 00:22:44 - AI, Global Trends, and More: A Glimpse into the Future of OT Cybersecurity with Claroty

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino sits down with Mike Holcomb, Fellow and Director of ICS/OT Cybersecurity at Fluor, to explore the critical, and often overlooked challenges in securing operational technology.

From his early fascination with hacking culture to leading OT security for one of the world’s largest engineering firms, Mike shares personal insights and lessons learned.

The conversation covers the delayed cybersecurity maturity in OT environments and the lasting impact of the Colonial Pipeline breach.

They address the crucial role of visibility, engineering partnerships, and cultural buy-in when building secure industrial systems.

Whether you’re managing pipelines, power grids, or manufacturing floors, this episode delivers actionable insights and strategic foresight for leaders protecting our most vital infrastructure.

Chapters:

• 00:00:00 - Why OT Security Still Falls Behind
• 00:01:03 - Mike Holcomb’s Unlikely Path to Cybersecurity
• 00:01:23 - Hacking Curiosity and a Love for Breaking Things
• 00:02:16 - From Network Admin to OT Defender
• 00:03:08 - Stuxnet, Colonial, and the Wake-Up Calls We Ignored
• 00:06:18 - When OT and IT Don’t Speak the Same Language
• 00:12:14 - Threats Are Getting Smarter — Are We Keeping Up?
• 00:26:29 - Evolving the Culture of Cyber Hygiene
• 00:32:14 - Final Takeaways for Security Leaders

Links And Resources:

• Mike Holcomb on LinkedIn
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Dino welcomes Kevin Kumpf, Chief OT/ICS Security Strategist at Cyolo to this episode. They discuss the growing challenges and evolving strategies around cybersecurity in industrial environments.

Kevin shares a seasoned perspective on bridging the gap between IT and OT, busting myths about Zero Trust certifications, and the dangers of underutilized security tools - or "shelfware."

From real-world examples involving breweries, milk production, and energy plants, the conversation uncovers how lack of visibility, broken remote access practices, and aging systems create critical vulnerabilities.

Most importantly, Kevin offers actionable advice for CISOs, CTOs, and plant managers on building resilient cybersecurity frameworks without disrupting operations.

Don't miss this episode full of practical advice from industry experts.

Chapters:

• 00:00:00 - Kicking Off: Why OT Cybersecurity Can't Wait
• 00:01:18 - Meet Kevin Kumpf: From Bank Vaults to Industrial Battlegrounds
• 00:02:56 - Hard Truths About Securing Operational Technology
• 00:06:42 - Shelfware Syndrome: Why Tools Fail Without Strategy
• 00:12:09 - Plant Managers, Vendors, and the Battle for Cyber Resilience
• 00:23:56 - Remote Access Exposed: The Hidden Risks Inside Your Plant
• 00:30:58 - Closing Thoughts: Building Stronger, Smarter Industrial Defenses

Links And Resources:

• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!