PrOTect It All

What happens when attackers target the systems that keep the lights on? In this episode of Protect It All, host Aaron Crow breaks down the December 2025 cyberattack on Poland’s energy infrastructure, where coordinated attackers disrupted wind farms, solar installations, and heat and power plants - impacting nearly half a million people. This real-world incident highlights the growing risks facing distributed energy resources (DER) and modern power grids. As energy systems become more connected and decentralized, the attack surface expands - often faster than security programs can adapt. Aaron walks through what actually went wrong: default passwords, unpatched devices, and weak network segmentation that allowed attackers to brick OT equipment and blind operators to what was happening in their own systems. You’ll learn: How attackers targeted renewable energy infrastructure at scale Why edge devices and distributed assets create new vulnerabilities The importance of eliminating default credentials and poor configurations Why network segmentation and secure remote access are essential What grid operators and OT teams must prioritize immediately How lessons from Poland apply to power grids worldwide For engineers, operators, and cybersecurity leaders responsible for critical infrastructure, this episode delivers practical insights on defending modern energy systems before attackers strike again. Tune in to understand what Poland’s grid attack reveals about the future of OT security - only on Protect It All. Key Moments:  04:57 "Corrupted Firmware Disables System Control" 10:01 DER Risks and Scaling Threats 10:55 Risks of Expanding Energy Grids 16:30 OT Security Vulnerabilities and Risks 18:34 Prioritize OT Security Systems 23:06 Change Default Passwords Immediately 24:49 "Critical ICS Security Measures" 30:15 "OT Cyber-Physical Response Plan" 32:56 "Critical Security Steps for Resilience" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

AI can accelerate cybersecurity - or accidentally expose it. In this solo episode of Protect It All, host Aaron Crow breaks down how cybersecurity professionals can safely integrate AI into their IT and OT workflows. As tools like ChatGPT, Copilot, and enterprise AI platforms become part of daily operations, the question isn’t whether to use AI - it’s how to use it responsibly. Aaron moves beyond buzzwords to focus on practical, everyday applications: automating reports, summarizing threat intelligence, drafting policies, enhancing documentation, and streamlining repetitive tasks. At the same time, he tackles the real concerns leaders face - data privacy, compliance, policy alignment, and shadow AI risks. You’ll learn: Where AI delivers immediate value in cybersecurity workflows How to automate without exposing proprietary or regulated data The difference between enterprise AI tools and public platforms How to align AI usage with corporate security policies Practical ways CISOs and analysts can boost productivity safely Why governance and awareness matter as much as innovation Whether you’re leading a security program or working hands-on in IT or OT environments, this episode delivers actionable strategies to use AI smarter—not riskier. Tune in to learn how to automate with confidence and stay ahead of the curve—only on Protect It All. Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

Passing an audit doesn’t mean you’re secure. In this episode of Protect It All, host Aaron Crow dives into one of the biggest misconceptions in operational technology: the belief that compliance equals protection. Using NERC CIP 15 as a real-world case study, Aaron explores why meeting regulatory requirements is only the starting point - not the finish line. A major focus of this conversation is OT network monitoring, especially the often-overlooked east-west traffic inside your environment. Many organizations monitor perimeter traffic while internal blind spots remain wide open. You’ll learn: Why compliance frameworks don’t automatically create security The real challenges of implementing NERC CIP 15 at scale Why internal network visibility (east-west monitoring) matters How to establish meaningful baselines in legacy OT environments The difference between audit success and operational resilience Why architecture, tooling, and skilled personnel must work together Whether you’re working in utilities, manufacturing, or critical infrastructure, this episode provides practical guidance on how to move beyond checklists and build security programs that truly reduce risk. Tune in to learn how to transform compliance requirements into real operational protection - only on Protect It All. Key Moments:  00:00 OT Security Blind Spots 05:15 "OT Security and Monitoring Challenges" 10:41 Aging Switches and Monitoring Challenges 13:16 OT Protocols and Infrastructure Challenges 15:42 "IT vs OT: Complexity Challenges" 18:03 "Balancing Compliance and Security" 21:57 Securing Critical Infrastructure Spaces Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast   To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

You can’t secure OT environments with checklists alone - you secure them with trust, clarity, and focused action. In this episode of Protect It All, host Aaron Crow sits down with OT security expert Dean Parsons to unpack what actually improves cybersecurity maturity in manufacturing, water, and wastewater environments. From remote access blind spots to outdated network architecture, they explore the practical gaps many organizations face - and how to fix them without massive budgets. A central theme? Tabletop exercises. Not as a compliance checkbox - but as a powerful tool to build collaboration between IT and OT teams, clarify roles, and stress-test real incident response plans before a crisis hits. You’ll learn: Why tabletop exercises accelerate OT maturity The importance of trust between engineers and IT teams How focusing on the SANS 5 Critical Controls drives meaningful progress Why visibility and architecture matter more than shiny tools How to improve OT security without overwhelming teams or budgets The human and process factors that determine response success Whether you’re leading OT security, managing critical infrastructure, or trying to bridge IT and engineering teams, this episode delivers practical, experience-backed strategies you can implement immediately. Tune in to learn how to strengthen OT security through people, process, and purposeful action - only on Protect It All. Key Moments:  03:57 "Improved IT-OT Collaboration Tabletops" 08:57 "ICS Security Priorities" 12:16 "Accelerating ICS Cybersecurity Programs" 15:07 Trusted Expertise Builds Credibility 17:28 "Engineering Role in Incident Response" 20:53 "Cybersecurity: Tabletops Gain Traction" 26:34 "Control Systems, Protocol Abuse Insights" 27:51 Secure Architecture Enables Network Visibility 33:07 "Targeted Network Monitoring Essentials" 35:23 Prioritize Critical Assets Strategically 37:50 "Bridging IT and OT Expertise" 41:56 Critical Infrastructure Security Risks 44:30 ICS Leadership and Threat Strategy 48:14 "Power Plant Walkthrough Insights" 52:02 Critical Cyber Asset Management 57:29 "SANS Courses: Essential and Valuable" About the guest :  Dean Parsons is a SANS Principal Instructor and the CEO and Principal Consultant of ICS Defense Force. Over the past two decades, Dean has built and led industrial cyber defense programs, conducted incident response and digital forensics in live plants and partnered with operators and engineers to maintain both safety and uptime across major industrial sectors. He helps organizations align investment and policy decisions with operational priorities, developing risk metrics and tabletop exercises that unify operations, engineering, and cybersecurity so organizations in any industrial sector can prioritize and measure what matters. How to connect Dean : https://www.linkedin.com/in/dean-parsons-cybersecurity Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X:

Shiny tools don’t break attackers in basic mistakes. In Episode 92 of Protect It All, host Aaron Crow sits down with Corey LeBleu, founder of Relix Security and seasoned penetration tester, for a candid look at what actually causes organizations to get compromised and why fundamentals still matter more than the latest security trends. Drawing from years of red-team and penetration-testing experience, Corey shares real stories from the field: forgotten printers, unmanaged IoT devices, legacy systems no one owns anymore, and misconfigurations hiding in plain sight. Together, Aaron and Corey unpack why asset visibility, patching, and change management continue to be the weakest links - even as AI and automation enter the security conversation. You’ll learn: Why old printers, IoT devices, and “temporary” systems are prime attack paths What most organizations misunderstand about pen testing and red teaming How poor asset inventory and change management undermine security programs The real risks behind shadow IT and unmanaged tools Where AI helps in pen testing and where experience still wins Why mastering the basics beats chasing new security gadgets every time Whether you’re a security professional, IT leader, or someone looking to break into cybersecurity, this episode delivers practical, no-nonsense lessons from the front lines - focused on what actually reduces risk. Tune in to hear why cybersecurity success still starts with the fundamentals - only on Protect It All. Key Moments:  03:57 Critical Infrastructure: Finding Vulnerabilities 06:44 "Cyber Risks from Hidden Devices" 11:25 Cybersecurity: Focus on Basics 16:09 Complex Systems Demand Continuous Testing 18:17 Understanding Complex System Security 22:54 "Testing: External vs. Internal" 24:12 Enterprise Challenges with AI Integration 27:40 AI Lowers Barriers for Hacking About the guest :  Corey LeBleu has built a career around application security testing, becoming deeply involved in integrating vulnerability assessments throughout the software testing lifecycle. Noticing shifts in industry practices, Corey observed major international financial institutions moving to routinely pentest every application- even legacy IBM systems - leading the way in robust cybersecurity practices. In contrast, Corey also highlights the challenges faced by manufacturing, where operational technology often suffers from outdated, vulnerable systems. Corey’s experience showcases the evolving landscape of application security, emphasizing the need for continuous testing and vigilance across diverse industries. How to connect Corey : https://www.linkedin.com/in/coreylebleu/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast

Remote access transformed overnight - and OT environments are still feeling the impact. In this episode of Protect It All, host Aaron Crow is joined by Steve Rutherford, VP of Sales at Hyperport and former military officer, for a candid conversation on how secure remote access in operational technology (OT) has evolved - and where it’s heading next. They unpack how COVID accelerated remote connectivity across critical infrastructure, why many traditional IT security tools fall short in OT environments, and what protection really looks like when safety, reliability, and uptime are non-negotiable. Drawing from military discipline and frontline OT experience, Steve shares a grounded perspective on managing risk in environments where failure has physical-world consequences. You’ll learn: How COVID permanently changed OT remote access expectations Why IT-first security approaches don’t translate well to OT The role of layered access controls and policy-driven permissions How dynamic access and trust scoring are reshaping OT security Where IT/OT convergence helps - and where it creates new risk What leaders must prioritize to balance access, safety, and resilience If you’re responsible for enabling remote access while protecting critical operations, this episode delivers real-world insight, practical guidance, and a forward-looking view of OT cybersecurity. Tune in to understand what secure OT access really requires in today’s threat landscape- only on Protect It All. Key Moments:  00:00 Securing Critical Infrastructure Access 03:59 "OT Mindset: Defense and Offense" 07:26 "Remote Access Challenges in Operations" 11:45 "Challenges in OT-IT Integration" 16:07 Authority Must Match Responsibility 18:23 Simplifying OT Authentication Challenges 21:53 "Dynamic Trust Scoring with AI" 24:05 "Access Control and Segmentation" 28:57 "Secure Access Without Overreach" 33:12 "Left of Boom Awareness" 35:56 OT Security and Local Control 39:35 "Driving Early Adoption Awareness" 41:54 "Proactive Support for Critical Infrastructure" 45:52 "Remote Work Enhances Team Efficiency" 47:17 "Exciting Tech for Cybersecurity" About the guest : Steve Rutherford is a former U.S. Army officer and aviator who transitioned his mission-driven mindset from military service to protecting critical infrastructure through operational technology (OT) security. After exploring multiple industries, Steve found a natural alignment between military operations and OT environments - where safety, reliability, and uptime are non-negotiable. Today, he works in secure user access for OT, helping organizations protect the systems that power modern life. How to connect steve :  Website : https://hyperport.io/ Linkedin: https://www.linkedin.com/in/steverutherford1/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall 

Remote access is no longer optional in OT - but unmanaged connectivity is one of the fastest ways to lose control of critical systems. In this episode of Protect It All, host Aaron Crow breaks down the real challenges of securing connectivity across IT and OT environments. As vendors, technicians, and support teams increasingly rely on remote access, many organizations struggle with poor visibility, legacy systems, and unclear network boundaries - creating unnecessary risk. Aaron walks through newly released secure connectivity guidance from CISA and the UK National Cyber Security Centre, translating an eight-point framework into practical, real-world steps that security and operations teams can actually implement. You’ll learn: Why remote access is one of the biggest OT risk multipliers How poor visibility creates blind spots attackers love Why asset inventory and documentation are foundational - not optional How segmentation and least-privilege design shrink the attack surface What compliance frameworks get right - and what they don’t Best practices for vendor access, MFA, session recording, and monitoring How to design secure connectivity without breaking operations Whether you’re responsible for OT security, managing vendors, or bridging IT and OT teams, this episode delivers actionable guidance to help you regain control of connectivity and protect critical infrastructure. Tune in to learn how to secure access without sacrificing operations - only on Protect It All. Key Moments:  01:11 "Secure Connectivity in OT" 05:10 "Reducing Attack Surface Through Access Limits" 10:02 "Control System Upgrade Failure Impact" 12:00 Beyond Passwords: Strengthening Security 17:16 "Strengthening Cybersecurity Basics" 18:26 "Balancing Compliance and Security" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

Small businesses aren’t too small to be targeted; they're often the first targets. In this episode of Protect It All, host Aaron Crow breaks down what cybersecurity really looks like for small and medium-sized businesses with limited resources. With nearly half of all cyberattacks aimed at SMBs and many companies never recovering, this episode focuses on what actually matters when budgets, time, and teams are tight. Aaron cuts through fear-based messaging and tool overload to share simple, affordable steps that can dramatically reduce risk without requiring a full security team or enterprise spend. You’ll learn: Why small businesses are prime cyber targets The most common mistakes that lead to catastrophic loss How basic policies and employee awareness stop most attacks Why multi-factor authentication, backups, and segmentation are non-negotiable How to prioritize cybersecurity when resources are limited Why resilience not perfection is the real goal Whether you’re a founder, business owner, or IT lead at a growing company, this episode gives you practical guidance you can act on immediately before a cyber incident forces your hand. Tune in to learn how to protect your business, your data, and your future only on Protect It All. Key Moments:  03:37 Cybersecurity Risks for Small Businesses 08:06 System Security and Backup Essentials 12:21 Cybersecurity: Prepare, Monitor, Survive 14:21 Efficient Device Monitoring Simplified 19:31 "Three-Two-One Backup Strategy" 20:20 "Planning Left of Bang" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

 Great cybersecurity programs aren’t built in a panic - they’re built through early planning, trusted relationships, and consistent execution. In this kickoff episode for 2026 of Protect It All, host Aaron Crow shares practical, real-world guidance on how cybersecurity leaders can avoid last-minute scrambles and instead build momentum that lasts all year. Drawing from years of experience across IT and OT environments, Aaron explains why people, trust, and planning matter more than any single tool or technology. This episode dives into how successful teams think ahead, budgeting wisely, engaging stakeholders early, and creating space for learning, networking, and collaboration beyond spreadsheets and ROI metrics. You’ll learn: Why starting early is the most underrated cybersecurity advantage How trust and relationships accelerate security programs Why investing in people over tools delivers better outcomes How to avoid procrastination and year-end panic The role of networking, conferences, and peer learning in long-term success How diversity, challenge, and momentum strengthen security teams What leaders should prioritize to make 2026 a year of progress - not firefighting Whether you’re planning budgets, building teams, or refining IT/OT security strategy, this episode delivers actionable guidance to help you move from intention to execution. Tune in and learn how to build a cybersecurity program that works all year long - only on Protect It All. Key Moments:  03:51 "Planning for Unforeseen Challenges" 09:02 "AI Automation: Challenges and Expectations" 10:21 "Budgeting: The Importance of Buffers" 16:16 "Diversity in Problem-Solving Approaches" 17:53 "Understanding Perspectives and Future Goals" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

AI is everywhere - but it won’t fix broken cybersecurity foundations. In this end-of-year wrap-up episode of Protect It All, host Aaron Crow takes a hard look at the growing hype around AI in cybersecurity and explains why fundamentals still matter more than any shiny new tool, especially in OT environments. Drawing from real-world experience and industry observations, Aaron challenges the belief that AI can compensate for missing basics like asset inventory, network segmentation, and clear ownership. He reframes AI as a powerful assistant not a savior and warns against the risks of rushing into automation without understanding what you’re protecting in the first place. You’ll learn: Why basic cybersecurity hygiene still determines success or failure How AI fits best when foundations are already in place The dangers of shadow AI in OT and industrial environments Why asset visibility and segmentation remain non-negotiable How leaders should think about AI as a support tool - not a shortcut What OT and IT teams should prioritize heading into 2026Whether you’re closing out the year or planning ahead, this episode delivers a grounded, experience-driven perspective on building resilient cybersecurity programs—without chasing hype. Tune in to hear why mastering the basics is still the smartest cyber strategy - only on Protect It All. Key Moments:  03:32 "Technology Complexity vs. Practicality" 09:33 "AI as an Entry-Level Intern" 12:29 "AI: A Powerful Team Tool" 16:24 "AI Alone Won't Fix Cyber" 19:34 "Mastering Basics Before AI Integration" 21:46 "Shadow AI and Resilience" 25:26 "Addressing Gaps and Ownership" 30:27 "Foundations Matter for Success" Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast  To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

AI promises transformation - but legacy technology, process gaps, and cyber risk often stand in the way. In this episode of Protect It All, host Aaron Crow sits down with veteran IT and cybersecurity leader Neil D. Morris, who brings over 30 years of experience across aerospace, defense, and energy sectors. Together, they cut through the hype to explore what really matters when modernizing technology and managing cyber risk in complex, real-world environments. Neil shares candid insights on why legacy systems still power critical operations, why replacing them isn’t as simple as it sounds, and how organizations can unlock real value from AI without increasing risk. The conversation dives into tech debt, regulation, ROI, and the often-overlooked role of process in successful transformation. You’ll learn: Why legacy systems aren’t going away anytime soon The hidden risks of chasing AI without strong foundations How to balance security, usability, and business value Why process and governance matter more than tools How IT leaders can communicate cyber and AI value in business terms Where AI creates opportunity - and where it creates new attack paths Whether you’re leading digital transformation, managing cyber risk, or advising the business on AI adoption, this episode delivers real talk and practical wisdom from the front lines of IT and OT leadership. Tune in to learn how to modernize responsibly, manage risk intelligently, and separate AI reality from hype only on Protect It All. Key Moments:  00:00 "Legacy Tech in Modern Firms" 06:22 "Technology, Change, and Customer Focus" 09:51 "Challenges in Articulating Cybersecurity Value" 12:27 "Tech Solutions Must Drive Value" 15:43 Sell Ideas Beyond the Code 19:03 "Ransomware Risks in Acquisitions" 24:02 Government, Services, and Compliance Debate 25:35 Balancing AI, Cybersecurity, and Regulation 30:33 BlackBerry's Downfall: Ignored Innovation 32:06 "Evolution and Misuse of AI" 34:45 "Opportunity to Lead Change" 37:52 "AI Without Guidance Backfires" 41:07 "AI: Smart but Context-Lacking" 46:45 "AI Empowering Business Transformation" 50:30 "Effortless Tech-Fueled Imitation" About the guest :  Neil D. Morris is a senior enterprise technology leader with 25+ years of experience in digital transformation, cybersecurity, and AI at scale. He currently serves as Head of IT at Redaptive and previously held CIO roles at Ball Aerospace and Maxar Technologies. Neil is known for guiding organizations through complex modernization efforts while balancing security, risk, and business value. How to connect Neil: https://www.linkedin.com/in/neildmorris/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:

Cybersecurity has evolved from an afterthought to a business-critical responsibility - and AI is accelerating that shift faster than most organizations are ready for. In this episode of Protect It All, host Aaron Crow sits down with Sue McTaggart, a cybersecurity leader with a software development background and more than 15 years of experience driving security transformation. Together, they explore how cybersecurity success today depends less on shiny new tools and more on culture, governance, and fundamentals done right. Sue shares her journey from developer to cybersecurity leader, offering real-world insights into embedding security thinking into everyday work - not bolting it on after something breaks. The conversation tackles the realities of AI adoption, the risks of over-automation, and why human oversight and curiosity remain essential in an increasingly automated world. You’ll learn: Why technology alone can’t fix cybersecurity problems How to embed a security-first mindset across teams and leadership What AI changes - and what it doesn’t - in cybersecurity governance The role of Zero Trust and foundational cyber hygiene Why people, process, and accountability prevent more breaches than tools How generational shifts and curiosity shape the future of cyber careers Whether you’re a security leader, technologist, or business decision-maker navigating AI adoption, this episode delivers grounded, practical wisdom for building resilience that lasts. Tune in to learn why strong cybersecurity still starts with people, not platform,s only on Protect It All. Key Moments: 01:12 Cybersecurity Evolution and Insights 03:51 "Cybersecurity Requires Culture Shift" 07:09 "Tech Failures and Curfew Challenges" 10:30 "Prioritizing Security in AI Development" 15:05 Cybersecurity's Role in Everything 19:37 "Everything is Sales" 23:54 Adapting Communication for Audiences 26:26 "Think Ahead, Stay Curious." 28:30 Tinkering and Curiosity Unleashed 31:32 "Gen Z: Redefining Work and Life." 36:17 Governing AI: Benefits and Risks 37:59 AI Needs Human Oversight 42:35 "AI's Role in Cybersecurity." 47:25 "Hackers Exploit Basic Vulnerabilities." About the guest: Sue McTaggart is a passionate educator and cybersecurity professional with a strong background in software development. Her curiosity and desire to raise awareness led her to transition from developing applications primarily in languages like Java in the early 2000s to the field of cybersecurity. Sue is dedicated to empowering others through education and strives to share her knowledge to help others better understand cybersecurity risks and solutions. She is honored and humbled by opportunities to speak about her work and continues to inspire those around her with her commitment to ongoing learning and public awareness. How to connect Sue: https://www.linkedin.com/in/sue-mctaggart-24604158/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: http...

The future of cybersecurity won’t be won by tools alone - it will be won by people, process, and smarter use of AI. In this episode of Protect It All, host Aaron Crow sits down with cybersecurity veteran Sharad Rai to explore how IT and OT security teams can reduce complexity, fight alert fatigue, and build stronger defenses through foundational practices and intelligent automation. Sharad brings decades of real-world experience - from early firewall management to leading large-scale security programs at major financial institutions. Together, Aaron and Sharad break down what actually works in cybersecurity today: simplifying policies, understanding user behavior, strengthening basics like patching, and leveraging AI for contextual decision-making. You’ll learn: Why human behavior is the root of both risk and resilience How AI can reduce complexity, noise, and alert fatigue What “good vs bad” looks like through an AI-driven, context-aware lens How policy overload cripples organizations - and how to fix it Why OT and IT security still depend on foundational hygiene The rise of browser-based security and Chrome as an endpoint What’s coming next: AI-driven phishing, contextual controls, and automated response Whether you're a security leader, practitioner, or just navigating modern cyber challenges, this episode will reshape how you think about defending systems and the people using them. Tune in to discover how AI, clarity, and human-centered design are shaping cybersecurity’s next chapter only on Protect It All. Key Moments:  06:21 "Cybersecurity Basics: Know the Layers" 09:49 "Defining Good to Block Bad" 13:03 Alarm Fatigue and Information Overload 14:01 Alarm Tuning and Data Utilization 19:02 RFID Tags and Process Frustration 23:03 Simplifying Cybersecurity for Success 25:18 "AI Optimizing Policy Adjustments" 27:33 "Tech Frustrations Then and Now" 31:46 Cloud Computing Transformed Everyday Work 36:05 Focus on Foundational Basics About the guest :  Sharad Rai is a cybersecurity leader and architect with over 20 years of experience securing some of the world’s most complex financial institutions. As Vice President of Security and Architecture at State Street, he leads regulatory-driven initiatives and delivers enterprise-wide cybersecurity programs across cloud, infrastructure, and endpoint platforms. Sharad has held key security roles at Morgan Stanley, BNP Paribas, Jefferies, and Foundation Medicine, with deep expertise in EDR, PAM, SASE, ZTNA, and cloud-native security. He is known for simplifying complexity, reducing risk, and bridging product, engineering, and executive teams. How to connect Sharad: https://www.linkedin.com/in/sharad-rai-cissp-a951a28 Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: htt...

Cyber incidents don’t just test your technology - they test your people, your processes, and your culture. In this episode of Protect It All, host Aaron Crow sits down with Daniel Swann, Cyber Incident Commander at Rockwell Automation, to pull back the curtain on what really happens during IT and OT incidents. With decades of experience across the U.S. Air Force, enterprise environments, and industrial operations, Daniel shares lessons learned the hard way - from managing chaos in real time to building a culture where teams can learn without blame. You’ll learn: Why documentation and scribe roles can make or break an incident response How blameless postmortems actually strengthen team performance What military-style discipline can teach us about OT and IT incident handling How to run effective tabletop exercises that expose real gaps The human factors - communication, clarity, ownership - that reduce downtime and panic Practical strategies to evolve your incident response plan before the next breach Whether you’re developing your first IR playbook or leading seasoned response teams, this episode delivers actionable, real-world insights that help you prepare, respond, and recover with confidence. Tune in for battle-tested wisdom from military operations to industrial control rooms - only on Protect It All. Key Moments:  00:00 "Protect IT/OT Cybersecurity Podcast" 03:30 Cybersecurity: Versatility Is Key 07:52 "Balancing Bureaucracy and Flexibility" 10:20 "Practice Makes Plans Effective" 14:17 "Learning While Doing" 18:44 "Document Key Info in Incidents" 19:46 "Versatile Team Role Importance" 22:45 "Tracking Lessons with Visibility" 28:34 Proactive Reporting Encouraged 29:33 Safe Reporting Prevents Phishing Incidents 32:52 "Bridging IT and OT Safely" 37:15 Team Collaboration Enhances Outcomes 41:00 Military Preparedness and Logistics Planning 42:59 Preparing for Unlikely Scenarios 47:20 AI Threats to OT Systems 48:32 "AI's Impact on Learning and Jobs" About the guest:  Daniel Swann is a seasoned Cyber Incident Commander at Rockwell Automation, bringing 17+ years of IT leadership and nearly a decade of cybersecurity experience. A U.S. Air Force veteran, he has led global cyber operations, responded to major vulnerabilities like Log4J, and driven large-scale improvements in incident response and vulnerability management. Daniel is highly certified, mission-driven, and recognized for building strong, resilient security teams. Links :  Video of Daniel Swann with Kate Vajda, Director of Vulnerability Research and Malware Threat Research, Dragos : https://www.youtube.com/watch?v=4zotgrPk8vI Connect with Daniel on LinkedIn : https://www.linkedin.com/in/j-daniel-swann/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube:

The cybersecurity job market is changing faster than ever - and the skills that mattered five years ago won’t carry you into the future. In this episode of Protect It All, host Aaron Crow sits down with Mark Sasson, Managing Partner at Pinpoint Search Group, to break down what the future of cybersecurity careers really looks like. From the rise of AI and automation to the growing importance of human skills, they uncover the new realities facing candidates, hiring managers, and leaders across IT and OT security. You’ll learn: Why soft skills, communication, and adaptability are now just as critical as technical expertise How AI is reshaping job searches, resumes, and candidate evaluation The shift between employer-driven and candidate-driven markets What separates standout candidates in today’s competitive landscape How startups think about hiring -  and what they won’t compromise on Practical steps to future-proof your cybersecurity career starting now Whether you’re entering cybersecurity, leveling up your role, or hiring your next team member, this episode delivers real-world, actionable insights to help you stay relevant  - and competitive in an evolving industry. Tune in to learn how to stay ahead in the cybersecurity job market of today and tomorrow  only on Protect It All. Key Moments:  04:14 Recruitment Growth and Funding Trends 06:42 Tangible Value in AI Age 12:18 "Stepping Outside the Comfort Zone" 15:16 "Growth Through Embracing Discomfort" 19:23 "Embracing Growth and New Challenges" 21:01 Balancing Growth and Bold Moves 25:14 "Breaking Into Tech: Sacrifice & Strategy" 27:40 Experience Beats Book Knowledge 32:13 Human Insight Beats AI in Hiring 34:45 AI Recruitment: Potential, Limits, Distinctions 39:37 "Reluctant Growth through Opportunity" 42:47 "AI Tools: Benefits and Downsides" 44:29 "Human-Centered Hiring Over AI" 50:12 "Human Connection Over Technology" 53:23 "Planning Your Next Step" About the guest:  Mark Sasson is the Managing Partner of Pinpoint Search Group, a recruitment firm specializing in helping innovators in emerging markets attract the talent needed to drive maturation, scale, and successful outcomes. In 2014, Mark launched Pinpoint’s Cybersecurity practice, where he and his team have successfully completed hundreds of executive and senior-level individual contributor searches for leading Cybersecurity vendors. Building on that success, Mark is now guiding Pinpoint’s expansion into the rapidly evolving Space sector. Connect Mark:  Website: https://pinpointsearchgroup.com/ LinkedIn: linkedin.com/in/markjsasson/Learn more about Cybersecurity Vendor M&A + Funding Roundups here : https://pinpointsearchgroup.com/cybersecurity-industry-reports/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/p...

Can your plant stay connected and completely secure? In this episode of Protect It All, host Aaron Crow teams up with Lior Frenkel, CEO and co-founder of Waterfall Security, to explore how industries are rethinking OT cybersecurity in the age of ransomware and AI-powered attacks. Together, they break down why traditional firewalls can’t fully protect industrial control systems and how unidirectional gateways (data diodes) are redefining safety for everything from nuclear plants to casinos. You’ll learn: What data diodes really are and how they physically block inbound attacks. Why “air gaps” are no longer enough for modern connected environments. How remote-access tools like HERA are enabling secure operations. Real-world stories of industries upgrading defenses without losing efficiency. Whether you manage critical infrastructure, handle OT security, or just want to understand how cyber-physical systems stay safe, this episode will give you a new appreciation for data flow, digital risk, and resilience. Tune in to discover the future of secure connectivity - only on Protect It All. Key Moments:  07:46 Balancing Security and Operational Data 16:25 "One-Way Data Flow Explained" 22:19 "Air Gap for Data Transfer" 27:44 Increasing Awareness of Security Threats 32:05 Challenges of Power Plant Management 35:29 Global Risks Require Local Understanding 44:44 "OT Security and Zero Trust" 48:24 "Remote Access vs On-Site Work" 55:48 "HERA: TPM-Powered Remote Access" 58:43 Encrypted Remote Access Streaming 01:05:32 Secure Remote Control for Infrastructure 01:13:00 "Solving Critical Incident Response Gaps"   About the Guest : Lior Frenkel is a globally recognized OT cybersecurity leader and the CEO/co-founder of Waterfall Security Solutions, the company behind the industry-standard Unidirectional Security Gateways protecting critical infrastructure worldwide. With 25+ years of cybersecurity expertise, multiple patents, and leadership roles across Israel’s top technology, industrial, and export organ...

What happens when AI meets cybersecurity - and the music industry? In this eye-opening episode of Protect It All, host Aaron Crow sits down with Hadi Heidari, a cybersecurity veteran turned tech entrepreneur, to explore the groundbreaking (and sometimes risky) ways artificial intelligence is reshaping both digital defense and creative innovation. From AI-driven SOC operations and threat detection to music creation, data privacy, and identity protection, Aaron and Hadi dive deep into how the same technologies fueling creativity are also rewriting the rules of cybersecurity. You’ll discover: How AI is transforming both cyber defense and music production. The hidden risks of data training, privacy, and model misuse. How startups like Tune Pack are empowering artists through ethical AI. Why balancing innovation with integrity matters more than ever. Whether you’re protecting critical infrastructure or composing your next track, this episode will challenge how you think about creativity, ethics, and security in the AI era. Tune in for an inspiring conversation that bridges tech and artistry, only on Protect It All. Key Moments: 06:34 AI: Opportunities and Regulation Challenges 09:57 AI Risks: Data Privacy Challenges 11:03 AI Education for Security Awareness 15:50 "AI Risks in Cybersecurity Actions" 18:54 "AI Trust and IAM Policies" 21:13 AI Decision-Making Ethical Dilemma 27:19 AI Oversight and Quality Control 30:34 AI Ethics in Data Training 31:30 AI Ethics: Consent and Data Use 35:43 Detecting AI-Generated Fakes 37:59 AI, Security, and Challenges 42:33 AI Revolutionizing Security Analysis 47:14 "Learning Daily in Tech Space" 50:58 "Embracing Change in Music Industry" About the guest :  Hadi Heidari is the founder of TunePact, an AI label service designed to support independent musicians. With over 20 years of experience in cybersecurity, Hadi’s journey into the music industry is an u...

Think your company’s private data is safe? Think again. In this episode of Protect It All, host Aaron Crow pulls back the curtain on one of cybersecurity’s most underestimated frontiers - Open Source Intelligence. He reveals how attackers leverage publicly available data from LinkedIn profiles to leak passwords, mapping out targets, infiltrating systems, and exploiting the human attack surface. Drawing from real-world incidents and years of experience across IT and OT security, Aaron explains: How Open Source Intelligence fuels social engineering and insider threat campaigns. Why protecting systems isn’t enough - you must protect people. How to use Open Source Intelligence proactively for threat modeling and risk mitigation. Steps to monitor your digital footprint and reduce exposure before it’s too late. Whether you’re a cybersecurity professional, executive, or simply digital-curious, this episode will change how you think about “public information.” Tune in to learn how Open Source Intelligence can both expose and empower your cybersecurity strategy - only on Protect It All. Key Moments:  06:17 Securing Domain Admin Accounts 09:09 Proactive Employee Security Monitoring 12:19 "Protecting Human Attack Surfaces" 16:48 "Enhancing Cybersecurity with Open Source Intelligence” 18:49 Exposed Data Response Process Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall 

In this episode of Protect It All, host Aaron Crow takes a hard look at one of the biggest blind spots in OT cybersecurity: legacy Windows environments still running inside plants, refineries, and utilities. From Windows XP to Windows 10’s upcoming end of support, Aaron breaks down why these systems persist, the true cost of “doing nothing,” and the high-stakes trade-offs between replacement, isolation, and risk mitigation. You’ll discover: Why outdated Windows systems remain critical yet dangerously exposed. The myths of “true air gaps” and why they don’t protect you anymore. Practical isolation tactics, segmentation, strict access control, and monitoring. How to manage asset visibility, vendor dependencies, and downtime risks. Whether you’re a cybersecurity leader, plant manager, or operations engineer, this episode is your roadmap to making smarter, safer decisions about legacy systems before they cause costly disruptions. Tune in to learn how to balance operations, cost, and security and protect your OT world from old-system vulnerabilities. Key Moments:  01:22 "End-of-Life Systems in OT" 04:15 Upgrading Systems in Regulated Industries 07:35 Reducing Risk with Network Segmentation 12:02 "Firewall Rules and System Security" 15:52 Understanding Risks in End-of-Life Systems 18:54 Securing Legacy Systems Effectively Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:

In this solo episode of Protect It All, host Aaron Crow delivers a straight-talk reality check on the widening IT–OT cybersecurity gap and what it really takes to protect the systems that keep the world running. With decades of experience defending critical infrastructure, Aaron exposes why many OT environments are still years behind in resilience and visibility - and how we can finally fix that. You’ll learn: The real incidents prove why OT cybersecurity can’t afford to lag. Why visibility and segmentation are non-negotiable for industrial systems. How to build an incident-response plan that works when the stakes are highest. Practical steps to strengthen resilience and recovery across critical operations. This episode isn’t about fear - it’s about preparation. If your work touches energy, transportation, manufacturing, or utilities, this one’s your wake-up call to act before disaster hits. Listen now and learn how to protect what truly keeps our world moving - only on Protect It All. Key Moments: 05:06 "Real Risks of Critical Disruptions" 06:16 Redefining OT System Boundaries 11:42 Troubleshooting Unknown System Issues 14:09 "Secure Remote Access Best Practices" 18:28 "Planning for Worst-Case Scenarios" 19:36 Critical Infrastructure Under Cyber Threat   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: