OT After Hours

In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT) is joined by Natalie Kalinowski (Network & Cybersecurity Specialist), and Mustafa Aamir (Application Consultant Cyber-NCS), for a timely discussion about the December 2025 cyber attack on Poland's power infrastructure, a contemporaneous physical infrastructure attack in Germany, and cyber attacks that have surrounded the recent war in Iran. But it's not all doom and gloom! Many of these attacks follow a familiar script, exploiting basic vulnerabilities like lack of MFA and reused credentials; addressing these can significantly improve security posture. And many of these "low hanging" mitigations, such as changing credentials and implementing MFA, can be undertaken internally without extensive external support, enabling quick improvements. Key Takeaways Asset Management and Risk Analysis: Use "crown jewels" analysis, risk assessment, and understanding operational risk versus CVSS scores to prioritize protection of critical devices and vulnerabilities. Basic Cyber Hygiene: Implement cybersecurity controls such as network segmentation, VLAN configuration, basic hardening, and eliminating static credentials; these measures are cost-effective and provide significant risk reduction. External Expertise and Virtual Advisors: Bring in external consultants or virtual security advisors on a flexible basis to supplement in-house expertise, especially for organizations with diverse infrastructure and limited budgets. Incident Response and Tabletop Exercises: Perform regular review and rehearsal of incident response plans, including tabletop exercises based on real-world attack scenarios, to evaluate preparedness and identify gaps. Leveraging Open Source Intelligence: Use available tools to proactively identify exposed assets and low-hanging fruit, enabling operators to secure their attack surface before adversaries exploit it. Subscribe Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | X | Contact Us

In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT), sits down with Rick Kaun (Global Director of Cybersecurity Sales), Natalie Kalinowski (Network & Cybersecurity Specialist), and Lance Lamont (Special Projects & Protocols Team Lead), for a lengthy discussion about IT/OT convergence, how Rockwell's SecureOT platform can enable and accelerate advanced security, asset management, and operational efficiency for Rockwell's clients, and why Verve was renamed to SecureOT late last year. Key Takeaways Rockwell's Secure OT Rebranding and Strategic Direction: What was behind the transition from Verve to Rockwell's SecureOT branding? What were the strategic motivations, the business strategy review process, and the implications for product positioning and market approach? Secure OT Platform Capabilities and Value Proposition: What are the SecureOT Platform's technical capabilities? How can it serve as data repository, support advanced security, enable asset management, and drive operational efficiency for Rockwell's clients? Secure Digital Operations (SDO) and IT/OT Convergence: What are Secure Digital Operations (SDO)? What is its organizational structure, and how can it help bridge the gap between IT and OT security practices within manufacturing environments? Regulatory Environment and Security Program Evolution: How does SecureOT address the expanding regulatory landscape for critical infrastructure, the importance of defensible security decisions, and the shift from compliance-driven to programmatic security strategies. Security Culture Versus Rules: What is the distinction between enforcing security through rigid rules versus fostering a culture of security? Subscribe Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | X | Contact Us

In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT), sits down with Natalie Kalinowski (Network & Cybersecurity Specialist), Lance Lamont (Special Projects & Protocols Team Lead), Zach Woltjer (Technical Account Manager), and Rick Herzing (Systems Support Analyst) The team reviews last year's predictions for 2025 in industrial cybersecurity, confirming that most came true and discussing their impact on hybrid workforces, regulatory compliance, AI integration, dynamic detection, zero trust, legacy device security, monitoring, and third-party risks. They then discuss emerging cybersecurity threats and trends for 2026, focusing on AI-driven attacks, deep fakes, mandatory MFA, compliance enforcement, insurance-driven resilience, and ongoing supply chain risks. 2025 Predictions Reviewed Hybrid Workforce Risks: TRUE. The expansion of hybrid workforces has increased device risks, with companies adopting solutions like VPNs, MFA, and endpoint protection to mitigate new attack vectors. Regulatory Compliance Challenges: PARTIALLY TRUE. The vagueness of some regulations, the struggle for end users to translate them into actionable metrics, and the slow pace of regulatory change, leave much to be desired. AI Integration in Cybersecurity: TRUE. There has been growing use of AI in cybersecurity products. The SecureOT research team has found AI to be highly confident but only moderately accurate, underscoring the importance of human oversight. Dynamic Detection and Zero Trust: TRUE. The shift from signature-based detection to dynamic methods due to adaptive malware, has been ongoing for years. Zero trust policies have become more prevalent. Legacy Device Security and Obsolescence Planning: TRUE. The persistent challenge of securing legacy devices in industrial environments continues unabated. Monitoring and Third-Party Risks: PARTIALLY TRUE. Combining passive and active monitoring tools is not on track to become a standard in OT cybersecurity. But there is growing concern over third-party risks and the mitigation thereof, especially with new compliance requirements like the Cyber Resiliency Act. Predictions and Trends for 2026: AI-Driven Cyber Attacks: We can expect to see more end-to-end AI cyber attacks. There is potential for increased automation and sophistication, including lateral movement into OT environments. Deep Fakes and Social Engineering: We can expect to see an expansion in the ongoing threat posed by deep fakes and phishing, given the growing ease of generating convincing audio and images. Mandatory MFA and Compliance Enforcement: We are unlikely to see truly mandatory MFA adoption; that legal compliance and fines may well be necessary for widespread adoption, especially in OT. Insurance-Driven Cyber Resilience: Insurers may drive faster adoption of cyber hygiene practices by requiring verified resilience for coverage. Some companies may choose pay fines instead. Supply Chain and Open Source Risks: The threat of supply chain infections, especially with increased AI-generated code contributions, will grow in the year to come. Organizations should focus on retaining skilled software engineers to validate code. Subscribe Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | X | Contact Us

In this episode of OT After Hours, Ken Kully (Systems Support Lead for Rockwell SecureOT), sits down with Natalie Kalinowski (Network & Cybersecurity Specialist), Tyler Bergman (Operations Team Lead) and Lance Lamont (Special Projects & Protocols Team Lead) to discuss the recently-concluded Rockwell Automation Fair. And if you weren't able to attend Automation Fair, you can still find videos and presentations from it on the Rockwell YouTube channel. Key Takeaways Automation Fair is a major annual event held by Rockwell Automation, attracting both employees and customers. The event features workshops, tech demos, and product displays, not unlike a mini-CES for Rockwell, its partners, and its clients. Workshops ranged from basic controller programming to advanced topics like CPWE design with Cisco and Powerflex fundamentals. Keynotes are a valuable way to gauge Rockwell's strategic direction, including the announcement of a $2 billion investment in a new greenfield facility in southeastern Wisconsin, set to open in 2028 as a showcase for automation, AI, robotics, and cybersecurity. Numerous robotics demos at the Automation Fair, including collaborative robots (cobots), multi-brand robot arm interoperability, and advanced material handling systems. Verve Industrial Protection has been rebranded to Rockwell Secure OT, which was a prominent presence in Rockwell's display area. Lots of conversations at the SecureOT booth, discussing asset inventory, risk analysis, and the new risk scoring features, while engaging with customers and IT/OT professionals to address practical use cases and integration challenges. Vibrant event culture, including pin-collecting, and swag at the SecureOT booth, the role of casual interactions in networking, and the significance of shared spaces like the lunch hall in fostering connections among attendees. Timestamps 00:36 – Preamble and recording kickoff 00:56 – Introductions by Lance, Tyler, and Natalie 01:37 – What is the Automation Fair, and where was it held? 04:54 – Robots, cobots, and robot inter-operatbility 18:04 – Workshops, keynotes, and collectible pins 27:26 – Massive space for lunch...and networking 28:11 – FIRST Robotics and Student Mentorship 32:25 – The SecureOT Booth Experience 46:24 – Wrap-ups, more robotics, and final takeaways Subscribe Follow and subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | X | Contact Us

In this episode of OT After Hours, Lance Lamont, Special Projects & Protocols Team Lead, sits down with Tyler Bergman (Operations Team Lead) and Richard Melito (Senior Software Engineer) to discuss Richard's history at Verve and now Rockwell, the development process for Verve's software, and what standout features are in version 1.42 of the Verve Security Center (VSC). This episode was recorded at the end of September, but was under embargo until the release of VSC 1.42. Timestamps 00:00 – Introduction and explanation of episode embargo 01:46 – Introductions by Lance, Tyler, and Richard 03:07 – What is the Verve Development Gathering? 17:30 – Richard Melito's career trajectory 27:11 – "Software With Consequences" - real-world impacts of critical software 30:54 – The Integrations team and what they do, and Richard's current role 33:32 – Risk Management in VSC 1.42 and custom asset risk scoring 39:12 – Richard's thoughts on software and application development 42:24 – Wrap-ups, future podcast ideas, and the challenges of marketing Subscribe Follow and Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | Twitter/X | Contact Verve | Listener Q&A

In this episode of OT After Hours, host Ken Kully, Systems Support Lead at Verve Industrial, sits down with Zach Woltjer and Connor Murphy, Technical Account Managers at Rockwell Automation to explore how the U.S. Department of Defense's SkillBridge program is helping veterans transition into civilian careers in OT cybersecurity. Zach shares how his own journey through SkillBridge not only eased his transition out of the military but also inspired him to help set up the program at Verve. Connor recounts his path from military intelligence into OT security, proving that determination, adaptability, and soft skills can open doors—degree or no degree. Together, their stories highlight how military training and mindsets translate into critical skills for protecting industrial infrastructure. Key Takeaways SkillBridge as a bridge: A program designed to help military personnel transition smoothly into civilian careers, including cybersecurity roles. Soft skills are critical: Strategic thinking, adaptability, and communication—often honed in the military—translate directly to success in OT security. From intel to OT security: Zach and Connor share how experiences in military intelligence prepared them for cybersecurity careers. The value for companies: SkillBridge allows organizations to bring in talented veterans, "test drive" potential hires, and diversify teams with unique backgrounds. Degree not required: Connor's success story emphasizes that curiosity, drive, and continuous learning matter as much as formal education. Timestamps 00:00 – Introduction and overview of career-focused mini-sodes 02:30 – Introducing Zach Woltjer and Connor Murphy 03:08 – What the SkillBridge program is and why it matters 07:40 – Zach's path: military service, mentors, certifications, and SkillBridge experience 13:57 – Bringing SkillBridge to Verve and recruiting Connor into the program 17:20 – Connor's journey: transitioning out of the Air Force, overcoming doubts, and gaining new skills 24:18 – How SkillBridge works for companies: processes, intermediaries, and benefits 32:29 – Why veterans should consider SkillBridge when transitioning out 34:52 – Challenges of shifting from military to civilian culture 36:34 – Final reflections on SkillBridge and its impact on careers in OT cybersecurity Guest Information Zachary Woltjer: Technical Account Manager at Rockwell Automation. A U.S. Air Force veteran who helped establish the SkillBridge program at Verve, bridging military expertise with civilian OT cybersecurity needs. Connor Murphy: Technical Account Manager at Rockwell Automation. An Air Force veteran who transitioned into OT cybersecurity through SkillBridge, now focused on supporting clients and advancing his cybersecurity career. Subscribe Follow and Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | Twitter/X | Contact Verve | Listener Q&A

In this episode, we trace the career of Tyler Bergman, Operations Team Lead at Rockwell Automation (formerly Verve Industrial), whose early fascination with computers and programming sparked a path that led through SCADA operations, utility cooperatives, and consulting before finding a home in OT cybersecurity. Join host Ken Kully, Systems Support Lead at Verve Industrial, as Tyler shares how persistence, hands-on experience, and a thirst for knowledge shaped his expertise—and why networking fundamentals are the backbone of OT security. Key Takeaways A lifelong passion for technology: From programming on a TRS-80 as a child to building custom systems for nonprofits, Tyler's curiosity and drive shaped his technical foundation. SCADA and utility experience: Years spent in municipal and cooperative environments provided hands-on exposure to the OT landscape long before "OT security" was a defined field. The value of persistence: Earning a CCNA after multiple attempts showed the resilience required to keep advancing in cybersecurity. Networking as the cornerstone: Understanding networks and how devices present themselves is one of the most critical skills in OT security. Bridging OT and IT: Tyler's background gave him unique insight into why protecting critical infrastructure requires a balance of availability, reliability, and security. Timestamps 00:00 – Early fascination with robotics, the TRS-80, and programming in BASIC 03:06 – High school years, military service, and starting a consulting business 05:46 – Transition into networking, SCADA operations, and pursuing certifications 12:01 – Cybersecurity experiences, OT systems, and utility cooperative work 14:03 – Joining Verve Industrial and focusing on OT cybersecurity 18:30 – Reflections on career path, lifelong learning, and excitement for future challenges Guest Information Tyler Bergman: Lead of the Field Deployment Team at Rockwell Automation (formerly Verve Industrial). With more than two decades of experience spanning SCADA operations, utilities, consulting, and networking, Tyler brings deep insight into the intersection of operational technology and cybersecurity. Passionate about hands-on problem solving, persistence in learning, and building secure critical infrastructure. Subscribe Follow and Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | Twitter/X | Contact Verve | Listener Q&A

In this episode, we follow the unique career journey of Natalie Kalinowski, Network & Cybersecurity Specialist at Verve Industrial, from teaching snowboard lessons to managing complex industrial network security. Join host Ken Kully, Systems Support Lead at Verve Industrial, as Natalie shares how international internships, early career programs, and continuous learning shaped her expertise—and her advice for anyone looking to break into OT security. Key Takeaways Career pivots can start anywhere—Natalie's path began on the slopes and in hands-on engineering internships across the Dominican Republic and Germany. Rockwell Automation's EDGE program provided foundational OT automation skills, bridging the gap from theory to real-world application. Continuous upskilling through certifications (CISSP, CCNA, FEMA courses) and self-directed study is key to keeping pace in a fast-evolving field. Strong communication skills—especially with global teams—are as critical as technical knowledge in OT security. For newcomers: pursue foundational certifications, gain experience in IT or OT support roles, and immerse yourself in industry news and terminology. Timestamps 00:00 – Introduction & early jobs: teaching snowboarding and discovering manufacturing 02:10 – Engineering studies at Marquette University & global internships (Dominican Republic, Germany) 04:15 – Why manufacturing offered the variety and challenge Natalie wanted 05:30 – Joining Rockwell Automation through the EDGE early-career program 07:20 – Gaining hands-on experience in networks, automation, and OT environments 09:00 – Transitioning to network and cybersecurity focus 10:15 – Rockwell's acquisition of Verve and upskilling in cybersecurity 13:00 – Certifications and training: PSIRT, CVSS, CCNA, FEMA, CISSP prep 15:40 – Overcoming imposter syndrome and building communication skills 19:05 – Working with global teams and adapting communication for non-native English speakers 21:00 – Advice for newcomers: certifications, entry-level IT/OT roles, learning the lingo, and staying informed Guest Information Natalie Kalinowski: Network & Cybersecurity Specialist at Verve Industrial with a background in computer engineering, global manufacturing internships, and OT network design. Passionate about continuous learning, cross-cultural communication, and mentoring new entrants into the cybersecurity field. Subscribe Follow and Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | Twitter/X | Contact Verve | Listener Q&A

In this episode, we explore how an embedded-systems engineer became the leader of Verve's Special Projects & Protocols team—and what his journey says about recruiting, culture, and continuous learning in OT security. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guest Lance Lamont, Manager for Special Projects & Protocols, as they discuss career pivots, protocol reverse-engineering, and building low-ego teams that thrive on curiosity. Key Takeaways Transferable skills matter: deep protocol expertise from product engineering can power OT-security research Flexibility attracts talent: "We want you for your skills, not your hours" sealed Lance's mid-pandemic move to Verve Low ego, high curiosity: teams grow faster when members admit mistakes and chase answers together Diverse entry points strengthen outcomes: mixing maker-space tinkerers, robotics alumni, and anime-inspired problem-solvers yields broader perspective Timestamps 00:00 – Introduction and sound check 00:05 – From touch-screen drivers to a LinkedIn message that changed everything  02:45 – Turning down (then accepting) the offer: balancing parenting and remote work  05:20 – "Skill collector" mindset and early protocol wins  07:10 – Maker-space leadership and the value of empowering others  09:38 – Imposter feelings, confidence, and the culture of asking questions  11:30 – Hiring for curiosity and low ego: what Lance looks for in new team members  13:00 – Closing thoughts on continuous learning and career growth Guest Information Lance Lamont: Manager, Special Projects & Protocols at Verve Industrial. Former embedded developer (power tools, automotive, touchscreens) who now leads a multidisciplinary research team reverse-engineering OT communication protocols. Subscribe Follow and Subscribe for more episodes on Apple Podcasts, Spotify, YouTube, or wherever you get your podcasts. Get in Touch 🔗 LinkedIn | YouTube | Twitter/X | Contact Verve | Listener Q&A

In this episode, we trace an unlikely career pivot from fine‑dining bartender to the helm of Verve's OT cybersecurity lab. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guest Andrew Wintermeyer, Team Lead, Device & Integration Research, as the latter discusses breaking into the field, learning on the fly, and why forgotten manuals can be more dangerous than zero‑days. Key Takeaways Curiosity compounds — an hour of self‑study each week can snowball into deep expertise. Real‑world OT risks often hide in "maintenance" passwords and long‑running configs. A safe testing lab accelerates learning and de‑risks production environments. Soft skills from hospitality — patience, improvisation — translate surprisingly well to cybersecurity. Timestamps 00:00 – Introduction 00:05 – Holiday bartending burnout sparks a career rethink 01:40 – Six‑week help‑desk contract at Madison Power & Electric turns into a year 02:40 – Landing at Verve as a COVID‑era lab assistant 03:13 – First solo day in the lab: imposter syndrome & safety scares 03:50 – The breakthrough that changed everything 04:59 – Finding your place in the field 05:20 – Sunday‑night learning ritual and compounding knowledge 06:30 – What happens in the field matters Guest Information Andrew Wintermeyer: OT Security Specialist and lead for Verve's North American lab. Former bartender turned Java programmer, now wrangles PLCs, SCADAPack, and virtualization stacks to keep client environments safer. Subscribe Follow and Subscribe Get in Touch 🔗 LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

In this episode, we take a look at how Verve Reporting, and in particular its ability to search and filter logs, can be useful for high-level forensic investigation. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Dustin Gogue (Technical Account Manager), Andrew Wintermyer (Team Lead, Device & Integration Research) and Zach Woltjer (ICS Security Specialist) as they dive into how Verve Reporting helped identify user account management and authentication issues. Key Takeaways Proper user account hygiene (especially timely user off-boarding) is a key component of a robust security strategy. Maintaining named user accounts for key personnel is important for non-repudiation during investigations. OT software is sometimes installed in a way that binds its services or application authentication to a particular user account, which can present a challenge when and if that user needs to be off-boarded. The ability to collect, filter, and search event logs quickly and easily is a key component of forensic and incident investigation. Timestamps 00:00 – Introduction and sound check 00:27 – Welcome to Season Two of OT After Hours 00:37 – Guest introductions: Dustin, Andrew & Zach 01:30 – Quick overview of what logs are 02:19 – Why logs are important to digital forensics 04:43 – Dustin steps through the process of investigating an influx of logs and discovering key issues 12:50 – Identifying an improperly off-boarded user account within the authentication logging data 13:30 – The complexities of user off-boarding in OT environments 16:32 – Zach on incorporating user account privileges and user employment status into risk calculations 24:15 – Value of the Verve Reporting platform and roundtable discussion 32:33 - Outtro and thank yous Guest Information Dustin Gogue: Technical Account Manager at Verve Industrial Andrew Wintermyer: Device & Integration Research Team Lead at Verve Industrial Zach Woltjer: ICS Security Specialist at Verve Industrial Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

In this episode, we grapple with a deceptively simple question: in an operational technology environment, which element of the CIA triad—confidentiality, integrity or availability—should reign supreme? Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski (OT Security Analyst), Tyler Bergman (Industrial Cybersecurity Engineer) and Zach Woltjer (ICS Security Specialist) as they debate real-world incidents, legacy system constraints and industry priorities that shape how we secure critical infrastructure. Key Takeaways Availability often takes center stage in OT—downtime can cost millions and trigger regulatory shutdowns. Integrity attacks (like Stuxnet-style tampering) are scarier than outright outages: misleading data can hide dangerous conditions. Confidentiality matters too—information gathering paves the way for future, highly targeted attacks. In practice, availability and integrity are inseparable: validating data flow can bolster both pillars simultaneously. A holistic, risk-based "crown jewels" assessment helps organizations focus on the devices and data that matter most. Timestamps 00:00 – Introduction and sound check 00:43 – Welcome to Season Two of OT After Hours 01:06 – Guest introductions: Natalie, Tyler & Zach 04:00 – Defining confidentiality, integrity and availability 07:57 – Tyler on why availability skyrockets in OT environments 11:53 – Natalie on integrity attacks and the legacy of Stuxnet 25:05 – Ken and team explore integrity-based attack scenarios and encryption trade-offs 39:47 – Natalie on confidentiality's long-term impact (Ukraine grid outages, HAVoC) 43:04 – Roundtable closing thoughts: tying availability & integrity together 47:12 – Outro and how to submit your questions Guest Information Natalie Kalinowski: OT Security Analyst at Verve Industrial, specializes in vulnerability management and threat research. Tyler Bergman: Industrial Cybersecurity Engineer at Verve Industrial, expert in SCADA availability and risk mitigation. Zach Woltjer: ICS Security Specialist at Verve Industrial, focuses on OT-IT convergence and strategic assessments. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

In this episode, we explore how often OT teams really need to refresh asset-inventory data and what MITRE's near-miss funding lapse for the CVE program means for vulnerability management. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski (OT Security Specialist), Lance Lamont (Team Lead, Special Projects & Protocols), Andrew Wintermeyer (Senior ICS Architect), and Tyler Bergman (Principal Security Consultant) as they discuss scan cadences, change-detection value, and building redundancy into threat-intel pipelines. Key Takeaways Context drives cadence. Fan speed may need minute-level polling, firmware often does not. Redundancy is resilience. Blend NVD, CISA, MITRE, and vendor advisories to survive feed outages. CVE is a language, not the cure. Losing it wouldn't add vulnerabilities, but it would cripple prioritization. Change detection turns inventory data into real-time alerts for unauthorized config tweaks. Timestamps 00:00 – Introduction and sound check 03:30 – Why "asset-data freshness" landed on today's agenda 04:10 – MITRE CVE funding scare: what happened and why it matters 10:50 – OT vs. IT views on vulnerability backlog and enrichment 18:00 – Mapping scan frequency to business need 24:40 – Change management and configuration-drift detection 33:00 – Diversifying data sources beyond NVD 38:50 – The proposed "CVE Foundation" for long-term stability 42:40 – Building redundancy into threat-intel pipelines 44:50 – Listener poll results: hard-rock "Legacy Code" wins 46:15 – Sign-off and credits Listener Q&A We're happy to announce that the hard rock version of Legacy Code on the Conveyor Belt was far-and-away the fan favorite! Download it now! Guest Information Natalie Kalinowski: OT Security Specialist at Verve Industrial; leads proof-of-value engagements and vulnerability mapping. Lance Lamont: VP, Solutions Engineering at Verve Industrial; directs driver development and asset-inventory strategy. Andrew Wintermeyer: Senior ICS Architect at Verve Industrial; designs secure network architecture for critical infrastructure. Tyler Bergman: Principal Security Consultant at Verve Industrial; focuses on risk prioritization and framework alignment. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

In this episode, we explore the complexities of asset management in operational technology (OT) security. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Tyler Bergman, Zachary Woltjer, Natalie Kalinowski, and Lance Lamont as they discuss the challenges of tracking and securing assets in industrial environments, the impact of legacy systems, and the best strategies for improving visibility and resilience. Key Takeaways Asset management is a foundational element of OT security, yet many organizations struggle with visibility. Manual, passive, and active asset discovery each have unique benefits and limitations. IT/OT convergence presents additional challenges in integrating and securing legacy systems. The right combination of asset discovery methods is critical for maintaining security and operational efficiency. Organizations must balance security with practicality when implementing asset inventory strategies. Listener Q&A Cast your vote for your favorite version of Legacy Code on the Conveyor Belt! Version 1: https://suno.com/song/0fdc46c7-38b2-4c37-b390-9f2d54843e7a?sh=55oBq3xyYmqjUYRO Version 2: https://suno.com/song/550ed070-758d-4398-8a06-7e57fe8e19f8?sh=eQsUbG7WrF8iJdgS  Want to ask a question for the experts at Verve to answer? Let us know! Timestamps 00:00 – Introduction and sound check 06:00 – Why asset management is critical to OT security 10:30 – The impact of legacy systems on asset visibility 15:20 – Manual asset discovery: Pros, cons, and best practices 22:10 – Passive asset discovery: Leveraging network traffic for insights 30:55 – Active asset discovery: Gaining deeper visibility without disrupting operations 40:30 – IT/OT integration challenges and strategies 50:10 – Closing thoughts and recommendations Guest Information Tyler Bergman: Operations Manager, providing insights into the practical challenges of cybersecurity in industrial environments. Zachary Woltjer: Customer Success Specialist at Verve Industrial, with expertise in helping organizations implement OT cybersecurity solutions. Natalie Kalinowski: Cybersecurity Specialist, bringing research-driven insights into network security and asset discovery. Lance Lamont: OT Security & Asset Management Expert, discussing best practices for inventorying and securing critical assets. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

In this episode, we explore the challenges and best practices for identifying and inventorying assets in operational technology (OT) environments. Join host Ken Kully, Systems Support Lead at Verve Industrial, along with guests Lance Lamont, Andrew Wintermeyer, Tyler Bergman, and Rick Herzing, as they discuss how to establish trust, safely discover assets, and navigate network complexities without disrupting operations. Key Takeaways Establishing Trust & Engagement: Successful asset identification starts with building relationships with site personnel, including ICS engineers and facility managers. Safe Asset Discovery Techniques: Using non-disruptive methods like passive network monitoring, ARP table collection, and targeted scans is key in OT networks. Common Challenges: Mismatched documentation, unknown legacy devices, and unconventional network setups often complicate the process. Collaboration is Crucial: Teams at Verve integrate expertise from research, engineering, and cybersecurity to ensure efficient and secure asset inventorying. Continuous Monitoring & Adaptation: The process doesn't end with identification—maintaining an up-to-date inventory is an ongoing effort. Listener Q&A Want to ask a question for the experts at Verve to answer? Let us know! Timestamps 00:00 – Introduction and sound check 01:10 – Welcome back to Season 2 of OT After Hours 03:14 – What is the core functionality of Verve in OT environments? 06:45 – Trust-building and engaging with OT personnel 12:30 – Real-world surprises: Unexpected device discoveries 18:05 – How Verve safely identifies assets without disrupting operations 27:38 – Leveraging Verve's capabilities for accurate inventorying 41:11 – Importance of communication and customer engagement 46:53 – The evolving role of Verve and IT-OT integration Guest Information Lance Lamont – Lead, Special Projects & Protocols, Verve Industrial Andrew Wintermeyer – Lead, Device & Integration Team, Verve Industrial Tyler Bergman – Lead, Field Deployment Team, Verve Industrial Rick Herzing – OT Systems Support Analyst, Verve Industrial Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve I Listener Q&A

In this episode, we delve into the pressing challenges and exciting opportunities in OT cybersecurity as we look toward 2025. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Natalie Kalinowski, Tyler Bergman, and Zach Woltjer as they share insights on industry trends, compliance requirements, and the evolving role of AI in securing operational environments. Key Takeaways Hybrid Workforces and Device Risks: Personal and work devices in operational environments pose security risks, requiring stronger BYOD policies. Regulatory Compliance: Evolving regulations, like NIST and NIS2, drive cybersecurity adoption but lag in addressing sectors like water infrastructure. AI in Cybersecurity: AI enhances detection, patching, and gap analysis, but foundational security issues must be addressed first. Dynamic Detection: AI and machine learning are replacing outdated static rules for real-time anomaly detection. Zero Trust Architecture: The shift to identity- and access-based security is accelerating, especially in hybrid workforce scenarios. Legacy Device Security: Secure proxies and similar tools help protect aging OT devices, but challenges with latency persist. Monitoring Approaches: Continuous monitoring offers immediate insights but increases network load, while scheduled checks provide stability but risk delays. Third-Party Risks: Organizations are diversifying security tools and assessing vendor practices to reduce supply chain vulnerabilities. Timestamps 0:00 – Introduction 02:15 – Guest introductions 06:10 – The water industry as a critical infrastructure concern 12:36 – Predictions for OT cybersecurity trends in 2025 20:17 – AI in OT cybersecurity: workforce gaps and anomaly detection 30:12 – The shift from static rules to advanced detection techniques 33:01 – Zero trust architecture: buzzword or paradigm shift? 47:39 – Continuous vs. scheduled monitoring in OT environments 55:03 – Protecting legacy devices in operational technology 1:08:08 – Final thoughts: hybrid work risks, compliance, and AI in 2025 Guest Information Natalie Kalinowski: Cyber Technology Consultant at Rockwell Automation and Verve, with a background as a network engineer working in diverse operational environments, from food and beverage to natural gas. Tyler Bergman: Cyber Operations Manager at Verve, bringing over 20 years of experience in utility and energy industries with a focus on IT/OT integration. Zach Woltjer: Cyber Data Analyst at Verve with a passion for simplifying complex cybersecurity challenges for industrial clients. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve

In this episode, we explore the evolving challenges of cybersecurity maturity in operational technology (OT) environments. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Lauren Blocker, Industrial Cybersecurity Consulting Partner at Rockwell Automation; Drew Wintermyer from Verve's OT Research Lab; Zachary Woltjer from the Customer Success Team; Tyler Bergman, Operations Manager; and Rick Herzing from Verve Systems Support as they discuss the importance of assessing cyber maturity, bridging IT/OT security gaps, and implementing effective strategies for resilience. Key Takeaways Cyber maturity is not a one-size-fits-all process; it requires tailoring to specific organizational risks and priorities. IT/OT convergence brings unique challenges, necessitating a deep understanding of industrial environments. Frameworks like NIST CSF and ISA/IEC 62443 provide actionable pathways for improving OT cybersecurity maturity. Overcoming resource and talent shortages is critical to achieving sustainable cyber maturity. Collaboration across leadership, operators, and external partners is essential for effective implementation. Timestamps 00:00 – Introduction and sound check 01:26 – Welcome and episode overview 02:05 – Guest introductions and background 06:45 – What does "cybersecurity maturity" mean in an OT context? 15:20 – The challenges of IT/OT convergence 22:10 – Building and executing a cybersecurity maturity roadmap 30:55 – Real-world success stories and common pitfalls 40:30 – The future of OT cybersecurity and emerging technologies 50:10 – Closing thoughts Guest Information Lauren Blocker: Industrial Cybersecurity Consulting Partner at Rockwell Automation. Lauren specializes in assessing and enhancing cybersecurity maturity, helping enterprises implement globally consistent, standards-based strategies. Drew Wintermyer: Research Lead at Verve's OT Research Lab, focusing on OT-specific vulnerabilities and resilience strategies. Zachary Woltjer Customer Success Specialist at Verve Industrial, with expertise in helping organizations implement OT cybersecurity solutions. Tyler Bergman: Operations Manager, providing insights into the practical challenges of cybersecurity in industrial environments. Rick Herzing: Verve Systems Support analyst, and former industrial controls engineer. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve

In this episode, we dive into the challenges of managing legacy operational technology (OT) systems. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Tyler Bergman, Doug Artze, Dylan Stencil, and Andrew Wintermeyer, as they discuss the complexities of legacy systems, spare parts ("grey") markets, and the importance of security in maintaining older technologies. They explore real-world stories, the economics of keeping legacy systems running, and offer insights into potential solutions. Key Takeaways Legacy OT equipment can have extremely long lifespans, often much longer than typical IT hardware. This leads to challenges in finding support and spare parts as the equipment ages. There is a thriving market for reconditioned and resold legacy OT equipment, but the chain of custody and security vetting of these devices can be unclear. Maintaining documentation and access to legacy software/configuration tools is critical for supporting and troubleshooting older OT systems, which can be difficult as vendors discontinue support. The economic and operational costs of upgrading legacy OT systems can be prohibitive, leading many facilities to try to keep them running as long as possible through creative means like sourcing spare parts. Planned obsolescence by vendors and the lack of right-to-repair policies can exacerbate the challenges of maintaining legacy OT equipment over time. Visibility into the OT asset inventory and having a plan for securing legacy systems are important for managing cybersecurity risks in these environments. Timestamps 00:00 – Introduction and sound check 02:00 – Ken's story: Decommissioning PDP-11/84 systems 04:50 – Challenges with legacy equipment and backup solutions 09:00 – The aftermarket for OT equipment and security risks 14:00 – Securing legacy OT systems and ensuring safety standards 27:00 – Real-world experiences with aging OT infrastructure 39:00 – How cybersecurity standards affect legacy systems 50:00 – Solutions for managing legacy equipment Guest Information Tyler Bergman: Experienced in utilities and OT security with over 20 years in the industry. Dylan Stencil: Research team member with a background in technology and controls work. Doug Artze: Operations team member with experience in nuclear power and wastewater treatment. Drew Wintermeyer: Research team member and overseer of Verve's internal labs of OT devices. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve

In this episode, we explore the concept of Calculated Risk Rating (CRR) and its importance in OT cybersecurity. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests – Zachary Woltjer, Cyber Data Analyst at Verve, and Lance Lamont – as they discuss how to prioritize and address vulnerabilities in industrial environments. Key Takeaways Calculated Risk Rating helps tailor cybersecurity solutions to specific industrial environments CRR considers both the impact and likelihood of vulnerabilities being exploited The approach helps organizations prioritize their limited resources for maximum security benefit Trust between cybersecurity providers and industrial operators is crucial for effective risk management Active asset inventory solutions provide richer data for more effective risk mitigation strategies Timestamps 00:00 – Introduction and sound check 01:00 – Introduction of guest Zachary Woltjer 02:50 – Explanation of Calculated Risk Rating (CRR) 06:21 – Importance of contextualizing vulnerability information 09:47 – Discussion on EPSS (Exploit Prediction Scoring System) 12:43 – Identifying "crown jewels" in industrial environments 18:48 – Process of assigning criticality and likelihood ratings 26:50 – Importance of defense in depth strategies 31:01 – How Verve's teams work together to implement CRR 35:56 – Benefits of active asset inventory solutions 42:35 – Conclusion and outtro Guest Information Zachary Woltjer: Cyber Data Analyst on the Customer Success team at Verve Industrial Lance Lamont: Creator and Explorer at Verve Industrial Protection, leading the research team in exploring OT devices and their security. Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve

In this episode, we explore the challenges and benefits of active detection in OT security environments. Join host Ken Kully, Systems Support Lead at Verve Industrial, and his guests Rick Kaun and Sally Mellinger as they discuss the limitations of passive detection and the importance of comprehensive asset inventory in industrial cybersecurity. Key Takeaways Passive detection, while useful, has significant limitations in providing a comprehensive view of OT environments Active detection, including the use of agents, can provide more detailed and actionable information about assets Many operators have valid concerns about touching OT systems, but these fears can be addressed with proper expertise and non-disruptive solutions A comprehensive asset inventory is crucial for understanding and managing cybersecurity risks in OT environments The industry needs to overcome the fear of touching OT devices to achieve better security outcomes Timestamps 00:00 – Introduction and sound check 01:21 – Introduction of Sally Mellinger and Ken Kully 04:54 – Discussion on passive detection and its limitations 10:51 – Analogy comparing passive detection to traffic monitoring 24:56 – The importance of comprehensive asset inventory 31:17 – Examples of hidden vulnerabilities in OT environments 36:22 – The need to overcome vendor restrictions on security tools 39:26 – Addressing the root of OT security fears 45:49 – The importance of educating the market on active detection solutions Guest Information Rick Kaun: Expert in OT security with over 23 years of experience in the industry Sally Mellinger: Senior Manager of Content Marketing at Verve Industrial, with over 10 years of experience in B2B and technical content marketing Subscribe Follow and Subscribe Get in Touch LinkedIn | YouTube | Twitter/X | Contact Verve