PrOTect It All

In this episode, host Aaron Crowe speaks to Dan Ricci, founder of the ICS Advisory Project, to delve into OT cybersecurity. Dan brings a wealth of experience from his time in the Navy, transitioning through various cybersecurity roles, and finally taking the leap to establish a platform that addresses the complex needs of critical infrastructure sectors.  In this conversation, they explore the genesis of the ICS Advisory Project, a tool designed to streamline vulnerability management for small to medium-sized organizations. Aaron and Dan also discuss the challenges of transitioning from military service to civilian cybersecurity roles, emphasizing the importance of mentorship, risk-taking, and continual self-improvement.  This episode offers valuable insights for anyone in the cybersecurity community and those looking to bridge the gap between IT and OT spheres. Join us as we explore strategies to enhance resilience and share lessons from the field. Key Moments:  09:17 Building Dashboards with Google Studio 14:41 Cybersecurity: Secondary Concern for Operators 20:48 Supporting Small Supply Chain Contributors 23:23  OT Cybersecurity Impact and Mentorship 27:48 Bridging Cybersecurity and Critical Sectors 34:16 Opportunities to Share Project Insights 38:24 Adapting Skills for Career Growth 45:58 Cyber Career Evolution and Growth 56:14 Leadership vs. Management Distinction 01:00:56 Relentless Daily Self-Improvement About the guest :  With over 28 years of Cybersecurity experience, Dan is the Senior Cybersecurity Consultant at Ampyx Cyber, leading engagements with Rural Cooperatives and Utilities to improve their Cybersecurity programs and protect critical infrastructure. In 2023, he founded Industrial Data Works to provide independent consulting and vulnerability intelligence API subscription services.   He is also the founder of the ICS Advisory Project, an open-source initiative to help small and medium-sized ICS asset owners across the 16 critical infrastructure sectors prioritize vulnerabilities and plan mitigation for their ICS/OT environments. He aims to provide free and accessible resources to secure critical infrastructure and protect the public.   Link to Industrial Data Works: https://www.industrialdataworks.com/ics-advisory-project-api   Links to ICS Advisory Project: https://www.icsadvisoryproject.com/   ICS Advisory Project Github Repository: https://github.com/icsadvprj/ICS-Advisory-Project   Receive ICS Advisory Project Weekly Summary Slides and Other CERT & Vendor Advisory Summaries in your email every Monday: https://docs.goo...

In this episode, host Aaron Crow welcomes Chris Robertson, CISO at Apogee Defense, to discuss the evolving landscape of cybersecurity, focusing on the distinction and strategy behind Virtual CISO (vCSO) roles.  Chris shares insights from his dual roles at Apogee Defense and as a virtual chief security officer for various companies. The conversation dives into the intricacies and responsibilities of vCSOs, the importance of understanding IT and OT risks, and the necessity of integrating cybersecurity deeply into business practices.  Chris and Aaron explore practical solutions for businesses, emphasizing adaptability and continuous improvement in security measures, drawing parallels between accounting a century ago and cybersecurity today.  They also touch on future trends, the impact of AI on security, and the importance of setting aside egos to foster a culture of learning and collaboration.  Join them as they navigate the challenges and opportunities at the intersection of IT and OT cybersecurity, offering actionable advice and anecdotes from their extensive experience in the field. Key Moments:  00:00 Outsourcing Risk Management Expertise 08:22 Hiring External Experts: Cost-Effective Strategy 12:04 Understanding OT Risks in Cyber Leadership 20:36 MBA Curriculum Needs Security Focus 23:31 Integrating Security in Legacy Systems 27:47 Tech Efficiency and Shadow IT Challenges 35:56 Optimizing Inefficient Appointment Systems 39:08 Bridging Tech and Business Worlds 45:43 Simplifying Risk Communication 51:52 Joe Rogan's Impact and Risks 57:09 AI Evolution: Professionals Riding the Wave 01:05:53 "Embrace Vulnerability, Seek Help" About the guest :  Chris Robertson is a seasoned cybersecurity expert, currently serving as the Chief Information Security Officer (CISO) at Apogee Defense. In addition to this role, Chris extends his expertise as a virtual CISO for various companies across multiple sectors. He specializes in implementing robust security solutions that Apogee Defense delivers to its clients, predominantly within the Small and Medium Business (SMB) space.  With a keen focus on the defense industrial base, Chris's work also spans various other industries, enabling businesses to strengthen their cybersecurity frameworks. He is highly regarded in the industry for facilitating vital connections and contributing to advancing cybersecurity practices. How to connect Chris: https://www.linkedin.com/in/christophersrobertson/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Le...

In this episode, host Aaron Crow engages in a riveting conversation with Anusha Iyer, the CEO and founder of Corsha, a Washington, D.C.-based cybersecurity company. With over 25 years of experience in the cybersecurity space and a newfound interest in operational technology (OT), Anusha shares insights into her company's innovative approach to identity and access management for machines. The discussion covers key topics such as the convergence of IT and OT, the essential need to understand machine-to-machine communication, and the revolutionary potential of machine identity and multi-factor authentication (MFA) in securing industrial environments. Aaron and Anusha explore practical strategies for bridging IT and OT gaps and highlight real-world examples of implementing zero-trust principles. This episode is a treasure trove of knowledge for cybersecurity professionals, OT engineers, and tech enthusiasts alike. It emphasizes how modern security measures can transform and protect critical infrastructure. Tune in to gain valuable insights into the future of OT cybersecurity and the importance of embracing comprehensive security measures. Key Moments:    06:16 Machine Identity in OT Environments 08:40 Machine MFA for Secure Access 10:23 Understanding Secure Endpoint Communication 14:07 Cybersecurity vs. Safety Concerns 17:37 Achieving Zero Trust in Network Security 20:50 Overcoming Cloud Security Fears 26:10 Tech Implementation and Management Challenges 31:54 Complex Architecture: Costly and Complex 36:05 Understanding System Data Flow Benefits 40:36 Technology Deployment Before Cybersecurity Era 47:50 Simplifying Machine Implementation Benefits 51:19 Manual System Updates Challenges 51:58 Balancing IT and OT Efficiency   About the guest :    Anusha Iyer is the Founder and CEO of Corsha - a leader in identity and access management for operational systems and critical infrastructure. With over 20 years in cybersecurity, Anusha is passionate about demystifying cyber and security, making it accessible, easy to adopt, and self-assuring. Reach out to Anusha at anusha@corsha.com if you want to talk OT and Cyber and how to use machine identity in your industrial networks to unlock secure automation.   Find out more about Corsha and request a demo here: https://corsha.com/request-a-demo Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn:

In this episode, host Aaron is joined by cybersecurity expert Adam Robbie, the head of OT threat research at Palo Alto Networks. The discussion begins with Aaron sharing his extensive experience deploying Palo Alto firewalls in operational technology (OT) environments, highlighting the key troubleshooting and application-aware capabilities these firewalls offer. Adam delves into his role at Palo Alto Networks, focusing on the critical task of identifying and mitigating threats in the OT landscape. He discusses the unique challenges of securing OT environments, including the convergence of various technologies and the necessity for proactive defense strategies. The conversation covers important topics such as the importance of team collaboration across IT and OT, the complexities of deploying firewalls in OT situations, and the ever-evolving threats facing the industry.  Tune in for a comprehensive exploration of the intersection of cybersecurity and OT, and gain valuable insights from experts on the front lines of protecting critical infrastructure.   Key Moments:  00:00 Evolving Threat Analysis Focus 08:38 IT vs OT Firewall Responses 12:17 PLC Configuration and Remote Access Challenges 18:43 "Career Progress Through Strategic Moves" 23:05 Evolving OT Firewall Technologies 31:08 Malware Analysis and Threat Detection 35:34 Strategic Cybersecurity Using Game Theory 40:39 Hidden Vulnerabilities in OT Environments 44:44 Geographical Data Challenges in Analysis 49:24 OT Cybersecurity Segmentation Challenges 54:41 OT Systems: Challenges in Updates 01:00:02 Augmented Reality for Remote Problem-Solving About the guest :  Adam is the Head of OT Threat Research at Palo Alto Networks since 2022, with over 15 years of OT and IT experience. He's a publisher with SANS, IEEE, and other conferences, focusing on securing critical infrastructure, finding vulnerabilities, and developing best practices. He holds a Bachelor's and Master's in Electrical Engineering and advanced certifications like GICSP and GRID. Adam also teaches cybersecurity bootcamps at top universities and advises on curriculum development. Previously, as a Senior Cyber Security Consultant at Deloitte, he specialized in ICS/IoT penetration testing, threat hunting, and vulnerability research. Contact Adam at: https://www.linkedin.com/in/adamrobbie/ Download the white paper here: https://www.paloaltonetworks.com/resources/whitepapers/ot-security-insights   Here is the link for S4 Session :    Calculating The Payoff For Attack And Defensive Strategies, February 11, 2025  11:30 AM – 12:00 PM Connect With Aaron Crow: Web...

In this episode, host Aaron Crow converses with Lesley Carhart, Technical Director at Dragos, who brings over 15 years of experience in incident response and forensics within critical infrastructure sectors. The episode dives deep into the standard practices in industrial settings, such as operators shutting down power plants for safety and the lack of forensic investigation into equipment failures. Lesley emphasizes the importance of integrating cybersecurity into these environments, pointing out that many failures are due to maintenance or human error, though a notable portion does involve cyber threats. Listeners will learn about the challenges and necessary collaborations between operational technology (OT) and information technology (IT) teams. The discussion addresses cultural and trust barriers that hinder effective cybersecurity measures and advises on how organizations can improve their defenses regardless of size and resources. Lesley also highlights the evolving landscape of cyber threats, including the increasing sophistication of adversaries and the vulnerabilities caused by standardizations in industrial systems. Real-world examples underscore the complexity of securing these environments, emphasizing the need for proactive and informed cybersecurity practices, such as "cyber-informed engineering." Tune in to better understand the critical intersections of cybersecurity and industrial operations, and learn practical strategies to safeguard essential services. Key Moments:  05:00 IT-OT miscommunication leads to cybersecurity risks. 09:23 IT processes are too slow; bypassing is required for solutions. 11:36 Leaving an outdated system may pose less risk. 15:09 Slow changes in OT due to unforeseen impacts. 19:17 Include cybersecurity in root cause analysis discussions. 20:31 Nation-states analyze and bypass industrial control systems. 25:40 Cybersecurity is essential to combat potential system threats. 29:27 Communication, champions, and leadership crucial for cybersecurity. 31:37 Cybersecurity struggle due to resources community helps. 35:03 OT vs. IT language differences affect incident classification. 38:08 Empowered safety culture prevents accidents and retribution. 40:22 Few people have diverse cybersecurity skills and experience. 45:05 Experience across all 17 critical infrastructure verticals. 48:29 Evading detection in the nuclear enrichment process. 51:25 Identify industrial devices, build security program. About the guest :  Lesley Carhart is a renowned cybersecurity expert specializing in industrial control systems (ICS) security. With a keen understanding of the convergence between traditional IT and operational technology (OT), Lesley has been at the forefront of safeguarding critical infrastructures. Her work emphasizes the vulnerabilities of human-machine interfaces (HMIs) and programming devices, which are increasingly resembling typical computers and thus becoming prime targe...

In this episode, hosts Aaron Crow and Neal Conlon are joined by cybersecurity executive Ken Foster to discuss why smaller, focused events like the upcoming gathering at Staccaro Ranch outshine large conferences in the cybersecurity industry. They highlight the importance of genuine relationship-building, integrity in vendor interactions, and meaningful conversations that smaller events facilitate. Ken shares his experiences with data breaches, emphasizing the value of transparent, honest connections. Upcoming events and the benefits of intimate settings for networking and professional growth are also discussed, showcasing why, in cybersecurity, quality interactions trump quantity. Don't miss the Lone Star Cyber Shootout happening in January. Click here to participate in this exclusive event - https://corvosec.com/lonestar-cyber-shootout/   Key Moments:  01:32 The Cybersecurity industry operates differently from others. 04:24 Invested in low-integrity people; disregards trustworthiness. 07:20 Honesty and transparency in cloud transition discussions. 13:20 Attack surface management dominated RSA; competitive market. 14:18 Conversations expedite and enhance memorable connections. 18:06 Smaller conversations prevent distractions and improve focus. 23:48 Building real connections requires personal interaction time. 25:43 A Diverse group led to unique conversations insights. 28:36 Expert struggles due to lack of community relationships. 32:06 Build relationships, sell yourself, understand and adapt. 37:16 Building relationships helps find the right fit.   Learn more about PrOTect IT All:   Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify -

Happy New Year 2025. In this episode, host Aaron Crow  guides you through the evolving cybersecurity landscape impacting everything from power utilities and transportation to manufacturing and healthcare. Aaron explores the importance of integrating people, processes, and technology to build resilient systems. He also outlines the major cybersecurity events and conferences you won't want to miss this year, including s4 in Tampa, RSA in San Francisco, and Black Hat and DEFCON in Vegas. And don't miss the Lone Star Cyber Shootout happening in January. Click here to participate in this exclusive event - https://corvosec.com/lonestar-cyber-shootout/ With a focus on community and networking, Aaron emphasizes how these connections can elevate your cybersecurity strategy. Stay tuned for actionable insights, expert interviews, and real-world case studies to kickstart your year. Let's make 2025 a year of impactful cybersecurity advancements together. Key Moments:  00:40 Resilience needs technology, people, and processes. 05:03 Annual Vegas cybersecurity events: Black Hat, DEFCON. 09:01 Networking is crucial for career and growth. 11:42 Secure messaging suggests normal texting may be compromised. 16:04 Balance technical skills with essential soft skills. 17:11 Excellent professionals struggle in untrained management roles.   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-...

In this episode, host Aaron Crow delves into the increasingly sophisticated world of cyber scams that aim to steal money and identity. Discussing real-life examples, including a personal encounter with a jury duty scam over the holiday season, Aaron explores various types of frauds such as investment scams and tech support deceptions. Listeners will gain actionable tips to safeguard themselves and their loved ones from these cyber threats. If staying ahead of cybercriminals and protecting personal information is a priority, this episode offers invaluable advice. Stay tuned for an essential discussion on cybersecurity.   Key Moments:  01:17 Nearly scammed; realized it was a hoax. 04:09 Threatened by scammers; no harm, but scary. 08:26 Verify the origin of the information; scams can be deceptive. 10:53 Invest only what you can afford to lose. 13:07 Verify uninvited officers via 911, file report. 19:51 Use physical backups, regularly update and backup files. 21:07 Use your router and a firewall.   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

In this episode, host Aaron Crow shines a light on the collaborative spirit that unites these professionals as they confront contemporary cybersecurity challenges. It features a roundtable discussion with industry veterans: Pascal Ackermann, Senior Threat Protection and Response Engineer; Brett Seals, expert in incident response and threat detection; and Gabriel Sanchez, head of the Advanced Threat Protection Center The discussion takes listeners on a journey through both nostalgic tech, with mentions of the Tandy TRS-80, and the pressing issues of today, such as ransomware threats. The guests delve into the delicate balance between old and new technologies, the intricacies of integrating IT and OT security, and the evolving skill sets needed in the field. From power plant vulnerabilities to global geopolitical ramifications, the episode underscores the critical importance of securing essential infrastructure. Listeners will hear shared histories, stories of past crises, and these experts' proactive solutions. Topics range from cloud and artificial intelligence trends to the crucial need for workforce development. This episode provides a detailed, engaging, and educational experience for anyone interested in cybersecurity.   Key Moments:    10:43 Incident detection parallels between the control room, SOC. 13:58 Integrating safety programs into utility sector operations. 19:24 Balancing risk vs. cost of device replacement. 24:10 Immediate support is needed for 24/7 operations critical. 32:21 OT and IT share the same protection goals. 34:59 Focus: Enhancing asset management and system visibility. 39:42 Early hacking: dialing, shared networks, pranking neighbors. 44:32 Shift towards active technology use in OT. 50:58 If it ain't broke, don't fix it. 55:37 Defending infrastructure and impacting global mission together. 59:52 Issues transcend borders; global cooperation is needed.   Guest Profiles:    Brett Seals is an expert in instant response and threat detection engineering, currently working at the firm 1898. Before joining 1898, Brett garnered a decade of invaluable experience in the United States Navy, where he supported both expeditionary and cybersecurity operations. During his Navy tenure, he served at the Navy Cyber Defensive Operation Command, the Navy’s equivalent of a Security Operations Center (SOC), managing a fleet of sensors. Brett also spent considerable time around the Fort Meade area. As the COVID-19 pandemic began, he transitioned from his military role to his current position, continuing his commitment to cybersecurity in the private sector. Gabriel Sanchez embarked on his professional journey in the early 2000s, transitioning from college into what we now recognize as a burgeoning career in cybersecurity. Initially, Gabriel found himself working as a contractor for the Department of Defense, focused on missile simulations and charged with the responsibility of protecting their network—an early, hands-on introduction to cybersecurity before it even had a formal name. Following this formative experience, Gabriel spent the next decade in the electric utility sector, stepping into a groundbreaking role to establish an entirely new cybersecur...

Click here to participate in this exclusive event - https://corvosec.com/lonestar-cyber-shootout/ In this episode, Neal Conlon joins  Aaron Crow to dive into the details of an extraordinary event set to take place at the renowned STACCATO Ranch. Listen in as Neal and Aaron describe an exclusive high-energy experience scheduled for cybersecurity decision-makers. Taking advantage of the expansive 800 Acres to Counter Ranch, this event promises tactical and adventurous activities like shooting from helicopters and professional tactical shooting instruction. Beyond the thrill, attendees will enjoy top-tier amenities such as cigars, bourbon, and gourmet food, all within a high-class, safe environment tailored for networking and learning. Throughout the episode, listeners will hear how Neal Conlon transitioned from the Marine Corps mailroom to becoming a global leader in cybersecurity sales, offering a wealth of industry insights along the way. The hosts emphasize the importance of genuine relationship-building and soft skills in an industry often overshadowed by technical certifications. They critique traditional conferences for their superficial perks and excessive follow-up, promoting their unique event as a refreshing alternative designed to foster meaningful connections and strategic engagement. Listeners will also gain valuable advice on navigating the complexities of the cybersecurity industry, from managing vendor relationships to understanding procurement cycles, and the crucial role of proactive networking in career advancement. Tune in to this riveting episode for an inside look at an unparalleled cybersecurity event and invaluable career insights from Neal and Aaron.  Key Moments:  00:10 From hedge fund to data and marketing expert. 04:02 Evolved from client work to sales expertise. 09:23 Cybersecurity requires swift adaptation, networking, and leveraging skills. 13:34 Leadership program improved my skills over time. 17:30 AI evolution reduces need for abstract thinkers. 21:12 Lemming information creates noisy conflict and confusion. 23:53 People voluntarily attend for genuine networking opportunities. 26:39 Two people enjoy baseball game nosebleed seats. 31:06 Control initiatives, build relationships, secure deals. 34:29 Event's unique value and ROI for leaders/vendors. 35:20 Vendor leads often misclassified; true relationships matter. 38:33 Networking and shared experiences build valuable connections. 43:25 High-energy networking event with decision-makers.   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow  

In this episode, host Aaron Crow dives into cybersecurity and risk management with guest Harry Thomas, CTO and co-founder of Freanos. This episode tackles the complexities of managing security risks in large organizations, from outdated systems to inconsistent cybersecurity postures across various sites. Listeners will learn how companies leverage consultants and community support to bridge knowledge gaps and the importance of operationalizing cybersecurity tools. Harry Thomas shares his views on the evolving landscape of OT security tools, the role of AI in enhancing productivity, and innovative approaches to addressing vulnerabilities in critical infrastructure. The episode also explores the advantages of hybrid cloud models for improved resilience and ROI and offers practical advice on risk management and adaptability. Get Harry's book recommendations and learn about Freanos' platform, which is designed to efficiently prioritize and mitigate risks. Tune in for essential knowledge and strategies to "protect it all," whether you're an experienced cybersecurity professional or just starting out. This discussion is packed with actionable insights and innovative perspectives you won't want to miss.   Key Moments:  04:07 Understanding comprehensive risk environments requires collective expertise. 11:43 Flexible onboarding for diverse technological infrastructures. 14:21 Tools are costly; operational transfer challenges value. 17:22 Replicated improves network security troubleshooting efficiency. 21:07 OT must embrace new technologies for growth. 25:17 Cloud's benefits outweigh outdated equipment's drawbacks. 27:12 Fast internet enables remote power plant operation. 30:46 Prioritize resources over patching 80,000 devices. 35:13 Patching insufficient in OT, unlike IT systems. 37:43 Different risk approaches for IT vs. OT scenarios. 45:41 All business involves people, adaptability, and growth. 47:42 Cybersecurity will shift focus to customer impact.   About the guest :  Harry Thomas, a cybersecurity veteran with over a decade of expertise, specializes in offensive penetration testing and securing industrial and healthcare infrastructure. As CTO of Frenos, Harry leads the company’s strategic innovation, focusing on advanced cybersecurity solutions to safeguard critical systems against evolving threats.   An accomplished educator and speaker, Harry has taught “Hacking PLCs” at DefCon and BSIDES Orlando, spoken at BSIDES NH, and appeared on the Secure Insights podcast, sharing insights on cybersecurity challenges and advancements.   Previously, he served as Director of Product R&D at Dragos, where he strengthened security in industrial control systems, and at AWS, where he developed AI/ML-driven User Behavioral Analytics to enhance security. Known for his technical expertise and leadership, Harry is a prominent speaker at global cybersecurity conferences, offering strategic insights into threat mitigation.  

In this episode, host Aaron Crow is joined by special guest  Mike Holcomb to discuss the intricate realm of Industrial Control Systems and Operational Technology (ICS/OT) cybersecurity. The episode also spotlights the upcoming event B Sides ICS, an open and community-centric conference set to run alongside the prestigious S4 conference in Tampa.   Mike Holcomb provides insights into the much-anticipated ticket sales for the event and underscores the importance of submitting papers or presentations by the end of the year. The discussion emphasizes the significance of expertise in OT, cyber, and enterprise operations for top-level management and how events like B Sides ICS and S4 promote networking, learning, and professional development.   Listeners will gain a deeper understanding of the origins of B Sides events, the excitement surrounding B Sides ICS, and the impactful discussions and innovations poised to shape the future of ICS/OT cybersecurity. Whether the audience comprises newcomers or seasoned professionals, this episode offers valuable takeaways for everyone.   Key Moments:    00:00 Educating and supporting ICS & OT cybersecurity communities. 04:28 Passionate about learning and sharing cybersecurity knowledge. 08:59 B Sides: Global community-focused conference events. 10:43 Bringing B-Sides to Greenville increased attendance. 16:29 Promote diverse perspectives in OT cybersecurity. 19:01 Active Directory challenges in IT-OT integration. 21:07 Active Directory simplifies system management, poses risks. 28:57 Lean on IT for the correct Active Directory setup. 31:52 Availability is crucial in an OT environment. 34:14 Integrating IT and OT for enhanced cybersecurity collaboration. 36:16 IT and OT integration needs improvement. 40:54 Exploring cybersecurity in ICSOT across various sectors.   About the guest :    Mike Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world’s largest engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world’s largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries. He has his Masters degree in ICS/OT cybersecurity from the SANS Technology Institute. Additionally, he maintains cyber security and ICS/OT certifications such as the CISSP, GRID, GICSP, GCIP, GPEN, GCIH, ISA 62443, and more. He posts regularly on LinkedIn and YouTube to help others learn more about securing ICS/OT and critical infrastructure.   How to contact Mike:  Website : https://www.mikeholcomb.com/ Youtube :  https://www.youtube.com/@utilsec LinkedIn: https://www.linkedin.com/in/mikeholcomb/

In Episode 33, Aaron Crow explores the transformative impact of automation and AI in the Operational Technology (OT) sector, joined by industry expert Shane Cox from Morgan Franklin Cyber. This episode deepens how AI and automation can enhance security operations when balanced with human oversight and strategic implementation.   Shane Cox shares insights on Morgan Franklin's flexible and expert-driven approach to Managed Detection and Response (MDR) services, emphasizing the importance of tailored client partnerships and continuous collaboration. The discussion highlights the potential of AI to revolutionize security while addressing the unique challenges and risks of integrating automated solutions.   Tune in to learn how the right blend of technology, expertise, and strategy can drive effective security solutions and foster long-term client relationships in today's evolving cybersecurity landscape.   Key Moments:    05:15 Flexible, evolving security service, partnership-focused approach. 07:06 Diverse tools are essential for all organizations. 12:58 Weekend setup complete; improved over subsequent months. 15:30 MDR/XDR: Cloud-based threat detection and response. 18:21 Flexible MDR service integrates client environments efficiently. 21:38 Integration speeds up threat detection and response. 24:52 Cautious automation best balances efficiency and control. 29:50 AI assists coding by highlighting potential errors. 32:12 People are crucial for effective security automation. 35:51 Superior team preferred over superior product. 39:06 AI integration risks due to untested promises. 41:46 Adapting security training amidst AI automation challenges.   Guest Profile:    Shane Cox leads the Cyber Fusion Center at MorganFranklin Cyber where he is responsible for the delivery of managed services such as Orion MDR, Advanced Detection and Response (ADR), Threat Hunting, Adversary Simulation, Cyber Threat Intelligence (CTI), and Incident Response and Management.    Shane has over 25 years of experience in IT and Cyber Security, leading the development and optimization of security programs within enterprise and managed services environments. He has deep experience and success providing customized, business-aligned security outcomes for a diverse range of client environments and industry verticals.    How to connect with Shane:   https://www.linkedin.com/feed/update/urn:li:activity:7264640034891337730 https://www.sdxcentral.com/articles/stringerai-announcements/morganfranklin-consulting-launches-orion-mdr-service-with-stellar-cyber/2024/11/   Connect With Aaron Crow: ...

In this episode, Aaron is joined by Paul Shaver, an experienced OT security consultant from Mandiant, part of Google Cloud. Together, they navigate the nuanced landscape of operational technology (OT) cybersecurity.   The episode begins with Aaron recalling a critical incident at a power plant that underscores the potential pitfalls in OT environments. This sets the stage for a rich discussion on the evolution of OT technology, with Aaron and Paul reminiscing about primary domain controllers and early NT workstations.   The conversation shifts to the future of OT in the cloud, where Paul highlights the benefits of cloud solutions, including enhanced resiliency, security, and data optimization through AI. A compelling customer case study illustrates modern technology adoption with web-based HMIs and Chromeboxes.   Paul offers a detailed analysis of the current OT cybersecurity landscape, addressing the persistent legacy system challenges and the need for a cohesive IT-OT security strategy. He discusses the evolving threat landscape influenced by global geopolitical tensions and the rise of zero-day vulnerabilities.   Listeners will gain practical insights into foundational cybersecurity measures, such as network segmentation, asset inventory management, and robust access control..   Key Moments:    04:14 Connecting IT and OT optimizes processes securely. 09:54 Lost production severely impacts manufacturing revenue recovery. 14:06 Ensure network notifications; control access, separate credentials. 17:10 Engineers need secure access to adjust parameters. 21:55 Endpoint detection on older systems is critical. 28:47 Resilience is crucial in CrowdStrike incident response effectiveness. 32:11 Limited resources for global incident response efforts.= 39:22 Rebuilt domain controller caused authentication issues. 42:37 Focus on resiliency and cloud opportunities, leveraging multi-cloud. 44:59 Improve grid operations using cloud and hyper-converged technology. 48:38 Local cloud provides redundancy for remote sites. 51:15 Critical for acquisition process and problem-solving.   About the guest :  Paul Shaver has dedicated more than two decades to various roles in Operational Technology (OT), primarily within the oil and gas industry. His expertise spans OT architecture, design, and build, along with run and maintaining responsibilities as an asset owner.  Before transitioning into cybersecurity, Paul served as a Technology Director for an oil and gas company in California. Driven by a burgeoning interest in security, he joined Mandiant nearly five years ago. At Mandiant, now part of Google, Paul relishes the mission of enhancing security postures in OT and critical infrastructure, contributing to significant advancements in the field. How to connect Paul: https://www.linkedin.com/in/pbshaver/ Connect With Aaron Crow:

In this episode, host Aaron Crow addresses the pressing issue of cybersecurity for small and medium-sized businesses. With their limited budgets and resources, these enterprises are often prime cyberattack targets. Aaron explains why these businesses are particularly vulnerable, the potentially devastating impacts of a cyber incident, and practical measures they can adopt to strengthen their cybersecurity without incurring significant costs. Listeners will uncover insights on establishing basic cybersecurity policies, the critical importance of monitoring, and strategies for preparing for potential breaches.  This episode is filled with valuable tips that could ensure the survival and success of your business amid today's escalating cyber threats. Key Moments;  00:00 Cybersecurity challenges and solutions for small businesses. 03:24 Startups are vulnerable due to inadequate cybersecurity measures. 06:30 Use secure passwords, educate employees, and use tools. 11:26 Segregate networks to protect sensitive data. 14:46 Effective monitoring requires time, effort, and setup. 16:10 DNS filtering blocks malicious sites, prevents attacks. 20:29 Plan proactively to manage events before crises.   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co

In this episode, host Aaron Crow is joined by Clint Bodungen, Director of Cybersecurity Innovation at Morgan Franklin Cyber and founder of Threatgen, alongside Michael Welch, Managing Director at Morgan Franklin Cyber. Together, they delve into the ever-evolving world of cybersecurity in honor of Cybersecurity Awareness Month. Aaron kicks things off by discussing the importance of iterative processes and tabletop exercises in enhancing decision-making and preparedness. The conversation then shifts to the exciting yet complex role of AI in cybersecurity, particularly in operational technology (OT) and critical infrastructure. The experts emphasize the potential of generative AI for data analysis while underscoring the need for human oversight to avoid biases and misinformation. Clint introduces an “engineering informed cyber” approach to better integrate OT and IT in managing cybersecurity risks, while Aaron stresses the importance of collaboration between cybersecurity professionals and engineers. The episode also tackles balancing convenience and security, the intricacies of password management, and the critical role of communication and trust. Listeners will gain valuable insights into AI’s role in enhancing security operations, the consequences of system failures, and the debate between compliance and true security. This episode offers expert opinions, real-world examples, and practical advice for navigating today’s cybersecurity challenges. Join us for a comprehensive discussion on protecting our digital world.   Key Moments:    04:20 Generative AI aids efficient GRC and cybersecurity management. 08:40 AI lacks context for verifying asset information. 11:38 Generative AI creating and automating malware tools. 15:58 Building data centers using decommissioned power plants. 17:14 Regulation growing in infrastructure for compliance security. 22:09 Compliance is binary; partial compliance isn't sufficient. 24:33 Prioritize "engineering informed cyber" for OT resilience. 28:14 Collaboration between IT and OT is essential. 33:54 Frustration with excessive video game security measures. 34:49 Cybersecurity fails due to over-engineering complexity. 40:49 Make security easy with password managers, authenticators. 42:31 AI improves tabletop exercises for comprehensive insights. 45:31 Generative AI augments human capabilities and creativity. 48:08 Automated injects streamline engagement and business continuity. 53:46 Executives misunderstand risk, leading to false security. 54:29 Strong IT security, but vulnerable weak points. About the Guests :    Clint Bodungen:    Clint Bodungen is a globally recognized cybersecurity professional and thought leader with 30 years of experience (focusing primarily on industrial cybersecurity, red teaming, and risk assessment). He is the author of two best-selling books, "Hacking Exposed: Industrial Control Systems" and “ChatGPT for Cybersecurity...

In Episode 29, host Aaron Crow is joined by cybersecurity expert Jori VanAntwerp to delve into Power Grid Security and Redundancy. This episode explores the segmented design of the US power grid, addressing the challenges and necessary upgrades to mitigate cyber vulnerabilities. Jori highlights security monitoring gaps, the impact of hardware updates, and the cost implications of modernizing infrastructure. The discussion also emphasizes the importance of asset inventory and collaborative efforts between IT and OT professionals. Real-world incidents, such as unexplained power plant reboots, illustrate the critical role of operator awareness and system maintenance. The potential of AI in cybersecurity, alongside the need for a collaborative, learning-focused approach, is also discussed. Tune in to gain expert insights on balancing modernization, cost, and operational efficiency to ensure the stability and security of our power infrastructure. Join us for a packed episode to learn how to "Protect It All." Key Moments:    05:30 Restoring power grids involves complex, staged processes. 11:01 Centralizing data improves efficiency, introduces vulnerabilities. 17:47 Network segmentation essential for security, mitigates risks. 26:12 Cybersecurity tools revealed crucial system issues. 32:15 Understanding systems fully prevents unintended negative impacts. 36:31 Understand OT environment before implementing IT solutions. 41:24 Equip must survive extreme heat, unlike typical data centers. 54:28 Strict access control in nuclear power plant. 57:48 Assess likely risks for protecting plant operations. 01:00:59 Rushed training weakens foundational cybersecurity skills.   About the guest :  For nearly two decades, Jori has enabled industrial and IT organizations to be successful in reducing risk, increasing compliance, and their overall security efforts. Jori has the ability to quickly evaluate situations and determine innovative solutions and possible pitfalls due to his diverse background in security, technology, partnering and client-facing experience. Approaching situations with intuitive insight and methodology, leveraging his deep understanding of business and technology, ranging from silicon to the cloud. He had the pleasure of working with such great companies as Gravwell, Dragos, CrowdStrike, FireEye, McAfee, and is now Founder and Chief Executive Officer at EmberOT, a cybersecurity startup focused on making security a reality. How to connect Jori :  Website : https://emberot.com/ Linkedin : https://www.linkedin.com/in/jvanantwerp/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn:

This episode delves into the world of cybersecurity with the esteemed guest, Ken Foster. With over 30 years of experience and a career that began in the Navy, Ken has comprehensive expertise in managing firewalls and antivirus systems and addressing today’s complex cybersecurity challenges. This episode, hosted by Aaron Crow, explores the evolving cybersecurity industry, emphasizing the crucial roles of mentorship and networking. Ken and Aaron discuss the strategic importance of aligning security with business goals, the impact of leadership training and honest feedback on developing better leaders, and the necessity of balancing technical skills with effective communication. Ken shares his insights on the dangers of over-relying on AI, the essential need for disaster preparedness and business continuity, and the importance of continuously evaluating business investments to avoid unnecessary expenses. The episode highlights the value of informal networks and mentorship in overcoming industry challenges and fostering personal growth. Listeners will gain practical strategies and invaluable lessons to navigate the ever-changing cybersecurity landscape while ensuring their personal and professional development.   Key Moments:    06:59 Translate tech leadership into business risk communication. 11:51 Integrating expertise, technical skills, and communication effectively. 18:13 No disaster recovery plan; business disrupted by flood. 25:36 Building relationships and listening are crucial successes. 31:39 Simplify explanations for effective cross-team communication. 33:53 Realized technical focus limited career growth. 42:12 Networking is crucial for finding senior roles. 44:06 Produced content led to advisory board roles. 50:06 Who supports post-handover? Security can't do it alone. 57:44 Translate work into clear business value requirements. 01:04:11 Ensure clarity and continuity for cybersecurity's future. About the guest :  Ken Foster is a cybersecurity leader with over 25 years of experience in risk management, global team development, and IT infrastructure. As Head of Global Architecture at Adient, Ken oversees global teams to align technical initiatives with business goals, driving innovation while managing risks. His career includes key roles at Fleetcor and Fiserv, where he built large-scale cybersecurity programs and led risk governance and cloud security efforts. With a strong focus on client trust and board-level advisory, Ken brings deep expertise in navigating regulatory landscapes and developing risk-based, business-aligned strategies. Connect Ken Foster : https://www.linkedin.com/in/kennethfoster/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn:

In this episode, host Aaron Crow takes a deep dive into the essential aspects of cyber hygiene.  As part of the Cybersecurity Awareness Month spotlight, Aaron discusses actionable steps to enhance your digital safety, whether at home or work. This episode covers everything from the significance of strong, unique passwords and multifactor authentication to keeping your software updated and recognizing phishing attacks.  Aaron also provides expert advice on securing home networks and introduces useful tools like password managers and antivirus software. Designed for both cybersecurity novices and seasoned professionals, this episode is a must-listen for anyone looking to improve their cyber hygiene.  Tune in to arm yourself and your family with the knowledge needed to stay safe in the digital age.   Key Moments:  06:06 Secure email with strong, unique password, multifactor authentication. 07:10 Multifactor: Password plus physical authentication like YubiKey. 10:42 Always update devices, avoid phishing attacks. 16:14 Use VPNs and password managers for Wi-Fi security. 19:00 Securely share credentials without sending clear text. 20:56 Regularly backup devices to prevent data loss. 25:18 Practice cyber hygiene and educate your family.   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co

In this episode, Aaron Crow engages in an insightful conversation with Dennis Maldonado, Director of Technology for Harris, Fort Bend ESD 100. The discussion emphasizes the importance of resiliency in technology environments and how strategic planning can safeguard against unforeseen disasters without necessitating a complete technological overhaul. From his extensive experience, Dennis shares how effective communication and collaboration were critical during events like Hurricane Harvey. He also provides his perspective on future trends and concerns in cybersecurity, including the rise of ransomware and nation-state attacks targeting critical infrastructure. The episode illuminates the significance of networking, with Aaron and Dennis underscoring its value in career advancement and sharing personal stories to illustrate how being well-known and trusted can open doors to unexpected opportunities.  Additionally, Dennis discusses the zero trust model and the intricate balance between maintaining cybersecurity and ensuring system availability in critical infrastructure.Listeners will gain practical insights into building resilient tech environments through real-world examples and expert advice.  The episode is a treasure trove of learnings on keeping organizations secure, responsive, and prepared for any eventuality. Join as "Protect It All" dives deep into building resilient tech environments with Dennis Maldonado's invaluable lessons.   Key Moments:  09:15 Networking is crucial for success in cybersecurity. 13:46 Volunteer firefighter boosted dispatch center through IT. 18:52 Transfers emergency calls to fire and EMS. 22:06 Quick response with information saves lives effectively. 26:22 Implemented lessons for resilient project development. 42:14 Sharing lessons learned from threat modeling experiences. 48:04 Zero trust model effectively mitigates cybersecurity incidents. 57:32 Public safety adapts by reverting to manual methods. 01:02:51 Cybersecurity's mainstream rise sparks widespread interest.   About the guest :  Dennis serves as Director of Technology for Harris Fort Bend ESD 100 (WESTCOM) managing and maintaining the technology needs of 911 call taking and emergency dispatch services for multiple public safety agencies. With over 15 years of experience in information technology and over 12 years in cybersecurity enterprise environments and consulting, Dennis’s experience includes cyber resilience, network penetration testing, full-scope red team engagements, adversarial simulation, and physical security assessments. Dennis presented at multiple security industry conferences including DEF CON, InfoSec SouthWest, BSides conferences, Houston Security Conference, Houston OWASP, SANS HackFest, and several local meetups and organizations around the United States. As an active leader in the Houston cyber security community, Dennis is responsible for founding two cyber security meetups in the Houston area: Houston Locksport, founded in 2014 and Houston Area Hackers An...