The growing need for visibility and response in industrial environments is driving more organizations to consider ICS/OT Security Operations Centers — but what does that actually look like for small and medium-sized operations?In this episode of Simply ICS Cyber, Don and Tom sit down with Dan Gunter, CEO and founder of Insane Cyber, to discuss how ICS/OT SOCs function, what data truly matters for monitoring, and how incident response changes when operators have (or don’t have) the right information at hand.Drawing on experience from the Air Force CERT to founding an OT-focused security company, Dan shares a practical look at the realities of SOC implementation across industries — from utilities with limited staff to large-scale enterprises managing thousands of assets.Listeners will gain insight into how to start building visibility, selecting the right MSSP partners, and managing SOC fatigue — all while keeping industrial operations safe and resilient.⚙️ Tune in to learn how data, process, and people come together to make ICS/OT SOCs work in the real world.Connect with Dan on LinkedIn: https://www.linkedin.com/in/dan-gunter👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.Connect with your hosts on LinkedIn:- Don https://linkedin.com/in/cutaway- Tom https://linkedin.com/in/thomasvannormanLearn about ICS Village: https://www.linkedin.com/company/icsvillage=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================Presented by Simply Cyber Media Group=========================All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials
The industrial threat landscape never stands still — and neither can defenders. In this episode of Simply ICS Cyber, Don and Tom sit down with Joe Slowik, a globally recognized expert in cyber threat intelligence (CTI), detection engineering, and incident response for ICS, OT, and critical infrastructure environments.With over 15 years of experience spanning offensive operations, threat research, and leadership roles in both government and private sectors, Joe brings an unparalleled perspective on how adversaries target industrial systems — and how defenders can stay ahead.Listeners will hear how Joe’s work connects cutting-edge artificial intelligence and detection development with the real-world challenges of protecting operational environments. His insights reveal where the next evolution of ICS threat intelligence is headed — and what teams should focus on now to stay resilient.⚙️ Tune in to learn how threat intelligence is evolving across industrial control systems and what it takes to keep pace in a rapidly changing landscape.Connect with Joe on LinkedIn: Joe Slowikhttps://www.linkedin.com/in/joe-slowik👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.Connect with your hosts on LinkedIn:- Don https://linkedin.com/in/cutaway- Tom https://linkedin.com/in/thomasvannormanLearn about ICS Village: https://www.linkedin.com/company/icsvillage=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================Presented by Simply Cyber Media Group=========================All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials
Selecting and managing ICS/OT cybersecurity vendors and integrators isn’t just a procurement step - it’s a strategic decision that shapes resilience, compliance, and long-term security outcomes. The best approach depends on organization size, resources, and security objectives.In this episode, Don and Tom are joined by Saltanat Mashirova, OT Cybersecurity Lead at CPX and OTCEP member with the Cyber Security Agency of Singapore. Salt brings deep global expertise across cybersecurity risk assessments (csHAZOP), ISA/IEC 62443 compliance, OT/ICS product development, governance, training, and the integration of both brownfield and greenfield assets.They’ll also dive into how these challenges play out in industries like oil & gas, mining, energy, manufacturing, and more - where vendor and integrator choices can directly impact both safety and business outcomes.Salt shares her perspective as an industry-recognized leader, speaker, and award-winner (Top 40 Under 40 in Cybersecurity, SC Media “Women to Watch,” and more), with experience guiding global projects and engaging with everyone from engineers to CEOs.📢 This is a rare opportunity to hear practical insights on navigating the evolving vendor and integrator landscape in ICS/OT cybersecurity.👉 Tune in to hear Salt’s perspective and learn how organizations can align security objectives with the right vendor and integrator partnerships.Connect with Salt on LinkedIn: https://www.linkedin.com/in/saltanat-mashirova-b88bba193Publications:Co-Author of Framework in Disaster Recovery “An Approach to Disaster Recover in OT,” links (whitepaper is coming up soon):https://www.youtube.com/watch?v=zjwUwGa3rLw&t=135shttps://www.controlglobal.com/show-coverage/honeywell-users-group/article/55232981/preparedness-smooths-cyber-recoveryhttps://www.youtube.com/watch?v=ATx7cYaX6BYCyber-Physical Risk Assessment:https://www.hydrocarbonengineering.com/magazine/hydrocarbon-engineering/april-2024/https://www.youtube.com/watch?v=dsOwAX5cc_c👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.Connect with your hosts on LinkedIn:- Don https://linkedin.com/in/cutaway- Tom https://linkedin.com/in/thomasvannormanLearn about ICS Village: https://www.linkedin.com/company/icsvillage=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================Presented by Simply Cyber Media Group=========================All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials
Industrial control systems (ICS) and operational technology (OT) are the backbone of modern society—powering electricity, water, gas, communications, manufacturing, chemicals, and even medical technology. But what happens when these systems must be secured in the middle of a warzone?On this episode of Simply ICS Cyber, hosts Don C. Weber and Tom VanNorman sit down with special guest Patrick C. Miller, President & CEO of Ampyx Cyber, a company dedicated to protecting the industrial world.Learn more about:The challenges of defending critical infrastructure in conflict environmentsReal-world insights from one of the most experienced leaders in ICS/OT securityWhy these conversations are vital for the future of cybersecurityThis is a rare opportunity to hear experts break down industrial cybersecurity in the harshest conditions. Whether you’re in IT, OT, or just want to understand the stakes, you’ll walk away with practical lessons and a deeper appreciation of what’s at risk.Connect with Patrick on LinkedIn: https://www.linkedin.com/in/millerpatrickc/Episode Links:-The 5 Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls - KEV: https://www.cisa.gov/known-exploited-vulnerabilities👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.Connect with your hosts on LinkedIn:- Don https://linkedin.com/in/cutaway- Tom https://linkedin.com/in/thomasvannormanLearn about ICS Village: https://www.linkedin.com/company/icsvillage=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================Presented by Simply Cyber Media Group=========================All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials
In this episode of Simply ICS Cyber, co-hosts Don C. Weber and Tom VanNorman are joined by maritime and energy cybersecurity expert Marco (Marc) Ayala — vOT-CISO, Senior Principal Advisor for Energy, Oil, and Gas at the Cyber Infrastructure Protection Innovation Center (CIPIC), President of InfraGard Houston Members Alliance, and National Sector Chief of Energy for InfraGard.Marc has spent his career at the intersection of ICS/OT security, maritime operations, and critical infrastructure protection. His work includes advancing cybersecurity for the energy and oil & gas industries, driving innovation at CIPIC, and building collaborative bridges between public and private sectors to defend against nation-state and criminal threats.If you’re interested in the challenges of maritime cyber resilience, industrial control systems, operational technology, or energy sector defense, this episode offers rare insights from one of the field’s most active leaders.Connect with Marc on LinkedIn: https://www.linkedin.com/in/marco-marc-ayala-a3b26934Episode Links:InfraGuard: https://www.infragardnational.org/ISA Fellows: https://www.isa.org/membership/recognition/fellowsPort of Corpus Christi, Texas: https://portofcc.com/Port of Galveston, Texas: https://www.portofgalveston.com/Port of Houston, Texas: https://porthouston.com/👉 Subscribe to Simply ICS Cyber for more expert-driven conversations on ICS/OT security, critical infrastructure protection, and emerging cyber threats.Connect with your hosts on LinkedIn:- Don https://linkedin.com/in/cutaway- Tom https://linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================Presented by Simply Cyber Media Group=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials
In this episode of Simply ICS Cyber, Don C. Weber and Tom VanNorman sit down with Chris Sistrunk to dive into the challenges and realities of Substation Security. Chris, now a Technical Leader at Mandiant & Google Cloud Security, brings years of experience from his time at Entergy, where he specialized in Transmission & Distribution SCADA systems and cybersecurity labs. He’s a recognized leader in ICS/OT security and an active contributor to the community through events like DEF CON’s ICS Village and BEER-ISAC. Join us as we discuss securing critical infrastructure, modern threats to substations, and what defenders need to know to stay ahead. Tune in to get expert insights into protecting the grid. Connect with Chris on LinkedIn: https://www.linkedin.com/in/chrissistrunk Episode Links: https://cloud.google.com/blog/topics/threat-intelligence/securing-protection-relays-modern-substations https://techcrunch.com/2025/07/14/mark-zuckerberg-says-meta-is-building-a-5gw-ai-data-center/ Connect with your hosts on LinkedIn:- Don https://linkedin.com/in/cutaway- Tom https://linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================Presented by Simply Cyber Media Group=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials
Join Don Weber and Tom VanNorman for the Season 2 premiere of Simply ICS Cyber!In this episode, your hosts interview special guest and ICS professional, Dan Ricci.Dan is a Power Systems Engineer and Researcher with Idaho National Labs and sits down with the hosts to explore vulnerability management, feeds, and learn more about ICS Advisory Board Project. Episode Links:- https://www.icsadvisoryproject.com/- https://www.icsadvisoryproject.com/ics-advisory-dashboards/cisa-kev-for-cisa-ics-advisoriesConnect with Dan Ricci on LinkedIn:https://www.linkedin.com/in/danricci14Connect with your hosts on LinkedIn:- Don linkedin.com/in/cutaway- Tom linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials
Don and Tom jump into the TSA Directives in this episode with their special guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world’s largest engineering, procurement, and construction companies. He also founded the BSides ICS/OT and BSides Greenville cons. In this episode, our expert guest helps us answer the questions below:- What are TSA Directives? - Where do we find them?- Who do they apply to?- How are sites checked?Connect with Mike: - Mike Holcomb LinkedIn: https://www.linkedin.com/in/mikeholcomb/Learn more about BSides ICS/OT:- BSides ICS/OT: https://www.bsidesics.org/=========================Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don linkedin.com/in/cutaway- Tom linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials
In this episode of Simply ICS Cyber, Don and Tom interview their guest, Jim Gilsinn. Together they discuss the ISA/IEC 62443 Cybersecurity framework and answer the questions:- What is ISA/IEC 62443 Series of Standards and how do they help?- How do you get access to the ISA/IEC 62443 documents?- How can you help improve the standards?Connect with Jim Gilsinn on socials:- Linked In: https://www.linkedin.com/in/jimgilsinn/- X: https://x.com/JimGilsinnLearn more about the ISA/IEC 62443 Standards: https://www.isa.org/standards-and-publications/isa-standards/isa-iec-62443-series-of-standards=========================Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don linkedin.com/in/cutaway- Tom linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials
How does Incident Response in ICS/OT/SCADA work? In this episode of Simply ICS Cyber, Don and Tom welcome Kai Thomsen, Director of Global Incident Response Services at Dragos.Join us as we answer the questions below and provide more insight into how IR works in OCS, OT, and SCADA:- Is DFIR the same on the OT side as the IT side?- What are some of the challenges the OT DFIR team faces?- In an organization, who is responsible for OT incident response?- What are table tops, how should you conduct them?- What are some table top exercises?- How do you get into OT DFIR?Discover the Dragos 2025 YIR Report: https://www.dragos.com/ot-cybersecurity-year-in-reviewConnect with Kai on LinkedIn: https://www.linkedin.com/in/kai-thomsen-a635b21b7Check out the Incident Response Table top resources below:- CISA Tabletop Exercise Packages (CTEPs)- CISA ICS Training- Dean Parson’s ICS Incident Response Tabletops- Lenny Zeltser Cheat Sheets and Presentations- NERC’s Grid Security Exercise (GridEx) - MITRE Cyber Exercise Playbook- Black Hills Information Security (BHIS) Backdoors and Breaches ICS/OT Deck- Center for Internet Security, Tabletop Exercises – Six Scenarios to Help Prepare Your Cybersecurity Team- Red Canary: Are You Using Tabletop Simulations to Improve Your Information Security Program?- Dragos: Preparing for Industrial Cyber Response Tookit- Dragos: Preparing for Incident Handling and Response in ICS- Dragos Tabletop Exercise- ICS4ICS Incident Command System for Industrial Control Systems- European Network for Cyber Security (ENCS) Red Team – Blue Team TrainingJoin us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don linkedin.com/in/cutaway- Tom linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials
In this episode, Tom and Don host special guest Michael Hilken, Cyber Physical Engineer at Grimm. The trio review and discuss the Five ICS Cybersecurity Critical Controls. Links from this episode:- Michael Hilken: https://www.linkedin.com/in/michael-hilken/- SANS Whitepaper on the The Five ICS Cybersecurity Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls/ - Dragos 2025 OT Cybersecurity Report - 8th Annual Year in Review: https://www.dragos.com/ot-cybersecurity-year-in-review/ Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway- Tom https://www.linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================
In this episode of Simply ICS Cyber, Don and Tom interview Gus Serino, water sector expert and Owner at I&C Secure, Inc.Listen in as we will answer the following questions:- What is Critical Infrastructure?- What are other types of Industrial and Automation?- Is cybersecurity different between the two?Links from this episode:- Gus Serino LinkedIn: https://www.linkedin.com/in/gusserino/- Instrumentation & Control Secure, Inc.: https://www.iandcsecure.com/- S4Events - Water Sector Cyber Risk with Gus Serino: https://www.youtube.com/watch?v=ScigBpXIjggJoin us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway- Tom https://www.linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================
In episode 2 of Simply ICS Cyber, we answer the following questions for those interested in starting a career in ICS (industrial control systems), OT (operational technology):- What is Capex vs Opex? And, why does it matter when getting a job?- What is the compensation versus actual pay?- What does the OT side consider as important skills?- How are the rising FTE and consultant wages affecting winning ICS/OT work? Links to learn more about ICS, OT, SCADA:- ICS Village: https://www.icsvillage.com - Contact ICS Village: https://www.icsvillage.com/contact-us - NICE Framework (Find OT in the Competency Areas): https://niccs.cisa.gov/workforce-development/nice-framework - SANS ICS NICE: https://www.sans.org/nice-framework/industrial-control-systems Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway - Tom https://www.linkedin.com/in/thomasvannorman =========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyber https://SimplyCyber.io/Socials=========================
Welcome to the first episode of Simply ICS Cyber! Tune in every other Wednesday for new episodes premiering at 9:30 AM ET.Learn more about what to expect in this episode below:- Who are Don and Tom?- What are industrial and automation controls and why are they important?- What are these terms? ICS, OT, 62443, countermeasures, PLC, DCS- Why is cybersecurity different in OT versus IT?Join us every other Wednesday for Season 1 of the Simply ICS Cyber podcast, with your hosts, Don C. Weber and Tom VanNorman.Connect with your hosts on LinkedIn:- Don https://www.linkedin.com/in/cutaway- Tom https://www.linkedin.com/in/thomasvannorman=========================Simply Cyber empowers people who want a rewarding cybersecurity career=========================All the ways to connect with Simply Cyberhttps://SimplyCyber.io/Socials=========================