The episode centers on the challenges and opportunities in IoT and OT security, with insights from technical content creator, hardware hacker, and educator Andrew Bellini. It highlights the often-overlooked vulnerabilities of industrial and consumer IoT devices, emphasizing the accessibility of hardware hacking and the need for practical, low-cost educational resources, covering hands-on learning, industry anecdotes, recommendations for securing environments, and advice for newcomers interested in hardware security.

Let’s connect about IoT Security!

Follow Phillip Wylie at https://www.linkedin.com/in/phillipwylie
https://youtube.com/@phillipwylie

The IoT Security Podcast is powered by Phosphorus Cybersecurity. Join the conversation for the IoT Security Podcast — where xIoT meets Security. Learn more at https://phosphorus.io/podcast

Craig Duckworth sits down with seasoned attorney and cyber crisis strategist Josh Cook, founder of Left of Boom Consulting.

Together, they explore the pivotal role of proactive preparation in cybersecurity especially for mid-market and industrial organizations navigating today’s hyper-connected, AI-augmented threat landscape.

Josh shares hard-earned insights from decades of incident response leadership, emphasizing why building your cyber playbook before the attack is critical.

From legal implications and executive missteps to the psychological attributes needed in your incident command post, this conversation is a masterclass in cyber resilience and proactive protection by design.

Chapters:

• 00:00:00 – Kicking Off with Chaos: Why Incident Response Matters
• 00:01:02 – Enter Josh Cook: Legal Strategist Turned Cyber Commander
• 00:01:18 – War Stories and Wisdom: Josh’s Journey to Left of Boom
• 00:02:38 – Planning Beats Panic: Mastering the Art of Pre-Incident Prep
• 00:04:17 – Assembling the A-Team: Who Belongs in Your Cyber War Room
• 00:09:07 – AI at the Front Lines: Friend, Foe, or Something in Between?
• 00:12:42 – Industrial Chaos: What’s Really Holding Cybersecurity Back
• 00:16:07 – Boardroom to Shop Floor: Why the C-Suite Can’t Stay Silent
• 00:25:18 – No Secrets Here: Transparency and the Power of Telling the Truth
• 00:29:08 – Parting Shots: Josh’s Battle-Tested Advice for Resilience

Links And Resources:

• Josh Cook on LinkedIn
• Website
• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Cybertech-Influencer und Experte für Cybersicherheit und Maschinenbau Olaf Classen spricht über Cybersicherheit als Wettbewerbs- und Standortvorteil und warum gerade deutsche und europäische Unternehmen ihre Expertise im Engineering Richtung Cybersicherheit ausbauen sollten. Er plädiert für staatliche Förderung (und nicht nur Regulierung) und dafür, Cybersicherheit und digitale Souveränität als gesamtgesellschaftliches und europäisches Projekt zu behandeln.

In this episode, host Aaron Crow is joined by Kam Chumley-Soltani, Director of OT Security at Armis, for a candid conversation that dives into the ever-evolving landscape of OT (operational technology) and IT cybersecurity. After several rescheduling attempts across time zones and even parking lots, Aaron and Kam finally sit down to share their frontline experiences and insights from the world of critical infrastructure security.

From the increasing visibility of OT threats and the surge in regulatory requirements, to the convergence of IT and OT teams, they dig into what’s driving organizations to prioritize real-time visibility, risk management, and collaboration. Kam reflects on his diverse background in the military, at Cisco, Dragos, and now Armis, while Aaron draws on decades of experience leading teams across power plants and utilities in Texas. They both underscore the importance of people, process, and technology - reminding us that even the best tools are only as valuable as the teams that wield them.

The discussion explores the challenges smaller utilities face, balancing regulation with limited resources, and the need for cyber-informed engineering from the very start. Plus, they look ahead at the role of AI in cybersecurity, the daisy-chain effects of infrastructure attacks, and the importance of community and continuous learning in keeping ahead of the curve.

Whether you’re a cybersecurity veteran, just breaking into OT, or simply want to understand why your electricity bill matters, this episode is packed with anecdotes, practical advice, and a few laughs. So pull up a chair and get ready to protect it all!

Key Moments: 

03:18 Cybersecurity Developments and Regulatory Changes

06:33 Demand for Consulting and Assessments

09:51 Future of Regulation and Community

13:06 Regulating Small Utilities Challenges

16:41 Cybersecurity in Critical Infrastructure

19:43 Simplifying Complex Issues for All

26:12 Embracing AI in Cybersecurity

27:39 "Embrace Challenges, Educate Yourself"

30:14 Cybersecurity Threats to Infrastructure

34:29 Evaluating Automated Alerting Systems

39:38 Controlled Network Configuration Risks

42:10 Underfunded Team: Multi-Skill Necessity

45:31 "Collective Progress and Contribution"

48:13 "Geopolitical Threats to Infrastructure"

About the guest : 

Kam Chumley-Soltani serves as the Director of OT Solutions Engineering for the U.S. Public Sector at Armis, where he specializes in industrial cybersecurity. His expertise lies in designing secure and resilient network architectures for critical infrastructure environments.

Previously, Kam led Cisco’s OT Solutions Engineering team for the entire U.S. Public Sector, delivering end-to-end solutions across IoT/OT security, network architecture, diverse RF wireless deployments, embedded systems, and edge computing.

He has guided numerous global enterprises, federal agencies, and SLED organizations in architecting solutions that incorporate robust networking, cybersecurity controls, advanced threat detection, and proactive vulnerability management.

A Navy veteran, Kam served as a flight systems engineer and mission operations planner. He holds a B.S. in Cyber Operations from the United States Naval Academy, an M.S. in Cybersecurity from Brown University, and an M.B.A. from Northwestern University's Kellogg School of Management. He is currently pursuing his Doctor of Engineering (D.Eng.) in AI/ML from George Washington University. 

How to connect Kam: 

Linkedin: https://www.linkedin.com/in/kam-chumley-soltani/

Connect With Aaron Crow:

Learn more about PrOTect IT All:

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

Dan Berte, director of IoT security at Bitdefender, joins the Nexus Podcast to join his team's ongoing research into the security of solar grid inverters and three serious vulnerabilities uncovered in the popular Deye Solarman management platform.

Dan discusses his team's research, the disclosure process, and the implications on green energy initiatives overall. With the growing popularity of these platforms, Berte cautions that attackers are going to continue to analyze their security for weaknesses and attempt to exploit them. 

Listen to the Nexus Podcast on your favorite podcast platform.

Operational technology (OT) systems are no longer limited to nation-states; criminal groups and hacktivists now actively target these systems, often driven by financial or ideological motives. Kurt Gaudette, Vice President of Intelligence and Services at Dragos, explains why these systems might not even be the primary targets.

In this solo episode, host Aaron Crow takes us on a fast-paced journey through the latest critical developments in both IT and OT cybersecurity. Aaron breaks down the month’s most pressing zero-day exploits, including high-profile attacks on Microsoft SharePoint and CrushFTP, and explores the implications of rapidly evolving threats - especially as attackers leverage AI for faster, more innovative hacks.

But it’s not all doom and gloom: Aaron dives into how AI is also becoming a game-changer for defense, from Google’s use of AI agents to spot vulnerabilities ahead of attackers, to the promise (and dangers) of deepfake technology. He discusses new policy moves, like the FCC’s proposal to ban Chinese tech in undersea internet cables and the US Coast Guard’s push for cyber resilience in maritime infrastructure.

Throughout the episode, Aaron offers strategic advice for organizations of all sizes - from patch management and digital twins to incident response plans designed for today’s AI-driven threat landscape. Whether you’re in cyber, tech, critical infrastructure, or just want to stay a step ahead, this episode is packed with actionable insights and timely analysis to boost your cyber resilience. Plug in for a conversation that’s equal parts eye-opening and empowering!

Key Moments; 

01:20 High-Level Tactical Briefing

05:31 Digital Twin for System Security

09:39 Dual Role of Tools

12:00 Emergency Procedures Reminder

14:24 Challenges in OT System Integration

18:32 Deep Fake Detection and Response

20:12 "AI Persistence and Impact"

Connect With Aaron Crow:

Learn more about PrOTect IT All:

To be a guest or suggest a guest/episode, please email us at [email protected]

Please leave us a review on Apple/Spotify Podcasts:

Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124

Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4

In this episode, Dino Busalachi and Craig Duckworth tackle one of the most overlooked threats in cybersecurity: the number of industrial vendors and system integrators in manufacturing environments.

The conversation addresses the relationship and communication gap between IT and the teams responsible for designing and supporting industrial control systems. They emphasize the need for improved governance, enhanced vendor accountability, and clear ownership of cyber risk.

Whether you're a CISO, CIO, or VP of Engineering, this episode offers actionable insight into bridging the IT/OT divide, securing plant floors, and building a cybersecurity strategy that works at the edge of your business.

Chapters:

• 00:00:00 - Kicking Off: Why Transparency in Cyber Matters
• 00:00:43 - Who’s Talking? Meet Craig & Dino
• 00:01:05 - The Big Question: What’s IT’s Role in Industrial Security?
• 00:01:35 - When Too Many Vendors = Chaos
• 00:02:37 - How to Actually Secure OT Environments
• 00:03:46 - Choosing the Right Partners (and Asking the Right Questions)
• 00:12:37 - Why Cyber Teams Need Plant Floor Time
• 00:14:24 - Getting Smarter: Use External Experts & Vendor Summits
• 00:18:22 - IT Meets OT: Closing the Culture Gap
• 00:30:03 - What Now? Practical Next Steps for CISOs

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

OT cybersecurity veteran Vivek Ponnada, SVP Growth & Strategy at Frenos, joins the Nexus Podcast to lend his expertise on the areas where he is seeing the most maturity and rapid evolution in the practice. Vivek explains the growing demand for contextual information to supplement the data organizations have around their known assets and vulnerabilities, for example. He also explains current risk prioritization and mitigation strategies, and how advanced technologies fit into the OT security landscape. 

Listen to the Nexus Podcast on your favorite podcast platform.