What if the biggest security risk to your industrial control systems isn't a malicious hacker, but rather a simple disconnect between when a work order closes and when network access is actually shut off?

In this episode we break down the hidden dangers of insecure remote access conditions and explore why PAM is not failing in OT, but rather being asked to enforce a physical work state it cannot see. We walk through real-world examples of exposed engineering paths and unpatched VPNs, and discuss the consequences of a visibility gap between operations and network access. We argue that the problem lies not with the tools, but with the disconnection between different states that never converge.

The reality is that this gap can have devastating consequences, from allowing attackers to gain access to sensitive systems to putting entire operations at risk.

Subscribe to our podcast to learn more about the intersection of industrial control systems and cybersecurity, and to stay up to date on the latest threats and solutions.

#OTSecurity #ZeroTrust #IndustrialCybersecurity

Your vehicle's biggest security threat might be arriving with a perfectly valid digital signature and your company's own stamp of approval.

In this episode, we break down why the shift to software-defined vehicles is currently failing at the release gate. We walk through the uncomfortable reality of SOP pressure and argue that current security assessments are often treated as advisory rather than hard controls.

It is time to stop asking for attention and start controlling the release, because a "safe" binary that your organization doesn't actually understand is just a liability waiting to happen.

Drop your take in the comments or share this episode with a colleague who is fighting against weak provenance and unrealistic deadlines right now.

#AutomotiveCybersecurity #SDV #SupplyChainSecurity #CyberSecurity #AutomotiveSoftware

A simple security patch can fix a vulnerability and still become a total operational nightmare that brings an entire railway network to a standstill.

In this episode, we break down the high-stakes collision between the new Cyber Resilience Act and the rigid, uncompromising world of railway safety certification. We walk through why architectural perfection is a myth for brownfield systems and how to use protocol-aware filtering to keep your network secure without triggering a massive, budget-breaking reassessment.

We argue that the strongest cyber programs are not the ones with the fastest patch cycles, but the ones that know how to improve risk posture while keeping the trains moving. This conversation is about making security maintenance survivable in a sector where you simply cannot afford to touch the binary.

Subscribe to the show and share this episode with anyone currently trying to navigate the impossible tension between rapid response and safety-critical stability.

#RailCybersecurity #CyberResilienceAct #CriticalInfrastructure #OTSecurity

Your VPN is lying to you about how safe your plant actually is.

In this episode, we break down why relying on MFA and session monitoring is just giving you a front-row seat to your own incident. We walk through the reality of session hijacking in brownfield OT and argue why the network should never be the one deciding who gets to touch the control layer.

This is about the high-stakes shift from letting the network decide your fate to putting the power back into the hands of the operators on the floor. It is the only way to withdraw digital authority before a trusted session becomes a physical catastrophe.

Subscribe to the show and share this with someone who still thinks a secure tunnel is a silver bullet for industrial safety.

#OTSecurity #Cybersecurity #CriticalInfrastructure #IndustrialAutomation

Your SBOM is probably useless, and it is time we talked about why.

In this episode, we look past the hype of vulnerability scanning to the uncomfortable reality of the software-defined vehicle. We walk through how suppliers are using VEX as a bureaucratic shield to dodge patches and why your security program is likely just a mountain of expensive noise.

We argue that if you are not prepared to challenge a supplier's claim with technical evidence, you are not doing security—you are just doing paperwork. This conversation is about moving from a flood of findings to actual, defensible risk management that protects the driver, not just the budget.

Subscribe and share this with a security lead who is tired of chasing ghosts in their supply chain.

#cybersecurity #automotive #supplychain #SBOM #VEX

Your 5G service level agreement is not a safety case, and confusing the two is a dangerous mistake for the future of rail.

In this episode, we break down why FRMCS cannot depend on the goodwill of a mobile operator, regardless of how low the latency claims are. We explore the logic of EN 50159 and explain why the only way to build a truly resilient railway architecture is to assume the network is already hostile, degraded, or failing.

Understanding this distinction is the difference between a system that works on paper and one that actually keeps passengers safe when the transport layer inevitably breaks.

Subscribe to the show and share this episode with an engineer who needs a reality check on 5G.

#FRMCS #RailCybersecurity #ETCS #CriticalCommunications #OTSecurity

Most industrial security teams are betting their entire plant floor on a jump server that an attacker can bypass in seconds.

In this episode, we break down why your current MFA strategy is failing to stop session theft and what it actually takes to secure the engineering zone. We walk through the technical steps of removing NTLM and binding sessions to device posture so a compromised corporate credential never touches your controllers.

It is time to face the uncomfortable truth that real OT maturity requires redesigning how we handle third-party access before a hijacked session makes the decision for you.

Subscribe to the show and share this with the person in your organization who still thinks a VPN is a silver bullet.

#OTSecurity #CyberSecurity #IndustrialAutomation #IdentityManagement

Your vehicle’s security might be dead on arrival if the very network that birthed it was already compromised.

In this episode, we challenge the industry obsession with supplier code and shift the focus to the high-stakes world of cryptographic provisioning on the plant floor. We break down why a verifiable SBOM is only half the battle and how to implement fleet-scale monitoring that actually filters out the noise before it hits your cloud.

The hard truth is that if the manufacturing environment isn't trustworthy, every security layer you add later is just a house of cards.

Subscribe to the show and share this with anyone building the next generation of software-defined vehicles.

#automotivecybersecurity #supplychain #infosec #softwaredefinedvehicle #iotsecurity

Most people think rail cybersecurity is a patching problem, but it is actually a validation nightmare that can stop your entire network in its tracks.

In this episode, we break down why the standard patch or perish mindset fails when a single software update becomes an operational gamble with safety and timetables. We walk through the reality of TS 50701 and explore how data diodes and strict physical segregation provide a path forward for legacy interlockings.

If you are securing critical rail assets, you need to stop chasing the perfect patch and start building resilience that does not require a return route into your train control domain.

Subscribe to the show and share this with the engineer who is tired of being told to just update their firmware.

#railsecurity #cybersecurity #criticalinfrastructure #otsecurity #ts50701

If you think your OT security problem is a lack of awareness, you’re missing the fact that your hardware literally cannot handle the solution. 🔌

In this episode, we’re getting real about why legacy PLCs were never meant for modern crypto and how forcing it can actually tank your process. We walk through why deep packet inspection is often a trap and how to build a defense-in-depth strategy that moves from the network all the way down to the laws of physics. 🏗️

You need to know where the digital controls end and the mechanical interlocks begin before a "security" update shuts down your entire line. 📉

Hit subscribe to stay ahead of the curve, and drop your take on out-of-band vs. inline in the comments.

#OTSecurity #IndustrialCyber #CyberPhysics #ICS