In this week's rewind episode, Dino Busalachi is joined by Gary Kneeland from Claroty. With over nine years of experience at Claroty, Gary discusses the evolution of OT security, the convergence of IT and OT, and the growing importance of cybersecurity in protecting critical infrastructure.

The conversation touches on how regulatory changes, ransomware threats, and AI advancements are shaping the industry.

Whether you’re dealing with outdated systems or navigating complex industrial environments, this episode provides practical insights into the challenges and opportunities ahead.

Chapters:

• 00:00:00 - Pandemic's Impact on Critical Infrastructure
• 00:01:08 - Introduction to Gary Neelan and Claroty
• 00:01:41 - Gary's Role in OT Cybersecurity
• 00:02:49 - Evolution of OT Cybersecurity: From Compliance to Strategy
• 00:05:23 - IT and OT Convergence: Securing Cyber-Physical Systems
• 00:09:46 - Addressing Complex Challenges in OT Cybersecurity
• 00:11:56 - OT Cybersecurity Talent Shortage and Managed Services
• 00:13:01 - Future of OT Cybersecurity: Adapting to New Threats
• 00:14:36 - Modernizing Manufacturing Systems for Enhanced Security
• 00:15:52 - Global Cybersecurity Trends in Critical Infrastructure
• 00:18:01 - Regional OT Cybersecurity Challenges and Responses
• 00:25:01 - The Role of AI in Defending OT Environments
• 00:28:19 - Final Thoughts on OT Cybersecurity's Future

Links And Resources:

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Gary Kneeland on LinkedIn
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this hard-hitting episode of Industrial Cybersecurity Insider, host Dino Busalachi sits down with two battle-tested experts: Debbie Lay from TXOne Networks and Patrick Gillespie from GuidePoint Security.

Together, they pull back the curtain on the messy, complex world of operational technology (OT) cybersecurity, where million-dollar cybersecurity losses happen regularly.

This isn't your typical cybersecurity podcast filled with vendor pitches and theoretical frameworks. Instead, you'll get an unvarnished look at what really happens when industrial organizations try to secure their critical infrastructure.

From the shocking reality of cyber insurance claims being denied over half-implemented multi-factor authentication to the all-too-common sight of HMI passwords scrawled in permanent marker on the plant floor. This conversation exposes the gap between cybersecurity best practices and industrial implementation and protection reality.

What makes this episode essential listening:

• Real financial impact: Learn why industrial breaches cost $5.5-6 million on average, with downtime running $125,000 per hour
• Practical solutions that work: Discover how segmentation, virtual patching, and agentless endpoint tools can protect legacy systems without breaking the bank
• Political warfare decoded: Understand the often-toxic dynamics between IT and OT teams that sabotage security initiatives
• Implementation roadmaps: Get actionable strategies for deploying zero-trust architectures on the plant floor

Whether you're a CISO struggling to justify OT security budgets, an engineer trying to protect decades-old industrial systems, or a consultant navigating the minefield of industrial cybersecurity politics, this episode delivers the kind of street-smart insights you won't find in vendor whitepapers.

Chapters:

• 00:00:00 - Cyber insurance denied over incomplete MFA 
• 00:03:21 - What clients face as they begin the OT security journey
• 00:06:35 - Industrial breach cost stat ($5.5–$6M; ~$125k/hour downtime) 
• 00:07:36 - Too many IT tools forced into OT
• 00:08:47 - Investment hurdles and budgeting misalignment
• 00:11:05 - Collaboration between OT asset owners and the CISO
• 00:13:24 - Hamilton ransomware: 80% hit; cyber insurance denied for incomplete MFA
• 00:14:26 - HMI username/password written in Sharpie; segue to TXOne solutions
• 00:18:22 - Who embraces TXOne first—IT or OT?
• 00:20:58 - CISOs on OT priorities and piloting top sites
• 00:22:25 - The ugly: Lacking OT inventory, unclear playbooks, starting from zero
• 00:23:26 - The good: Safeguarding OT, anomaly alerts, avoiding risky legacy connections
• 00:24:34 - Healthcare imaging case: XP-based systems, high replacement costs
• 00:27:03 - AI useful in SOC/baselining; humans still required on OT side
• 00:29:15 - Combining best-of-breed solutions to avoid costly deployment gaps
• 00:29:47 - Why deployments stall—overwhelm and fatigue after tech selection

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Debbie Lay, TXOne Networks on LinkedIn
• Patrick Gillespie, GuidePoint Security on LinkedIn
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Many manufacturing leaders believe they’re seeing 80–85% of their OT environment industrial assets. But in this episode, Dino and Craig reveal the reality that most have visibility into only 30–35% of their industrial control system assets, leaving the hidden 70% vulnerable.

In this hard-hitting episode, they dismantle the false sense of OT security. They explore why million-dollar cybersecurity tool investments aren't fully utilized, and expose the costly disconnect between corporate IT, plant-floor teams, and third-party vendors.

From debunking the air gap myth to stressing the need to trust but verify every connection, they show how to turn underutilized tools into proactive defenses that improve both security and operational efficiency.

If you think your ICS is fully protected, this conversation might change your mind.

Chapters:

• 00:00:00 - Introduction: When Inefficiency Becomes Expensive
• 00:00:59 - The Hidden Danger of Feeling Secure in Manufacturing
• 00:03:58 - Why True Visibility and Accurate Data Change Everything
• 00:07:18 - Real-World Roadblocks: Missteps and Mixed Messages
• 00:10:24 - Who Holds the Power vs. Who Bears the Blame in Cybersecurity
• 00:21:47 - Charting a Smarter Path to Stronger Cyber Defenses
• 00:25:27 - Conclusion: Actionable Moves to Level Up Your Security

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode of Industrial Cybersecurity Insider, Craig Duckworth sits down with Ian Bramson, VP of Global Industrial Cybersecurity at Black & Veatch, to explore what it really takes to secure complex industrial systems. 

Whether you're retrofitting legacy brownfield environments or designing cybersecurity into greenfield builds, Ian unpacks the foundational questions every organization must answer:

• What do you need to protect?
• Where are your holes?
• Can you see what's happening and respond if something goes wrong?

From AI-enabled attackers to real-time asset visibility, he shares actionable insights on risk management, OT monitoring, and why leaders must begin treating cybersecurity like safety, not just an IT function. 

Whether you’re managing a water treatment plant, a power plant, or smart transportation infrastructure, this conversation delivers clarity in complexity - and guidance for what to do next.

Chapters:

• 00:00:00 - Uncovering Hidden Dangers in Remote Access
• 00:00:59 - Meet Ian Bramson: Defending the World’s Most Critical Systems
• 00:02:58 - Why Critical Infrastructure Is Everyone’s Business
• 00:03:30 - Power and Water: The Frontlines of Cyber Defense
• 00:09:07 - Decoding NERC CIP: What You Really Need to Know
• 00:10:38 - Walking the Tightrope Between Compliance and True Security
• 00:17:01 - Proven Cybersecurity Tactics That Actually Work
• 00:22:50 - AI in Cybersecurity: Game-Changer or New Threat?
• 00:24:47 - How Public and Private Sectors Tackle Cyber Risk Differently
• 00:29:31 - Ian Bramson’s Final Playbook for Today’s CISOs

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig Duckworth sits down with seasoned attorney and cyber crisis strategist Josh Cook, founder of Left of Boom Consulting.

Together, they explore the pivotal role of proactive preparation in cybersecurity especially for mid-market and industrial organizations navigating today’s hyper-connected, AI-augmented threat landscape.

Josh shares hard-earned insights from decades of incident response leadership, emphasizing why building your cyber playbook before the attack is critical.

From legal implications and executive missteps to the psychological attributes needed in your incident command post, this conversation is a masterclass in cyber resilience and proactive protection by design.

Chapters:

• 00:00:00 – Kicking Off with Chaos: Why Incident Response Matters
• 00:01:02 – Enter Josh Cook: Legal Strategist Turned Cyber Commander
• 00:01:18 – War Stories and Wisdom: Josh’s Journey to Left of Boom
• 00:02:38 – Planning Beats Panic: Mastering the Art of Pre-Incident Prep
• 00:04:17 – Assembling the A-Team: Who Belongs in Your Cyber War Room
• 00:09:07 – AI at the Front Lines: Friend, Foe, or Something in Between?
• 00:12:42 – Industrial Chaos: What’s Really Holding Cybersecurity Back
• 00:16:07 – Boardroom to Shop Floor: Why the C-Suite Can’t Stay Silent
• 00:25:18 – No Secrets Here: Transparency and the Power of Telling the Truth
• 00:29:08 – Parting Shots: Josh’s Battle-Tested Advice for Resilience

Links And Resources:

• Josh Cook on LinkedIn
• Website
• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino Busalachi and Craig Duckworth tackle one of the most overlooked threats in cybersecurity: the number of industrial vendors and system integrators in manufacturing environments.

The conversation addresses the relationship and communication gap between IT and the teams responsible for designing and supporting industrial control systems. They emphasize the need for improved governance, enhanced vendor accountability, and clear ownership of cyber risk.

Whether you're a CISO, CIO, or VP of Engineering, this episode offers actionable insight into bridging the IT/OT divide, securing plant floors, and building a cybersecurity strategy that works at the edge of your business.

Chapters:

• 00:00:00 - Kicking Off: Why Transparency in Cyber Matters
• 00:00:43 - Who’s Talking? Meet Craig & Dino
• 00:01:05 - The Big Question: What’s IT’s Role in Industrial Security?
• 00:01:35 - When Too Many Vendors = Chaos
• 00:02:37 - How to Actually Secure OT Environments
• 00:03:46 - Choosing the Right Partners (and Asking the Right Questions)
• 00:12:37 - Why Cyber Teams Need Plant Floor Time
• 00:14:24 - Getting Smarter: Use External Experts & Vendor Summits
• 00:18:22 - IT Meets OT: Closing the Culture Gap
• 00:30:03 - What Now? Practical Next Steps for CISOs

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Craig Duckworth and Dino Busalachi discuss the critical role of the C-suite in fortifying manufacturing environments against cyber threats.

They discuss the unique challenges that manufacturing organizations face. Their conversation reinforces the importance of executive teams understanding and actively engaging in industrial OT cybersecurity strategies.

With compelling arguments for a more involved C-suite, Craig and Dino explore the intersection of cybersecurity and operational efficiency. They emphasize the need for leadership to understand and lead the charge to ensure security for industrial control systems.

This episode serves as a wake-up call for executives to embrace their role in protecting their companies from potential adverse events. This episode highlights the fact that cybersecurity is not just an IT issue but a foundational aspect of modern business resilience.

Chapters:

• 00:00:00 - Meet Dino and Craig
• 00:01:47 - Deciphering Cybersecurity's Extensive Influence on Manufacturing Dynamics
• 00:03:29 - Unpacking the Costs: The Stark Reality of Ignoring Cybersecurity
• 00:04:08 - The Interplay Between Cyber Insurance, Liability, and Organizational Security
• 00:05:07 - Charting the Course: Fundamental Actions for Cyber Resilience
• 00:07:35 - Implementing Cybersecurity Measures: A Tactical Overview for Manufacturing Leaders
• 00:10:54 - The Imperative of Continuous Monitoring in Mitigating Cyber Risks
• 00:14:11 - Bridging the Divide: Fostering Collaboration Between IT and OT Teams
• 00:17:06 - Cultivating Cyber-Aware Culture: Integrating Security into the Manufacturing DNA
• 00:20:01 - Forward Momentum: Strategic Insights for Executive Leadership on Cybersecurity
• 00:24:28 - Reflecting on the Imperatives of Cybersecurity in the Manufacturing Sector

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Dino Busalachi and Craig Duckworth tackle a critical disconnect plaguing industrial organizations: the disconnect in understanding and communication between IT and OT regarding industrial cybersecurity.

 While some IT departments are investing in OT cybersecurity platforms, 85% of the data these tools collect is designed for OT teams to act upon. Unfortunately, plant floor personnel, system integrators, and OEMs working in these environments rarely get access to dashboards, asset inventories, or vulnerability reports.

Organizations must move beyond the "oil and water" mentality between IT and OT. This means involving plant personnel in cybersecurity decisions, sharing data with trusted partners who "build the cars" (not just buy them), and recognizing that effective OT security requires collaboration with the people who live and breathe on the plant floor every day.

Bottom Line: If you're not sharing cybersecurity data with your system integrators, OEMs, and plant operations teams, you're not practicing true IT-OT convergence. You're missing critical opportunities to improve your security posture where it matters most.

Chapters:

• 00:00:00 - Why Local Collaboration is Critical for Cybersecurity Success
• 00:01:07 - Meet Dino and Craig: Experts in IT/OT Integration
• 00:01:49 - Unpacking the Challenges of IT/OT Convergence
• 00:02:28 - Why IT and OT Teams Often Struggle to Align
• 00:04:48 - Building Collaborative Frameworks for Stronger Cybersecurity
• 00:07:33 - The Role of CIOs and CISOs in Driving Change
• 00:08:44 - Navigating the Complexities of Diverse Plant Environments
• 00:10:23 - Partnering with Vendors to Enhance Security Outcomes
• 00:11:16 - Key Questions to Evaluate System Integrators Effectively
• 00:16:35 - Using Tabletop Exercises to Align IT and OT Teams
• 00:22:20 - Closing Thoughts: Bridging the Divide for Unified Cybersecurity

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

In this episode, Craig Duckworth and Dino Busalachi discuss the critical but often overlooked or misunderstood role of system integrators (SIs) in industrial cybersecurity.

Key Issues Identified:

• Organizations typically work with multiple specialized integrators across different facilities and systems
• Some SIs lack cybersecurity expertise, focusing primarily on equipment functionality
• Equipment can remain connected to networks for decades, with ownership and oversight changing hands over time
• System integrators must exercise proper IT coordination to implement remote access solutions effectively

Recommendations:

• IT and OT teams should collaborate more closely with system integrators on cybersecurity planning
• Organizations need to evaluate their SIs' cybersecurity capabilities and partnerships
• Consider standardizing on integrators with demonstrated cybersecurity practices and vendor certifications
• Apply the same due diligence used for IT vendor selection to OT system integrators

Bottom Line: System integrators are essential partners in executing industrial cybersecurity strategies and protection. Organizations must actively engage them in security conversations and ensure they have the necessary skills and partnerships to implement secure solutions for their plant environments from the start.

Chapters:

• 00:00:00 - Real-World Ransomware Hits the Plant Floor
• 00:00:52 - Meet the System Integrators Shaping Your OT Plant Floor Security
• 00:01:17 - What System Integrators Really Do (and Don’t)
• 00:04:13 - Remote Access: The Hidden Backdoor Nobody Sees
• 00:08:34 - Why Ongoing Monitoring Is Non-Negotiable
• 00:13:30 - How to Pick the Right System Integrator For Your Operations
• 00:26:17 - Building Strong Partnerships with Your Integrators

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!

Craig and Dino break down how cyberattacks that start in traditional IT systems can shut down entire manufacturing production lines, leading to massive financial losses.

Using real-world examples like UNFI's $500 million drop in market value in 60 hours, they explain how overlooked connections between IT and the OT plant floor are often the weakest links.

You’ll hear why simply installing firewalls isn’t enough, how organizational silos between IT and operations cause major blind spots, and what it really takes to secure industrial equipment.

Whether you're in leadership, technology, or operations, this episode will change how you think about cyber risk and business continuity in connected environments.

Chapters:

• 00:00:00 - Introduction: Where Responsibility Ends and Authority Doesn’t Begin
• 00:01:08 - Meet Your Guides: Dino & Craig On the Frontlines
• 00:01:14 - When Cyber Hits the Plant Floor
• 00:01:28 - Real-World Wake-Up: The Unify IT Incident
• 00:02:36 - The Gaps No One’s Watching in OT Security
• 00:03:18 - How Org Structure Can Make or Break Cyber Defense
• 00:04:03 - Plugging in OT Visibility: IDS in Action
• 00:04:43 - Who’s Really Calling the Shots—Corporate or the Plant?
• 00:07:02 - IT-OT Convergence: What Leaders Must Understand
• 00:13:14 - Building Cyber Defense That Actually Works
• 00:15:25 - Recovery Starts Before the Breach
• 00:17:37 - Why IT Alone Can’t Fix OT Problems
• 00:24:55 - Just Getting Started? Here’s What to Do First
• 00:28:33 - Final Word: You Can’t Secure OT Alone

Links And Resources:

• Want to Sponsor an episode or be a Guest? Reach out here.
• Industrial Cybersecurity Insider on LinkedIn
• Cybersecurity & Digital Safety on LinkedIn
• BW Design Group Cybersecurity
• Dino Busalachi on LinkedIn
• Craig Duckworth on LinkedIn

Thanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you’d like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!